Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/385866-a4c5-4a0a-8238-79f94b50ab2f/1/iok1tegiui0uCWydXtXnlU-cWS4.roa
File: iok1tegiui0uCWydXtXnlU-cWS4.roa (raw, json)
Hash identifier: vnRfyRGQGdjDzAj4FVtQ2+RSyMf7EW6SJH+/4DZGqxs=
Subject key identifier: 8A:89:35:B5:E8:22:BA:2D:2E:09:6C:9D:5E:D5:E7:95:4F:9C:59:2E
Certificate issuer: /CN=82dc3bf507d71e021b74cc563e71d9dd0b42b79e
Certificate serial: 018C1B81825D6886E52FC61CFF285979E266
Authority key identifier: 82:DC:3B:F5:07:D7:1E:02:1B:74:CC:56:3E:71:D9:DD:0B:42:B7:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gtw79QfXHgIbdMxWPnHZ3QtCt54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/385866-a4c5-4a0a-8238-79f94b50ab2f/1/iok1tegiui0uCWydXtXnlU-cWS4.roa
Signing time: Wed 29 Nov 2023 14:35:21 +0000
ROA not before: Wed 29 Nov 2023 14:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215956
IP address blocks: 2001:67c:688::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:81:82:5d:68:86:e5:2f:c6:1c:ff:28:59:79:e2:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82dc3bf507d71e021b74cc563e71d9dd0b42b79e
Validity
Not Before: Nov 29 14:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a8935b5e822ba2d2e096c9d5ed5e7954f9c592e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c4:e8:99:f5:45:0a:13:c3:20:08:f8:b7:7a:
d0:2b:bb:5f:4c:31:e3:3a:ad:f1:40:d4:11:08:20:
0a:08:b1:98:f2:b0:03:6f:79:52:c7:8d:17:d7:3b:
b2:21:37:76:48:b2:1a:64:02:c2:ba:46:be:ac:26:
00:6f:da:51:a6:c2:e4:2f:5b:d5:24:a9:5a:ad:b6:
bc:67:55:8b:db:93:80:24:fe:93:cc:80:71:0c:02:
d1:55:84:43:df:b3:ae:4d:93:70:ae:01:70:97:fc:
99:cd:b5:66:e5:6d:14:77:dc:66:3e:ce:c8:3f:03:
68:77:87:6a:a3:3b:af:31:92:87:6c:2d:41:2f:b4:
25:67:40:6f:57:75:a0:fe:ec:57:a9:e9:50:26:05:
e3:7e:57:99:d9:96:d4:94:82:93:cc:52:ec:de:13:
b3:eb:76:ff:a7:1a:de:aa:cb:6e:94:56:da:49:ad:
a0:2b:4b:97:35:d1:05:f5:88:31:84:be:31:c8:fc:
15:d9:73:6c:0e:69:31:84:6e:dd:d3:93:11:aa:4d:
72:7b:86:77:aa:75:ad:d7:9b:b8:8f:6c:db:96:9b:
5d:2a:e9:23:9c:3c:bd:49:1d:67:6b:6d:fe:05:0c:
20:e9:a9:02:c7:57:02:70:61:40:2a:ff:cb:70:31:
f6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:89:35:B5:E8:22:BA:2D:2E:09:6C:9D:5E:D5:E7:95:4F:9C:59:2E
X509v3 Authority Key Identifier:
keyid:82:DC:3B:F5:07:D7:1E:02:1B:74:CC:56:3E:71:D9:DD:0B:42:B7:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gtw79QfXHgIbdMxWPnHZ3QtCt54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/385866-a4c5-4a0a-8238-79f94b50ab2f/1/iok1tegiui0uCWydXtXnlU-cWS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/385866-a4c5-4a0a-8238-79f94b50ab2f/1/gtw79QfXHgIbdMxWPnHZ3QtCt54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:688::/48
Signature Algorithm: sha256WithRSAEncryption
99:34:a8:2e:95:98:48:79:55:e0:f6:2c:e4:63:b5:81:dc:6a:
5b:e5:94:e9:0e:bf:8b:a0:55:85:42:af:c5:c7:c7:1d:bd:b2:
f1:37:0f:42:f6:32:72:0c:1c:92:36:1d:a1:55:8e:93:f7:c8:
59:e8:2b:7c:8d:de:ab:80:22:9e:68:26:f7:e4:b1:41:a3:e4:
eb:3c:d7:80:1c:03:15:18:66:87:a1:f3:37:0a:db:b5:0e:c2:
37:c5:a6:98:85:e1:3c:bf:1b:84:a3:c7:09:2f:66:7a:39:89:
b2:90:45:70:46:b7:41:5c:86:75:5b:71:1b:8a:fa:6b:43:c9:
2c:d9:92:62:d0:ed:5f:25:47:af:de:fe:21:2b:e8:c1:e9:36:
2c:99:d5:27:9b:44:a1:ea:54:cc:af:d5:c3:dd:38:93:20:f7:
a7:ad:fd:80:3c:86:f7:e4:9c:1c:00:1f:36:29:78:b1:7b:02:
30:d8:ef:f7:23:83:f1:e6:2c:55:b6:66:bc:e9:b7:6c:61:70:
72:e6:71:5c:84:8f:bf:75:92:9d:71:d5:0b:2f:47:4b:df:e6:
a1:e3:5f:cf:0a:7c:83:37:1b:08:35:44:44:3a:1b:82:86:1c:
5a:a7:d5:8a:29:21:bf:b4:89:cb:12:c2:b1:d7:e6:a4:51:50:
c4:a5:5f:05
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYwbgYJdaIblL8Yc/yhZeeJmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZGMzYmY1MDdkNzFlMDIxYjc0Y2M1NjNlNzFkOWRkMGI0
MmI3OWUwHhcNMjMxMTI5MTQzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTg5MzViNWU4MjJiYTJkMmUwOTZjOWQ1ZWQ1ZTc5NTRmOWM1OTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcTomfVFChPDIAj4t3rQK7tfTDHj
Oq3xQNQRCCAKCLGY8rADb3lSx40X1zuyITd2SLIaZALCuka+rCYAb9pRpsLkL1vV
JKlarba8Z1WL25OAJP6TzIBxDALRVYRD37OuTZNwrgFwl/yZzbVm5W0Ud9xmPs7I
PwNod4dqozuvMZKHbC1BL7QlZ0BvV3Wg/uxXqelQJgXjfleZ2ZbUlIKTzFLs3hOz
63b/pxreqstulFbaSa2gK0uXNdEF9YgxhL4xyPwV2XNsDmkxhG7d05MRqk1ye4Z3
qnWt15u4j2zblptdKukjnDy9SR1na23+BQwg6akCx1cCcGFAKv/LcDH2gQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIqJNbXoIrotLglsnV7V55VPnFkuMB8GA1UdIwQY
MBaAFILcO/UH1x4CG3TMVj5x2d0LQreeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3R3NzlRZlhIZ0liZE14V1BuSFozUXRDdDU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zODU4NjYtYTRjNS00YTBhLTgyMzgt
NzlmOTRiNTBhYjJmLzEvaW9rMXRlZ2l1aTB1Q1d5ZFh0WG5sVS1jV1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zODU4NjYtYTRjNS00YTBhLTgyMzgtNzlmOTRiNTBhYjJm
LzEvZ3R3NzlRZlhIZ0liZE14V1BuSFozUXRDdDU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAaI
MA0GCSqGSIb3DQEBCwUAA4IBAQCZNKgulZhIeVXg9izkY7WB3Gpb5ZTpDr+LoFWF
Qq/Fx8cdvbLxNw9C9jJyDBySNh2hVY6T98hZ6Ct8jd6rgCKeaCb35LFBo+TrPNeA
HAMVGGaHofM3Ctu1DsI3xaaYheE8vxuEo8cJL2Z6OYmykEVwRrdBXIZ1W3Ebivpr
Q8ks2ZJi0O1fJUev3v4hK+jB6TYsmdUnm0Sh6lTMr9XD3TiTIPenrf2APIb35Jwc
AB82KXixewIw2O/3I4Px5ixVtma86bdsYXBy5nFchI+/dZKdcdULL0dL3+ah41/P
CnyDNxsINUREOhuChhxap9WKKSG/tInLEsKx1+akUVDEpV8F
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:02 2024 by rpki-client on console-ams.rpki-client.org