Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/RufuW3_xCNrkXrItzwSh1-gqEtU.roa
File: RufuW3_xCNrkXrItzwSh1-gqEtU.roa (raw, json)
Hash identifier: rS3Btv0ZqtLDbIiRa7t0h8uqqwVYVSfQARh6vcBuITQ=
Subject key identifier: 46:E7:EE:5B:7F:F1:08:DA:E4:5E:B2:2D:CF:04:A1:D7:E8:2A:12:D5
Certificate issuer: /CN=cf10ad912ef942aacb4d10add39903c6e9fbb03a
Certificate serial: 018CC86F77BD8C0C7B72B7C38ADB99BA8A30
Authority key identifier: CF:10:AD:91:2E:F9:42:AA:CB:4D:10:AD:D3:99:03:C6:E9:FB:B0:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zxCtkS75QqrLTRCt05kDxun7sDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/RufuW3_xCNrkXrItzwSh1-gqEtU.roa
Signing time: Tue 02 Jan 2024 04:29:57 +0000
ROA not before: Tue 02 Jan 2024 04:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211557
IP address blocks: 2a12:1dc7:ffff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:77:bd:8c:0c:7b:72:b7:c3:8a:db:99:ba:8a:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf10ad912ef942aacb4d10add39903c6e9fbb03a
Validity
Not Before: Jan 2 04:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46e7ee5b7ff108dae45eb22dcf04a1d7e82a12d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b3:67:f5:30:e6:fb:da:4b:d5:45:79:70:db:
65:98:f9:a0:96:0e:22:f2:76:aa:8e:66:c7:a3:60:
bc:c4:e5:51:59:78:eb:17:8d:ff:ed:53:9e:2c:d4:
90:f5:1f:f3:28:8a:03:51:5f:6a:0c:fb:4f:16:ce:
d6:b6:c5:35:67:9b:86:1f:23:e7:75:01:4a:06:e8:
36:a5:f8:f7:27:13:82:40:ca:0d:fc:16:b0:58:ff:
e9:67:01:45:e8:78:29:12:dd:ae:14:b2:16:a1:16:
d1:e8:ea:b1:6b:d5:ad:04:c2:66:7e:47:dc:1f:5b:
94:bf:7b:6a:ed:c6:e3:34:8a:2e:c3:ed:ea:33:d4:
4e:c3:1e:13:46:6c:19:0c:ad:d6:c3:99:92:18:b6:
c5:33:1f:8c:d0:4a:85:7b:c9:74:26:4a:9c:58:9f:
4f:12:4b:87:92:1e:89:a3:11:be:91:1d:21:15:36:
45:4d:f0:dc:14:49:7e:e1:ba:a5:dc:db:54:49:cc:
c5:bd:a8:ec:14:b1:3e:6e:08:ef:f8:c2:b5:ee:86:
f9:bd:03:62:6a:73:5a:92:81:40:6c:6d:a5:52:63:
15:29:b1:4a:67:e3:a6:47:97:d8:53:48:65:69:41:
66:40:f6:1d:00:c0:e2:5b:17:f3:f0:16:d5:dd:74:
95:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E7:EE:5B:7F:F1:08:DA:E4:5E:B2:2D:CF:04:A1:D7:E8:2A:12:D5
X509v3 Authority Key Identifier:
keyid:CF:10:AD:91:2E:F9:42:AA:CB:4D:10:AD:D3:99:03:C6:E9:FB:B0:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zxCtkS75QqrLTRCt05kDxun7sDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/RufuW3_xCNrkXrItzwSh1-gqEtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/zxCtkS75QqrLTRCt05kDxun7sDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:1dc7:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
80:c7:5d:e8:17:69:92:0a:2d:82:1d:38:bf:55:32:33:05:4b:
a8:95:2a:06:4c:1f:12:e5:19:0d:64:69:ef:7d:d4:d4:b7:90:
9e:d7:18:b0:25:3f:91:be:43:a7:68:86:51:c9:fc:bf:ea:93:
c1:2d:9f:41:49:b8:e6:cb:41:9c:2d:db:6d:a6:fa:70:d8:f1:
8b:f4:88:96:56:76:ca:60:9d:a0:4c:10:ed:e6:ce:fc:9c:f9:
8a:c9:9e:c2:30:3f:b1:c5:c8:30:4b:5d:f9:6f:91:06:c3:dc:
c9:6f:36:6e:76:8d:06:86:6a:9e:3d:0d:48:fb:38:30:80:d1:
f8:d3:b7:d0:4e:af:97:fb:9e:48:4e:fa:5f:ff:a9:ee:c4:49:
b1:82:29:fe:2e:38:f9:f7:75:07:97:39:e3:b9:4a:86:39:57:
9a:0c:90:de:30:13:fc:de:2d:13:b9:f6:62:da:67:fa:3e:70:
a6:c2:bf:9d:f3:29:ae:cb:3a:cc:03:85:c1:0b:79:8c:3e:80:
c4:e6:5b:36:d2:de:88:2c:99:48:7a:df:45:9c:73:54:b3:91:
a7:ac:4b:c9:41:a3:95:03:08:d5:36:77:88:38:79:6d:00:29:
3b:dc:89:17:d3:9b:90:51:49:8e:5a:2a:2a:6b:80:ca:9b:b1:
01:53:c1:b7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIb3e9jAx7crfDituZuoowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMTBhZDkxMmVmOTQyYWFjYjRkMTBhZGQzOTkwM2M2ZTlm
YmIwM2EwHhcNMjQwMTAyMDQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmU3ZWU1YjdmZjEwOGRhZTQ1ZWIyMmRjZjA0YTFkN2U4MmExMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLNn9TDm+9pL1UV5cNtlmPmglg4i
8naqjmbHo2C8xOVRWXjrF43/7VOeLNSQ9R/zKIoDUV9qDPtPFs7WtsU1Z5uGHyPn
dQFKBug2pfj3JxOCQMoN/BawWP/pZwFF6HgpEt2uFLIWoRbR6Oqxa9WtBMJmfkfc
H1uUv3tq7cbjNIouw+3qM9ROwx4TRmwZDK3Ww5mSGLbFMx+M0EqFe8l0JkqcWJ9P
EkuHkh6JoxG+kR0hFTZFTfDcFEl+4bql3NtUSczFvajsFLE+bgjv+MK17ob5vQNi
anNakoFAbG2lUmMVKbFKZ+OmR5fYU0hlaUFmQPYdAMDiWxfz8BbV3XSVGQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEbn7lt/8Qja5F6yLc8EodfoKhLVMB8GA1UdIwQY
MBaAFM8QrZEu+UKqy00QrdOZA8bp+7A6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenhDdGtTNzVRcXJMVFJDdDA1a0R4dW43c0RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xNjFiNTItMjRmMi00NTM1LTgzODIt
ZTdmZTljNDc2NjBmLzEvUnVmdVczX3hDTnJrWHJJdHp3U2gxLWdxRXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xNjFiNTItMjRmMi00NTM1LTgzODItZTdmZTljNDc2NjBm
LzEvenhDdGtTNzVRcXJMVFJDdDA1a0R4dW43c0RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhIdx///
MA0GCSqGSIb3DQEBCwUAA4IBAQCAx13oF2mSCi2CHTi/VTIzBUuolSoGTB8S5RkN
ZGnvfdTUt5Ce1xiwJT+RvkOnaIZRyfy/6pPBLZ9BSbjmy0GcLdttpvpw2PGL9IiW
VnbKYJ2gTBDt5s78nPmKyZ7CMD+xxcgwS135b5EGw9zJbzZudo0GhmqePQ1I+zgw
gNH407fQTq+X+55ITvpf/6nuxEmxgin+Ljj593UHlznjuUqGOVeaDJDeMBP83i0T
ufZi2mf6PnCmwr+d8ymuyzrMA4XBC3mMPoDE5ls20t6ILJlIet9FnHNUs5GnrEvJ
QaOVAwjVNneIOHltACk73IkX05uQUUmOWioqa4DKm7EBU8G3
-----END CERTIFICATE-----
Generated at Tue Nov 19 11:06:25 2024 by rpki-client on console-fra.rpki-client.org