Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/wzQmbUceVkyW2JsWjpwtZ8Nae_Q.roa
File: wzQmbUceVkyW2JsWjpwtZ8Nae_Q.roa (raw, json)
Hash identifier: qn6VUhmBcf3hrZVbBFe0mae7OV3/PWMyrpWZqEUMggs=
Subject key identifier: C3:34:26:6D:47:1E:56:4C:96:D8:9B:16:8E:9C:2D:67:C3:5A:7B:F4
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018ACB69678ED7F36E291F9207D1C005DD4E
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/wzQmbUceVkyW2JsWjpwtZ8Nae_Q.roa
Signing time: Mon 25 Sep 2023 08:16:37 +0000
ROA not before: Mon 25 Sep 2023 08:16:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205745
IP address blocks: 2a10:240::/29 maxlen: 29
2a10:f40::/29 maxlen: 29
2a0d:e0c0::/29 maxlen: 29
2a09:fc80::/29 maxlen: 29
2a09:140::/29 maxlen: 29
2a0e:1b40::/29 maxlen: 29
2a10:840::/29 maxlen: 29
2a10:740::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:69:67:8e:d7:f3:6e:29:1f:92:07:d1:c0:05:dd:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Sep 25 08:16:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c334266d471e564c96d89b168e9c2d67c35a7bf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:eb:63:25:88:95:c8:70:82:63:0f:d5:3f:8f:
d1:30:a0:6e:64:84:41:26:93:62:ff:3b:c6:59:05:
fd:4f:4d:c4:67:61:b2:19:ec:29:75:16:47:e9:41:
16:c0:e3:0c:f9:a0:c2:c7:8c:e0:7f:b8:b9:b7:93:
25:8d:ca:d0:b0:bb:b4:d4:c1:86:56:5d:27:26:fd:
8b:a8:05:84:a9:4e:6d:f0:8c:b8:e9:36:88:2c:40:
13:09:98:a9:cd:4e:81:aa:4e:bd:a5:10:ad:62:98:
f6:d4:80:34:a7:65:67:36:45:eb:5c:73:3a:ac:5b:
d7:6c:1b:19:be:fa:c4:97:08:70:9b:90:91:8c:b7:
65:f5:db:e0:f9:d5:60:5b:1a:5e:01:25:34:7a:f0:
51:0c:50:5c:eb:23:55:35:2c:3b:26:d6:b0:21:e1:
4e:da:50:25:f0:62:f2:c5:99:d7:f6:45:5e:ef:8e:
ac:7d:7b:12:59:a9:8d:84:2d:2f:f5:c0:6f:b3:36:
7b:ce:86:8a:8f:eb:60:c4:0e:16:bc:cf:13:8f:09:
e9:ac:2e:cd:de:24:00:b6:d1:1a:e2:9d:b5:73:b3:
a2:42:68:eb:1a:c0:89:1d:89:52:8d:a3:3a:09:9b:
c4:c1:b4:a1:a9:37:ea:86:31:19:04:7e:76:c1:1f:
44:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:34:26:6D:47:1E:56:4C:96:D8:9B:16:8E:9C:2D:67:C3:5A:7B:F4
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/wzQmbUceVkyW2JsWjpwtZ8Nae_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:140::/29
2a09:fc80::/29
2a0d:e0c0::/29
2a0e:1b40::/29
2a10:240::/29
2a10:740::/29
2a10:840::/29
2a10:f40::/29
Signature Algorithm: sha256WithRSAEncryption
5b:4d:62:40:33:1d:fe:a6:25:ef:96:4f:cc:d0:54:55:39:13:
f3:37:3e:1a:c8:89:eb:6a:d3:02:63:06:16:a6:07:34:0b:b2:
61:0a:00:56:2e:ca:e3:ec:9b:70:c6:89:a5:d6:d2:42:06:45:
b2:8f:05:27:79:9f:a3:d3:a9:e4:8d:93:e5:07:c5:d2:17:a9:
f2:41:8e:cf:df:d8:f9:54:33:22:14:06:36:d9:58:b0:d9:8c:
fb:13:50:61:8b:a8:f9:26:02:d3:ab:a8:9d:11:c0:42:14:de:
a0:2b:fc:41:10:b3:79:90:0a:e0:6e:81:e2:70:41:a6:ba:36:
22:12:09:a6:e5:91:2b:17:88:71:c5:37:f1:83:8e:b4:06:7f:
82:17:11:32:98:88:2b:f2:40:06:bc:56:92:49:de:5f:ed:83:
28:6a:2d:21:c4:ec:e6:33:e8:d7:18:e3:e7:ac:5e:bb:e1:bb:
5a:28:19:fa:6a:b6:66:28:a1:a1:48:5d:1b:c1:a1:ac:88:0f:
5c:a8:39:e9:c0:38:1b:02:b7:a4:48:90:7f:35:7d:ef:56:f2:
32:bb:29:8a:3d:13:50:8a:59:7a:c2:41:30:cc:89:47:b2:b8:
e1:0c:d1:f5:e6:04:0a:95:05:1b:a2:f6:02:96:f5:69:4d:bd:
57:17:bf:8f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYrLaWeO1/NuKR+SB9HABd1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMwOTI1MDgxNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzM0MjY2ZDQ3MWU1NjRjOTZkODliMTY4ZTljMmQ2N2MzNWE3YmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlutjJYiVyHCCYw/VP4/RMKBuZIRB
JpNi/zvGWQX9T03EZ2GyGewpdRZH6UEWwOMM+aDCx4zgf7i5t5MljcrQsLu01MGG
Vl0nJv2LqAWEqU5t8Iy46TaILEATCZipzU6Bqk69pRCtYpj21IA0p2VnNkXrXHM6
rFvXbBsZvvrElwhwm5CRjLdl9dvg+dVgWxpeASU0evBRDFBc6yNVNSw7JtawIeFO
2lAl8GLyxZnX9kVe746sfXsSWamNhC0v9cBvszZ7zoaKj+tgxA4WvM8TjwnprC7N
3iQAttEa4p21c7OiQmjrGsCJHYlSjaM6CZvEwbShqTfqhjEZBH52wR9EMwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMM0Jm1HHlZMltibFo6cLWfDWnv0MB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvd3pRbWJVY2VWa3lXMkpzV2pwd3RaOE5hZV9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKgkBQAMF
AyoJ/IADBQMqDeDAAwUDKg4bQAMFAyoQAkADBQMqEAdAAwUDKhAIQAMFAyoQD0Aw
DQYJKoZIhvcNAQELBQADggEBAFtNYkAzHf6mJe+WT8zQVFU5E/M3PhrIietq0wJj
BhamBzQLsmEKAFYuyuPsm3DGiaXW0kIGRbKPBSd5n6PTqeSNk+UHxdIXqfJBjs/f
2PlUMyIUBjbZWLDZjPsTUGGLqPkmAtOrqJ0RwEIU3qAr/EEQs3mQCuBugeJwQaa6
NiISCablkSsXiHHFN/GDjrQGf4IXETKYiCvyQAa8VpJJ3l/tgyhqLSHE7OYz6NcY
4+esXrvhu1ooGfpqtmYooaFIXRvBoayID1yoOenAOBsCt6RIkH81fe9W8jK7KYo9
E1CKWXrCQTDMiUeyuOEM0fXmBAqVBRui9gKW9WlNvVcXv48=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:11 2025 by rpki-client