Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/36f7ab-566b-49a5-a137-8f153d37a9a3/1/5QsOJFYXXw8SnmPzUIg-ZC_0gCs.roa
File: 5QsOJFYXXw8SnmPzUIg-ZC_0gCs.roa (raw, json)
Hash identifier: BFujvvmm9HdJ3k/f6GTgwBVx6rYNVLqyWZmFmVpbiqA=
Subject key identifier: E5:0B:0E:24:56:17:5F:0F:12:9E:63:F3:50:88:3E:64:2F:F4:80:2B
Certificate issuer: /CN=47f843cce09c295d2d86d93541169bc1a0f5a2b9
Certificate serial: 01856E542162F52A83092C8D730A4B37B9AB
Authority key identifier: 47:F8:43:CC:E0:9C:29:5D:2D:86:D9:35:41:16:9B:C1:A0:F5:A2:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R_hDzOCcKV0thtk1QRabwaD1ork.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/36f7ab-566b-49a5-a137-8f153d37a9a3/1/5QsOJFYXXw8SnmPzUIg-ZC_0gCs.roa
Signing time: Sun 01 Jan 2023 17:14:45 +0000
ROA not before: Sun 01 Jan 2023 17:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207641
IP address blocks: 2a0f:ff40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:54:21:62:f5:2a:83:09:2c:8d:73:0a:4b:37:b9:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47f843cce09c295d2d86d93541169bc1a0f5a2b9
Validity
Not Before: Jan 1 17:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e50b0e2456175f0f129e63f350883e642ff4802b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9e:fa:ac:08:63:3d:20:f7:cf:f9:1f:99:8d:
ed:9b:7b:36:3d:60:32:77:0f:27:28:25:d0:31:15:
56:04:73:7b:62:4d:7f:43:98:22:bd:54:f6:4c:b2:
b2:15:b5:60:21:66:29:11:37:79:07:f0:2f:14:56:
3c:ea:d8:5c:dc:29:ca:90:ea:f1:6a:0d:79:9b:0d:
29:d3:18:0d:fe:5a:36:fc:77:75:43:cb:54:6d:97:
87:d9:85:74:e1:78:8e:1b:27:9b:e0:d0:16:ca:00:
1f:47:8c:20:97:6a:58:41:82:c8:bc:f5:09:4d:da:
c6:0a:e3:4a:b3:f4:9c:b5:ba:01:83:4a:32:88:7c:
f3:a8:20:bd:47:68:74:c8:88:0d:9c:c6:26:34:86:
c5:b6:42:97:19:bf:39:96:30:27:b6:4d:f9:5e:7a:
f9:4c:16:44:3d:89:d9:2c:5d:b6:18:df:5b:fa:e5:
bc:61:cd:d1:16:df:27:19:0b:48:da:bf:e4:2b:ac:
f6:71:55:a9:c6:55:ec:ce:8c:56:a1:c6:2b:0a:71:
b7:32:90:10:bb:5c:d6:71:da:74:87:e2:2c:38:98:
53:8b:3a:3d:f9:65:3c:71:aa:2d:d2:14:55:da:6e:
38:e5:c1:b2:5d:12:54:03:c4:57:20:d9:ea:fe:2b:
4b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:0B:0E:24:56:17:5F:0F:12:9E:63:F3:50:88:3E:64:2F:F4:80:2B
X509v3 Authority Key Identifier:
keyid:47:F8:43:CC:E0:9C:29:5D:2D:86:D9:35:41:16:9B:C1:A0:F5:A2:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R_hDzOCcKV0thtk1QRabwaD1ork.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/36f7ab-566b-49a5-a137-8f153d37a9a3/1/5QsOJFYXXw8SnmPzUIg-ZC_0gCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/36f7ab-566b-49a5-a137-8f153d37a9a3/1/R_hDzOCcKV0thtk1QRabwaD1ork.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
b5:e5:40:3a:f4:b4:5e:3a:cd:4f:49:82:28:68:1e:85:f2:16:
ed:09:eb:f8:d5:48:4c:11:c0:06:9e:aa:f6:4d:a5:ab:0d:31:
15:b2:11:fc:c3:c7:34:77:2c:02:0f:8d:6b:86:11:dc:1c:40:
b5:01:c5:a0:b5:16:fd:69:a3:d1:27:18:b5:92:09:c1:19:59:
87:f6:07:27:6e:86:c6:40:aa:98:a9:fb:69:86:5c:be:80:f5:
57:63:f2:9c:88:78:2a:4e:1a:66:64:ca:2d:95:ca:c2:75:50:
1a:12:03:c1:75:91:28:5a:12:5e:59:58:db:4e:f1:b4:05:5a:
86:90:d6:7d:05:f2:64:12:04:73:0d:08:4a:3f:a9:3b:49:57:
26:4f:7d:fb:43:b2:77:0a:af:21:2f:1a:b4:49:f6:28:89:e8:
8b:b5:e0:a2:37:29:6c:2f:45:12:4c:1a:6f:ee:d2:13:b9:a5:
4d:42:24:3b:4d:08:a8:ff:c5:3f:14:05:1d:82:67:c0:36:6f:
45:17:10:08:8b:17:1c:95:79:e6:fb:b8:17:90:39:33:56:34:
e3:81:34:9d:6a:de:63:82:a8:80:db:df:af:9d:a2:82:52:04:
a1:10:b3:e5:4c:ab:33:35:17:8b:34:77:c5:32:fc:3e:d0:7c:
5a:f3:3d:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVuVCFi9SqDCSyNcwpLN7mrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3Zjg0M2NjZTA5YzI5NWQyZDg2ZDkzNTQxMTY5YmMxYTBm
NWEyYjkwHhcNMjMwMTAxMTcxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTBiMGUyNDU2MTc1ZjBmMTI5ZTYzZjM1MDg4M2U2NDJmZjQ4MDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJ76rAhjPSD3z/kfmY3tm3s2PWAy
dw8nKCXQMRVWBHN7Yk1/Q5givVT2TLKyFbVgIWYpETd5B/AvFFY86thc3CnKkOrx
ag15mw0p0xgN/lo2/Hd1Q8tUbZeH2YV04XiOGyeb4NAWygAfR4wgl2pYQYLIvPUJ
TdrGCuNKs/SctboBg0oyiHzzqCC9R2h0yIgNnMYmNIbFtkKXGb85ljAntk35Xnr5
TBZEPYnZLF22GN9b+uW8Yc3RFt8nGQtI2r/kK6z2cVWpxlXszoxWocYrCnG3MpAQ
u1zWcdp0h+IsOJhTizo9+WU8caot0hRV2m445cGyXRJUA8RXINnq/itLSwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOULDiRWF18PEp5j81CIPmQv9IArMB8GA1UdIwQY
MBaAFEf4Q8zgnCldLYbZNUEWm8Gg9aK5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUl9oRHpPQ2NLVjB0aHRrMVFSYWJ3YUQxb3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNmY3YWItNTY2Yi00OWE1LWExMzct
OGYxNTNkMzdhOWEzLzEvNVFzT0pGWVhYdzhTbm1QelVJZy1aQ18wZ0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNmY3YWItNTY2Yi00OWE1LWExMzctOGYxNTNkMzdhOWEz
LzEvUl9oRHpPQ2NLVjB0aHRrMVFSYWJ3YUQxb3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg//QDAN
BgkqhkiG9w0BAQsFAAOCAQEAteVAOvS0XjrNT0mCKGgehfIW7Qnr+NVITBHABp6q
9k2lqw0xFbIR/MPHNHcsAg+Na4YR3BxAtQHFoLUW/Wmj0ScYtZIJwRlZh/YHJ26G
xkCqmKn7aYZcvoD1V2PynIh4Kk4aZmTKLZXKwnVQGhIDwXWRKFoSXllY207xtAVa
hpDWfQXyZBIEcw0ISj+pO0lXJk99+0OydwqvIS8atEn2KInoi7XgojcpbC9FEkwa
b+7SE7mlTUIkO00IqP/FPxQFHYJnwDZvRRcQCIsXHJV55vu4F5A5M1Y044E0nWre
Y4KogNvfr52iglIEoRCz5UyrMzUXizR3xTL8PtB8WvM9cA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:59 2025 by rpki-client