Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/alnV74vFSam3rQx6Dmd1DNDuigc.roa
File: alnV74vFSam3rQx6Dmd1DNDuigc.roa (raw, json)
Hash identifier: MKKETCkbJ8gLUuVxMB/kJlGwLoMwUcWOoOci82/CtNA=
Subject key identifier: 6A:59:D5:EF:8B:C5:49:A9:B7:AD:0C:7A:0E:67:75:0C:D0:EE:8A:07
Certificate issuer: /CN=a0df7f5b6618bda23c83bed11b442041f1fb456d
Certificate serial: 01942444AC48F252137BAD1F88CAF4375986
Authority key identifier: A0:DF:7F:5B:66:18:BD:A2:3C:83:BE:D1:1B:44:20:41:F1:FB:45:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oN9_W2YYvaI8g77RG0QgQfH7RW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/alnV74vFSam3rQx6Dmd1DNDuigc.roa
Signing time: Wed 01 Jan 2025 23:47:47 +0000
ROA not before: Wed 01 Jan 2025 23:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48976
IP address blocks: 2a12:e100:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ac:48:f2:52:13:7b:ad:1f:88:ca:f4:37:59:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0df7f5b6618bda23c83bed11b442041f1fb456d
Validity
Not Before: Jan 1 23:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a59d5ef8bc549a9b7ad0c7a0e67750cd0ee8a07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:05:f6:e1:ae:80:cf:a5:5f:d7:44:f0:67:30:
39:c2:1a:ec:e7:56:11:bf:0e:93:02:18:c7:be:32:
0b:c9:ce:10:a9:fa:9e:58:79:ab:7f:35:9b:6e:b9:
09:2a:c6:3d:c3:91:f4:4f:88:68:51:0c:1f:e7:df:
84:70:63:5e:d8:be:24:52:b6:9d:30:73:67:e6:c1:
10:26:60:c8:04:e5:05:29:13:d0:23:a1:38:7b:46:
4b:ad:fa:90:b9:76:11:34:32:05:66:f3:ee:4a:4a:
32:b6:74:b0:66:7b:0a:65:70:90:32:56:74:80:62:
70:6b:3e:e5:5b:b9:b3:f3:52:c1:4b:7c:2b:b5:58:
95:7a:7c:61:ab:be:00:d5:68:fb:eb:99:a4:15:b8:
c9:02:ff:6e:5c:71:e8:ba:d9:3e:b3:49:27:72:43:
07:d1:65:ff:89:3c:00:4f:14:3f:e0:06:6e:46:ef:
03:ac:70:19:3a:ed:7e:d6:a5:87:57:f8:73:d6:62:
d7:b1:a0:59:00:dc:67:d7:75:f1:00:2d:8b:eb:04:
42:27:fd:30:1b:7f:06:d8:6f:cd:8e:9f:7d:68:e0:
51:a4:c9:19:da:49:d4:ca:3b:ab:bc:26:3a:43:83:
aa:49:07:bb:3d:42:88:ef:3e:19:b1:83:68:ba:40:
a9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:59:D5:EF:8B:C5:49:A9:B7:AD:0C:7A:0E:67:75:0C:D0:EE:8A:07
X509v3 Authority Key Identifier:
keyid:A0:DF:7F:5B:66:18:BD:A2:3C:83:BE:D1:1B:44:20:41:F1:FB:45:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oN9_W2YYvaI8g77RG0QgQfH7RW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/alnV74vFSam3rQx6Dmd1DNDuigc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/oN9_W2YYvaI8g77RG0QgQfH7RW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:e100:4::/48
Signature Algorithm: sha256WithRSAEncryption
0e:c3:3e:d9:63:01:66:7a:b6:e8:82:46:d7:ac:ae:a7:16:ea:
14:fc:1e:d0:b4:9a:d6:e7:87:bb:fa:90:5a:ef:28:5f:ba:33:
cd:93:ab:a4:19:97:fa:db:ab:e0:d4:a6:23:3a:09:29:23:ae:
5f:7f:0e:fb:a5:35:c8:76:fe:0f:2c:c1:46:2c:a4:db:a8:3f:
c0:05:a6:be:6e:0d:90:ac:59:ba:1a:e9:38:54:1b:3b:70:0c:
d2:4f:a8:4d:6b:04:88:56:67:ff:eb:0b:a3:50:4a:60:bf:a0:
f7:e5:3d:80:50:7f:db:88:de:2e:36:b6:3c:95:12:2e:45:f1:
27:df:aa:7a:4c:53:1b:a1:9a:f8:28:05:bd:fb:b9:92:09:a0:
ea:69:97:9a:70:2b:61:3e:d9:cb:52:4b:65:5a:14:0f:bf:a5:
27:0d:a4:3f:81:91:a3:76:65:18:75:4b:96:e3:59:83:27:20:
45:13:9c:02:56:f0:26:b0:a3:df:de:e0:cd:7a:de:b0:02:71:
8c:80:3f:74:18:d3:30:c1:50:c8:e0:f2:14:4a:81:04:7c:84:
02:67:32:41:bc:17:14:e0:a5:a9:4a:5b:00:39:91:49:cb:b0:
30:35:dc:53:43:3c:bb:4d:74:5f:bc:71:d4:86:9b:86:22:e3:
ea:35:cd:c2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQkRKxI8lITe60fiMr0N1mGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGY3ZjViNjYxOGJkYTIzYzgzYmVkMTFiNDQyMDQxZjFm
YjQ1NmQwHhcNMjUwMTAxMjM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTU5ZDVlZjhiYzU0OWE5YjdhZDBjN2EwZTY3NzUwY2QwZWU4YTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAX24a6Az6Vf10TwZzA5whrs51YR
vw6TAhjHvjILyc4QqfqeWHmrfzWbbrkJKsY9w5H0T4hoUQwf59+EcGNe2L4kUrad
MHNn5sEQJmDIBOUFKRPQI6E4e0ZLrfqQuXYRNDIFZvPuSkoytnSwZnsKZXCQMlZ0
gGJwaz7lW7mz81LBS3wrtViVenxhq74A1Wj765mkFbjJAv9uXHHoutk+s0knckMH
0WX/iTwATxQ/4AZuRu8DrHAZOu1+1qWHV/hz1mLXsaBZANxn13XxAC2L6wRCJ/0w
G38G2G/Njp99aOBRpMkZ2knUyjurvCY6Q4OqSQe7PUKI7z4ZsYNoukCpJwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGpZ1e+LxUmpt60Meg5ndQzQ7ooHMB8GA1UdIwQY
MBaAFKDff1tmGL2iPIO+0RtEIEHx+0VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb045X1cyWVl2YUk4Zzc3UkcwUWdRZkg3UlcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hNTcyOGItYTM2ZC00ZmJhLTkzYWEt
NWY0YmM5MDBjMDNkLzEvYWxuVjc0dkZTYW0zclF4NkRtZDFETkR1aWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hNTcyOGItYTM2ZC00ZmJhLTkzYWEtNWY0YmM5MDBjMDNk
LzEvb045X1cyWVl2YUk4Zzc3UkcwUWdRZkg3UlcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhLhAAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQAOwz7ZYwFmerbogkbXrK6nFuoU/B7QtJrW54e7
+pBa7yhfujPNk6ukGZf626vg1KYjOgkpI65ffw77pTXIdv4PLMFGLKTbqD/ABaa+
bg2QrFm6Guk4VBs7cAzST6hNawSIVmf/6wujUEpgv6D35T2AUH/biN4uNrY8lRIu
RfEn36p6TFMboZr4KAW9+7mSCaDqaZeacCthPtnLUktlWhQPv6UnDaQ/gZGjdmUY
dUuW41mDJyBFE5wCVvAmsKPf3uDNet6wAnGMgD90GNMwwVDI4PIUSoEEfIQCZzJB
vBcU4KWpSlsAOZFJy7AwNdxTQzy7TXRfvHHUhpuGIuPqNc3C
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:02:53 2025 by rpki-client