Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/XvM2T1MZe_oJv8iQR92SDRZVM64.roa
File: XvM2T1MZe_oJv8iQR92SDRZVM64.roa (raw, json)
Hash identifier: oQSLp5xte3sGT2GXaERQvZufCgr9Nggm/kIdJXLv6s4=
Subject key identifier: 5E:F3:36:4F:53:19:7B:FA:09:BF:C8:90:47:DD:92:0D:16:55:33:AE
Certificate issuer: /CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
Certificate serial: 01857331436CD1C0AC5F34838159B2468442
Authority key identifier: 5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/XvM2T1MZe_oJv8iQR92SDRZVM64.roa
Signing time: Mon 02 Jan 2023 15:54:46 +0000
ROA not before: Mon 02 Jan 2023 15:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208914
IP address blocks: 2a10:4741:32::/48 maxlen: 48
2a10:4741:30::/44 maxlen: 48
2a10:4741:31::/48 maxlen: 48
2a10:4741:21::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:31:43:6c:d1:c0:ac:5f:34:83:81:59:b2:46:84:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
Validity
Not Before: Jan 2 15:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ef3364f53197bfa09bfc89047dd920d165533ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7d:3e:a1:3d:44:5a:b4:42:4d:54:89:da:03:
2b:91:e4:e9:be:cd:ba:5a:e9:1d:e5:0c:ca:ea:ca:
67:8f:bf:37:10:c4:df:a1:c8:a2:4e:16:69:c9:c9:
51:de:7c:12:c7:be:99:92:54:21:47:c9:52:dc:9b:
0c:58:3e:8e:b5:3d:16:3f:6d:87:aa:d0:5f:76:c9:
29:c0:5f:ce:a0:37:7d:a6:b2:e7:72:51:67:5a:19:
08:15:eb:4d:29:ca:ce:ec:90:de:25:76:e1:d5:0b:
a4:98:52:c1:3d:b2:ee:78:33:2c:f1:a8:76:61:a2:
ad:15:d4:8c:e7:3a:ea:bf:68:53:e4:b6:c9:ba:60:
9a:b6:7b:fe:db:02:5e:00:1a:12:92:3f:39:5d:96:
44:e2:99:61:ed:21:aa:78:60:3b:cd:00:98:df:ba:
f2:8e:c7:82:bb:d7:19:6d:af:1d:f1:6e:9b:c2:33:
c9:58:40:20:15:3c:89:1b:b9:1b:a0:ba:cc:6d:25:
00:88:96:98:2c:34:4e:89:01:3a:df:42:85:58:38:
87:d5:ff:66:fe:8c:37:68:f6:14:ea:63:15:9f:67:
6d:e4:0a:0d:51:ad:98:25:6f:7e:21:93:29:2f:b8:
af:05:c6:0a:4d:08:3f:e0:f6:c3:6a:6c:20:03:b1:
3f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F3:36:4F:53:19:7B:FA:09:BF:C8:90:47:DD:92:0D:16:55:33:AE
X509v3 Authority Key Identifier:
keyid:5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/XvM2T1MZe_oJv8iQR92SDRZVM64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/XfU2RYQ-bSiD3I-cT0FcHq279go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4741:21::/48
2a10:4741:30::/44
Signature Algorithm: sha256WithRSAEncryption
1e:67:81:46:91:8a:fc:26:31:24:7e:58:d8:77:85:c9:05:81:
ae:2a:0b:3b:af:b0:3d:9c:d5:68:e2:4b:47:73:6f:0d:fd:3e:
cc:fd:d8:cf:c6:70:0d:64:64:51:b2:1c:5a:ed:b8:ee:29:d2:
0b:f4:8f:83:2e:b6:f8:08:e7:80:e9:5f:37:38:5b:17:a4:69:
1a:e1:3e:3e:fe:f0:d6:b3:2f:2c:93:b8:af:ef:09:cd:9c:0d:
e5:d6:b2:c7:ed:8a:4e:73:d0:c7:c2:73:03:2e:88:17:5d:35:
40:18:07:f4:5c:18:af:d2:6b:bf:41:5b:c1:f6:ec:84:52:7c:
46:e2:68:1a:73:17:64:10:17:fc:a6:c6:8f:8a:cd:07:2d:ba:
68:e6:0e:c7:75:49:5b:69:50:3d:85:72:3b:79:3a:0b:2f:67:
2d:88:73:45:78:9a:8a:6a:9c:92:f4:5d:7a:9c:a1:bd:9e:45:
3c:7b:23:05:29:ae:f0:d9:94:2d:5e:d7:a0:59:b8:ae:84:34:
74:a4:71:56:a1:6d:f7:08:e3:c4:ad:b1:32:47:c5:4e:4d:6b:
e3:cd:c1:e7:fa:48:30:bb:27:d2:08:47:4c:22:c7:d4:2b:a0:
5c:95:9a:6a:ec:cc:5e:92:83:c8:49:c4:87:8b:03:4e:a1:7d:
f9:56:07:44
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzMUNs0cCsXzSDgVmyRoRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZjUzNjQ1ODQzZTZkMjg4M2RjOGY5YzRmNDE1YzFlYWRi
YmY2MGEwHhcNMjMwMTAyMTU1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWYzMzY0ZjUzMTk3YmZhMDliZmM4OTA0N2RkOTIwZDE2NTUzM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgX0+oT1EWrRCTVSJ2gMrkeTpvs26
Wukd5QzK6spnj783EMTfociiThZpyclR3nwSx76ZklQhR8lS3JsMWD6OtT0WP22H
qtBfdskpwF/OoDd9prLnclFnWhkIFetNKcrO7JDeJXbh1QukmFLBPbLueDMs8ah2
YaKtFdSM5zrqv2hT5LbJumCatnv+2wJeABoSkj85XZZE4plh7SGqeGA7zQCY37ry
jseCu9cZba8d8W6bwjPJWEAgFTyJG7kboLrMbSUAiJaYLDROiQE630KFWDiH1f9m
/ow3aPYU6mMVn2dt5AoNUa2YJW9+IZMpL7ivBcYKTQg/4PbDamwgA7E/eQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF7zNk9TGXv6Cb/IkEfdkg0WVTOuMB8GA1UdIwQY
MBaAFF31NkWEPm0og9yPnE9BXB6tu/YKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZVMlJZUS1iU2lEM0ktY1QwRmNIcTI3OWdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kMTA3ZGUtZTJlNS00NzI3LTk4YWQt
MzgyMTgxMDM0NGU2LzEvWHZNMlQxTVplX29KdjhpUVI5MlNEUlpWTTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kMTA3ZGUtZTJlNS00NzI3LTk4YWQtMzgyMTgxMDM0NGU2
LzEvWGZVMlJZUS1iU2lEM0ktY1QwRmNIcTI3OWdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhBHQQAh
AwcEKhBHQQAwMA0GCSqGSIb3DQEBCwUAA4IBAQAeZ4FGkYr8JjEkfljYd4XJBYGu
Kgs7r7A9nNVo4ktHc28N/T7M/djPxnANZGRRshxa7bjuKdIL9I+DLrb4COeA6V83
OFsXpGka4T4+/vDWsy8sk7iv7wnNnA3l1rLH7YpOc9DHwnMDLogXXTVAGAf0XBiv
0mu/QVvB9uyEUnxG4mgacxdkEBf8psaPis0HLbpo5g7HdUlbaVA9hXI7eToLL2ct
iHNFeJqKapyS9F16nKG9nkU8eyMFKa7w2ZQtXtegWbiuhDR0pHFWoW33COPErbEy
R8VOTWvjzcHn+kgwuyfSCEdMIsfUK6BclZpq7MxekoPIScSHiwNOoX35VgdE
-----END CERTIFICATE-----
Generated at Thu Aug 24 13:01:39 2023 by rpki-client on console-fra.rpki-client.org