Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/038fe8-0055-4e23-bcf7-06799803365c/1/bQcanNvQlEGeo4Kibu0YFzw-D9s.roa
File: bQcanNvQlEGeo4Kibu0YFzw-D9s.roa (raw, json)
Hash identifier: 2mW1GV8QoLQk1Pq0420qz5L7/JVK+6fNm6tcNHa9q2Y=
Subject key identifier: 6D:07:1A:9C:DB:D0:94:41:9E:A3:82:A2:6E:ED:18:17:3C:3E:0F:DB
Certificate issuer: /CN=9064b608549223928c69e7dd3fc1258da7a4cba7
Certificate serial: 018CC5DC5CFB6218BADDEB88F525BE2AE32B
Authority key identifier: 90:64:B6:08:54:92:23:92:8C:69:E7:DD:3F:C1:25:8D:A7:A4:CB:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGS2CFSSI5KMaefdP8Eljaeky6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/038fe8-0055-4e23-bcf7-06799803365c/1/bQcanNvQlEGeo4Kibu0YFzw-D9s.roa
Signing time: Mon 01 Jan 2024 16:30:02 +0000
ROA not before: Mon 01 Jan 2024 16:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35407
IP address blocks: 2001:678:b90::/48 maxlen: 48
2001:678:b88::/48 maxlen: 48
2001:678:b80::/48 maxlen: 48
2001:678:d8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:5c:fb:62:18:ba:dd:eb:88:f5:25:be:2a:e3:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9064b608549223928c69e7dd3fc1258da7a4cba7
Validity
Not Before: Jan 1 16:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d071a9cdbd094419ea382a26eed18173c3e0fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ac:ac:e8:c9:b6:f6:e5:47:28:78:e3:ac:28:
54:25:9d:c5:d0:ad:62:08:a6:63:8b:18:60:74:41:
a7:73:bb:31:91:3e:cf:b5:2d:16:13:d3:4a:b1:63:
fc:b0:e8:71:9a:32:20:0e:e8:0e:80:f2:0d:0e:f3:
1c:15:47:5d:4a:84:9e:79:41:f9:76:7b:cf:16:cb:
7e:a9:c7:de:67:0e:c5:fd:aa:2f:a8:f9:36:97:8f:
66:bf:be:d2:17:35:df:0a:d7:cf:a9:20:f0:ad:87:
8e:4a:4d:ce:08:54:09:4d:2e:3f:e1:84:bb:35:77:
e8:62:f9:80:cf:cd:05:af:ed:21:71:25:52:5e:1e:
ff:8d:56:bb:f4:ee:7b:ea:f3:7e:ec:e4:9d:ef:3f:
59:fe:7e:27:fd:a7:1a:20:fd:32:78:19:45:15:13:
91:15:47:df:85:0c:e3:ac:f4:26:ba:ce:15:62:5a:
99:ce:8a:b0:5d:1e:33:74:60:86:81:a9:dd:66:e8:
6c:aa:c2:4b:7b:c9:b5:5f:d5:4b:fe:cc:46:9c:5c:
33:8c:1a:ac:d8:f6:b6:51:48:cf:bb:42:49:1e:46:
93:65:3a:8a:bd:f9:19:b0:53:de:c0:10:7a:dd:d0:
a7:fc:11:1b:13:98:ec:b7:4f:7b:e4:7e:15:a6:aa:
8f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:07:1A:9C:DB:D0:94:41:9E:A3:82:A2:6E:ED:18:17:3C:3E:0F:DB
X509v3 Authority Key Identifier:
keyid:90:64:B6:08:54:92:23:92:8C:69:E7:DD:3F:C1:25:8D:A7:A4:CB:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGS2CFSSI5KMaefdP8Eljaeky6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/038fe8-0055-4e23-bcf7-06799803365c/1/bQcanNvQlEGeo4Kibu0YFzw-D9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/038fe8-0055-4e23-bcf7-06799803365c/1/kGS2CFSSI5KMaefdP8Eljaeky6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:d8::/48
2001:678:b80::/48
2001:678:b88::/48
2001:678:b90::/48
Signature Algorithm: sha256WithRSAEncryption
60:3b:84:35:40:51:01:39:14:85:ee:d2:db:53:5d:8b:0b:49:
31:ee:16:ca:23:23:ca:ca:b8:65:14:e9:18:c0:84:2d:e5:ef:
58:cb:10:6a:4e:07:5c:87:05:a2:3a:de:6b:89:d0:13:ff:f1:
2c:71:fa:3f:20:78:1d:ed:1d:ae:b7:5f:c6:1e:15:2e:0d:03:
f7:b8:b5:27:90:cc:7f:95:21:9f:57:7f:61:54:ca:ed:07:08:
d0:4a:0f:fa:fb:70:f0:25:35:a9:3e:09:d8:9c:83:26:f6:af:
20:59:33:24:05:f3:15:f0:1d:c3:f1:0f:3e:03:40:32:d8:05:
4c:1b:97:74:b9:4c:20:2e:a5:a8:06:30:d4:97:f8:8c:65:26:
63:32:86:e0:a3:53:6c:e5:8c:29:55:05:b0:0c:fc:63:da:34:
8b:e6:4b:53:0d:0b:08:f4:00:e5:20:50:f5:a5:8e:41:c0:f3:
47:59:d8:24:bc:62:30:07:1b:25:fb:41:06:10:af:a7:b3:e4:
e5:b3:49:3a:1b:18:cd:63:42:91:5e:30:03:01:59:ab:e9:3d:
e3:1b:c1:08:05:c2:ae:4a:60:04:40:f8:72:83:9d:c7:89:fb:
b0:c6:a9:2d:a1:19:71:07:43:99:58:1c:44:f0:4a:6f:f3:ab:
a1:c5:ae:08
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzF3Fz7Yhi63euI9SW+KuMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjRiNjA4NTQ5MjIzOTI4YzY5ZTdkZDNmYzEyNThkYTdh
NGNiYTcwHhcNMjQwMTAxMTYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDA3MWE5Y2RiZDA5NDQxOWVhMzgyYTI2ZWVkMTgxNzNjM2UwZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKys6Mm29uVHKHjjrChUJZ3F0K1i
CKZjixhgdEGnc7sxkT7PtS0WE9NKsWP8sOhxmjIgDugOgPINDvMcFUddSoSeeUH5
dnvPFst+qcfeZw7F/aovqPk2l49mv77SFzXfCtfPqSDwrYeOSk3OCFQJTS4/4YS7
NXfoYvmAz80Fr+0hcSVSXh7/jVa79O576vN+7OSd7z9Z/n4n/acaIP0yeBlFFROR
FUffhQzjrPQmus4VYlqZzoqwXR4zdGCGgandZuhsqsJLe8m1X9VL/sxGnFwzjBqs
2Pa2UUjPu0JJHkaTZTqKvfkZsFPewBB63dCn/BEbE5jst0975H4VpqqPSQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG0HGpzb0JRBnqOCom7tGBc8Pg/bMB8GA1UdIwQY
MBaAFJBktghUkiOSjGnn3T/BJY2npMunMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dTMkNGU1NJNUtNYWVmZFA4RWxqYWVreTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8wMzhmZTgtMDA1NS00ZTIzLWJjZjct
MDY3OTk4MDMzNjVjLzEvYlFjYW5OdlFsRUdlbzRLaWJ1MFlGenctRDlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8wMzhmZTgtMDA1NS00ZTIzLWJjZjctMDY3OTk4MDMzNjVj
LzEva0dTMkNGU1NJNUtNYWVmZFA4RWxqYWVreTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGeADY
AwcAIAEGeAuAAwcAIAEGeAuIAwcAIAEGeAuQMA0GCSqGSIb3DQEBCwUAA4IBAQBg
O4Q1QFEBORSF7tLbU12LC0kx7hbKIyPKyrhlFOkYwIQt5e9YyxBqTgdchwWiOt5r
idAT//Escfo/IHgd7R2ut1/GHhUuDQP3uLUnkMx/lSGfV39hVMrtBwjQSg/6+3Dw
JTWpPgnYnIMm9q8gWTMkBfMV8B3D8Q8+A0Ay2AVMG5d0uUwgLqWoBjDUl/iMZSZj
Mobgo1Ns5YwpVQWwDPxj2jSL5ktTDQsI9ADlIFD1pY5BwPNHWdgkvGIwBxsl+0EG
EK+ns+Tls0k6GxjNY0KRXjADAVmr6T3jG8EIBcKuSmAEQPhyg53HifuwxqktoRlx
B0OZWBxE8Epv86uhxa4I
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:20 2024 by rpki-client on console-ams.rpki-client.org