Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/cc1041-e57d-4703-974b-cd2d8865edc5/1/T3MqCuVZS7ywOpFcm6zBjY2gKtc.roa
File: T3MqCuVZS7ywOpFcm6zBjY2gKtc.roa (raw, json)
Hash identifier: F6U8tQIpfIs390YKVCnwC0qTgnqZVmehthtBaFeqQn4=
Subject key identifier: 4F:73:2A:0A:E5:59:4B:BC:B0:3A:91:5C:9B:AC:C1:8D:8D:A0:2A:D7
Certificate issuer: /CN=cdb4d7a7928d81f0e5f6c491ea5f2b7c587b9d9d
Certificate serial: 0181DACF92E9ABD7BBF741A42F9763D0BDE6
Authority key identifier: CD:B4:D7:A7:92:8D:81:F0:E5:F6:C4:91:EA:5F:2B:7C:58:7B:9D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbTXp5KNgfDl9sSR6l8rfFh7nZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/cc1041-e57d-4703-974b-cd2d8865edc5/1/T3MqCuVZS7ywOpFcm6zBjY2gKtc.roa
Signing time: Thu 07 Jul 2022 22:37:25 +0000
ROA not before: Thu 07 Jul 2022 22:37:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 701
IP address blocks: 2a12:f880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:da:cf:92:e9:ab:d7:bb:f7:41:a4:2f:97:63:d0:bd:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb4d7a7928d81f0e5f6c491ea5f2b7c587b9d9d
Validity
Not Before: Jul 7 22:37:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f732a0ae5594bbcb03a915c9bacc18d8da02ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:90:bb:b2:51:9a:d6:4b:e1:fc:5a:5a:be:d9:
66:6d:e9:e5:08:8f:ef:c0:24:2b:39:5b:38:e2:cc:
2c:70:7f:ec:bf:2a:25:9e:a4:a2:0f:c2:d1:6d:8d:
bb:99:46:14:24:ba:25:c2:1c:c8:9f:f1:d0:85:c0:
50:31:bb:dd:d2:f5:91:7b:a8:14:c4:91:60:57:fd:
be:c7:b9:29:b4:6e:83:4e:74:9a:db:c3:f9:ba:64:
88:fb:02:fd:0c:ab:cf:73:b9:fa:7f:32:bc:ce:0c:
de:bb:d1:3a:43:88:36:39:31:95:91:de:69:51:44:
65:3d:a8:97:da:d5:51:60:93:32:18:c0:90:15:a3:
d2:46:75:bb:29:5b:6b:b9:50:6f:0c:32:aa:96:e4:
bb:07:bd:89:e7:f7:5e:a2:42:e3:5f:81:d0:60:f0:
6f:e3:55:eb:e6:8a:c8:30:62:1e:16:4b:68:04:31:
bf:68:e2:01:45:f1:63:87:3c:c7:33:33:6b:b3:e3:
c6:63:77:8d:20:87:ad:ce:e2:23:8d:66:f3:e4:60:
ca:83:94:4c:ed:ae:9a:a2:24:7a:26:ad:8c:f4:a1:
27:c0:af:96:41:de:79:a2:4c:e0:97:e8:82:e0:a0:
35:99:ca:8a:7a:c8:a6:57:29:2c:cb:ca:bc:d9:a1:
6f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:73:2A:0A:E5:59:4B:BC:B0:3A:91:5C:9B:AC:C1:8D:8D:A0:2A:D7
X509v3 Authority Key Identifier:
keyid:CD:B4:D7:A7:92:8D:81:F0:E5:F6:C4:91:EA:5F:2B:7C:58:7B:9D:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbTXp5KNgfDl9sSR6l8rfFh7nZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cc1041-e57d-4703-974b-cd2d8865edc5/1/T3MqCuVZS7ywOpFcm6zBjY2gKtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cc1041-e57d-4703-974b-cd2d8865edc5/1/zbTXp5KNgfDl9sSR6l8rfFh7nZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f880::/29
Signature Algorithm: sha256WithRSAEncryption
52:00:fa:01:3a:e0:1b:55:e6:c8:7e:71:9f:22:92:c0:49:e5:
a7:09:cc:ff:fe:23:36:ee:cb:c5:cd:d4:a9:63:1a:fa:bb:d7:
0b:87:93:3b:e2:61:15:7c:8e:08:e5:79:b3:b6:8c:30:cd:c3:
dd:70:1e:39:e8:b9:87:ea:a9:e9:74:d9:7a:13:97:95:33:67:
3c:54:5a:12:ff:08:76:98:be:6e:0b:23:23:46:4a:2c:93:c8:
2e:f0:06:c1:9d:d6:27:73:63:25:2c:a1:bb:64:74:f0:aa:1e:
3f:ad:76:cf:2a:0e:5d:90:bf:83:65:14:5b:d7:d3:d7:01:a7:
1b:1f:42:41:e7:67:94:27:b4:64:31:72:c9:24:ec:eb:d2:76:
01:94:92:82:e1:d0:3a:b8:b1:39:f3:69:04:a0:ba:fe:1c:81:
82:02:ff:37:a3:c4:ae:6a:47:3e:8f:4b:12:5d:e4:cd:44:9d:
28:2b:f8:71:f3:93:d4:b0:b1:a4:7d:c7:38:82:eb:40:4a:5a:
60:dd:7b:58:1f:a6:31:28:24:94:df:1a:e1:18:48:4c:b0:55:
31:bd:81:b4:0c:b0:97:98:c5:a1:50:d8:3f:74:15:ef:bd:5a:
cb:04:d2:c8:ba:a8:67:6f:bb:b2:be:be:4d:db:cc:a9:6d:d7:
c8:0d:16:4a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYHaz5Lpq9e790GkL5dj0L3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjRkN2E3OTI4ZDgxZjBlNWY2YzQ5MWVhNWYyYjdjNTg3
YjlkOWQwHhcNMjIwNzA3MjIzNzI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjczMmEwYWU1NTk0YmJjYjAzYTkxNWM5YmFjYzE4ZDhkYTAyYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJC7slGa1kvh/FpavtlmbenlCI/v
wCQrOVs44swscH/svyolnqSiD8LRbY27mUYUJLolwhzIn/HQhcBQMbvd0vWRe6gU
xJFgV/2+x7kptG6DTnSa28P5umSI+wL9DKvPc7n6fzK8zgzeu9E6Q4g2OTGVkd5p
UURlPaiX2tVRYJMyGMCQFaPSRnW7KVtruVBvDDKqluS7B72J5/deokLjX4HQYPBv
41Xr5orIMGIeFktoBDG/aOIBRfFjhzzHMzNrs+PGY3eNIIetzuIjjWbz5GDKg5RM
7a6aoiR6Jq2M9KEnwK+WQd55okzgl+iC4KA1mcqKesimVyksy8q82aFvhQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE9zKgrlWUu8sDqRXJuswY2NoCrXMB8GA1UdIwQY
MBaAFM2016eSjYHw5fbEkepfK3xYe52dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJUWHA1S05nZkRsOXNTUjZsOHJmRmg3blowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9jYzEwNDEtZTU3ZC00NzAzLTk3NGIt
Y2QyZDg4NjVlZGM1LzEvVDNNcUN1VlpTN3l3T3BGY202ekJqWTJnS3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9jYzEwNDEtZTU3ZC00NzAzLTk3NGItY2QyZDg4NjVlZGM1
LzEvemJUWHA1S05nZkRsOXNTUjZsOHJmRmg3blowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhL4gDAN
BgkqhkiG9w0BAQsFAAOCAQEAUgD6ATrgG1XmyH5xnyKSwEnlpwnM//4jNu7Lxc3U
qWMa+rvXC4eTO+JhFXyOCOV5s7aMMM3D3XAeOei5h+qp6XTZehOXlTNnPFRaEv8I
dpi+bgsjI0ZKLJPILvAGwZ3WJ3NjJSyhu2R08KoeP612zyoOXZC/g2UUW9fT1wGn
Gx9CQednlCe0ZDFyySTs69J2AZSSguHQOrixOfNpBKC6/hyBggL/N6PErmpHPo9L
El3kzUSdKCv4cfOT1LCxpH3HOILrQEpaYN17WB+mMSgklN8a4RhITLBVMb2BtAyw
l5jFoVDYP3QV771aywTSyLqoZ2+7sr6+TdvMqW3XyA0WSg==
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:07:42 2025 by rpki-client