Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/sETV06CmqeVkml3lUTH8JW2AeMk.roa
File: sETV06CmqeVkml3lUTH8JW2AeMk.roa (raw, json)
Hash identifier: QTN0hubnb4h0WEQeUPRpgVKsPmhVtwT9oBHlD6W5uYs=
Subject key identifier: B0:44:D5:D3:A0:A6:A9:E5:64:9A:5D:E5:51:31:FC:25:6D:80:78:C9
Certificate issuer: /CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
Certificate serial: 01857331407D109426EE49848E82BFEF42A2
Authority key identifier: 5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/sETV06CmqeVkml3lUTH8JW2AeMk.roa
Signing time: Mon 02 Jan 2023 15:54:45 +0000
ROA not before: Mon 02 Jan 2023 15:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a10:4741:23::/48 maxlen: 48
2a10:4741:30::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:31:40:7d:10:94:26:ee:49:84:8e:82:bf:ef:42:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
Validity
Not Before: Jan 2 15:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b044d5d3a0a6a9e5649a5de55131fc256d8078c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:11:2d:e4:a5:41:a9:84:59:58:c9:ef:6a:c0:
56:28:13:78:ee:bf:f1:3b:fc:c2:e2:44:19:35:89:
c1:17:c5:36:20:56:d5:f4:de:12:86:0d:7d:fb:85:
27:6f:15:9f:56:e8:bd:18:f6:7e:8e:02:e9:bc:85:
fb:7d:5e:6d:1c:82:04:a8:60:83:4e:63:88:ef:fe:
b9:2b:02:c8:6b:d1:30:18:88:34:0a:b0:55:d0:73:
03:2d:70:35:78:aa:b5:54:fc:fd:15:e2:0e:e3:49:
5b:13:5d:12:1b:14:8a:6d:d3:98:4e:f8:01:6a:a5:
c1:f6:44:3d:d0:71:03:18:d8:3c:d4:0c:22:e6:5b:
77:0b:db:4d:27:bc:02:aa:05:a1:54:ac:fc:ff:40:
f9:09:c7:d9:b2:98:e2:3d:3c:fa:38:fb:82:ea:a8:
18:3b:e9:a3:3e:9d:15:57:f8:7b:38:90:68:22:44:
13:9a:38:13:cc:a2:66:ed:e8:59:51:4c:7c:a6:7f:
dc:a3:66:34:2c:1f:1a:73:1b:33:a5:d7:68:dc:de:
a2:e0:dc:83:26:75:36:84:4e:42:24:4e:85:80:9f:
76:94:99:67:17:87:28:43:22:49:39:59:fe:99:82:
c6:33:c0:f1:15:ad:45:0a:3f:e0:0c:95:6f:d6:a7:
4e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:44:D5:D3:A0:A6:A9:E5:64:9A:5D:E5:51:31:FC:25:6D:80:78:C9
X509v3 Authority Key Identifier:
keyid:5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/sETV06CmqeVkml3lUTH8JW2AeMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/XfU2RYQ-bSiD3I-cT0FcHq279go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4741:23::/48
2a10:4741:30::/44
Signature Algorithm: sha256WithRSAEncryption
3c:61:6a:ad:a4:2b:1c:7c:91:94:f8:c2:a9:39:c3:e3:9e:68:
bc:e0:63:d3:b1:64:8a:2f:dc:01:e8:7c:97:fc:e4:11:8a:c0:
01:66:1a:a5:a4:96:0c:8f:64:50:b1:81:60:c1:6c:1f:c4:d1:
b7:a2:dc:bb:ed:12:a7:b0:d6:80:d4:01:9f:a4:a9:a3:99:d3:
87:f0:b7:4e:90:60:21:21:a8:ac:77:f0:06:a3:d2:9f:5f:fd:
ea:f0:14:51:11:96:6e:ee:54:ad:cd:57:81:b9:ba:89:7c:03:
4f:d7:77:ca:2f:84:b1:28:54:8b:8d:47:00:ba:1d:fe:72:e7:
03:b0:ee:68:ec:ed:da:d6:85:a0:29:08:de:6a:7e:02:03:98:
1f:27:ed:23:ee:d2:4d:58:87:b2:50:f2:27:0f:03:d3:a3:62:
c7:94:1c:d2:64:8b:b4:b1:ab:12:cd:10:b2:f0:e6:74:56:74:
3e:b8:c5:26:8d:dd:3c:4d:6c:76:35:8e:c9:cf:ca:00:db:f1:
36:51:b5:c9:55:05:86:e1:f5:be:de:99:5b:2d:3b:a1:6f:41:
28:4e:9a:9f:ad:c9:a8:6d:22:4b:fd:44:4a:39:1c:70:c6:4a:
3f:d5:d8:d0:e1:ad:7f:15:e3:16:f1:85:5b:82:40:1e:2e:3d:
1e:48:7f:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzMUB9EJQm7kmEjoK/70KiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZjUzNjQ1ODQzZTZkMjg4M2RjOGY5YzRmNDE1YzFlYWRi
YmY2MGEwHhcNMjMwMTAyMTU1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDQ0ZDVkM2EwYTZhOWU1NjQ5YTVkZTU1MTMxZmMyNTZkODA3OGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhEt5KVBqYRZWMnvasBWKBN47r/x
O/zC4kQZNYnBF8U2IFbV9N4Shg19+4UnbxWfVui9GPZ+jgLpvIX7fV5tHIIEqGCD
TmOI7/65KwLIa9EwGIg0CrBV0HMDLXA1eKq1VPz9FeIO40lbE10SGxSKbdOYTvgB
aqXB9kQ90HEDGNg81Awi5lt3C9tNJ7wCqgWhVKz8/0D5CcfZspjiPTz6OPuC6qgY
O+mjPp0VV/h7OJBoIkQTmjgTzKJm7ehZUUx8pn/co2Y0LB8acxszpddo3N6i4NyD
JnU2hE5CJE6FgJ92lJlnF4coQyJJOVn+mYLGM8DxFa1FCj/gDJVv1qdOuwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLBE1dOgpqnlZJpd5VEx/CVtgHjJMB8GA1UdIwQY
MBaAFF31NkWEPm0og9yPnE9BXB6tu/YKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZVMlJZUS1iU2lEM0ktY1QwRmNIcTI3OWdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kMTA3ZGUtZTJlNS00NzI3LTk4YWQt
MzgyMTgxMDM0NGU2LzEvc0VUVjA2Q21xZVZrbWwzbFVUSDhKVzJBZU1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kMTA3ZGUtZTJlNS00NzI3LTk4YWQtMzgyMTgxMDM0NGU2
LzEvWGZVMlJZUS1iU2lEM0ktY1QwRmNIcTI3OWdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhBHQQAj
AwcEKhBHQQAwMA0GCSqGSIb3DQEBCwUAA4IBAQA8YWqtpCscfJGU+MKpOcPjnmi8
4GPTsWSKL9wB6HyX/OQRisABZhqlpJYMj2RQsYFgwWwfxNG3oty77RKnsNaA1AGf
pKmjmdOH8LdOkGAhIaisd/AGo9KfX/3q8BRREZZu7lStzVeBubqJfANP13fKL4Sx
KFSLjUcAuh3+cucDsO5o7O3a1oWgKQjean4CA5gfJ+0j7tJNWIeyUPInDwPTo2LH
lBzSZIu0sasSzRCy8OZ0VnQ+uMUmjd08TWx2NY7Jz8oA2/E2UbXJVQWG4fW+3plb
LTuhb0EoTpqfrcmobSJL/URKORxwxko/1djQ4a1/FeMW8YVbgkAeLj0eSH/9
-----END CERTIFICATE-----
Generated at Thu Aug 24 13:01:39 2023 by rpki-client on console-fra.rpki-client.org