Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1ebccd-8d1d-46ce-8d98-f004311d4570/1/kNVYlt0ZLB7Vn_3JoQxzZ55QEjE.roa
File: kNVYlt0ZLB7Vn_3JoQxzZ55QEjE.roa (raw, json)
Hash identifier: PAqj4t5pVaPOXel+gYA6q0qDAWY38563t89qqYYXJNg=
Subject key identifier: 90:D5:58:96:DD:19:2C:1E:D5:9F:FD:C9:A1:0C:73:67:9E:50:12:31
Certificate issuer: /CN=0d676b1f04aa2cd4f3cd2568310ec141563b9243
Certificate serial: 018572A80E0B323FB3E7870311914DED5EC2
Authority key identifier: 0D:67:6B:1F:04:AA:2C:D4:F3:CD:25:68:31:0E:C1:41:56:3B:92:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DWdrHwSqLNTzzSVoMQ7BQVY7kkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1ebccd-8d1d-46ce-8d98-f004311d4570/1/kNVYlt0ZLB7Vn_3JoQxzZ55QEjE.roa
Signing time: Mon 02 Jan 2023 13:24:54 +0000
ROA not before: Mon 02 Jan 2023 13:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29491
IP address blocks: 2a0e:b040::/29 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a8:0e:0b:32:3f:b3:e7:87:03:11:91:4d:ed:5e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d676b1f04aa2cd4f3cd2568310ec141563b9243
Validity
Not Before: Jan 2 13:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90d55896dd192c1ed59ffdc9a10c73679e501231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:dc:de:9e:ab:b0:fe:fb:03:3a:60:35:32:6c:
f5:3a:a1:d6:92:d7:22:96:13:4f:ff:2b:2a:1f:72:
25:62:90:31:f1:21:15:e6:a1:14:22:83:e9:76:07:
dc:c8:ee:68:5e:e9:cd:0d:06:f9:e6:bf:da:ba:47:
64:5e:c1:a3:05:f3:bb:c9:b7:e4:bf:67:4a:a4:b1:
f2:40:6b:4b:35:fb:0d:6c:ea:73:2d:24:c0:6a:01:
f3:e9:32:03:aa:6e:25:16:4a:99:d0:93:52:12:81:
bd:88:bb:84:06:33:30:d7:2f:74:03:30:fb:ce:b3:
7f:7a:82:fe:c3:7e:87:72:84:df:a1:82:de:1d:80:
37:e2:f2:a8:86:6a:74:5e:23:cc:92:47:fd:fd:0a:
f5:de:85:ac:2f:b1:e5:22:2b:e1:c3:58:22:bf:00:
96:f2:32:38:97:fc:fe:ee:a9:4d:18:bc:7e:47:35:
cb:bc:61:44:db:37:89:8c:28:25:9a:3f:5f:de:1a:
d2:11:ab:fa:24:55:0c:60:f9:61:48:ed:f1:85:62:
da:81:c3:15:23:e9:95:50:d2:7a:fe:6f:62:58:1e:
b1:3f:4c:f3:e8:7f:71:24:13:5e:3e:c3:0a:6c:db:
41:3a:ba:45:09:31:df:3a:5e:f8:86:3a:22:27:0c:
67:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D5:58:96:DD:19:2C:1E:D5:9F:FD:C9:A1:0C:73:67:9E:50:12:31
X509v3 Authority Key Identifier:
keyid:0D:67:6B:1F:04:AA:2C:D4:F3:CD:25:68:31:0E:C1:41:56:3B:92:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DWdrHwSqLNTzzSVoMQ7BQVY7kkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1ebccd-8d1d-46ce-8d98-f004311d4570/1/kNVYlt0ZLB7Vn_3JoQxzZ55QEjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1ebccd-8d1d-46ce-8d98-f004311d4570/1/DWdrHwSqLNTzzSVoMQ7BQVY7kkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b040::/29
Signature Algorithm: sha256WithRSAEncryption
1a:b8:32:e0:40:2a:95:41:80:5f:dc:0b:93:24:6f:b4:c9:1b:
ef:4d:11:9a:f2:2b:b5:61:b3:47:1d:c4:cd:b2:f2:14:3d:bf:
92:61:a9:c3:89:55:7f:d5:34:26:be:8d:ff:31:7c:7e:c1:ba:
8e:a1:18:d4:cd:53:5d:cf:fa:ee:f9:b8:a9:0d:61:37:24:93:
f3:ae:cf:61:cb:6f:93:a5:97:c5:4f:04:c5:0f:7d:3e:48:3a:
35:7f:3c:e4:6c:30:94:10:1b:bf:d9:15:e7:71:5c:cc:d4:30:
07:dd:9e:b5:0a:23:c8:b7:c5:9d:dc:9c:f9:5c:9e:65:55:5a:
cf:e0:28:2f:a9:2a:54:2e:80:73:96:60:60:bd:6b:de:13:f7:
7e:85:0f:a8:44:85:bd:9a:cd:1b:27:14:9c:7f:d8:6b:be:03:
98:4e:8d:bb:0b:50:e0:7b:e2:c1:d1:50:06:00:a4:c7:de:88:
ce:05:4e:32:0e:da:a9:f6:76:02:43:f6:e2:d7:24:57:26:c4:
3a:dc:6a:b6:d6:f2:a1:04:c8:04:3b:7f:ab:22:c8:dc:7f:2d:
c8:6a:79:c4:2a:1b:1b:7a:e1:fb:6d:54:ec:20:5a:ba:cb:f0:
16:84:89:da:ed:30:60:e4:fe:b5:54:82:3b:fc:c6:cd:44:a6:
1b:f9:9b:fb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVyqA4LMj+z54cDEZFN7V7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNjc2YjFmMDRhYTJjZDRmM2NkMjU2ODMxMGVjMTQxNTYz
YjkyNDMwHhcNMjMwMTAyMTMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGQ1NTg5NmRkMTkyYzFlZDU5ZmZkYzlhMTBjNzM2NzllNTAxMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNzenquw/vsDOmA1Mmz1OqHWktci
lhNP/ysqH3IlYpAx8SEV5qEUIoPpdgfcyO5oXunNDQb55r/aukdkXsGjBfO7ybfk
v2dKpLHyQGtLNfsNbOpzLSTAagHz6TIDqm4lFkqZ0JNSEoG9iLuEBjMw1y90AzD7
zrN/eoL+w36HcoTfoYLeHYA34vKohmp0XiPMkkf9/Qr13oWsL7HlIivhw1givwCW
8jI4l/z+7qlNGLx+RzXLvGFE2zeJjCglmj9f3hrSEav6JFUMYPlhSO3xhWLagcMV
I+mVUNJ6/m9iWB6xP0zz6H9xJBNePsMKbNtBOrpFCTHfOl74hjoiJwxnmwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJDVWJbdGSwe1Z/9yaEMc2eeUBIxMB8GA1UdIwQY
MBaAFA1nax8EqizU880laDEOwUFWO5JDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFdkckh3U3FMTlR6elNWb01RN0JRVlk3a2tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xZWJjY2QtOGQxZC00NmNlLThkOTgt
ZjAwNDMxMWQ0NTcwLzEva05WWWx0MFpMQjdWbl8zSm9ReHpaNTVRRWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xZWJjY2QtOGQxZC00NmNlLThkOTgtZjAwNDMxMWQ0NTcw
LzEvRFdkckh3U3FMTlR6elNWb01RN0JRVlk3a2tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg6wQDAN
BgkqhkiG9w0BAQsFAAOCAQEAGrgy4EAqlUGAX9wLkyRvtMkb700RmvIrtWGzRx3E
zbLyFD2/kmGpw4lVf9U0Jr6N/zF8fsG6jqEY1M1TXc/67vm4qQ1hNyST867PYctv
k6WXxU8ExQ99Pkg6NX885GwwlBAbv9kV53FczNQwB92etQojyLfFndyc+VyeZVVa
z+AoL6kqVC6Ac5ZgYL1r3hP3foUPqESFvZrNGycUnH/Ya74DmE6NuwtQ4HviwdFQ
BgCkx96IzgVOMg7aqfZ2AkP24tckVybEOtxqttbyoQTIBDt/qyLI3H8tyGp5xCob
G3rh+21U7CBausvwFoSJ2u0wYOT+tVSCO/zGzUSmG/mb+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:17 2024 by rpki-client on console-fra.rpki-client.org