Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/_rbTOK7aREn_r-j1kDCdGlEKnj8.roa
File: _rbTOK7aREn_r-j1kDCdGlEKnj8.roa (raw, json)
Hash identifier: CpE5WTXBslnXWxo63KSXqGappW7nt8OZv/Oiqgoq530=
Subject key identifier: FE:B6:D3:38:AE:DA:44:49:FF:AF:E8:F5:90:30:9D:1A:51:0A:9E:3F
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 01856E2FD57966CCA403032522C9E98051E0
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/_rbTOK7aREn_r-j1kDCdGlEKnj8.roa
Signing time: Sun 01 Jan 2023 16:35:06 +0000
ROA not before: Sun 01 Jan 2023 16:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209485
IP address blocks: 2a01:b960:2309::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:d5:79:66:cc:a4:03:03:25:22:c9:e9:80:51:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 16:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=feb6d338aeda4449ffafe8f590309d1a510a9e3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:5f:3e:1b:23:23:5b:cc:19:6d:02:25:77:90:
0b:e0:95:ee:ec:43:73:82:c9:40:72:b0:fe:94:63:
d6:97:0d:3c:95:a8:7e:e0:e9:dc:2b:cc:be:22:91:
55:e5:8a:fa:04:e7:b9:ca:36:22:b2:e6:a5:35:0f:
be:eb:95:33:49:80:fd:a3:76:82:e6:b9:04:26:25:
06:d4:57:c4:48:8a:1b:1e:5e:73:8e:12:7f:48:7c:
14:de:38:14:0f:a3:59:c3:6b:f8:58:e0:f1:7f:47:
e4:67:57:2f:bb:75:25:3e:9e:c4:96:71:ae:70:47:
56:16:a4:cc:97:ba:59:df:59:df:b0:00:b6:ac:70:
a5:f2:7c:14:bf:81:2e:0f:74:f2:b0:e9:db:13:98:
35:61:7f:67:92:2a:99:03:8a:bb:0f:b6:79:9d:7c:
82:65:7a:a1:56:6b:87:ea:fa:c9:a2:0c:17:43:31:
88:37:72:4b:97:c9:56:e1:5d:0b:f1:c0:ce:5d:67:
38:ea:20:ba:ae:9b:5b:d7:24:63:f7:26:ce:c8:58:
12:a4:68:a0:6e:07:68:85:fe:ab:01:35:26:34:32:
c7:40:e2:b4:ee:8a:f4:34:b5:1f:66:bf:80:81:a4:
1b:80:64:95:a2:2c:e4:ec:2b:68:35:48:c7:d3:d1:
2f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B6:D3:38:AE:DA:44:49:FF:AF:E8:F5:90:30:9D:1A:51:0A:9E:3F
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/_rbTOK7aREn_r-j1kDCdGlEKnj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960:2309::/48
Signature Algorithm: sha256WithRSAEncryption
47:21:65:64:dd:29:14:7b:99:d4:e5:a5:3a:9c:dd:2f:00:f9:
f7:4f:20:7e:12:39:b8:09:49:2d:13:e9:a9:72:47:96:87:a7:
23:47:0c:1b:4c:23:79:aa:e8:3c:40:e5:c9:80:4c:72:bf:12:
21:a8:0d:e5:63:85:9e:b2:1a:65:a5:9e:e4:e3:93:22:4d:1c:
ac:63:cc:bd:f1:f4:88:24:3a:3a:b2:c1:b1:d5:d3:15:12:2b:
33:9c:09:22:9e:11:a0:8e:65:da:87:34:11:da:2a:a1:20:ac:
c6:cd:77:c1:9f:a1:e8:0c:00:dc:a7:3a:ff:c5:86:18:c5:d3:
e3:bc:6d:f8:b0:33:4a:92:14:84:77:b9:c3:7f:69:0c:79:4e:
03:29:cd:a9:0b:6a:03:c4:0e:ab:ee:82:f6:e0:73:e9:b3:0e:
40:da:03:6c:98:22:12:ed:5a:16:b6:67:1c:fb:23:f0:b0:12:
5f:31:8a:cf:ad:a1:f1:1f:25:d9:37:4e:07:f1:a7:f9:ab:88:
ee:c1:f3:f4:89:da:b4:4f:7d:ce:a4:ae:80:bf:6c:5d:62:da:
2e:bb:d0:2d:62:22:ec:d3:b1:51:aa:6c:85:55:f0:d1:81:a2:
cb:5c:5c:7b:59:3f:b3:3f:1e:d6:b4:bc:88:ed:31:ca:17:e4:
27:8c:d2:23
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuL9V5ZsykAwMlIsnpgFHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl
MzU5YTIwHhcNMjMwMTAxMTYzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWI2ZDMzOGFlZGE0NDQ5ZmZhZmU4ZjU5MDMwOWQxYTUxMGE5ZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhl8+GyMjW8wZbQIld5AL4JXu7ENz
gslAcrD+lGPWlw08lah+4OncK8y+IpFV5Yr6BOe5yjYisualNQ++65UzSYD9o3aC
5rkEJiUG1FfESIobHl5zjhJ/SHwU3jgUD6NZw2v4WODxf0fkZ1cvu3UlPp7ElnGu
cEdWFqTMl7pZ31nfsAC2rHCl8nwUv4EuD3TysOnbE5g1YX9nkiqZA4q7D7Z5nXyC
ZXqhVmuH6vrJogwXQzGIN3JLl8lW4V0L8cDOXWc46iC6rptb1yRj9ybOyFgSpGig
bgdohf6rATUmNDLHQOK07or0NLUfZr+AgaQbgGSVoizk7CtoNUjH09EvEwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP620ziu2kRJ/6/o9ZAwnRpRCp4/MB8GA1UdIwQY
MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt
ZThlOGQyZmU3MGZlLzEvX3JiVE9LN2FSRW5fci1qMWtEQ2RHbEVLbmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQtZThlOGQyZmU3MGZl
LzEvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgG5YCMJ
MA0GCSqGSIb3DQEBCwUAA4IBAQBHIWVk3SkUe5nU5aU6nN0vAPn3TyB+Ejm4CUkt
E+mpckeWh6cjRwwbTCN5qug8QOXJgExyvxIhqA3lY4WeshplpZ7k45MiTRysY8y9
8fSIJDo6ssGx1dMVEisznAkinhGgjmXahzQR2iqhIKzGzXfBn6HoDADcpzr/xYYY
xdPjvG34sDNKkhSEd7nDf2kMeU4DKc2pC2oDxA6r7oL24HPpsw5A2gNsmCIS7VoW
tmcc+yPwsBJfMYrPraHxHyXZN04H8af5q4juwfP0idq0T33OpK6Av2xdYtouu9At
YiLs07FRqmyFVfDRgaLLXFx7WT+zPx7WtLyI7THKF+QnjNIj
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:25 2025 by rpki-client