Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/35a6cc-da7f-4e3c-bccb-e73c1244fe68/1/Ui_QrhgNKyhxbfXPdWLs3ESMs-Q.roa
File: Ui_QrhgNKyhxbfXPdWLs3ESMs-Q.roa (raw, json)
Hash identifier: OvKHTlpHh8TJVl7Xs+SsEtkWBLCTpN/z7t+2PXU6Wvg=
Subject key identifier: 52:2F:D0:AE:18:0D:2B:28:71:6D:F5:CF:75:62:EC:DC:44:8C:B3:E4
Certificate issuer: /CN=39407123065c955d19d4fae963b0d055f489b215
Certificate serial: 0186BD1AE1038F8A05929587E3D7F6011FB0
Authority key identifier: 39:40:71:23:06:5C:95:5D:19:D4:FA:E9:63:B0:D0:55:F4:89:B2:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OUBxIwZclV0Z1PrpY7DQVfSJshU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/35a6cc-da7f-4e3c-bccb-e73c1244fe68/1/Ui_QrhgNKyhxbfXPdWLs3ESMs-Q.roa
Signing time: Tue 07 Mar 2023 17:25:00 +0000
ROA not before: Tue 07 Mar 2023 17:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48266
IP address blocks: 2a12:8c00::/36 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bd:1a:e1:03:8f:8a:05:92:95:87:e3:d7:f6:01:1f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39407123065c955d19d4fae963b0d055f489b215
Validity
Not Before: Mar 7 17:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=522fd0ae180d2b28716df5cf7562ecdc448cb3e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2d:4b:6c:dc:c1:f0:e9:7a:7f:98:47:d3:12:
42:1d:ca:ef:9b:2e:12:68:8a:02:fe:b4:21:fb:a0:
9c:56:2d:dd:74:be:a2:3a:88:5d:43:fa:7f:83:16:
6f:a3:34:5b:18:2a:18:7c:4b:9e:c9:b6:94:32:09:
5e:ab:27:2f:86:e6:ea:4c:89:89:85:6c:61:5e:26:
b0:2f:b1:a5:e9:08:c0:3b:a8:ea:91:aa:7d:cf:60:
19:ad:01:82:77:99:db:33:54:ab:5e:14:d2:0c:94:
65:66:a4:e6:07:36:ab:90:63:6e:aa:8c:95:24:b5:
01:2b:ed:1d:0b:29:90:99:f4:d6:8c:78:b9:87:fa:
06:3a:e2:28:32:63:63:06:ec:67:cb:00:1f:62:5c:
8e:ed:69:b4:94:9c:42:d6:16:8e:14:6b:16:26:86:
62:17:7d:7a:b9:87:d6:77:60:a3:26:20:a8:05:f3:
97:29:11:65:47:9b:30:cc:16:48:f2:e7:7e:b3:da:
38:f4:83:e6:fd:e1:ad:2c:d5:d0:91:21:3a:ff:ff:
ae:46:e3:38:02:ad:cc:75:0b:e4:db:78:b0:44:3f:
52:ea:48:d1:0c:5e:7d:cf:7b:23:81:52:55:b2:12:
d5:05:3e:86:3f:ae:8b:fa:51:64:08:3d:83:9e:45:
89:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:2F:D0:AE:18:0D:2B:28:71:6D:F5:CF:75:62:EC:DC:44:8C:B3:E4
X509v3 Authority Key Identifier:
keyid:39:40:71:23:06:5C:95:5D:19:D4:FA:E9:63:B0:D0:55:F4:89:B2:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUBxIwZclV0Z1PrpY7DQVfSJshU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/35a6cc-da7f-4e3c-bccb-e73c1244fe68/1/Ui_QrhgNKyhxbfXPdWLs3ESMs-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/35a6cc-da7f-4e3c-bccb-e73c1244fe68/1/OUBxIwZclV0Z1PrpY7DQVfSJshU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8c00::/36
Signature Algorithm: sha256WithRSAEncryption
90:7b:45:da:56:a3:9e:ff:51:e2:49:ce:f7:11:b2:d7:d4:7a:
02:0b:90:6c:51:d2:0b:45:f1:12:fa:31:83:b1:97:3c:a7:4e:
52:ef:41:59:05:70:72:a5:0e:3b:a7:e7:7f:43:3c:e5:87:0b:
6d:6a:89:f2:42:f4:e2:03:23:5d:73:5e:26:eb:06:b5:06:e7:
bf:cd:09:e0:8f:3f:d0:7a:7d:d9:10:9a:e4:69:fc:0f:9c:95:
49:8a:3b:3e:29:b0:86:d2:a0:27:bb:f5:17:1b:ca:e5:da:05:
a3:e3:39:d4:1a:18:c1:db:86:e8:5e:ef:0a:be:ef:2b:96:c2:
3c:75:37:43:69:4c:55:50:16:da:9d:f2:b3:af:45:95:c7:0e:
8a:f5:78:9a:4f:3d:40:a1:33:fa:8a:f9:75:27:92:6d:6c:b0:
53:bf:86:3f:49:08:8b:5d:5c:00:a3:0d:72:ff:34:f4:82:60:
11:cc:d6:21:2e:f6:f9:98:20:5a:fd:46:16:26:13:3e:a4:60:
2b:8a:ef:cb:96:29:2c:3d:e8:94:f8:10:25:1a:84:61:f8:b7:
5e:8b:0d:39:12:a5:b1:de:0e:b3:a9:b2:5d:b4:3c:a1:9b:31:
65:a3:43:27:11:63:35:ff:b9:1f:eb:a7:20:12:e1:a4:a8:88:
ee:d6:21:10
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYa9GuEDj4oFkpWH49f2AR+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NDA3MTIzMDY1Yzk1NWQxOWQ0ZmFlOTYzYjBkMDU1ZjQ4
OWIyMTUwHhcNMjMwMzA3MTcyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjJmZDBhZTE4MGQyYjI4NzE2ZGY1Y2Y3NTYyZWNkYzQ0OGNiM2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgS1LbNzB8Ol6f5hH0xJCHcrvmy4S
aIoC/rQh+6CcVi3ddL6iOohdQ/p/gxZvozRbGCoYfEueybaUMgleqycvhubqTImJ
hWxhXiawL7Gl6QjAO6jqkap9z2AZrQGCd5nbM1SrXhTSDJRlZqTmBzarkGNuqoyV
JLUBK+0dCymQmfTWjHi5h/oGOuIoMmNjBuxnywAfYlyO7Wm0lJxC1haOFGsWJoZi
F316uYfWd2CjJiCoBfOXKRFlR5swzBZI8ud+s9o49IPm/eGtLNXQkSE6//+uRuM4
Aq3MdQvk23iwRD9S6kjRDF59z3sjgVJVshLVBT6GP66L+lFkCD2DnkWJrQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFIv0K4YDSsocW31z3Vi7NxEjLPkMB8GA1UdIwQY
MBaAFDlAcSMGXJVdGdT66WOw0FX0ibIVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1VCeEl3WmNsVjBaMVBycFk3RFFWZlNKc2hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8zNWE2Y2MtZGE3Zi00ZTNjLWJjY2It
ZTczYzEyNDRmZTY4LzEvVWlfUXJoZ05LeWh4YmZYUGRXTHMzRVNNcy1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8zNWE2Y2MtZGE3Zi00ZTNjLWJjY2ItZTczYzEyNDRmZTY4
LzEvT1VCeEl3WmNsVjBaMVBycFk3RFFWZlNKc2hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhKMAAAw
DQYJKoZIhvcNAQELBQADggEBAJB7RdpWo57/UeJJzvcRstfUegILkGxR0gtF8RL6
MYOxlzynTlLvQVkFcHKlDjun539DPOWHC21qifJC9OIDI11zXibrBrUG57/NCeCP
P9B6fdkQmuRp/A+clUmKOz4psIbSoCe79RcbyuXaBaPjOdQaGMHbhuhe7wq+7yuW
wjx1N0NpTFVQFtqd8rOvRZXHDor1eJpPPUChM/qK+XUnkm1ssFO/hj9JCItdXACj
DXL/NPSCYBHM1iEu9vmYIFr9RhYmEz6kYCuK78uWKSw96JT4ECUahGH4t16LDTkS
pbHeDrOpsl20PKGbMWWjQycRYzX/uR/rpyAS4aSoiO7WIRA=
-----END CERTIFICATE-----
Generated at Sat May 10 08:22:57 2025 by rpki-client