Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/6ertkAcqjxuTUyshy6HKZLNAaPU.roa
File: 6ertkAcqjxuTUyshy6HKZLNAaPU.roa (raw, json)
Hash identifier: 4gBr0UxRd3SvwhclNpse7k1a46PQeqz7jHS8kd8PiZM=
Subject key identifier: E9:EA:ED:90:07:2A:8F:1B:93:53:2B:21:CB:A1:CA:64:B3:40:68:F5
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018ACB6B3C83C7710CAD1D48FD51AC4081A0
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/6ertkAcqjxuTUyshy6HKZLNAaPU.roa
Signing time: Mon 25 Sep 2023 08:18:37 +0000
ROA not before: Mon 25 Sep 2023 08:18:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212786
IP address blocks: 2a0e:2b00::/29 maxlen: 29
2a0d:4180::/29 maxlen: 29
2a10:17c0::/29 maxlen: 29
2a10:9c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:6b:3c:83:c7:71:0c:ad:1d:48:fd:51:ac:40:81:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Sep 25 08:18:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9eaed90072a8f1b93532b21cba1ca64b34068f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c7:d6:6a:e5:f6:bf:10:89:f4:3f:a3:f6:8c:
7b:90:2d:75:81:d5:f7:ed:58:7d:e4:2f:79:b5:cd:
0d:c6:13:ac:13:cc:53:37:97:e0:94:33:db:c5:fa:
57:5d:41:bb:3b:48:d8:32:b3:58:92:75:16:af:d0:
99:05:eb:7d:5d:e8:45:66:8f:08:7b:4c:97:61:45:
7b:40:fb:9e:fb:c2:51:bf:95:23:db:4b:45:90:c4:
55:b4:80:53:0b:64:4d:a4:81:2d:96:eb:02:c4:65:
d5:92:c7:b6:98:db:22:fa:85:4b:f0:ec:17:9d:39:
6e:d0:84:c1:1b:e1:9d:b4:80:35:37:41:ea:c2:28:
db:52:74:6a:ef:5b:3a:6e:3b:f6:48:64:42:7b:25:
2a:6d:6b:76:6d:31:70:08:d0:6d:54:7f:3f:a1:ec:
d0:56:b5:21:6e:c0:6b:cd:2d:fb:4a:ab:b2:e7:14:
7f:3b:31:1b:8c:ed:2e:79:46:c5:06:89:2e:d0:39:
ad:64:31:45:e7:44:17:94:e5:fe:d7:bf:84:5c:5d:
d7:8c:ea:db:91:e1:f2:6a:06:3e:73:3b:d1:7c:db:
43:1e:72:45:bd:10:f5:2a:2e:ed:63:98:d9:50:eb:
2f:1e:5a:ee:51:7a:85:22:c6:10:c2:1c:98:24:a6:
e0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:EA:ED:90:07:2A:8F:1B:93:53:2B:21:CB:A1:CA:64:B3:40:68:F5
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/6ertkAcqjxuTUyshy6HKZLNAaPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:4180::/29
2a0e:2b00::/29
2a10:9c0::/29
2a10:17c0::/29
Signature Algorithm: sha256WithRSAEncryption
27:40:17:f3:94:85:5e:d3:a6:8e:bd:d6:ff:81:4b:a9:47:c6:
54:cb:f9:62:97:b2:a0:d0:20:c5:b8:e7:cb:a6:ef:03:4e:79:
c4:5b:21:47:ca:4e:06:81:fd:a4:68:2d:b8:60:c2:ea:8b:bf:
24:cd:e9:77:56:24:dc:aa:0f:15:ff:d9:6f:d6:6d:9c:97:19:
d9:4f:18:18:6a:ff:9b:7a:3a:4c:30:45:a8:04:00:1a:28:a1:
71:c0:26:6a:4b:e6:31:45:5c:1c:74:6b:e0:27:31:c5:ea:61:
f8:8f:e7:e0:fb:74:db:f1:ba:1e:e6:1e:c6:8b:61:e3:4e:c8:
2f:df:e4:46:4c:85:53:c2:da:1a:4a:f6:ed:33:fd:19:8a:14:
2d:aa:fb:48:ff:6e:dc:e7:48:40:cf:17:0b:bd:50:c5:2f:de:
81:b7:a5:aa:c2:4f:45:bc:1b:ab:af:e9:ae:19:a0:03:35:5c:
d0:87:8a:bb:27:0d:d3:f7:b9:de:06:04:cf:d7:2d:77:f8:6c:
50:ed:67:c3:6d:4e:e0:28:90:8f:84:a7:9e:8d:4b:15:38:1f:
c9:31:f0:7c:b3:fd:b5:c2:f1:87:15:aa:d3:0d:f5:c3:bd:38:
ca:8b:d1:ae:ea:3b:42:3c:d3:6e:6b:63:51:99:95:13:66:37:
24:d4:fa:15
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYrLazyDx3EMrR1I/VGsQIGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMwOTI1MDgxODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWVhZWQ5MDA3MmE4ZjFiOTM1MzJiMjFjYmExY2E2NGIzNDA2OGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsfWauX2vxCJ9D+j9ox7kC11gdX3
7Vh95C95tc0NxhOsE8xTN5fglDPbxfpXXUG7O0jYMrNYknUWr9CZBet9XehFZo8I
e0yXYUV7QPue+8JRv5Uj20tFkMRVtIBTC2RNpIEtlusCxGXVkse2mNsi+oVL8OwX
nTlu0ITBG+GdtIA1N0HqwijbUnRq71s6bjv2SGRCeyUqbWt2bTFwCNBtVH8/oezQ
VrUhbsBrzS37Squy5xR/OzEbjO0ueUbFBoku0DmtZDFF50QXlOX+17+EXF3XjOrb
keHyagY+czvRfNtDHnJFvRD1Ki7tY5jZUOsvHlruUXqFIsYQwhyYJKbgtwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOnq7ZAHKo8bk1MrIcuhymSzQGj1MB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvNmVydGtBY3FqeHVUVXlzaHk2SEtaTE5BYVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg1BgAMF
AyoOKwADBQMqEAnAAwUDKhAXwDANBgkqhkiG9w0BAQsFAAOCAQEAJ0AX85SFXtOm
jr3W/4FLqUfGVMv5YpeyoNAgxbjny6bvA055xFshR8pOBoH9pGgtuGDC6ou/JM3p
d1Yk3KoPFf/Zb9ZtnJcZ2U8YGGr/m3o6TDBFqAQAGiihccAmakvmMUVcHHRr4Ccx
xeph+I/n4Pt02/G6HuYexoth407IL9/kRkyFU8LaGkr27TP9GYoULar7SP9u3OdI
QM8XC71QxS/egbelqsJPRbwbq6/prhmgAzVc0IeKuycN0/e53gYEz9ctd/hsUO1n
w21O4CiQj4Snno1LFTgfyTHwfLP9tcLxhxWq0w31w704yovRruo7QjzTbmtjUZmV
E2Y3JNT6FQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:59 2025 by rpki-client