Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/b66121-7d8f-48d7-a093-c603cf2f7412/1/3Ji6EsRbVhlzuRDCLI86xE597fY.roa
File: 3Ji6EsRbVhlzuRDCLI86xE597fY.roa (raw, json)
Hash identifier: Zmq7UubgavNvTfLTxu28W+/YjHF0IfKHoMEPtTLr7/w=
Subject key identifier: DC:98:BA:12:C4:5B:56:19:73:B9:10:C2:2C:8F:3A:C4:4E:7D:ED:F6
Certificate issuer: /CN=8fa71283d8973409d960800f6f7fcdc8d3a30acb
Certificate serial: 018E191D82DC57ADD8D7CB537E6DF20312FF
Authority key identifier: 8F:A7:12:83:D8:97:34:09:D9:60:80:0F:6F:7F:CD:C8:D3:A3:0A:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j6cSg9iXNAnZYIAPb3_NyNOjCss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/b66121-7d8f-48d7-a093-c603cf2f7412/1/3Ji6EsRbVhlzuRDCLI86xE597fY.roa
Signing time: Thu 07 Mar 2024 13:32:28 +0000
ROA not before: Thu 07 Mar 2024 13:32:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202793
IP address blocks: 2a05:e00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:19:1d:82:dc:57:ad:d8:d7:cb:53:7e:6d:f2:03:12:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fa71283d8973409d960800f6f7fcdc8d3a30acb
Validity
Not Before: Mar 7 13:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc98ba12c45b561973b910c22c8f3ac44e7dedf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6f:bc:40:b5:3f:e4:f9:a2:6e:88:06:3a:e5:
ba:d7:96:c9:aa:e4:b9:b8:c1:40:61:58:6a:42:07:
6b:61:af:6e:5d:b6:6a:07:c1:bf:e7:bb:4f:3d:85:
2d:9b:a7:49:1e:e4:51:a5:c0:29:87:a0:c5:98:f4:
6b:26:78:4c:3f:96:f4:51:c4:5d:22:69:37:4f:9c:
55:e7:5e:a4:70:95:18:e4:c4:6e:09:88:97:2c:62:
fd:4b:a1:06:45:92:0d:2e:2c:ed:61:73:80:85:34:
ea:3d:8e:bf:27:35:88:d5:af:f1:fc:24:64:c3:92:
58:ec:63:e0:0a:80:8e:c5:d3:3b:b9:63:ef:8c:75:
da:ac:1a:3f:0d:1a:1c:f5:e1:b4:c4:da:2b:c3:85:
c9:4b:a9:d7:49:df:50:b4:b7:91:8d:5e:84:de:04:
38:8c:81:b7:56:00:79:c5:47:75:50:ad:d3:fe:92:
6e:b2:71:32:ff:8a:a5:73:3a:0a:d9:8e:5e:f1:b2:
bd:d6:3c:2c:83:b6:1e:32:f3:44:37:f0:75:85:bf:
c9:dc:da:b6:5b:d7:d9:e3:62:2a:7d:be:6a:66:fe:
53:bb:ea:aa:f2:0b:47:ad:5e:37:e3:cb:94:1b:4e:
ce:ad:63:51:2b:4d:19:76:6a:31:c5:e9:b7:4c:4f:
17:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:98:BA:12:C4:5B:56:19:73:B9:10:C2:2C:8F:3A:C4:4E:7D:ED:F6
X509v3 Authority Key Identifier:
keyid:8F:A7:12:83:D8:97:34:09:D9:60:80:0F:6F:7F:CD:C8:D3:A3:0A:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j6cSg9iXNAnZYIAPb3_NyNOjCss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b66121-7d8f-48d7-a093-c603cf2f7412/1/3Ji6EsRbVhlzuRDCLI86xE597fY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b66121-7d8f-48d7-a093-c603cf2f7412/1/j6cSg9iXNAnZYIAPb3_NyNOjCss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:e00::/29
Signature Algorithm: sha256WithRSAEncryption
42:24:31:9d:ce:64:c4:6f:b5:71:28:7e:b4:8e:44:ef:4f:42:
f7:f9:c3:5c:73:19:7d:37:86:a4:9f:3f:67:c3:a8:ce:52:2e:
f8:d7:ef:f7:b2:51:12:db:3b:48:f3:d0:e7:22:c1:cc:a6:ae:
8c:9f:49:f9:e8:17:b2:1b:fc:e6:0b:8a:3b:21:15:66:5e:c1:
b5:02:fa:f0:e0:3d:78:f4:4a:84:c5:98:63:d4:a3:e6:05:dd:
7f:79:b9:a6:5b:4f:bc:7c:50:95:64:1b:30:b3:6e:ff:af:0d:
62:02:6c:51:43:ec:02:ab:95:39:3d:15:ed:32:d9:79:7a:89:
63:ec:fc:b9:07:13:45:04:d2:e4:18:04:2f:1b:66:50:d2:35:
fa:df:2e:7a:dd:07:c7:46:89:3b:d2:2f:fc:75:ec:02:4e:5a:
5c:14:da:21:4e:cf:2f:ca:a4:f9:fb:55:8d:e4:91:ce:b9:ef:
2b:3e:04:43:d9:75:e8:b8:05:83:11:8d:91:86:64:77:52:ef:
e2:4a:ce:20:f2:36:3c:96:36:0d:ba:41:aa:99:dd:c2:66:ac:
91:ce:cb:9d:74:34:41:62:9d:58:5f:b2:70:de:8d:b1:93:55:
d9:63:dd:1a:64:fa:87:f8:a6:e7:c0:19:15:35:13:77:33:2a:
b4:a0:c9:ef
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY4ZHYLcV63Y18tTfm3yAxL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYTcxMjgzZDg5NzM0MDlkOTYwODAwZjZmN2ZjZGM4ZDNh
MzBhY2IwHhcNMjQwMzA3MTMzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzk4YmExMmM0NWI1NjE5NzNiOTEwYzIyYzhmM2FjNDRlN2RlZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlW+8QLU/5PmibogGOuW615bJquS5
uMFAYVhqQgdrYa9uXbZqB8G/57tPPYUtm6dJHuRRpcAph6DFmPRrJnhMP5b0UcRd
Imk3T5xV516kcJUY5MRuCYiXLGL9S6EGRZINLiztYXOAhTTqPY6/JzWI1a/x/CRk
w5JY7GPgCoCOxdM7uWPvjHXarBo/DRoc9eG0xNorw4XJS6nXSd9QtLeRjV6E3gQ4
jIG3VgB5xUd1UK3T/pJusnEy/4qlczoK2Y5e8bK91jwsg7YeMvNEN/B1hb/J3Nq2
W9fZ42Iqfb5qZv5Tu+qq8gtHrV4348uUG07OrWNRK00Zdmoxxem3TE8XuQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNyYuhLEW1YZc7kQwiyPOsROfe32MB8GA1UdIwQY
MBaAFI+nEoPYlzQJ2WCAD29/zcjTowrLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajZjU2c5aVhOQW5aWUlBUGIzX055Tk9qQ3NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iNjYxMjEtN2Q4Zi00OGQ3LWEwOTMt
YzYwM2NmMmY3NDEyLzEvM0ppNkVzUmJWaGx6dVJEQ0xJODZ4RTU5N2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9iNjYxMjEtN2Q4Zi00OGQ3LWEwOTMtYzYwM2NmMmY3NDEy
LzEvajZjU2c5aVhOQW5aWUlBUGIzX055Tk9qQ3NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgUOADAN
BgkqhkiG9w0BAQsFAAOCAQEAQiQxnc5kxG+1cSh+tI5E709C9/nDXHMZfTeGpJ8/
Z8OozlIu+Nfv97JREts7SPPQ5yLBzKaujJ9J+egXshv85guKOyEVZl7BtQL68OA9
ePRKhMWYY9Sj5gXdf3m5pltPvHxQlWQbMLNu/68NYgJsUUPsAquVOT0V7TLZeXqJ
Y+z8uQcTRQTS5BgELxtmUNI1+t8uet0Hx0aJO9Iv/HXsAk5aXBTaIU7PL8qk+ftV
jeSRzrnvKz4EQ9l16LgFgxGNkYZkd1Lv4krOIPI2PJY2DbpBqpndwmaskc7LnXQ0
QWKdWF+ycN6NsZNV2WPdGmT6h/im58AZFTUTdzMqtKDJ7w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:08 2025 by rpki-client