Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/iVAB6TUktLfO7AGC4-GNngHAv_Q.roa
File: iVAB6TUktLfO7AGC4-GNngHAv_Q.roa (raw, json)
Hash identifier: wGEyI9W3w8AOlMDvXzHhN8QydADJGetRoCXdAt1EWrg=
Subject key identifier: 89:50:01:E9:35:24:B4:B7:CE:EC:01:82:E3:E1:8D:9E:01:C0:BF:F4
Certificate issuer: /CN=9a26657e6b25449425b748645e7420c76ac2b3a4
Certificate serial: 0193F30DC18CC2624A79EF2A806790C1731D
Authority key identifier: 9A:26:65:7E:6B:25:44:94:25:B7:48:64:5E:74:20:C7:6A:C2:B3:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miZlfmslRJQlt0hkXnQgx2rCs6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/iVAB6TUktLfO7AGC4-GNngHAv_Q.roa
Signing time: Mon 23 Dec 2024 10:26:25 +0000
ROA not before: Mon 23 Dec 2024 10:26:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42375
IP address blocks: 2a07:d940::/29 maxlen: 29
2a07:f600:4081::/48 maxlen: 48
2a07:f600:4085::/48 maxlen: 48
2a11:3840::/29 maxlen: 29
2a11:52c0::/29 maxlen: 29
2a11:7780::/29 maxlen: 29
2a11:78c0::/29 maxlen: 29
2a11:8d80::/29 maxlen: 29
2a11:8ec0::/29 maxlen: 29
2a11:fe00::/29 maxlen: 29
2a12:3400::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f3:0d:c1:8c:c2:62:4a:79:ef:2a:80:67:90:c1:73:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a26657e6b25449425b748645e7420c76ac2b3a4
Validity
Not Before: Dec 23 10:26:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=895001e93524b4b7ceec0182e3e18d9e01c0bff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:0e:1d:0b:b0:38:35:bb:e3:96:91:ed:97:3d:
f4:5a:75:bb:87:7c:3c:13:7d:10:6a:86:ba:09:0c:
2e:24:16:c6:cb:2b:1e:80:13:1e:9a:1c:14:3a:0d:
8d:6a:24:28:aa:7b:4f:10:8c:32:4a:63:b1:17:5d:
e2:c1:d6:a5:5e:ac:7c:29:22:7e:1f:7c:49:d9:ba:
78:af:1d:88:1d:3f:33:7f:13:78:e5:c5:5e:96:8e:
fa:2f:f6:16:ca:77:01:4e:82:9e:01:0d:16:38:ad:
46:ff:ba:e6:5e:85:c2:d7:de:f7:58:c6:53:85:e1:
33:5b:22:53:19:8b:5c:14:7f:92:6c:39:02:21:e8:
0d:93:b8:17:2a:b7:9d:d5:d0:a0:62:14:f2:8b:20:
db:3d:60:53:d0:bc:fc:10:e8:d6:2c:3b:0c:1b:a0:
9f:31:75:8f:ad:b9:39:0b:a5:23:27:be:24:37:1c:
dc:63:b8:d1:92:6b:ab:3a:92:85:05:5d:fb:98:8f:
6f:46:cb:7e:41:53:e1:8d:08:5c:f2:51:4b:c0:e6:
63:28:c0:fd:a4:2b:54:d3:fb:86:59:4e:35:c9:c9:
09:fd:f8:99:66:e1:fa:c6:fa:06:46:c8:94:e6:8d:
62:b0:2d:9e:c3:f2:d4:af:a6:25:6d:92:c5:3d:99:
f6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:50:01:E9:35:24:B4:B7:CE:EC:01:82:E3:E1:8D:9E:01:C0:BF:F4
X509v3 Authority Key Identifier:
keyid:9A:26:65:7E:6B:25:44:94:25:B7:48:64:5E:74:20:C7:6A:C2:B3:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miZlfmslRJQlt0hkXnQgx2rCs6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/iVAB6TUktLfO7AGC4-GNngHAv_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/miZlfmslRJQlt0hkXnQgx2rCs6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:d940::/29
2a07:f600:4081::/48
2a07:f600:4085::/48
2a11:3840::/29
2a11:52c0::/29
2a11:7780::/29
2a11:78c0::/29
2a11:8d80::/29
2a11:8ec0::/29
2a11:fe00::/29
2a12:3400::/29
Signature Algorithm: sha256WithRSAEncryption
8e:92:4e:27:39:aa:fe:df:99:db:9f:5b:84:94:ce:b0:c5:9b:
f6:f5:82:87:b5:88:9a:45:ad:03:7f:3e:f5:36:3d:22:86:40:
00:c4:f3:4d:b6:42:da:0e:da:58:4c:ad:eb:e7:b2:d4:32:7e:
cb:3c:8d:f0:d2:85:ff:c4:73:c4:02:91:53:36:65:03:88:4f:
69:ec:4d:4a:ea:b5:8b:bc:8c:8e:66:4d:23:32:b9:f1:35:66:
03:7c:0f:ef:0c:d4:07:11:93:3e:6e:bd:5b:9f:a4:1b:33:74:
55:81:15:ee:6b:38:4b:f7:66:5e:83:1b:aa:22:4f:4d:48:ad:
90:37:c2:0a:4a:ec:64:e6:97:1b:55:de:a8:c7:54:fd:81:01:
97:a3:9d:1c:d3:93:a8:62:4e:b6:11:db:aa:bc:1b:e0:2e:3b:
c2:19:38:88:53:84:c4:1d:53:2e:ad:da:40:5e:98:26:d1:e0:
d8:d2:17:7f:6d:d6:da:b2:80:3c:d0:1f:88:fb:c6:7a:d9:fb:
d4:00:3b:de:f0:17:96:b0:63:23:b8:df:3f:bd:a6:e2:f7:bc:
c8:6f:05:f8:c1:ad:ce:50:9f:be:b3:86:5f:93:26:4a:8b:e0:
ad:31:b0:34:ea:02:3f:8b:08:1b:cf:40:ec:e8:f2:51:e0:92:
20:fd:d9:9a
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZPzDcGMwmJKee8qgGeQwXMdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjY2NTdlNmIyNTQ0OTQyNWI3NDg2NDVlNzQyMGM3NmFj
MmIzYTQwHhcNMjQxMjIzMTAyNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTUwMDFlOTM1MjRiNGI3Y2VlYzAxODJlM2UxOGQ5ZTAxYzBiZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5w4dC7A4NbvjlpHtlz30WnW7h3w8
E30Qaoa6CQwuJBbGyysegBMemhwUOg2NaiQoqntPEIwySmOxF13iwdalXqx8KSJ+
H3xJ2bp4rx2IHT8zfxN45cVelo76L/YWyncBToKeAQ0WOK1G/7rmXoXC1973WMZT
heEzWyJTGYtcFH+SbDkCIegNk7gXKred1dCgYhTyiyDbPWBT0Lz8EOjWLDsMG6Cf
MXWPrbk5C6UjJ74kNxzcY7jRkmurOpKFBV37mI9vRst+QVPhjQhc8lFLwOZjKMD9
pCtU0/uGWU41yckJ/fiZZuH6xvoGRsiU5o1isC2ew/LUr6YlbZLFPZn2ewIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFIlQAek1JLS3zuwBguPhjZ4BwL/0MB8GA1UdIwQY
MBaAFJomZX5rJUSUJbdIZF50IMdqwrOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlabGZtc2xSSlFsdDBoa1huUWd4MnJDczZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZWRkZjItN2Q3Yy00NGEzLWIwZmQt
MTEwYjc2OGJmNGMwLzEvaVZBQjZUVWt0TGZPN0FHQzQtR05uZ0hBdl9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZWRkZjItN2Q3Yy00NGEzLWIwZmQtMTEwYjc2OGJmNGMw
LzEvbWlabGZtc2xSSlFsdDBoa1huUWd4MnJDczZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAAjBRAwUDKgfZQAMH
ACoH9gBAgQMHACoH9gBAhQMFAyoROEADBQMqEVLAAwUDKhF3gAMFAyoReMADBQMq
EY2AAwUDKhGOwAMFAyoR/gADBQMqEjQAMA0GCSqGSIb3DQEBCwUAA4IBAQCOkk4n
Oar+35nbn1uElM6wxZv29YKHtYiaRa0Dfz71Nj0ihkAAxPNNtkLaDtpYTK3r57LU
Mn7LPI3w0oX/xHPEApFTNmUDiE9p7E1K6rWLvIyOZk0jMrnxNWYDfA/vDNQHEZM+
br1bn6QbM3RVgRXuazhL92ZegxuqIk9NSK2QN8IKSuxk5pcbVd6ox1T9gQGXo50c
05OoYk62EduqvBvgLjvCGTiIU4TEHVMurdpAXpgm0eDY0hd/bdbasoA80B+I+8Z6
2fvUADve8BeWsGMjuN8/vabi97zIbwX4wa3OUJ++s4ZfkyZKi+CtMbA06gI/iwgb
z0Ds6PJR4JIg/dma
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:00 2025 by rpki-client