Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/kIQph00YRfR7VyoSJ5QKs9_47CM.roa
File: kIQph00YRfR7VyoSJ5QKs9_47CM.roa (raw, json)
Hash identifier: T6/F9gO6dDf2HDaMUJjHPMQQkg1ian0JLCMBF3Ug9u4=
Subject key identifier: 90:84:29:87:4D:18:45:F4:7B:57:2A:12:27:94:0A:B3:DF:F8:EC:23
Certificate issuer: /CN=d6aa89f7b722279c032942dcf24865f6d72d6501
Certificate serial: 019423D7159977A0A85FB1FD404C649E091B
Authority key identifier: D6:AA:89:F7:B7:22:27:9C:03:29:42:DC:F2:48:65:F6:D7:2D:65:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1qqJ97ciJ5wDKULc8khl9tctZQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/kIQph00YRfR7VyoSJ5QKs9_47CM.roa
Signing time: Wed 01 Jan 2025 21:48:05 +0000
ROA not before: Wed 01 Jan 2025 21:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 62.12.56.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:15:99:77:a0:a8:5f:b1:fd:40:4c:64:9e:09:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6aa89f7b722279c032942dcf24865f6d72d6501
Validity
Not Before: Jan 1 21:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=908429874d1845f47b572a1227940ab3dff8ec23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:39:26:90:43:fb:38:7d:ac:8d:24:94:cc:b9:
af:28:f2:46:cc:db:ab:12:2b:de:c5:2e:f2:e5:64:
cb:f3:53:f8:54:91:09:f4:86:f1:1c:a0:f5:f6:17:
40:14:1b:8e:e8:de:3b:ad:10:66:7e:3e:ab:d8:58:
2d:39:9e:41:c9:6e:de:94:00:a9:76:f8:43:9f:3c:
a0:1e:61:f5:71:19:21:b3:ed:21:b4:03:21:e6:0d:
fe:d1:e4:76:74:26:a5:6c:90:39:64:81:5c:1f:f5:
23:ba:f1:21:d9:e8:52:c3:d9:dc:a3:08:cf:86:a7:
89:ad:46:17:7d:92:8f:5a:d8:c2:86:05:ff:58:80:
40:65:68:b8:44:3f:02:f2:9b:ce:67:1b:69:a1:3e:
cf:da:de:75:92:e7:57:27:b4:a9:9d:14:79:e1:cc:
7c:91:f2:52:88:dd:b6:eb:2b:ae:00:a4:83:fc:9a:
e3:88:54:cb:02:60:81:28:0c:cb:c3:6d:fe:9b:58:
1a:36:50:46:0b:29:fd:68:e4:e9:c8:38:a2:6c:8b:
16:89:d3:81:7d:94:8d:f6:ab:f1:af:c8:79:0f:94:
7d:83:61:5d:43:ea:b3:d9:7c:67:fb:56:f4:12:11:
27:67:81:b5:67:a4:cb:81:94:52:ff:09:eb:3d:c2:
94:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:84:29:87:4D:18:45:F4:7B:57:2A:12:27:94:0A:B3:DF:F8:EC:23
X509v3 Authority Key Identifier:
keyid:D6:AA:89:F7:B7:22:27:9C:03:29:42:DC:F2:48:65:F6:D7:2D:65:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1qqJ97ciJ5wDKULc8khl9tctZQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/kIQph00YRfR7VyoSJ5QKs9_47CM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/1qqJ97ciJ5wDKULc8khl9tctZQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.12.56.0/21
Signature Algorithm: sha256WithRSAEncryption
76:dd:4a:99:af:4c:c5:aa:94:2a:48:71:78:fa:0d:be:12:4c:
75:f0:87:ab:3b:ca:26:5f:7b:44:2b:e8:b8:e7:b4:f1:46:36:
da:aa:52:91:03:c9:68:d4:34:28:13:3d:82:7d:89:a3:fe:53:
f8:8c:7c:89:4e:d2:a7:08:7a:eb:1a:6e:b0:a7:6e:8c:dc:26:
0e:6c:c2:1e:68:47:c4:54:71:7e:52:bf:8a:e0:35:07:21:9b:
c1:c2:8f:75:7d:c6:bb:37:3e:4b:25:23:91:d2:2e:71:2a:db:
ca:f8:56:ba:33:04:8a:17:8f:ab:b3:0c:87:3d:cc:26:87:72:
61:18:45:6b:3a:b2:86:65:4b:1e:76:96:6f:9c:f3:e9:1e:40:
65:a5:de:72:dc:c1:17:4c:f7:9d:70:d6:7a:15:8c:d5:a0:7e:
76:8b:f8:7d:40:eb:55:63:d2:3c:03:51:90:2a:5c:6b:07:31:
8e:3a:0e:ed:a7:d0:a6:ff:a8:7e:82:9e:e8:c2:6d:86:ae:e9:
fb:ee:66:fc:ed:67:6e:e4:14:c4:85:c4:37:77:8b:22:ee:41:
c6:b2:7f:78:58:1a:a3:ab:b4:a7:31:3c:8c:00:d0:94:e1:fe:
da:1a:20:57:75:de:ca:e4:b0:b2:96:9e:da:9f:5e:07:c9:d8:
d7:aa:d0:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1xWZd6CoX7H9QExkngkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YWE4OWY3YjcyMjI3OWMwMzI5NDJkY2YyNDg2NWY2ZDcy
ZDY1MDEwHhcNMjUwMTAxMjE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDg0Mjk4NzRkMTg0NWY0N2I1NzJhMTIyNzk0MGFiM2RmZjhlYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TkmkEP7OH2sjSSUzLmvKPJGzNur
EivexS7y5WTL81P4VJEJ9IbxHKD19hdAFBuO6N47rRBmfj6r2FgtOZ5ByW7elACp
dvhDnzygHmH1cRkhs+0htAMh5g3+0eR2dCalbJA5ZIFcH/UjuvEh2ehSw9ncowjP
hqeJrUYXfZKPWtjChgX/WIBAZWi4RD8C8pvOZxtpoT7P2t51kudXJ7SpnRR54cx8
kfJSiN226yuuAKSD/JrjiFTLAmCBKAzLw23+m1gaNlBGCyn9aOTpyDiibIsWidOB
fZSN9qvxr8h5D5R9g2FdQ+qz2Xxn+1b0EhEnZ4G1Z6TLgZRS/wnrPcKUnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCEKYdNGEX0e1cqEieUCrPf+OwjMB8GA1UdIwQY
MBaAFNaqife3IiecAylC3PJIZfbXLWUBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXFxSjk3Y2lKNXdES1VMYzhraGw5dGN0WlFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wZTdlMjgtYTgyOS00N2QyLTgwZTYt
OGJhNjg4ODY2OWNmLzEva0lRcGgwMFlSZlI3VnlvU0o1UUtzOV80N0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wZTdlMjgtYTgyOS00N2QyLTgwZTYtOGJhNjg4ODY2OWNm
LzEvMXFxSjk3Y2lKNXdES1VMYzhraGw5dGN0WlFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPgw4MA0G
CSqGSIb3DQEBCwUAA4IBAQB23UqZr0zFqpQqSHF4+g2+Ekx18IerO8omX3tEK+i4
57TxRjbaqlKRA8lo1DQoEz2CfYmj/lP4jHyJTtKnCHrrGm6wp26M3CYObMIeaEfE
VHF+Ur+K4DUHIZvBwo91fca7Nz5LJSOR0i5xKtvK+Fa6MwSKF4+rswyHPcwmh3Jh
GEVrOrKGZUsedpZvnPPpHkBlpd5y3MEXTPedcNZ6FYzVoH52i/h9QOtVY9I8A1GQ
KlxrBzGOOg7tp9Cm/6h+gp7owm2Grun77mb87Wdu5BTEhcQ3d4si7kHGsn94WBqj
q7SnMTyMANCU4f7aGiBXdd7K5LCylp7an14HydjXqtBH
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:51:15 2025 by rpki-client