Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/bt98pLNUirGvmkzkcXjKij5SZ70.roa
File: bt98pLNUirGvmkzkcXjKij5SZ70.roa (raw, json)
Hash identifier: c5DEWJffvzeBV4iaLH/BvrIwDZjVdpf3tS/VPdKPtyo=
Subject key identifier: 6E:DF:7C:A4:B3:54:8A:B1:AF:9A:4C:E4:71:78:CA:8A:3E:52:67:BD
Certificate issuer: /CN=33f5ce1fc37927cb5a4e67b176c7a63b32ff6e89
Certificate serial: 018CC56EAA4BCF3BE34E53AB3AE7CBBAF7AA
Authority key identifier: 33:F5:CE:1F:C3:79:27:CB:5A:4E:67:B1:76:C7:A6:3B:32:FF:6E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_XOH8N5J8taTmexdsemOzL_bok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/bt98pLNUirGvmkzkcXjKij5SZ70.roa
Signing time: Mon 01 Jan 2024 14:30:13 +0000
ROA not before: Mon 01 Jan 2024 14:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22773
IP address blocks: 2a0b:3c00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:aa:4b:cf:3b:e3:4e:53:ab:3a:e7:cb:ba:f7:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33f5ce1fc37927cb5a4e67b176c7a63b32ff6e89
Validity
Not Before: Jan 1 14:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6edf7ca4b3548ab1af9a4ce47178ca8a3e5267bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a2:2f:5a:91:43:27:91:fe:47:12:a0:e8:f5:
b2:6d:16:fb:f8:fa:cc:78:c9:8c:97:27:17:e8:e8:
9f:fb:00:0b:18:42:de:bb:a7:6f:f4:75:a7:40:ad:
df:5b:86:01:6a:96:a5:b5:1b:c7:41:0d:72:be:b1:
07:f2:4b:9d:35:f2:e1:62:d7:ee:3e:5e:44:35:5c:
d2:0b:9a:5c:0b:87:6b:51:8c:f0:fb:35:d8:57:01:
15:95:fe:55:d8:1c:36:73:c6:6e:ab:5a:ed:85:22:
19:bb:63:16:fe:f5:cd:2f:29:39:f7:5d:4f:7f:ae:
c7:74:91:cf:11:59:90:65:cf:4a:e3:72:62:fb:35:
2c:da:3b:c6:c3:e8:e0:f9:25:65:f4:84:97:88:ac:
53:d3:a6:ef:7a:c6:3c:f7:1c:54:51:59:bd:e2:50:
6f:d5:99:51:b5:e5:fc:a1:54:65:23:22:03:da:88:
1f:5c:1d:d4:65:f1:04:46:57:b1:ed:3d:59:29:cc:
8a:ec:5f:35:7a:93:e0:91:a7:15:52:ca:4b:14:07:
a9:bf:a8:c4:b2:e7:20:5d:fa:a9:e1:ae:c3:81:83:
c5:a3:92:db:18:d0:9c:47:fa:14:93:f4:ab:70:01:
a7:6d:1e:16:c4:67:0e:c6:8c:5d:e6:8e:f5:7b:d3:
0a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:DF:7C:A4:B3:54:8A:B1:AF:9A:4C:E4:71:78:CA:8A:3E:52:67:BD
X509v3 Authority Key Identifier:
keyid:33:F5:CE:1F:C3:79:27:CB:5A:4E:67:B1:76:C7:A6:3B:32:FF:6E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_XOH8N5J8taTmexdsemOzL_bok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/bt98pLNUirGvmkzkcXjKij5SZ70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/M_XOH8N5J8taTmexdsemOzL_bok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:3c00::/29
Signature Algorithm: sha256WithRSAEncryption
7f:c2:0a:78:2a:75:a1:50:6a:5b:b9:ef:98:68:1c:e2:93:be:
44:b8:ce:87:21:9d:15:31:49:a8:21:d8:d2:72:a5:21:20:cc:
28:89:21:db:4f:f1:62:25:b8:37:03:a6:ae:0d:5b:87:4f:68:
0a:25:3d:fa:8f:52:8c:84:90:81:01:09:76:45:7e:0f:11:72:
6d:58:aa:57:eb:7b:9f:b1:5c:de:61:65:6a:1c:3c:37:8e:bb:
ee:dc:cd:42:9f:9b:a9:96:e1:d1:04:78:ae:69:e5:56:55:34:
41:c5:72:6e:7d:5c:06:77:03:9e:d7:6f:07:4a:af:38:57:44:
3b:91:02:ae:e8:b7:8e:4d:92:e5:2a:3e:5e:99:ca:34:99:bd:
9f:14:1f:4d:25:65:d5:6f:82:b7:38:4a:07:bd:a7:03:30:b3:
83:88:e0:93:22:f2:c4:ee:fd:bd:08:1a:0b:44:80:fd:df:36:
6e:a1:46:86:ae:cb:cf:84:6e:39:d0:c1:d5:31:cb:8d:30:e5:
ea:58:c1:83:9d:96:da:53:dd:7e:47:46:80:a0:1b:a2:54:5b:
fb:b5:c8:ba:8c:1a:38:5e:6f:dd:d9:7a:1e:ff:9e:d5:f8:fe:
ef:14:7e:a5:18:79:46:11:23:14:bc:35:66:87:69:6c:f6:d7:
ff:5d:ad:89
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFbqpLzzvjTlOrOufLuveqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZjVjZTFmYzM3OTI3Y2I1YTRlNjdiMTc2YzdhNjNiMzJm
ZjZlODkwHhcNMjQwMTAxMTQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWRmN2NhNGIzNTQ4YWIxYWY5YTRjZTQ3MTc4Y2E4YTNlNTI2N2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaIvWpFDJ5H+RxKg6PWybRb7+PrM
eMmMlycX6Oif+wALGELeu6dv9HWnQK3fW4YBapaltRvHQQ1yvrEH8kudNfLhYtfu
Pl5ENVzSC5pcC4drUYzw+zXYVwEVlf5V2Bw2c8Zuq1rthSIZu2MW/vXNLyk5911P
f67HdJHPEVmQZc9K43Ji+zUs2jvGw+jg+SVl9ISXiKxT06bvesY89xxUUVm94lBv
1ZlRteX8oVRlIyID2ogfXB3UZfEERlex7T1ZKcyK7F81epPgkacVUspLFAepv6jE
sucgXfqp4a7DgYPFo5LbGNCcR/oUk/SrcAGnbR4WxGcOxoxd5o71e9MKPQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG7ffKSzVIqxr5pM5HF4yoo+Ume9MB8GA1UdIwQY
MBaAFDP1zh/DeSfLWk5nsXbHpjsy/26JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTV9YT0g4TjVKOHRhVG1leGRzZW1PekxfYm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zYmI5ZDgtYmY1NC00ZThmLTgzZTUt
M2ZmYzAxZmNiZmI2LzEvYnQ5OHBMTlVpckd2bWt6a2NYaktpajVTWjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zYmI5ZDgtYmY1NC00ZThmLTgzZTUtM2ZmYzAxZmNiZmI2
LzEvTV9YT0g4TjVKOHRhVG1leGRzZW1PekxfYm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgs8ADAN
BgkqhkiG9w0BAQsFAAOCAQEAf8IKeCp1oVBqW7nvmGgc4pO+RLjOhyGdFTFJqCHY
0nKlISDMKIkh20/xYiW4NwOmrg1bh09oCiU9+o9SjISQgQEJdkV+DxFybViqV+t7
n7Fc3mFlahw8N4677tzNQp+bqZbh0QR4rmnlVlU0QcVybn1cBncDntdvB0qvOFdE
O5ECrui3jk2S5So+XpnKNJm9nxQfTSVl1W+CtzhKB72nAzCzg4jgkyLyxO79vQga
C0SA/d82bqFGhq7Lz4RuOdDB1THLjTDl6ljBg52W2lPdfkdGgKAbolRb+7XIuowa
OF5v3dl6Hv+e1fj+7xR+pRh5RhEjFLw1ZodpbPbX/12tiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:21 2024 by rpki-client on console-fra.rpki-client.org