Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cc11e8-d51b-4679-9c6c-1ef197d6dc69/1/CTR4fiCBq86TaY2lEx_68JZLyls.roa
File: CTR4fiCBq86TaY2lEx_68JZLyls.roa (raw, json)
Hash identifier: S8+nz81EVRhC+bsn6IMiJ4eopYEHaPoW57NZdcgq7qs=
Subject key identifier: 09:34:78:7E:20:81:AB:CE:93:69:8D:A5:13:1F:FA:F0:96:4B:CA:5B
Certificate issuer: /CN=6bb3ae11a3a6a5ee1e32ea6cce1f10df231ead88
Certificate serial: 01856D9D46C06E328ABA59433073023E741B
Authority key identifier: 6B:B3:AE:11:A3:A6:A5:EE:1E:32:EA:6C:CE:1F:10:DF:23:1E:AD:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a7OuEaOmpe4eMupszh8Q3yMerYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/cc11e8-d51b-4679-9c6c-1ef197d6dc69/1/CTR4fiCBq86TaY2lEx_68JZLyls.roa
Signing time: Sun 01 Jan 2023 13:55:01 +0000
ROA not before: Sun 01 Jan 2023 13:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206628
IP address blocks: 2a0f:85c1:22::/48 maxlen: 48
2a0f:85c1:30::/48 maxlen: 48
2a0f:85c1::/48 maxlen: 48
2a0f:85c1:21::/48 maxlen: 48
2a0f:85c1:31::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:46:c0:6e:32:8a:ba:59:43:30:73:02:3e:74:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bb3ae11a3a6a5ee1e32ea6cce1f10df231ead88
Validity
Not Before: Jan 1 13:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0934787e2081abce93698da5131ffaf0964bca5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:27:83:b0:96:aa:5b:07:51:a7:f3:36:ac:03:
88:34:19:69:98:e0:56:b6:7b:8c:95:8f:70:6c:85:
c9:bf:9b:d9:0c:6f:6d:21:98:b9:c4:b3:27:1b:8f:
1c:0a:e4:d5:e2:00:37:29:22:62:47:16:5c:d1:af:
5d:e8:9b:ac:df:75:95:fb:63:ab:60:e8:2c:dd:be:
8c:ca:5d:a0:49:69:6e:16:07:9d:03:f8:c7:f7:d2:
63:d3:dd:98:50:7e:36:76:65:20:a9:0a:6c:90:45:
ce:94:8c:e6:7a:f7:09:cb:47:28:48:08:74:86:1e:
69:b3:5f:8c:a9:ce:a6:28:18:25:f1:fd:6d:1f:df:
52:a9:ab:7b:26:e7:14:c0:4e:b7:de:28:56:f3:41:
b5:75:82:26:f2:b5:bf:fa:10:4e:4e:dd:1a:47:91:
39:82:5a:af:ab:c6:61:de:5e:23:3f:3c:5a:4b:0a:
32:64:5d:45:87:9b:e8:f4:52:98:c1:b0:28:a1:af:
76:76:5e:fb:95:60:9c:2d:92:91:00:76:97:1b:16:
08:de:9f:0d:7c:7e:72:d6:5d:32:2a:5d:6b:f7:24:
86:c1:f5:8b:c0:4e:f9:08:46:d3:bc:fd:8f:40:79:
12:2f:cd:52:94:6c:ba:1c:9d:33:d1:7e:52:91:43:
96:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:34:78:7E:20:81:AB:CE:93:69:8D:A5:13:1F:FA:F0:96:4B:CA:5B
X509v3 Authority Key Identifier:
keyid:6B:B3:AE:11:A3:A6:A5:EE:1E:32:EA:6C:CE:1F:10:DF:23:1E:AD:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7OuEaOmpe4eMupszh8Q3yMerYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cc11e8-d51b-4679-9c6c-1ef197d6dc69/1/CTR4fiCBq86TaY2lEx_68JZLyls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cc11e8-d51b-4679-9c6c-1ef197d6dc69/1/a7OuEaOmpe4eMupszh8Q3yMerYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1::/48
2a0f:85c1:21::-2a0f:85c1:22:ffff:ffff:ffff:ffff:ffff
2a0f:85c1:30::/47
Signature Algorithm: sha256WithRSAEncryption
72:dc:6a:0b:f5:48:85:58:6b:31:ec:c2:4b:e6:88:be:99:9e:
ae:be:cd:4e:5b:1c:17:f8:ad:c8:b3:60:10:6b:d4:70:f9:5d:
b0:f1:37:37:47:7f:85:6a:da:0f:05:4e:dc:35:73:9b:38:96:
58:57:9f:45:d8:45:58:24:31:31:ec:d5:e6:21:fd:ff:d7:56:
a7:bf:5c:f3:fd:bc:05:84:96:f0:e9:37:21:34:62:89:08:f1:
96:35:87:f6:be:4e:d2:4f:a2:8d:d0:35:e7:15:cb:80:de:80:
3c:f3:d8:87:fe:5c:a9:e3:bb:a8:1e:a3:7b:70:5e:7a:a6:2d:
a7:37:be:e1:ab:63:b6:47:b8:81:bd:1c:df:ce:f2:d6:a6:76:
2c:7b:fa:c6:11:e9:9b:76:a7:4f:28:f5:88:36:99:6c:86:8e:
49:d9:2a:e6:65:f6:2a:6c:d2:fd:28:42:07:cd:96:27:7a:ea:
d9:b1:7f:0c:7d:0d:e4:d3:02:61:f7:51:54:32:0c:e6:e1:af:
65:21:fb:93:0a:d4:ea:4d:69:5c:f6:4e:66:c0:83:15:09:3f:
15:5b:b6:ad:5c:ef:72:db:3d:4f:f2:67:14:c1:8e:78:f6:2e:
72:51:30:b2:68:1c:5c:8f:86:97:ae:59:19:eb:80:aa:6d:46:
5b:9a:17:78
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVtnUbAbjKKullDMHMCPnQbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYjNhZTExYTNhNmE1ZWUxZTMyZWE2Y2NlMWYxMGRmMjMx
ZWFkODgwHhcNMjMwMTAxMTM1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTM0Nzg3ZTIwODFhYmNlOTM2OThkYTUxMzFmZmFmMDk2NGJjYTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSeDsJaqWwdRp/M2rAOINBlpmOBW
tnuMlY9wbIXJv5vZDG9tIZi5xLMnG48cCuTV4gA3KSJiRxZc0a9d6Jus33WV+2Or
YOgs3b6Myl2gSWluFgedA/jH99Jj092YUH42dmUgqQpskEXOlIzmevcJy0coSAh0
hh5ps1+Mqc6mKBgl8f1tH99Sqat7JucUwE633ihW80G1dYIm8rW/+hBOTt0aR5E5
glqvq8Zh3l4jPzxaSwoyZF1Fh5vo9FKYwbAooa92dl77lWCcLZKRAHaXGxYI3p8N
fH5y1l0yKl1r9ySGwfWLwE75CEbTvP2PQHkSL81SlGy6HJ0z0X5SkUOW9wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAk0eH4ggavOk2mNpRMf+vCWS8pbMB8GA1UdIwQY
MBaAFGuzrhGjpqXuHjLqbM4fEN8jHq2IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTdPdUVhT21wZTRlTXVwc3poOFEzeU1lcllnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jYzExZTgtZDUxYi00Njc5LTljNmMt
MWVmMTk3ZDZkYzY5LzEvQ1RSNGZpQ0JxODZUYVkybEV4XzY4SlpMeWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jYzExZTgtZDUxYi00Njc5LTljNmMtMWVmMTk3ZDZkYzY5
LzEvYTdPdUVhT21wZTRlTXVwc3poOFEzeU1lcllnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcAKg+FwQAA
MBIDBwAqD4XBACEDBwAqD4XBACIDBwEqD4XBADAwDQYJKoZIhvcNAQELBQADggEB
AHLcagv1SIVYazHswkvmiL6Znq6+zU5bHBf4rcizYBBr1HD5XbDxNzdHf4Vq2g8F
Ttw1c5s4llhXn0XYRVgkMTHs1eYh/f/XVqe/XPP9vAWElvDpNyE0YokI8ZY1h/a+
TtJPoo3QNecVy4DegDzz2If+XKnju6geo3twXnqmLac3vuGrY7ZHuIG9HN/O8tam
dix7+sYR6Zt2p08o9Yg2mWyGjknZKuZl9ips0v0oQgfNlid66tmxfwx9DeTTAmH3
UVQyDObhr2Uh+5MK1OpNaVz2TmbAgxUJPxVbtq1c73LbPU/yZxTBjnj2LnJRMLJo
HFyPhpeuWRnrgKptRluaF3g=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:46 2025 by rpki-client