Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/2a965c-3347-443e-88c7-5b4d52dc2de2/1/q8e5dMtW_OxsBFcb0BH0cwB83FU.roa
File: q8e5dMtW_OxsBFcb0BH0cwB83FU.roa (raw, json)
Hash identifier: L8dEctctWjgcIL1d+P0cQydEsbfhQJOQYps7mbt33xY=
Subject key identifier: AB:C7:B9:74:CB:56:FC:EC:6C:04:57:1B:D0:11:F4:73:00:7C:DC:55
Certificate issuer: /CN=ad12daa384888b5247df712965803f0d3fa8989d
Certificate serial: 018CC9BCC353CA541CA3084490EED145EC5C
Authority key identifier: AD:12:DA:A3:84:88:8B:52:47:DF:71:29:65:80:3F:0D:3F:A8:98:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rRLao4SIi1JH33EpZYA_DT-omJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/2a965c-3347-443e-88c7-5b4d52dc2de2/1/q8e5dMtW_OxsBFcb0BH0cwB83FU.roa
Signing time: Tue 02 Jan 2024 10:34:00 +0000
ROA not before: Tue 02 Jan 2024 10:34:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a06:7380::/29 maxlen: 29
2a0a:db80::/29 maxlen: 29
2a0b:6500::/29 maxlen: 29
2a07:4980::/29 maxlen: 29
2a07:ec40::/29 maxlen: 29
2a06:7d00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c3:53:ca:54:1c:a3:08:44:90:ee:d1:45:ec:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad12daa384888b5247df712965803f0d3fa8989d
Validity
Not Before: Jan 2 10:34:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abc7b974cb56fcec6c04571bd011f473007cdc55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f0:47:9d:8f:c4:f7:9b:78:9a:8a:a3:2a:cd:
52:b5:46:c7:93:3a:62:ec:8c:b2:dc:e1:fd:3c:a2:
de:e5:ee:48:61:c4:91:d7:10:ea:08:4f:b6:10:17:
fe:e9:59:85:9b:a9:50:7c:c3:11:0f:55:58:df:1e:
58:63:0a:67:5c:2b:b7:e4:ad:5d:d4:d5:b7:09:87:
f4:c9:3d:24:c8:51:6c:bf:a6:aa:7e:b2:73:8e:eb:
bf:fa:1c:57:f0:b7:42:25:cd:4e:85:85:cb:63:2d:
e1:bd:4c:81:eb:ed:35:6d:ce:62:20:41:91:59:ca:
08:91:ee:4f:90:92:5d:f7:08:67:83:b4:5c:e5:c8:
17:f0:5d:51:bc:65:6e:79:cd:16:a2:40:7a:cc:3b:
54:3c:92:f7:95:92:b1:6d:c9:60:e7:42:f0:c0:da:
40:ec:0f:4f:22:a3:4b:02:ef:12:da:3a:5b:e7:a0:
0f:85:f5:0e:81:b5:a9:d3:c3:89:ee:57:a2:3f:35:
79:27:cc:ef:85:d2:49:66:2e:5e:22:cd:f4:7f:3f:
75:a1:c8:40:e0:4c:a9:e1:80:b7:95:61:91:c1:c9:
7a:d6:59:30:9d:bb:67:b9:47:b2:57:e0:ae:b6:9c:
82:a3:ab:b6:56:f9:b0:68:14:26:9a:7e:7d:4b:ff:
86:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C7:B9:74:CB:56:FC:EC:6C:04:57:1B:D0:11:F4:73:00:7C:DC:55
X509v3 Authority Key Identifier:
keyid:AD:12:DA:A3:84:88:8B:52:47:DF:71:29:65:80:3F:0D:3F:A8:98:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRLao4SIi1JH33EpZYA_DT-omJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/2a965c-3347-443e-88c7-5b4d52dc2de2/1/q8e5dMtW_OxsBFcb0BH0cwB83FU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/2a965c-3347-443e-88c7-5b4d52dc2de2/1/rRLao4SIi1JH33EpZYA_DT-omJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:7380::/29
2a06:7d00::/29
2a07:4980::/29
2a07:ec40::/29
2a0a:db80::/29
2a0b:6500::/29
Signature Algorithm: sha256WithRSAEncryption
68:90:82:2a:29:c0:67:40:6a:f3:62:85:14:ee:46:0c:35:57:
8b:32:7c:4f:96:62:cf:ad:30:e2:ab:ed:8e:7b:99:fd:b0:d6:
03:29:b9:96:c2:4c:4f:83:89:32:c0:58:9f:fb:c4:b7:98:b8:
cf:58:58:2b:b8:34:9f:9a:ab:ed:31:38:d9:2e:3b:b9:0c:e4:
5c:73:5d:d3:31:7a:8b:0f:50:10:7c:b3:53:80:de:45:19:24:
a4:2c:71:6f:f8:67:ea:24:c7:af:b4:80:68:2f:4f:18:0d:9a:
82:96:31:ae:27:7d:36:d6:1a:07:3f:af:7d:b6:cf:cb:70:8f:
e0:29:e6:a6:53:f5:7c:30:a7:0f:9f:ec:63:a7:7f:4b:c9:ec:
6f:8c:ff:06:36:5b:21:ab:e1:60:17:ca:b1:17:6d:0e:03:34:
51:ce:2b:12:7d:31:11:4b:9e:d6:47:51:b5:cd:0d:03:ca:b3:
b5:14:c0:ab:96:6e:47:e0:e7:ea:27:6a:08:37:94:52:b2:42:
5c:9a:0b:b3:b2:71:f1:f0:f3:ec:1a:29:59:17:ed:21:fc:bb:
a4:7f:d7:86:c8:01:5e:23:1b:0f:2e:fe:94:4a:b9:c5:3d:17:
21:f8:f0:2f:9b:e9:00:0f:e9:80:ab:50:be:b0:dc:e2:33:a6:
21:3c:bd:a6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzJvMNTylQcowhEkO7RRexcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMTJkYWEzODQ4ODhiNTI0N2RmNzEyOTY1ODAzZjBkM2Zh
ODk4OWQwHhcNMjQwMTAyMTAzNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmM3Yjk3NGNiNTZmY2VjNmMwNDU3MWJkMDExZjQ3MzAwN2NkYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPBHnY/E95t4moqjKs1StUbHkzpi
7Iyy3OH9PKLe5e5IYcSR1xDqCE+2EBf+6VmFm6lQfMMRD1VY3x5YYwpnXCu35K1d
1NW3CYf0yT0kyFFsv6aqfrJzjuu/+hxX8LdCJc1OhYXLYy3hvUyB6+01bc5iIEGR
WcoIke5PkJJd9whng7Rc5cgX8F1RvGVuec0WokB6zDtUPJL3lZKxbclg50LwwNpA
7A9PIqNLAu8S2jpb56APhfUOgbWp08OJ7leiPzV5J8zvhdJJZi5eIs30fz91ochA
4Eyp4YC3lWGRwcl61lkwnbtnuUeyV+CutpyCo6u2VvmwaBQmmn59S/+GfwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKvHuXTLVvzsbARXG9AR9HMAfNxVMB8GA1UdIwQY
MBaAFK0S2qOEiItSR99xKWWAPw0/qJidMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclJMYW80U0lpMUpIMzNFcFpZQV9EVC1vbUowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8yYTk2NWMtMzM0Ny00NDNlLTg4Yzct
NWI0ZDUyZGMyZGUyLzEvcThlNWRNdFdfT3hzQkZjYjBCSDBjd0I4M0ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8yYTk2NWMtMzM0Ny00NDNlLTg4YzctNWI0ZDUyZGMyZGUy
LzEvclJMYW80U0lpMUpIMzNFcFpZQV9EVC1vbUowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgZzgAMF
AyoGfQADBQMqB0mAAwUDKgfsQAMFAyoK24ADBQMqC2UAMA0GCSqGSIb3DQEBCwUA
A4IBAQBokIIqKcBnQGrzYoUU7kYMNVeLMnxPlmLPrTDiq+2Oe5n9sNYDKbmWwkxP
g4kywFif+8S3mLjPWFgruDSfmqvtMTjZLju5DORcc13TMXqLD1AQfLNTgN5FGSSk
LHFv+GfqJMevtIBoL08YDZqCljGuJ3021hoHP699ts/LcI/gKeamU/V8MKcPn+xj
p39LyexvjP8GNlshq+FgF8qxF20OAzRRzisSfTERS57WR1G1zQ0DyrO1FMCrlm5H
4OfqJ2oIN5RSskJcmguzsnHx8PPsGilZF+0h/Lukf9eGyAFeIxsPLv6USrnFPRch
+PAvm+kAD+mAq1C+sNziM6YhPL2m
-----END CERTIFICATE-----
Generated at Thu Apr 11 13:52:07 2024 by rpki-client on console-fra.rpki-client.org