Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/jnTJLC8Z6Sd5aaDEHojPcUDY_Qo.roa
File: jnTJLC8Z6Sd5aaDEHojPcUDY_Qo.roa (raw, json)
Hash identifier: UULeng/XtvrpBE280ZX3XMnA+/5+6AAvmsM4AwG7Jzw=
Subject key identifier: 8E:74:C9:2C:2F:19:E9:27:79:69:A0:C4:1E:88:CF:71:40:D8:FD:0A
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 0194258EDEAD4AF4E80271B6A7F7A395AEC0
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/jnTJLC8Z6Sd5aaDEHojPcUDY_Qo.roa
Signing time: Thu 02 Jan 2025 05:48:27 +0000
ROA not before: Thu 02 Jan 2025 05:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211944
IP address blocks: 2a12:7a40:9902::/48 maxlen: 48
2a12:7a40:9912::/48 maxlen: 48
2a12:7a40:9922::/48 maxlen: 48
2a12:7a40:9932::/48 maxlen: 48
2a12:7a40:9942::/48 maxlen: 48
2a12:7a40:9952::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:de:ad:4a:f4:e8:02:71:b6:a7:f7:a3:95:ae:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Jan 2 05:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e74c92c2f19e9277969a0c41e88cf7140d8fd0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d2:56:54:b6:16:63:b5:34:f1:70:2f:c7:ab:
07:7c:22:bb:86:9e:d2:7d:9c:ca:36:c2:97:0a:8a:
89:c8:ae:f0:c8:9b:2f:0a:86:0e:0a:de:16:78:c4:
dd:33:90:f4:e4:ea:89:94:13:a7:e3:ad:13:9c:61:
0d:a2:c4:2d:e8:99:94:4b:6d:f3:ae:fb:83:bb:2b:
39:23:3f:04:ec:88:ff:21:84:bf:6e:38:7d:38:03:
00:5e:92:fc:c6:3b:52:af:f0:3f:dd:bc:b9:7a:cb:
10:ec:9c:8d:4e:5b:d7:79:37:ee:bd:63:ed:62:d3:
3b:1a:9c:48:f5:ef:48:e8:15:70:75:e1:60:b4:8a:
2b:16:1a:4a:14:e0:0f:e8:07:aa:3a:1d:bb:3c:26:
16:52:7a:b3:96:92:d2:13:5c:8e:43:9b:5d:f1:57:
12:c8:93:d6:12:37:5f:d6:89:8c:af:a4:5e:e9:1c:
3b:5f:73:28:e3:54:fb:82:74:b2:bb:3c:89:be:98:
af:fa:22:03:34:c3:6e:aa:ef:ff:d7:ea:0d:6c:a5:
b1:fb:5f:8e:2b:04:2e:57:93:69:78:1b:bf:3d:2d:
3f:c3:8e:c2:d4:e8:ee:48:e0:44:42:27:f6:e0:bd:
2e:4d:76:75:d5:c0:f3:01:5c:23:9e:62:30:78:ae:
97:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:74:C9:2C:2F:19:E9:27:79:69:A0:C4:1E:88:CF:71:40:D8:FD:0A
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/jnTJLC8Z6Sd5aaDEHojPcUDY_Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:9902::/48
2a12:7a40:9912::/48
2a12:7a40:9922::/48
2a12:7a40:9932::/48
2a12:7a40:9942::/48
2a12:7a40:9952::/48
Signature Algorithm: sha256WithRSAEncryption
38:b8:48:76:e5:bf:a6:6a:d8:04:e6:b0:e3:4d:de:d3:81:8c:
c6:48:f1:24:1d:c5:80:02:03:14:5d:e1:80:bd:e3:7e:87:70:
aa:80:fd:48:5c:72:e6:50:6b:54:a0:60:3e:53:35:8f:05:86:
30:57:94:9b:1b:b8:30:34:c8:c3:76:11:29:7e:b5:41:eb:16:
db:4f:59:45:ce:fe:a7:60:0c:d7:53:b1:cd:ca:fa:80:0f:6c:
ce:5b:76:eb:da:5b:b2:da:51:3c:a1:97:9b:f6:78:41:05:78:
64:10:db:05:0d:a5:0a:16:ee:33:e9:e4:f7:93:e3:9f:b8:38:
fe:2b:f1:c6:70:4d:b2:83:68:4f:d8:83:ef:7e:2c:dc:8d:3e:
dd:25:06:b0:97:12:56:0a:c8:42:9c:e7:b6:30:77:41:f0:c1:
27:5d:cd:83:7a:c5:f5:fd:ca:0c:19:6c:37:9f:18:07:b5:3a:
02:e3:7f:4b:6f:ea:52:2b:19:7f:21:1f:66:a2:f0:30:12:f3:
ea:3e:06:78:dc:53:8c:dd:9b:fa:87:3e:c2:73:42:c2:9b:71:
37:fd:22:40:38:cc:a9:a5:be:ec:22:4d:88:b9:bc:ec:d9:1f:
8e:c4:1f:44:2d:cc:b2:e0:a7:e4:47:ee:00:7b:fb:b8:2a:4d:
b7:fa:da:ea
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQljt6tSvToAnG2p/ejla7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjUwMTAyMDU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTc0YzkyYzJmMTllOTI3Nzk2OWEwYzQxZTg4Y2Y3MTQwZDhmZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNJWVLYWY7U08XAvx6sHfCK7hp7S
fZzKNsKXCoqJyK7wyJsvCoYOCt4WeMTdM5D05OqJlBOn460TnGENosQt6JmUS23z
rvuDuys5Iz8E7Ij/IYS/bjh9OAMAXpL8xjtSr/A/3by5essQ7JyNTlvXeTfuvWPt
YtM7GpxI9e9I6BVwdeFgtIorFhpKFOAP6AeqOh27PCYWUnqzlpLSE1yOQ5td8VcS
yJPWEjdf1omMr6Re6Rw7X3Mo41T7gnSyuzyJvpiv+iIDNMNuqu//1+oNbKWx+1+O
KwQuV5NpeBu/PS0/w47C1OjuSOBEQif24L0uTXZ11cDzAVwjnmIweK6XowIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFI50ySwvGekneWmgxB6Iz3FA2P0KMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvam5USkxDOFo2U2Q1YWFERUhvalBjVURZX1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkC
AwcAKhJ6QJkSAwcAKhJ6QJkiAwcAKhJ6QJkyAwcAKhJ6QJlCAwcAKhJ6QJlSMA0G
CSqGSIb3DQEBCwUAA4IBAQA4uEh25b+matgE5rDjTd7TgYzGSPEkHcWAAgMUXeGA
veN+h3CqgP1IXHLmUGtUoGA+UzWPBYYwV5SbG7gwNMjDdhEpfrVB6xbbT1lFzv6n
YAzXU7HNyvqAD2zOW3br2luy2lE8oZeb9nhBBXhkENsFDaUKFu4z6eT3k+OfuDj+
K/HGcE2yg2hP2IPvfizcjT7dJQawlxJWCshCnOe2MHdB8MEnXc2DesX1/coMGWw3
nxgHtToC439Lb+pSKxl/IR9movAwEvPqPgZ43FOM3Zv6hz7Cc0LCm3E3/SJAOMyp
pb7sIk2Iubzs2R+OxB9ELcyy4KfkR+4Ae/u4Kk23+trq
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:13:55 2025 by rpki-client on console.sobornost.net