Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/vTcz9TbaZmkrRgFwoLkH4FxTiUY.roa
File: vTcz9TbaZmkrRgFwoLkH4FxTiUY.roa (raw, json)
Hash identifier: RlhMgAdHv37xs52/86fxc2/+VfKt/z5mXUvHxivMqcg=
Subject key identifier: BD:37:33:F5:36:DA:66:69:2B:46:01:70:A0:B9:07:E0:5C:53:89:46
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0195273DE661CFFA5DA3204C658940B7343D
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/vTcz9TbaZmkrRgFwoLkH4FxTiUY.roa
Signing time: Fri 21 Feb 2025 06:42:02 +0000
ROA not before: Fri 21 Feb 2025 06:42:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211027
IP address blocks: 2a12:a345::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:3d:e6:61:cf:fa:5d:a3:20:4c:65:89:40:b7:34:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Feb 21 06:42:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd3733f536da66692b460170a0b907e05c538946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:35:8b:69:c3:96:84:c0:bd:64:04:f3:13:13:
5e:68:e8:8f:80:ba:32:39:7f:67:48:ad:fd:69:22:
4e:e0:ca:fd:f4:87:fd:c5:4b:d8:dc:23:3c:01:6a:
04:c3:81:e4:36:a7:7a:03:5c:dc:13:8f:0c:7d:21:
7d:1e:eb:b8:87:9b:4d:0f:ec:6d:63:2e:24:54:61:
0b:3f:7e:f1:a7:f4:15:5e:7c:ef:15:e1:46:20:3b:
7a:02:24:e1:68:75:ac:ff:83:b1:c4:df:30:24:2e:
92:d4:d0:5b:8d:d8:0f:44:4a:f3:0b:5e:40:ac:a0:
5e:1e:85:06:df:58:b3:53:bc:c1:ef:94:b3:3e:29:
bb:71:bd:cd:16:bd:da:44:a0:3c:af:57:2e:fb:d8:
41:9f:36:31:31:5c:fb:1f:71:e8:ee:3c:46:e4:45:
e3:29:27:aa:6d:09:8d:f1:57:ca:8c:f7:7d:18:81:
ef:92:74:e5:b0:75:ae:57:6e:9a:51:e8:5f:66:58:
66:8a:f5:77:71:ab:1e:b1:ef:00:1f:b3:9c:a1:c1:
da:bc:86:50:a2:69:d0:03:a2:0a:db:56:46:09:33:
10:69:58:be:2b:cf:8f:4d:4a:f0:02:85:ae:04:2d:
92:91:ff:5d:ba:98:22:5f:eb:27:12:e9:7e:e9:e7:
dd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:37:33:F5:36:DA:66:69:2B:46:01:70:A0:B9:07:E0:5C:53:89:46
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/vTcz9TbaZmkrRgFwoLkH4FxTiUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a345::/32
Signature Algorithm: sha256WithRSAEncryption
66:25:bd:be:0f:44:45:14:31:71:45:b3:36:67:64:85:66:f1:
d0:01:f5:bc:e3:25:b9:18:07:2f:d6:6e:86:d2:6b:b1:32:01:
3c:fa:e8:03:b4:83:aa:96:55:a5:0b:4a:8b:c5:2c:b2:6c:85:
a2:85:aa:28:30:fc:45:ef:03:4c:f6:46:5d:90:75:af:d3:a2:
44:16:c4:12:05:43:2c:6e:bd:83:c7:a7:cc:bd:15:c4:31:90:
53:2d:68:a7:a2:53:d4:b9:57:e1:fb:12:66:7e:30:97:8a:d0:
2a:86:d2:1c:1f:f3:28:83:f1:dc:1c:ac:ee:0f:35:fa:0d:28:
fc:3f:21:87:ae:30:1f:00:07:0c:69:b0:06:be:38:61:1f:63:
53:fc:ef:f8:bc:98:dd:59:84:50:28:dc:29:72:7e:30:7b:9b:
79:8f:d3:f6:60:a5:47:3a:00:1e:cd:96:72:78:87:02:99:f2:
14:d7:5c:12:37:77:10:53:05:e1:c5:0d:16:04:e9:01:8a:66:
45:76:aa:d6:17:fb:d9:a1:65:64:a8:c4:5f:07:ff:80:17:40:
bd:3d:c8:c8:1f:2f:6e:dd:5f:d3:c5:39:00:da:ef:97:72:d1:
6a:e0:02:d5:56:fb:2a:e8:4b:23:78:43:42:97:6d:cc:f1:4a:
6f:8e:15:82
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUnPeZhz/pdoyBMZYlAtzQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMjIxMDY0MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDM3MzNmNTM2ZGE2NjY5MmI0NjAxNzBhMGI5MDdlMDVjNTM4OTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjWLacOWhMC9ZATzExNeaOiPgLoy
OX9nSK39aSJO4Mr99If9xUvY3CM8AWoEw4HkNqd6A1zcE48MfSF9Huu4h5tND+xt
Yy4kVGELP37xp/QVXnzvFeFGIDt6AiThaHWs/4OxxN8wJC6S1NBbjdgPRErzC15A
rKBeHoUG31izU7zB75SzPim7cb3NFr3aRKA8r1cu+9hBnzYxMVz7H3Ho7jxG5EXj
KSeqbQmN8VfKjPd9GIHvknTlsHWuV26aUehfZlhmivV3casese8AH7OcocHavIZQ
omnQA6IK21ZGCTMQaVi+K8+PTUrwAoWuBC2Skf9dupgiX+snEul+6efdJwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL03M/U22mZpK0YBcKC5B+BcU4lGMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvdlRjejlUYmFabWtyUmdGd29Ma0g0RnhUaVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKjRTAN
BgkqhkiG9w0BAQsFAAOCAQEAZiW9vg9ERRQxcUWzNmdkhWbx0AH1vOMluRgHL9Zu
htJrsTIBPProA7SDqpZVpQtKi8UssmyFooWqKDD8Re8DTPZGXZB1r9OiRBbEEgVD
LG69g8enzL0VxDGQUy1op6JT1LlX4fsSZn4wl4rQKobSHB/zKIPx3Bys7g81+g0o
/D8hh64wHwAHDGmwBr44YR9jU/zv+LyY3VmEUCjcKXJ+MHubeY/T9mClRzoAHs2W
cniHApnyFNdcEjd3EFMF4cUNFgTpAYpmRXaq1hf72aFlZKjEXwf/gBdAvT3IyB8v
bt1f08U5ANrvl3LRauAC1Vb7KuhLI3hDQpdtzPFKb44Vgg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:14 2025 by rpki-client