Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/259ad9-3678-4318-8a09-faaf94fcc834/1/2-kI0NuJcegV9GwSrEAI9p-S-4Q.roa
File: 2-kI0NuJcegV9GwSrEAI9p-S-4Q.roa (raw, json)
Hash identifier: o87/EpeRyNYr7Q5Uqk/yvHFHMa4EWPfm9yNEg69LJyU=
Subject key identifier: DB:E9:08:D0:DB:89:71:E8:15:F4:6C:12:AC:40:08:F6:9F:92:FB:84
Certificate issuer: /CN=a1be907379f06beb4cb3512cc4aaee048134a3c6
Certificate serial: 01857343BE101AD0D7E1491E3BE03656FC1F
Authority key identifier: A1:BE:90:73:79:F0:6B:EB:4C:B3:51:2C:C4:AA:EE:04:81:34:A3:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ob6Qc3nwa-tMs1EsxKruBIE0o8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/259ad9-3678-4318-8a09-faaf94fcc834/1/2-kI0NuJcegV9GwSrEAI9p-S-4Q.roa
Signing time: Mon 02 Jan 2023 16:14:57 +0000
ROA not before: Mon 02 Jan 2023 16:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49835
IP address blocks: 2a0f:54c0::/30 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:be:10:1a:d0:d7:e1:49:1e:3b:e0:36:56:fc:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1be907379f06beb4cb3512cc4aaee048134a3c6
Validity
Not Before: Jan 2 16:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbe908d0db8971e815f46c12ac4008f69f92fb84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8b:f7:fd:c9:17:a3:9d:ce:a0:f7:10:48:6c:
d6:43:53:42:db:61:c7:7b:0f:ec:eb:b8:87:62:f5:
e3:d8:5a:9c:5e:24:77:dc:2d:00:5d:ad:5e:71:9f:
47:3d:92:0a:c6:98:0a:1f:9d:9f:50:7d:61:9f:7c:
20:93:24:5c:1a:7e:8d:0a:dd:61:41:3f:0c:57:48:
d4:5a:6e:ba:f5:5b:2e:5a:02:6a:d5:81:a3:ca:93:
47:94:82:0b:f8:33:bc:df:35:75:8a:10:11:60:48:
19:c5:05:a6:8c:fa:a1:e0:24:5e:1f:bc:2a:f2:09:
3a:2a:e7:20:27:fe:b2:40:c4:1b:8e:4b:e8:02:34:
83:8c:06:bc:bc:10:16:6b:68:2d:05:9b:98:58:4c:
8f:39:16:c1:e8:77:54:42:f0:f5:e9:3a:9b:dc:7b:
37:b8:a0:91:5d:8d:02:dd:b3:ba:62:0e:1a:2c:ac:
54:40:98:5e:1e:04:96:d2:ae:7c:49:12:f8:5d:c4:
63:33:61:bb:2a:60:c1:89:b9:e1:62:15:e3:2d:79:
30:21:5a:fb:15:fa:50:16:ce:45:79:f7:f3:c6:96:
81:6b:c7:ff:0b:b6:d7:e9:5f:4b:ab:9f:8a:07:d0:
cd:39:d0:55:c4:fc:ef:8f:86:08:84:56:e8:1b:66:
92:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E9:08:D0:DB:89:71:E8:15:F4:6C:12:AC:40:08:F6:9F:92:FB:84
X509v3 Authority Key Identifier:
keyid:A1:BE:90:73:79:F0:6B:EB:4C:B3:51:2C:C4:AA:EE:04:81:34:A3:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ob6Qc3nwa-tMs1EsxKruBIE0o8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/259ad9-3678-4318-8a09-faaf94fcc834/1/2-kI0NuJcegV9GwSrEAI9p-S-4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/259ad9-3678-4318-8a09-faaf94fcc834/1/ob6Qc3nwa-tMs1EsxKruBIE0o8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:54c0::/30
Signature Algorithm: sha256WithRSAEncryption
12:c6:14:6d:ab:fb:82:c8:d7:f9:c1:7c:e2:14:5b:80:83:b7:
0a:1b:70:13:28:83:bc:3f:7f:09:e4:c7:76:4d:db:58:05:e2:
05:c6:14:19:12:65:0c:61:f5:c2:ba:d4:8d:63:77:11:8c:8b:
57:7a:a2:51:5f:cb:45:33:ea:f5:b4:40:01:6f:e8:6d:7c:f9:
ba:8a:a5:fe:be:7c:e4:da:48:a6:cc:e0:8e:1c:01:e5:2b:50:
32:6c:55:ef:06:43:57:3c:01:c6:ce:70:7a:99:36:72:ea:1f:
c8:87:9e:f9:92:59:8b:03:8b:c0:f4:7d:42:12:d7:04:7f:07:
28:48:3e:8e:fd:f8:cb:d8:e1:0a:3c:5a:c1:a3:ab:09:b0:f1:
d2:1c:3d:d1:28:4d:ec:e5:61:c6:7a:71:2d:f1:6a:59:e6:89:
3b:65:d6:72:04:e7:f3:69:90:71:56:f5:47:e1:c1:4f:a0:29:
15:31:06:c4:e2:30:15:82:2d:18:a0:2e:17:8d:0d:53:c6:bd:
81:9a:2d:97:f8:7b:51:8d:1d:d0:be:8a:31:76:38:36:11:4a:
1c:8d:c1:d9:b8:1d:1c:9a:f4:1b:0f:79:90:b6:f6:55:0f:70:
ee:8b:5f:91:fa:e1:d7:02:bc:c6:6c:8c:37:0c:18:ae:ba:8d:
eb:50:48:b8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVzQ74QGtDX4UkeO+A2VvwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYmU5MDczNzlmMDZiZWI0Y2IzNTEyY2M0YWFlZTA0ODEz
NGEzYzYwHhcNMjMwMTAyMTYxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmU5MDhkMGRiODk3MWU4MTVmNDZjMTJhYzQwMDhmNjlmOTJmYjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4v3/ckXo53OoPcQSGzWQ1NC22HH
ew/s67iHYvXj2FqcXiR33C0AXa1ecZ9HPZIKxpgKH52fUH1hn3wgkyRcGn6NCt1h
QT8MV0jUWm669VsuWgJq1YGjypNHlIIL+DO83zV1ihARYEgZxQWmjPqh4CReH7wq
8gk6KucgJ/6yQMQbjkvoAjSDjAa8vBAWa2gtBZuYWEyPORbB6HdUQvD16Tqb3Hs3
uKCRXY0C3bO6Yg4aLKxUQJheHgSW0q58SRL4XcRjM2G7KmDBibnhYhXjLXkwIVr7
FfpQFs5FeffzxpaBa8f/C7bX6V9Lq5+KB9DNOdBVxPzvj4YIhFboG2aSgQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNvpCNDbiXHoFfRsEqxACPafkvuEMB8GA1UdIwQY
MBaAFKG+kHN58GvrTLNRLMSq7gSBNKPGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2I2UWMzbndhLXRNczFFc3hLcnVCSUUwbzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8yNTlhZDktMzY3OC00MzE4LThhMDkt
ZmFhZjk0ZmNjODM0LzEvMi1rSTBOdUpjZWdWOUd3U3JFQUk5cC1TLTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8yNTlhZDktMzY3OC00MzE4LThhMDktZmFhZjk0ZmNjODM0
LzEvb2I2UWMzbndhLXRNczFFc3hLcnVCSUUwbzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKg9UwDAN
BgkqhkiG9w0BAQsFAAOCAQEAEsYUbav7gsjX+cF84hRbgIO3ChtwEyiDvD9/CeTH
dk3bWAXiBcYUGRJlDGH1wrrUjWN3EYyLV3qiUV/LRTPq9bRAAW/obXz5uoql/r58
5NpIpszgjhwB5StQMmxV7wZDVzwBxs5wepk2cuofyIee+ZJZiwOLwPR9QhLXBH8H
KEg+jv34y9jhCjxawaOrCbDx0hw90ShN7OVhxnpxLfFqWeaJO2XWcgTn82mQcVb1
R+HBT6ApFTEGxOIwFYItGKAuF40NU8a9gZotl/h7UY0d0L6KMXY4NhFKHI3B2bgd
HJr0Gw95kLb2VQ9w7otfkfrh1wK8xmyMNwwYrrqN61BIuA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:02 2025 by rpki-client