Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/h8DWih6oPrC1bOu2oOXvAPbtuck.roa
File: h8DWih6oPrC1bOu2oOXvAPbtuck.roa (raw, json)
Hash identifier: dIUzGddBOgsAFzz9TYJLsy6J3CEfCdcXwKryuE5aLus=
Subject key identifier: 87:C0:D6:8A:1E:A8:3E:B0:B5:6C:EB:B6:A0:E5:EF:00:F6:ED:B9:C9
Certificate issuer: /CN=43b0105bccb9e6093120767354a8b8493cbe4cd6
Certificate serial: 018C677B1C853B943C4DA6D1556149992190
Authority key identifier: 43:B0:10:5B:CC:B9:E6:09:31:20:76:73:54:A8:B8:49:3C:BE:4C:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q7AQW8y55gkxIHZzVKi4STy-TNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/h8DWih6oPrC1bOu2oOXvAPbtuck.roa
Signing time: Thu 14 Dec 2023 08:39:30 +0000
ROA not before: Thu 14 Dec 2023 08:39:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34688
IP address blocks: 2a01:5e00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:7b:1c:85:3b:94:3c:4d:a6:d1:55:61:49:99:21:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43b0105bccb9e6093120767354a8b8493cbe4cd6
Validity
Not Before: Dec 14 08:39:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87c0d68a1ea83eb0b56cebb6a0e5ef00f6edb9c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4e:69:42:b8:f1:19:87:18:fa:8e:8c:0a:a1:
b9:3a:f0:a1:ca:0d:0c:8f:eb:99:e8:b7:a6:4a:16:
cd:d7:4f:a2:94:5f:98:70:5e:d5:d6:00:28:80:84:
47:a8:71:21:5e:b5:82:ff:e6:49:77:8d:39:4d:a9:
1a:9e:ad:47:99:18:c5:26:b4:d0:36:7a:bd:d8:e9:
bc:3c:dc:e2:f4:1d:a2:ac:07:be:e0:41:76:59:75:
a1:f9:d7:5e:ba:87:17:12:4c:0e:32:1d:91:5e:f9:
90:0f:60:20:3e:97:7f:45:8f:52:0b:ba:4e:33:ea:
4f:05:cf:ac:1b:f9:23:c4:10:77:70:b0:b2:c0:36:
5f:8c:1f:33:7d:20:e0:70:19:d2:65:e2:fc:ea:aa:
be:06:d5:08:ec:a8:eb:9e:ee:22:56:72:21:28:78:
9c:ec:6f:29:05:ec:fe:5d:8d:44:b9:8a:b6:8e:ff:
f2:00:30:7b:e2:d9:12:e6:9a:13:dc:3e:ff:aa:9d:
ac:56:0d:f4:0f:8d:3b:2b:cc:e1:71:a3:41:40:58:
4f:30:28:a2:17:1f:a3:48:bb:8a:4f:0e:27:c3:0a:
9d:72:62:d9:71:a4:39:1c:8e:b7:4e:67:e2:15:37:
5b:2b:5b:5d:8b:c9:82:18:e1:76:77:2b:f0:59:dc:
43:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C0:D6:8A:1E:A8:3E:B0:B5:6C:EB:B6:A0:E5:EF:00:F6:ED:B9:C9
X509v3 Authority Key Identifier:
keyid:43:B0:10:5B:CC:B9:E6:09:31:20:76:73:54:A8:B8:49:3C:BE:4C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q7AQW8y55gkxIHZzVKi4STy-TNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/h8DWih6oPrC1bOu2oOXvAPbtuck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/Q7AQW8y55gkxIHZzVKi4STy-TNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:5e00::/32
Signature Algorithm: sha256WithRSAEncryption
6e:c9:8c:a8:81:06:b0:94:29:38:cb:41:a0:81:1a:62:86:b7:
f5:bd:25:66:0c:00:0e:ec:35:30:2f:1a:15:43:4f:aa:9f:9f:
90:e6:8a:18:4b:93:87:40:1b:db:cc:50:f9:2b:c1:8e:c2:00:
bd:13:80:a4:a6:38:a5:d9:53:fe:a5:18:b6:97:67:12:ac:b4:
20:ce:da:3b:2f:ca:79:15:2f:a6:b5:d2:a0:f8:c1:87:7c:b6:
14:d7:dc:87:4a:af:6f:30:ae:a4:f8:de:3a:7e:89:2e:c4:5c:
53:53:0a:b3:25:f1:83:0b:2b:34:d6:de:59:c0:00:03:34:1a:
d1:00:d0:ca:e0:a6:ac:f2:60:a8:3c:d2:62:91:41:93:0d:84:
67:6e:b5:f8:6c:73:41:94:38:37:26:b8:ed:9c:0f:a0:08:9f:
b6:97:95:52:85:cd:ce:71:9e:58:e5:5e:0a:ce:c4:e6:f8:05:
c6:f6:32:e1:37:d9:ab:3d:01:99:16:59:11:33:06:04:be:8d:
c5:2b:81:6e:bc:38:32:8a:86:ec:82:96:64:b7:bf:42:da:61:
da:da:d1:c7:89:9a:59:25:a1:27:03:1c:2b:4b:8d:6e:68:67:
ea:ca:4c:04:24:65:1f:b3:b7:f0:6f:6f:bb:98:8f:ac:5a:21:
ea:87:aa:a7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYxnexyFO5Q8TabRVWFJmSGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYjAxMDViY2NiOWU2MDkzMTIwNzY3MzU0YThiODQ5M2Ni
ZTRjZDYwHhcNMjMxMjE0MDgzOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2MwZDY4YTFlYTgzZWIwYjU2Y2ViYjZhMGU1ZWYwMGY2ZWRiOWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk5pQrjxGYcY+o6MCqG5OvChyg0M
j+uZ6LemShbN10+ilF+YcF7V1gAogIRHqHEhXrWC/+ZJd405Takanq1HmRjFJrTQ
Nnq92Om8PNzi9B2irAe+4EF2WXWh+ddeuocXEkwOMh2RXvmQD2AgPpd/RY9SC7pO
M+pPBc+sG/kjxBB3cLCywDZfjB8zfSDgcBnSZeL86qq+BtUI7Kjrnu4iVnIhKHic
7G8pBez+XY1EuYq2jv/yADB74tkS5poT3D7/qp2sVg30D407K8zhcaNBQFhPMCii
Fx+jSLuKTw4nwwqdcmLZcaQ5HI63TmfiFTdbK1tdi8mCGOF2dyvwWdxD8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIfA1ooeqD6wtWzrtqDl7wD27bnJMB8GA1UdIwQY
MBaAFEOwEFvMueYJMSB2c1SouEk8vkzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTdBUVc4eTU1Z2t4SUhaelZLaTRTVHktVE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mNzVjNjUtODg1ZS00MTdkLTgwNzYt
YmY3ZDhmY2E0NmUxLzEvaDhEV2loNm9QckMxYk91Mm9PWHZBUGJ0dWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mNzVjNjUtODg1ZS00MTdkLTgwNzYtYmY3ZDhmY2E0NmUx
LzEvUTdBUVc4eTU1Z2t4SUhaelZLaTRTVHktVE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgFeADAN
BgkqhkiG9w0BAQsFAAOCAQEAbsmMqIEGsJQpOMtBoIEaYoa39b0lZgwADuw1MC8a
FUNPqp+fkOaKGEuTh0Ab28xQ+SvBjsIAvROApKY4pdlT/qUYtpdnEqy0IM7aOy/K
eRUvprXSoPjBh3y2FNfch0qvbzCupPjeOn6JLsRcU1MKsyXxgwsrNNbeWcAAAzQa
0QDQyuCmrPJgqDzSYpFBkw2EZ261+GxzQZQ4Nya47ZwPoAiftpeVUoXNznGeWOVe
Cs7E5vgFxvYy4TfZqz0BmRZZETMGBL6NxSuBbrw4MoqG7IKWZLe/Qtph2trRx4ma
WSWhJwMcK0uNbmhn6spMBCRlH7O38G9vu5iPrFoh6oeqpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:17 2024 by rpki-client on console-fra.rpki-client.org