Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/84f73a-409e-4126-a75c-c6c87de3704f/1/baq-6l5gQJfa6zGuLRKeLiPdGGU.roa
File: baq-6l5gQJfa6zGuLRKeLiPdGGU.roa (raw, json)
Hash identifier: nQudfQH5ucHDI8142+p5M4YGQUjAhyznTKK36umKIxU=
Subject key identifier: 6D:AA:BE:EA:5E:60:40:97:DA:EB:31:AE:2D:12:9E:2E:23:DD:18:65
Certificate issuer: /CN=f3e8f1c662cc8b4d8f7a606512099eab7e1d3879
Certificate serial: 01892C9C1264E21B52D171A7D3FEE21B2DD2
Authority key identifier: F3:E8:F1:C6:62:CC:8B:4D:8F:7A:60:65:12:09:9E:AB:7E:1D:38:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8-jxxmLMi02PemBlEgmeq34dOHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/84f73a-409e-4126-a75c-c6c87de3704f/1/baq-6l5gQJfa6zGuLRKeLiPdGGU.roa
Signing time: Thu 06 Jul 2023 19:09:33 +0000
ROA not before: Thu 06 Jul 2023 19:09:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21155
IP address blocks: 91.198.87.0/24 maxlen: 24
2001:67c:2390::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2c:9c:12:64:e2:1b:52:d1:71:a7:d3:fe:e2:1b:2d:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3e8f1c662cc8b4d8f7a606512099eab7e1d3879
Validity
Not Before: Jul 6 19:09:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6daabeea5e604097daeb31ae2d129e2e23dd1865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:64:8d:30:ca:8c:9f:bf:27:62:cc:d9:96:44:
3d:6b:70:e9:f6:6f:4b:e9:b0:d2:b2:bd:bb:5e:2d:
43:67:39:5b:fb:2a:19:ea:fa:aa:ff:5c:27:7c:3a:
2d:7a:91:21:f3:ee:4d:e7:4e:1e:9b:8e:f2:e9:21:
b5:d2:96:93:f9:31:86:0a:ef:96:38:a0:36:82:fd:
53:4c:7f:fc:73:91:78:9c:02:02:9f:76:5e:33:a0:
ea:fb:fd:7d:24:78:d0:8a:da:8d:1f:8e:7c:8c:f2:
ab:f1:a5:c9:25:b5:be:dd:f0:b1:eb:07:4a:5b:48:
80:6b:f6:5e:6c:e7:88:8d:72:a1:55:05:56:40:1f:
90:e0:23:f6:a8:02:60:fc:cb:23:8c:30:14:7f:08:
57:19:05:e0:69:0a:32:a8:45:0e:83:7a:68:62:8c:
1e:8f:4f:00:fe:a9:c9:67:38:a9:61:03:4d:99:c7:
95:26:16:a8:fa:7e:e9:38:8a:54:8f:24:9a:03:b1:
7c:9b:21:15:33:3d:8d:a5:b0:b1:fc:23:95:95:26:
a5:b0:28:4a:11:fe:85:6a:b2:dd:fd:79:f4:10:75:
35:8b:0f:dc:b9:d4:ee:3f:d5:d3:4d:e3:e7:5a:ab:
e6:b5:7f:7f:b1:be:73:13:bc:dc:5b:1f:1d:a1:96:
16:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:AA:BE:EA:5E:60:40:97:DA:EB:31:AE:2D:12:9E:2E:23:DD:18:65
X509v3 Authority Key Identifier:
keyid:F3:E8:F1:C6:62:CC:8B:4D:8F:7A:60:65:12:09:9E:AB:7E:1D:38:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8-jxxmLMi02PemBlEgmeq34dOHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/84f73a-409e-4126-a75c-c6c87de3704f/1/baq-6l5gQJfa6zGuLRKeLiPdGGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/84f73a-409e-4126-a75c-c6c87de3704f/1/8-jxxmLMi02PemBlEgmeq34dOHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.87.0/24
IPv6:
2001:67c:2390::/48
Signature Algorithm: sha256WithRSAEncryption
36:a2:42:65:4d:82:32:70:60:7a:ca:30:cb:b4:56:c7:db:db:
7f:c3:3a:3b:c7:75:96:47:8f:a5:84:4b:a9:7f:91:e1:76:9b:
47:e4:dc:76:1e:4a:83:c1:cc:1b:98:ee:30:6e:01:75:86:58:
06:f3:6e:1e:31:5a:e3:73:62:f1:7b:0d:c8:18:fc:c5:d1:6a:
aa:3c:b5:6a:28:eb:38:3d:ed:8e:f9:c5:81:0f:02:ab:c1:a6:
b0:cb:6c:68:21:60:ed:f4:a3:b1:3d:35:a4:b5:0a:d7:33:c6:
cc:cf:08:85:6c:63:64:a3:42:0b:b3:7d:9b:df:99:08:ae:93:
da:1f:2c:8d:ec:ab:17:55:56:96:24:d4:bb:d1:5c:cc:6b:43:
27:cf:59:b9:a7:ba:b5:3d:4f:68:42:53:3d:69:ea:0d:dd:93:
d6:73:ed:27:b1:9d:19:44:00:7e:62:a2:70:a0:63:eb:fb:cd:
d9:24:ec:fa:60:79:4e:57:fc:1e:d8:da:fa:e8:3f:6e:3b:78:
74:55:86:a7:79:ca:6a:bc:9a:31:8e:c2:db:c5:ee:c2:13:ba:
cf:4e:a0:de:28:70:31:12:75:22:84:cc:e4:00:a9:c8:83:f2:
e5:4e:92:39:57:00:1b:cd:58:81:8b:6b:58:65:5d:04:74:07:
3c:86:1d:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYksnBJk4htS0XGn0/7iGy3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZThmMWM2NjJjYzhiNGQ4ZjdhNjA2NTEyMDk5ZWFiN2Ux
ZDM4NzkwHhcNMjMwNzA2MTkwOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGFhYmVlYTVlNjA0MDk3ZGFlYjMxYWUyZDEyOWUyZTIzZGQxODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmSNMMqMn78nYszZlkQ9a3Dp9m9L
6bDSsr27Xi1DZzlb+yoZ6vqq/1wnfDotepEh8+5N504em47y6SG10paT+TGGCu+W
OKA2gv1TTH/8c5F4nAICn3ZeM6Dq+/19JHjQitqNH458jPKr8aXJJbW+3fCx6wdK
W0iAa/ZebOeIjXKhVQVWQB+Q4CP2qAJg/MsjjDAUfwhXGQXgaQoyqEUOg3poYowe
j08A/qnJZzipYQNNmceVJhao+n7pOIpUjySaA7F8myEVMz2NpbCx/COVlSalsChK
Ef6FarLd/Xn0EHU1iw/cudTuP9XTTePnWqvmtX9/sb5zE7zcWx8doZYWrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG2qvupeYECX2usxri0Sni4j3RhlMB8GA1UdIwQY
MBaAFPPo8cZizItNj3pgZRIJnqt+HTh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOC1qeHhtTE1pMDJQZW1CbEVnbWVxMzRkT0hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84NGY3M2EtNDA5ZS00MTI2LWE3NWMt
YzZjODdkZTM3MDRmLzEvYmFxLTZsNWdRSmZhNnpHdUxSS2VMaVBkR0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84NGY3M2EtNDA5ZS00MTI2LWE3NWMtYzZjODdkZTM3MDRm
LzEvOC1qeHhtTE1pMDJQZW1CbEVnbWVxMzRkT0hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8ZXMA8E
AgACMAkDBwAgAQZ8I5AwDQYJKoZIhvcNAQELBQADggEBADaiQmVNgjJwYHrKMMu0
Vsfb23/DOjvHdZZHj6WES6l/keF2m0fk3HYeSoPBzBuY7jBuAXWGWAbzbh4xWuNz
YvF7DcgY/MXRaqo8tWoo6zg97Y75xYEPAqvBprDLbGghYO30o7E9NaS1CtczxszP
CIVsY2SjQguzfZvfmQiuk9ofLI3sqxdVVpYk1LvRXMxrQyfPWbmnurU9T2hCUz1p
6g3dk9Zz7SexnRlEAH5ionCgY+v7zdkk7PpgeU5X/B7Y2vroP247eHRVhqd5ymq8
mjGOwtvF7sITus9OoN4ocDESdSKEzOQAqciD8uVOkjlXABvNWIGLa1hlXQR0BzyG
Hb8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:19 2024 by rpki-client on console-ams.rpki-client.org