Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/kRsdPJ0sav5AfJe8a3W9tfO90JM.roa
File: kRsdPJ0sav5AfJe8a3W9tfO90JM.roa (raw, json)
Hash identifier: 0JRQ7BLGvcH031k4ApA2e+zEsCxRrR3dx3ZVJorji4Q=
Subject key identifier: 91:1B:1D:3C:9D:2C:6A:FE:40:7C:97:BC:6B:75:BD:B5:F3:BD:D0:93
Certificate issuer: /CN=3a0b05f40a6916394782302d1b5660737257a48b
Certificate serial: 018A7BB546E957EDD31ABB869E0EB165CC41
Authority key identifier: 3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/kRsdPJ0sav5AfJe8a3W9tfO90JM.roa
Signing time: Sat 09 Sep 2023 20:49:52 +0000
ROA not before: Sat 09 Sep 2023 20:49:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216343
IP address blocks: 2a0f:6580:109::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7b:b5:46:e9:57:ed:d3:1a:bb:86:9e:0e:b1:65:cc:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0b05f40a6916394782302d1b5660737257a48b
Validity
Not Before: Sep 9 20:49:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=911b1d3c9d2c6afe407c97bc6b75bdb5f3bdd093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:73:a3:39:7c:7b:2e:99:21:5b:92:f4:93:86:
3a:83:22:db:07:02:68:22:df:c1:e5:d2:7f:8e:e2:
1b:c4:c3:0e:c3:c1:38:34:15:65:36:30:e4:46:af:
04:1d:7b:7f:a0:d8:f4:93:45:2d:c4:8b:1a:bf:66:
87:fd:d0:6d:c9:09:d0:34:63:c2:82:b5:0c:64:80:
3c:a8:e3:60:3d:83:43:1d:4c:4f:6b:75:80:e1:b3:
07:d6:a4:01:69:ba:4c:1d:dd:27:04:bf:93:16:48:
0e:10:5c:b5:32:ee:49:8e:81:d0:9a:ed:df:07:58:
bd:99:48:b9:5b:1a:90:38:ba:0e:af:11:c0:ae:87:
43:e9:e9:50:8b:ce:07:f2:bf:65:fc:bb:96:57:91:
b2:46:85:4c:5b:40:ed:16:3b:35:d2:aa:f0:31:46:
73:ee:a2:94:25:cd:8b:c4:db:e0:63:64:dc:d8:d7:
21:ac:08:5d:ba:1a:e0:98:8f:07:1c:8d:22:fc:58:
54:dd:99:8a:b2:ba:a1:c5:7f:d2:be:8d:f4:16:63:
bb:3c:43:9c:b8:09:85:16:c1:4c:90:ac:4b:83:9b:
b2:21:eb:6d:54:f0:3a:e7:05:d4:72:45:fc:09:7b:
29:d1:09:de:c5:37:a7:9b:7e:e3:89:a8:f3:cf:9e:
97:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1B:1D:3C:9D:2C:6A:FE:40:7C:97:BC:6B:75:BD:B5:F3:BD:D0:93
X509v3 Authority Key Identifier:
keyid:3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/kRsdPJ0sav5AfJe8a3W9tfO90JM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/OgsF9AppFjlHgjAtG1Zgc3JXpIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6580:109::/48
Signature Algorithm: sha256WithRSAEncryption
cd:13:22:ad:bc:66:f5:bc:69:95:24:41:c6:ef:fb:48:b6:e1:
40:70:e9:3d:61:a1:9c:2a:20:46:26:75:d1:16:1a:20:36:2a:
d7:11:75:1e:7e:0b:11:99:90:ad:0c:27:d7:31:74:1b:91:bc:
c8:68:ce:c9:b3:28:65:0b:23:60:1c:7d:21:d5:bc:40:8b:1e:
61:16:71:d3:fa:1e:6b:2f:9b:53:f0:01:dd:0c:47:ad:f2:76:
cb:c2:f6:98:ca:98:a1:2d:ce:55:63:ce:c2:47:3c:d3:de:30:
5e:ba:ef:84:7a:22:95:de:47:8d:a6:14:ce:e8:44:8c:03:e6:
17:1c:32:47:89:a0:e9:41:d6:da:8e:d5:92:8b:85:21:a2:38:
8c:9d:02:fb:e1:09:b6:4c:15:b4:4d:c1:69:79:68:43:6b:17:
12:f0:b5:c9:43:8b:be:0b:ef:c4:9b:90:88:8d:aa:cb:7e:43:
b1:72:d3:38:b6:a7:28:3b:3c:41:35:23:3e:a0:82:f9:db:2c:
c6:41:dd:10:bc:78:2a:d7:36:42:da:9d:1c:d4:4e:4e:68:f7:
7b:3d:06:af:79:42:3a:4c:c6:2e:29:99:40:66:a4:8e:e6:2a:
62:44:7a:e5:99:fb:82:07:92:91:cb:f4:92:66:85:6a:83:d1:
96:44:37:b5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYp7tUbpV+3TGruGng6xZcxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMGIwNWY0MGE2OTE2Mzk0NzgyMzAyZDFiNTY2MDczNzI1
N2E0OGIwHhcNMjMwOTA5MjA0OTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTFiMWQzYzlkMmM2YWZlNDA3Yzk3YmM2Yjc1YmRiNWYzYmRkMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3OjOXx7LpkhW5L0k4Y6gyLbBwJo
It/B5dJ/juIbxMMOw8E4NBVlNjDkRq8EHXt/oNj0k0UtxIsav2aH/dBtyQnQNGPC
grUMZIA8qONgPYNDHUxPa3WA4bMH1qQBabpMHd0nBL+TFkgOEFy1Mu5JjoHQmu3f
B1i9mUi5WxqQOLoOrxHArodD6elQi84H8r9l/LuWV5GyRoVMW0DtFjs10qrwMUZz
7qKUJc2LxNvgY2Tc2NchrAhduhrgmI8HHI0i/FhU3ZmKsrqhxX/Svo30FmO7PEOc
uAmFFsFMkKxLg5uyIettVPA65wXUckX8CXsp0QnexTenm37jiajzz56XtQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJEbHTydLGr+QHyXvGt1vbXzvdCTMB8GA1UdIwQY
MBaAFDoLBfQKaRY5R4IwLRtWYHNyV6SLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGIt
YjIwZTI4ZjUxODhmLzEva1JzZFBKMHNhdjVBZkplOGEzVzl0Zk85MEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGItYjIwZTI4ZjUxODhm
LzEvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9lgAEJ
MA0GCSqGSIb3DQEBCwUAA4IBAQDNEyKtvGb1vGmVJEHG7/tItuFAcOk9YaGcKiBG
JnXRFhogNirXEXUefgsRmZCtDCfXMXQbkbzIaM7JsyhlCyNgHH0h1bxAix5hFnHT
+h5rL5tT8AHdDEet8nbLwvaYypihLc5VY87CRzzT3jBeuu+EeiKV3keNphTO6ESM
A+YXHDJHiaDpQdbajtWSi4UhojiMnQL74Qm2TBW0TcFpeWhDaxcS8LXJQ4u+C+/E
m5CIjarLfkOxctM4tqcoOzxBNSM+oIL52yzGQd0QvHgq1zZC2p0c1E5OaPd7PQav
eUI6TMYuKZlAZqSO5ipiRHrlmfuCB5KRy/SSZoVqg9GWRDe1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:43 2025 by rpki-client