Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/Kaa7DoWzeBRlF2xmovkKSD-Yz0A.roa
File: Kaa7DoWzeBRlF2xmovkKSD-Yz0A.roa (raw, json)
Hash identifier: ub0aRsngRjkmIXB6ayJ/oE9xnXMAjGotUIZIsxkPZi8=
Subject key identifier: 29:A6:BB:0E:85:B3:78:14:65:17:6C:66:A2:F9:0A:48:3F:98:CF:40
Certificate issuer: /CN=9a04cdcdc1159c31eedb24cc7ac8b262b756227c
Certificate serial: 01886E25B4D2A61D2BCBC98066FA005552B1
Authority key identifier: 9A:04:CD:CD:C1:15:9C:31:EE:DB:24:CC:7A:C8:B2:62:B7:56:22:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mgTNzcEVnDHu2yTMesiyYrdWInw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/Kaa7DoWzeBRlF2xmovkKSD-Yz0A.roa
Signing time: Tue 30 May 2023 19:32:24 +0000
ROA not before: Tue 30 May 2023 19:32:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 2a07:d941::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6e:25:b4:d2:a6:1d:2b:cb:c9:80:66:fa:00:55:52:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a04cdcdc1159c31eedb24cc7ac8b262b756227c
Validity
Not Before: May 30 19:32:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29a6bb0e85b3781465176c66a2f90a483f98cf40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:48:36:0c:a2:17:80:3f:7d:fa:49:bc:66:9f:
8e:9c:6f:fd:1f:4d:f0:07:45:4d:07:fe:6b:11:fe:
de:4a:f9:1f:f2:31:80:a6:7b:7e:c5:a5:ea:9c:29:
12:9c:17:5a:9f:8b:90:2e:b7:a2:fd:eb:29:27:ac:
4b:d5:aa:ca:b2:48:c0:c4:42:95:11:ed:28:8c:6a:
de:3b:c1:58:17:71:ed:51:74:5f:74:d5:84:c9:2e:
eb:b5:e6:37:47:f5:81:25:66:7f:cb:97:c2:6d:47:
0d:1c:57:24:4f:3d:b1:8b:93:2c:88:82:7d:c6:af:
e2:15:fb:e9:51:93:59:e9:45:59:83:ef:78:8b:e5:
53:95:f3:be:16:fe:a8:f3:97:34:2a:6f:6a:a1:0d:
99:34:75:85:7e:27:cf:c7:93:97:41:46:ab:56:d6:
ba:35:65:c5:b4:5f:04:7a:b4:18:1c:28:15:be:33:
12:97:67:49:d5:b0:4f:46:ec:3d:1d:4a:35:c7:94:
9d:15:4f:74:92:d9:0b:3a:dc:04:61:e4:e3:e2:86:
c0:96:3a:fb:83:f1:70:35:97:b3:3b:0b:66:4c:f6:
d0:43:24:3e:45:3e:4b:68:36:42:4c:c7:1a:4e:86:
16:79:77:2a:57:16:b2:f1:20:c0:d7:63:f4:74:7c:
89:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A6:BB:0E:85:B3:78:14:65:17:6C:66:A2:F9:0A:48:3F:98:CF:40
X509v3 Authority Key Identifier:
keyid:9A:04:CD:CD:C1:15:9C:31:EE:DB:24:CC:7A:C8:B2:62:B7:56:22:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mgTNzcEVnDHu2yTMesiyYrdWInw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/Kaa7DoWzeBRlF2xmovkKSD-Yz0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/mgTNzcEVnDHu2yTMesiyYrdWInw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:d941::/32
Signature Algorithm: sha256WithRSAEncryption
a8:1c:3b:d8:40:63:e8:9d:98:2d:1a:25:14:a7:d3:1e:6b:c2:
d7:84:62:14:69:50:a0:7e:18:31:0c:ac:90:de:6d:17:9a:cf:
07:87:40:c0:bb:55:92:0e:c6:96:bc:2b:f2:12:74:b0:af:c0:
cb:35:d1:28:bf:fe:cd:56:43:63:38:03:4d:42:aa:00:7e:ea:
2c:0e:78:b0:72:7d:29:2c:a0:53:99:18:63:e2:b3:14:99:ce:
fd:5b:14:7d:3f:5c:f0:f8:84:ca:ba:c7:4c:ee:00:8a:bf:33:
d6:bb:54:b3:8f:1e:6e:dd:07:fa:6e:5f:57:b6:42:b5:5e:d6:
c7:f0:07:2d:c5:ae:a8:57:e6:b4:14:0e:b0:3f:c3:22:ad:ec:
c1:3d:b9:2b:6b:55:88:d9:b9:85:c5:f8:68:bc:41:f9:bb:3f:
db:fe:34:e5:c8:be:60:d5:1d:3b:ce:2b:1d:c6:fb:e3:6a:2a:
77:77:5b:9d:e6:b8:a8:24:af:a1:f5:45:43:f7:ec:4a:ec:05:
3f:3d:4c:5d:5c:7c:3d:a9:72:a6:64:89:a3:eb:f6:bd:4a:e5:
53:91:af:0b:6f:49:20:e9:67:18:dd:b7:e3:31:dd:15:4b:95:
53:9a:6c:81:68:6a:ea:70:b5:da:48:bb:b3:d4:39:6c:1d:b4:
e8:d6:44:21
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYhuJbTSph0ry8mAZvoAVVKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMDRjZGNkYzExNTljMzFlZWRiMjRjYzdhYzhiMjYyYjc1
NjIyN2MwHhcNMjMwNTMwMTkzMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE2YmIwZTg1YjM3ODE0NjUxNzZjNjZhMmY5MGE0ODNmOThjZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkg2DKIXgD99+km8Zp+OnG/9H03w
B0VNB/5rEf7eSvkf8jGApnt+xaXqnCkSnBdan4uQLrei/espJ6xL1arKskjAxEKV
Ee0ojGreO8FYF3HtUXRfdNWEyS7rteY3R/WBJWZ/y5fCbUcNHFckTz2xi5MsiIJ9
xq/iFfvpUZNZ6UVZg+94i+VTlfO+Fv6o85c0Km9qoQ2ZNHWFfifPx5OXQUarVta6
NWXFtF8EerQYHCgVvjMSl2dJ1bBPRuw9HUo1x5SdFU90ktkLOtwEYeTj4obAljr7
g/FwNZezOwtmTPbQQyQ+RT5LaDZCTMcaToYWeXcqVxay8SDA12P0dHyJrwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCmmuw6Fs3gUZRdsZqL5Ckg/mM9AMB8GA1UdIwQY
MBaAFJoEzc3BFZwx7tskzHrIsmK3ViJ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWdUTnpjRVZuREh1MnlUTWVzaXlZcmRXSW53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MmU0M2ItMjI4YS00ZTg1LTgzNGMt
NDRjMTY2MDE0NjEyLzEvS2FhN0RvV3plQlJsRjJ4bW92a0tTRC1ZejBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MmU0M2ItMjI4YS00ZTg1LTgzNGMtNDRjMTY2MDE0NjEy
LzEvbWdUTnpjRVZuREh1MnlUTWVzaXlZcmRXSW53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgfZQTAN
BgkqhkiG9w0BAQsFAAOCAQEAqBw72EBj6J2YLRolFKfTHmvC14RiFGlQoH4YMQys
kN5tF5rPB4dAwLtVkg7Glrwr8hJ0sK/AyzXRKL/+zVZDYzgDTUKqAH7qLA54sHJ9
KSygU5kYY+KzFJnO/VsUfT9c8PiEyrrHTO4Air8z1rtUs48ebt0H+m5fV7ZCtV7W
x/AHLcWuqFfmtBQOsD/DIq3swT25K2tViNm5hcX4aLxB+bs/2/405ci+YNUdO84r
Hcb742oqd3dbnea4qCSvofVFQ/fsSuwFPz1MXVx8PalypmSJo+v2vUrlU5GvC29J
IOlnGN234zHdFUuVU5psgWhq6nC12ki7s9Q5bB206NZEIQ==
-----END CERTIFICATE-----
Generated at Fri Dec 29 11:30:58 2023 by rpki-client on console-fra.rpki-client.org