Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/I6mmxDFMRlZQglr9tvZgtWTpacI.roa
File: I6mmxDFMRlZQglr9tvZgtWTpacI.roa (raw, json)
Hash identifier: I0Re/y7GCOXiEC+k8ucTnbEwVPei1zvCkVbXr+eUjaE=
Subject key identifier: 23:A9:A6:C4:31:4C:46:56:50:82:5A:FD:B6:F6:60:B5:64:E9:69:C2
Certificate issuer: /CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Certificate serial: 018D7E499AC85AD309755E93685E7F50D969
Authority key identifier: 38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/I6mmxDFMRlZQglr9tvZgtWTpacI.roa
Signing time: Tue 06 Feb 2024 11:59:29 +0000
ROA not before: Tue 06 Feb 2024 11:59:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51628
IP address blocks: 2a09:6280:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:49:9a:c8:5a:d3:09:75:5e:93:68:5e:7f:50:d9:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Validity
Not Before: Feb 6 11:59:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23a9a6c4314c465650825afdb6f660b564e969c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5e:e3:db:29:00:4d:c9:e8:2c:7a:db:fd:1e:
5b:b5:0c:53:c1:69:f5:04:4b:83:7d:64:6f:d2:be:
77:f2:63:fd:3b:20:29:bb:f8:d8:4c:04:57:7b:cb:
22:d2:c6:c0:5c:2f:cf:9b:5b:56:7a:f7:1e:0c:10:
38:ba:3b:67:22:22:29:13:1d:3a:0a:13:56:9a:33:
c9:7d:2c:c4:3f:8a:25:2f:76:88:e7:4e:a8:87:f4:
bd:83:8a:e8:c7:2d:42:5b:94:21:5e:10:f9:e7:e3:
29:de:b1:6b:8f:cf:2d:88:93:96:7d:e8:67:dd:54:
92:69:e0:64:ca:6a:f1:70:7e:6d:b9:fa:1a:29:d9:
75:ad:78:c9:09:8a:68:91:ad:9b:af:29:fa:18:77:
ec:59:c7:61:6f:c8:6c:05:42:11:6c:de:e2:28:2b:
82:f5:95:b2:15:c2:bf:ad:d1:2d:7d:0e:d9:86:c5:
9e:71:2a:8c:55:2a:49:a6:22:f2:26:2b:92:5d:85:
79:6e:93:75:98:8b:12:c7:7b:7c:56:46:2d:dd:55:
b4:48:ae:59:a9:89:d8:4b:92:5b:70:4c:44:38:9c:
f2:2f:04:8c:22:59:8b:4c:ba:5e:af:7d:29:1c:6d:
eb:9d:65:e3:16:73:5a:c9:ee:1c:a3:b3:80:ba:45:
ff:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A9:A6:C4:31:4C:46:56:50:82:5A:FD:B6:F6:60:B5:64:E9:69:C2
X509v3 Authority Key Identifier:
keyid:38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/I6mmxDFMRlZQglr9tvZgtWTpacI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/OEAeWIkL8jDcrl0DBRGf8sK41DM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6280:2::/48
Signature Algorithm: sha256WithRSAEncryption
1c:52:55:5f:66:1e:09:87:bd:df:ff:31:5d:e1:d3:22:02:e4:
d6:d5:14:e6:ae:36:df:8a:d2:e8:b8:46:cf:fa:d4:54:47:1c:
a0:04:fd:61:72:cc:f3:72:0f:24:b5:78:00:1c:6d:c5:7e:a2:
a8:19:25:0b:01:b3:ec:8b:a6:9f:d9:92:a6:dd:46:ef:a7:e1:
ce:9e:48:a8:40:be:03:5a:57:09:22:9d:93:a7:ef:9c:93:80:
00:fa:04:36:b0:22:65:ba:11:15:46:cf:ad:6e:3a:28:6e:dc:
74:3e:9c:bc:1a:1a:cc:d8:d4:46:a3:7a:e3:16:43:a5:65:e6:
6b:0a:43:57:ac:8f:47:fd:75:19:3f:7f:f7:fd:43:30:61:12:
4a:a9:09:b5:de:fa:cf:19:f5:06:7d:45:40:a5:5b:b2:c6:0c:
ce:85:73:ce:a6:32:76:dd:d7:63:57:c9:0a:0e:b0:a2:c5:a0:
54:8a:75:b3:d5:db:b0:73:90:84:8c:bb:8d:0e:03:c5:9b:7a:
e5:e4:de:ce:a5:b3:39:b5:5d:96:90:75:9a:f6:41:d3:89:2f:
98:a5:f3:5e:cf:fa:21:15:24:be:e6:28:e7:d7:b5:85:85:3f:
36:2e:04:93:bc:86:e6:d7:ee:c5:1b:e4:98:27:7a:2a:8c:38:
f5:42:a0:b4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1+SZrIWtMJdV6TaF5/UNlpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDAxZTU4ODkwYmYyMzBkY2FlNWQwMzA1MTE5ZmYyYzJi
OGQ0MzMwHhcNMjQwMjA2MTE1OTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2E5YTZjNDMxNGM0NjU2NTA4MjVhZmRiNmY2NjBiNTY0ZTk2OWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj17j2ykATcnoLHrb/R5btQxTwWn1
BEuDfWRv0r538mP9OyApu/jYTARXe8si0sbAXC/Pm1tWevceDBA4ujtnIiIpEx06
ChNWmjPJfSzEP4olL3aI506oh/S9g4roxy1CW5QhXhD55+Mp3rFrj88tiJOWfehn
3VSSaeBkymrxcH5tufoaKdl1rXjJCYpoka2bryn6GHfsWcdhb8hsBUIRbN7iKCuC
9ZWyFcK/rdEtfQ7ZhsWecSqMVSpJpiLyJiuSXYV5bpN1mIsSx3t8VkYt3VW0SK5Z
qYnYS5JbcExEOJzyLwSMIlmLTLper30pHG3rnWXjFnNaye4co7OAukX/LQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCOppsQxTEZWUIJa/bb2YLVk6WnCMB8GA1UdIwQY
MBaAFDhAHliJC/Iw3K5dAwURn/LCuNQzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VBZVdJa0w4akRjcmwwREJSR2Y4c0s0MURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82N2QzYjgtYzQzZC00NGI3LWFmYTYt
OGI5Y2RkYjczNDA4LzEvSTZtbXhERk1SbFpRZ2xyOXR2Wmd0V1RwYWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82N2QzYjgtYzQzZC00NGI3LWFmYTYtOGI5Y2RkYjczNDA4
LzEvT0VBZVdJa0w4akRjcmwwREJSR2Y4c0s0MURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgligAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQAcUlVfZh4Jh73f/zFd4dMiAuTW1RTmrjbfitLo
uEbP+tRURxygBP1hcszzcg8ktXgAHG3FfqKoGSULAbPsi6af2ZKm3Ubvp+HOnkio
QL4DWlcJIp2Tp++ck4AA+gQ2sCJluhEVRs+tbjoobtx0Ppy8GhrM2NRGo3rjFkOl
ZeZrCkNXrI9H/XUZP3/3/UMwYRJKqQm13vrPGfUGfUVApVuyxgzOhXPOpjJ23ddj
V8kKDrCixaBUinWz1duwc5CEjLuNDgPFm3rl5N7OpbM5tV2WkHWa9kHTiS+YpfNe
z/ohFSS+5ijn17WFhT82LgSTvIbm1+7FG+SYJ3oqjDj1QqC0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:30 2025 by rpki-client