Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/ibmUhirYWmTNDxuousec5SUL5xw.roa
File: ibmUhirYWmTNDxuousec5SUL5xw.roa (raw, json)
Hash identifier: N0C+KGV1b1EiSj5YejU366BPPmbN5j+yd+N7bXxHQ60=
Subject key identifier: 89:B9:94:86:2A:D8:5A:64:CD:0F:1B:A8:BA:C7:9C:E5:25:0B:E7:1C
Certificate issuer: /CN=43b0105bccb9e6093120767354a8b8493cbe4cd6
Certificate serial: 018C677B1C529780846638CC243E6ED15145
Authority key identifier: 43:B0:10:5B:CC:B9:E6:09:31:20:76:73:54:A8:B8:49:3C:BE:4C:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q7AQW8y55gkxIHZzVKi4STy-TNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/ibmUhirYWmTNDxuousec5SUL5xw.roa
Signing time: Thu 14 Dec 2023 08:39:30 +0000
ROA not before: Thu 14 Dec 2023 08:39:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15969
IP address blocks: 2a01:5e00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:7b:1c:52:97:80:84:66:38:cc:24:3e:6e:d1:51:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43b0105bccb9e6093120767354a8b8493cbe4cd6
Validity
Not Before: Dec 14 08:39:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89b994862ad85a64cd0f1ba8bac79ce5250be71c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9c:10:cc:3a:1f:7c:35:e2:b3:22:0c:b0:46:
2c:50:1e:c9:2f:77:9b:76:06:e5:19:5c:86:30:b0:
b2:97:e0:c8:b3:fc:72:bc:c3:f8:05:97:d8:6f:6c:
6f:b1:a1:bb:59:b6:da:2e:86:a6:7c:34:4a:ca:d5:
4c:11:14:2f:cc:ed:ef:34:39:fe:55:dd:5d:43:3a:
6b:94:85:f6:7c:1c:4c:32:ad:86:0b:bc:c8:85:9f:
3f:49:5b:ec:24:0a:2a:20:9c:09:b6:8d:e1:c2:1a:
54:38:e8:ef:74:5e:c6:db:2c:09:93:29:4a:eb:0b:
ab:fd:1a:47:ce:ab:d5:56:47:75:29:63:d8:e2:c6:
bb:2c:7d:3d:41:bd:36:78:81:78:e0:1d:63:3c:eb:
7f:6d:27:c8:8e:e1:53:a2:59:28:e3:34:0e:d8:a4:
8c:e9:a0:7c:53:3f:48:f3:f9:50:fe:b6:fc:dc:87:
b5:61:f9:77:41:bc:be:6d:d6:d6:fd:96:e5:d0:39:
17:b9:c7:d4:8c:ca:c1:e8:56:59:ea:df:a1:84:bf:
60:eb:4e:b8:57:fc:88:9a:75:97:12:96:da:39:e1:
1a:81:50:d7:b2:9a:2c:30:40:80:82:8b:5b:cd:e5:
05:48:fd:0a:e6:88:9b:ea:5a:35:57:5f:e2:08:7d:
ff:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B9:94:86:2A:D8:5A:64:CD:0F:1B:A8:BA:C7:9C:E5:25:0B:E7:1C
X509v3 Authority Key Identifier:
keyid:43:B0:10:5B:CC:B9:E6:09:31:20:76:73:54:A8:B8:49:3C:BE:4C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q7AQW8y55gkxIHZzVKi4STy-TNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/ibmUhirYWmTNDxuousec5SUL5xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/Q7AQW8y55gkxIHZzVKi4STy-TNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:5e00::/29
Signature Algorithm: sha256WithRSAEncryption
07:a2:4f:17:b5:76:94:d0:c0:05:f9:62:b3:f2:c3:e8:13:4f:
04:df:27:2c:ec:37:bb:80:5a:d8:f0:45:44:97:4b:5a:9c:a6:
5e:f6:b6:fe:f0:25:4d:81:fa:1f:89:10:61:66:3f:f2:d6:92:
f7:71:0a:a1:f7:08:c3:21:64:bd:8f:d5:b6:d7:0d:0b:8e:6a:
81:a7:1f:88:20:5c:97:ba:3b:f7:b3:eb:ec:08:5a:cc:98:40:
8e:ac:74:26:5f:03:7a:34:f2:e6:56:b1:82:35:03:e1:7e:0f:
53:da:eb:2b:4d:00:3f:9d:12:56:6f:1b:7f:02:4e:f9:1e:d4:
0b:8e:8c:1f:05:01:ce:44:90:1f:3a:7b:91:a2:bb:64:e7:99:
85:5f:dc:53:d1:c9:79:07:8f:f8:8c:76:39:0b:52:eb:17:70:
43:05:6d:54:42:80:2a:57:07:1c:3b:62:f5:f8:a5:e7:16:a6:
1d:90:3a:2f:e7:82:78:51:5e:94:d0:1f:d5:d4:c9:c7:f7:60:
3c:5d:0a:d6:cd:1f:66:98:90:01:08:08:6f:4e:44:e5:e4:a5:
81:a2:61:97:a7:2f:e4:71:7c:06:8e:14:d6:09:78:a5:d1:09:
ee:56:90:43:4a:2e:ed:62:07:a6:11:85:b9:76:fe:cc:76:ba:
86:99:10:b8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYxnexxSl4CEZjjMJD5u0VFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYjAxMDViY2NiOWU2MDkzMTIwNzY3MzU0YThiODQ5M2Ni
ZTRjZDYwHhcNMjMxMjE0MDgzOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWI5OTQ4NjJhZDg1YTY0Y2QwZjFiYThiYWM3OWNlNTI1MGJlNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5wQzDoffDXisyIMsEYsUB7JL3eb
dgblGVyGMLCyl+DIs/xyvMP4BZfYb2xvsaG7WbbaLoamfDRKytVMERQvzO3vNDn+
Vd1dQzprlIX2fBxMMq2GC7zIhZ8/SVvsJAoqIJwJto3hwhpUOOjvdF7G2ywJkylK
6wur/RpHzqvVVkd1KWPY4sa7LH09Qb02eIF44B1jPOt/bSfIjuFTolko4zQO2KSM
6aB8Uz9I8/lQ/rb83Ie1Yfl3Qby+bdbW/Zbl0DkXucfUjMrB6FZZ6t+hhL9g6064
V/yImnWXEpbaOeEagVDXsposMECAgotbzeUFSP0K5oib6lo1V1/iCH3/hwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIm5lIYq2FpkzQ8bqLrHnOUlC+ccMB8GA1UdIwQY
MBaAFEOwEFvMueYJMSB2c1SouEk8vkzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTdBUVc4eTU1Z2t4SUhaelZLaTRTVHktVE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mNzVjNjUtODg1ZS00MTdkLTgwNzYt
YmY3ZDhmY2E0NmUxLzEvaWJtVWhpcllXbVRORHh1b3VzZWM1U1VMNXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mNzVjNjUtODg1ZS00MTdkLTgwNzYtYmY3ZDhmY2E0NmUx
LzEvUTdBUVc4eTU1Z2t4SUhaelZLaTRTVHktVE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgFeADAN
BgkqhkiG9w0BAQsFAAOCAQEAB6JPF7V2lNDABflis/LD6BNPBN8nLOw3u4Ba2PBF
RJdLWpymXva2/vAlTYH6H4kQYWY/8taS93EKofcIwyFkvY/VttcNC45qgacfiCBc
l7o797Pr7AhazJhAjqx0Jl8DejTy5laxgjUD4X4PU9rrK00AP50SVm8bfwJO+R7U
C46MHwUBzkSQHzp7kaK7ZOeZhV/cU9HJeQeP+Ix2OQtS6xdwQwVtVEKAKlcHHDti
9fil5xamHZA6L+eCeFFelNAf1dTJx/dgPF0K1s0fZpiQAQgIb05E5eSlgaJhl6cv
5HF8Bo4U1gl4pdEJ7laQQ0ou7WIHphGFuXb+zHa6hpkQuA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:35:09 2025 by rpki-client