Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/_bGsSSMstzf2q_LubP-csbqxhNg.roa
File: _bGsSSMstzf2q_LubP-csbqxhNg.roa (raw, json)
Hash identifier: KMgGbIz1P/9G61GIbLdFV7NxEjqVGQK+W6TDII40h3g=
Subject key identifier: FD:B1:AC:49:23:2C:B7:37:F6:AB:F2:EE:6C:FF:9C:B1:BA:B1:84:D8
Certificate issuer: /CN=f6af433974df373b70abd76b13e1c70c775f554b
Certificate serial: 019423D7230937C29B3C0A6003F116B31609
Authority key identifier: F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/_bGsSSMstzf2q_LubP-csbqxhNg.roa
Signing time: Wed 01 Jan 2025 21:48:09 +0000
ROA not before: Wed 01 Jan 2025 21:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207252
IP address blocks: 2a12:3e80:401::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:23:09:37:c2:9b:3c:0a:60:03:f1:16:b3:16:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6af433974df373b70abd76b13e1c70c775f554b
Validity
Not Before: Jan 1 21:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fdb1ac49232cb737f6abf2ee6cff9cb1bab184d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a9:17:29:98:a3:49:0e:a4:92:e3:8d:f1:90:
77:29:15:10:3f:4d:12:73:75:7f:d1:30:80:ee:e8:
31:1b:fa:5b:2d:dd:12:e0:0b:7e:87:bc:f1:b5:d6:
3f:bc:b0:81:82:29:03:5d:cc:2a:af:fe:8f:4b:9e:
4e:89:d3:06:79:46:f2:1d:ab:ba:3d:71:ad:8b:9c:
d6:4c:11:83:88:eb:6a:5e:39:c4:cb:6b:f0:65:76:
3f:75:18:56:31:01:67:54:71:b5:66:de:f8:1e:ac:
4a:0c:64:de:ee:26:6d:4d:e3:43:33:ec:e3:6b:f8:
aa:41:94:c0:fc:21:84:7d:c9:95:0d:69:bb:50:f8:
a6:1a:a4:ea:22:82:87:17:b3:a9:f6:4a:1a:0e:61:
b6:fe:42:dd:2a:c4:ea:67:16:26:01:c7:61:1b:32:
83:72:5b:2f:b2:25:c6:c9:7b:0d:32:30:7a:a1:d7:
6a:ff:6e:10:9f:11:4b:eb:59:0f:a5:73:2c:6d:21:
33:11:0c:a6:4c:78:43:2f:ef:e9:03:d7:0b:d7:52:
7d:83:6f:b4:b6:c2:36:d2:9b:b5:86:ed:2a:cb:20:
a4:4b:fa:da:80:bc:ee:5d:0a:66:5e:f9:1a:f4:17:
b3:cb:67:32:d1:4d:34:0b:eb:d7:4d:c6:eb:c7:4f:
c9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B1:AC:49:23:2C:B7:37:F6:AB:F2:EE:6C:FF:9C:B1:BA:B1:84:D8
X509v3 Authority Key Identifier:
keyid:F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/_bGsSSMstzf2q_LubP-csbqxhNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/9q9DOXTfNztwq9drE-HHDHdfVUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3e80:401::/48
Signature Algorithm: sha256WithRSAEncryption
4b:3f:78:c5:75:e6:87:1e:12:de:01:d8:10:80:a9:2e:f3:d3:
0d:41:3d:c7:da:ad:de:28:62:e8:fe:c0:f1:b7:b8:3f:dd:74:
e2:82:c4:6b:91:7c:68:6a:dd:9c:0d:79:36:3d:cd:67:c8:72:
f3:f0:69:84:ba:f1:a1:fc:ee:68:e6:30:d6:a4:ba:42:78:85:
ef:3d:04:f4:07:02:e9:cd:97:62:65:90:fc:a0:5f:58:aa:ab:
e3:07:0d:c5:c0:77:07:28:58:40:70:6e:43:3f:42:44:f3:f4:
5a:7a:19:42:a8:b4:e8:c7:0b:9c:1e:77:1f:0b:77:86:6a:6a:
98:32:d6:52:50:48:ee:d7:dc:2c:f0:75:0e:6b:69:e9:a9:82:
86:43:ca:35:f3:02:25:d8:c4:f0:98:76:b9:d4:3a:e2:e6:cf:
69:56:cd:ac:83:74:52:72:04:e1:17:84:74:b9:4c:ba:37:ba:
67:01:f4:58:47:ee:cc:f2:f9:58:41:29:e9:7c:05:94:7e:00:
ed:07:3a:5f:17:56:ef:09:5b:cd:01:ce:f6:84:3c:50:66:3f:
c3:66:9c:c5:6c:dc:86:77:b5:91:35:5f:33:1e:11:5f:9d:60:
1a:4e:20:3f:92:59:8a:7f:a7:86:08:99:f4:c3:86:87:bc:d4:
51:22:08:de
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj1yMJN8KbPApgA/EWsxYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWY0MzM5NzRkZjM3M2I3MGFiZDc2YjEzZTFjNzBjNzc1
ZjU1NGIwHhcNMjUwMTAxMjE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGIxYWM0OTIzMmNiNzM3ZjZhYmYyZWU2Y2ZmOWNiMWJhYjE4NGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKkXKZijSQ6kkuON8ZB3KRUQP00S
c3V/0TCA7ugxG/pbLd0S4At+h7zxtdY/vLCBgikDXcwqr/6PS55OidMGeUbyHau6
PXGti5zWTBGDiOtqXjnEy2vwZXY/dRhWMQFnVHG1Zt74HqxKDGTe7iZtTeNDM+zj
a/iqQZTA/CGEfcmVDWm7UPimGqTqIoKHF7Op9koaDmG2/kLdKsTqZxYmAcdhGzKD
clsvsiXGyXsNMjB6oddq/24QnxFL61kPpXMsbSEzEQymTHhDL+/pA9cL11J9g2+0
tsI20pu1hu0qyyCkS/ragLzuXQpmXvka9Bezy2cy0U00C+vXTcbrx0/J6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP2xrEkjLLc39qvy7mz/nLG6sYTYMB8GA1UdIwQY
MBaAFPavQzl03zc7cKvXaxPhxwx3X1VLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2It
YTI2YmM2NTNiMDZiLzEvX2JHc1NTTXN0emYycV9MdWJQLWNzYnF4aE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2ItYTI2YmM2NTNiMDZi
LzEvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhI+gAQB
MA0GCSqGSIb3DQEBCwUAA4IBAQBLP3jFdeaHHhLeAdgQgKku89MNQT3H2q3eKGLo
/sDxt7g/3XTigsRrkXxoat2cDXk2Pc1nyHLz8GmEuvGh/O5o5jDWpLpCeIXvPQT0
BwLpzZdiZZD8oF9YqqvjBw3FwHcHKFhAcG5DP0JE8/RaehlCqLToxwucHncfC3eG
amqYMtZSUEju19ws8HUOa2npqYKGQ8o18wIl2MTwmHa51Dri5s9pVs2sg3RScgTh
F4R0uUy6N7pnAfRYR+7M8vlYQSnpfAWUfgDtBzpfF1bvCVvNAc72hDxQZj/DZpzF
bNyGd7WRNV8zHhFfnWAaTiA/klmKf6eGCJn0w4aHvNRRIgje
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:02:00 2025 by rpki-client