Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/d67522-6e21-437b-bd24-689a4d976f95/1/kci9FzTHkQhbxQugMlxl2U2fW9c.roa
File: kci9FzTHkQhbxQugMlxl2U2fW9c.roa (raw, json)
Hash identifier: 3zmTBg7kWaj4/AIXdpDEklm1kaVxlG80dkRvM69algg=
Subject key identifier: 91:C8:BD:17:34:C7:91:08:5B:C5:0B:A0:32:5C:65:D9:4D:9F:5B:D7
Certificate issuer: /CN=705ee67d4a12d53c44e701cbd896a48575eb2503
Certificate serial: 01903A623B243A0E306F2B2503F4492B03DA
Authority key identifier: 70:5E:E6:7D:4A:12:D5:3C:44:E7:01:CB:D8:96:A4:85:75:EB:25:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cF7mfUoS1TxE5wHL2JakhXXrJQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/d67522-6e21-437b-bd24-689a4d976f95/1/kci9FzTHkQhbxQugMlxl2U2fW9c.roa
Signing time: Fri 21 Jun 2024 10:40:34 +0000
ROA not before: Fri 21 Jun 2024 10:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42375
IP address blocks: 2a12:3d40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3a:62:3b:24:3a:0e:30:6f:2b:25:03:f4:49:2b:03:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=705ee67d4a12d53c44e701cbd896a48575eb2503
Validity
Not Before: Jun 21 10:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91c8bd1734c791085bc50ba0325c65d94d9f5bd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:37:86:85:31:80:11:0e:c1:52:c1:73:9e:7e:
c1:21:8b:65:da:7d:95:89:b1:1a:bd:32:f3:80:1c:
80:2f:5f:e7:40:2a:a2:53:c7:ed:20:5f:64:3d:5b:
88:e9:a3:fc:13:95:c5:2f:80:67:d0:48:4f:00:00:
9d:56:a5:b5:e9:eb:85:ac:79:0c:da:50:c4:14:f1:
c7:11:0d:d7:72:a8:12:fa:70:83:f2:c6:c8:f0:a5:
f7:7c:db:58:99:4f:4b:6f:12:66:fc:9b:39:4f:b3:
41:71:06:19:72:f8:db:71:0a:8c:a2:d7:20:b1:be:
2a:6d:b6:0d:aa:4b:b9:d6:4f:1e:5f:e1:22:b4:d0:
83:f8:76:4d:c1:28:fc:5e:62:c1:96:ad:2c:fa:5d:
1b:23:3f:0a:5e:23:31:90:6c:37:44:84:a9:a9:d8:
ea:79:a3:1c:1c:f6:42:73:76:ee:93:0a:42:2e:a2:
f2:b8:b2:70:44:4d:e2:c0:3c:02:b0:6a:0f:37:7e:
4b:a6:2a:bb:1d:3f:b5:95:4a:f8:8f:b8:cc:45:a5:
00:33:37:d4:48:05:80:75:db:0a:ea:bd:6f:4b:72:
12:5f:20:68:ad:ba:a9:08:83:72:e4:8c:2c:34:b1:
32:38:58:b1:d5:03:16:37:86:b2:3b:5d:e6:53:d5:
28:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C8:BD:17:34:C7:91:08:5B:C5:0B:A0:32:5C:65:D9:4D:9F:5B:D7
X509v3 Authority Key Identifier:
keyid:70:5E:E6:7D:4A:12:D5:3C:44:E7:01:CB:D8:96:A4:85:75:EB:25:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cF7mfUoS1TxE5wHL2JakhXXrJQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d67522-6e21-437b-bd24-689a4d976f95/1/kci9FzTHkQhbxQugMlxl2U2fW9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d67522-6e21-437b-bd24-689a4d976f95/1/cF7mfUoS1TxE5wHL2JakhXXrJQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3d40::/29
Signature Algorithm: sha256WithRSAEncryption
b6:49:d4:5c:79:0a:62:86:7f:40:7a:03:7e:02:65:9a:ad:5b:
6b:9f:1f:e9:9a:5b:39:eb:fa:97:34:c6:29:13:a6:5a:8e:29:
d3:b3:53:12:50:5b:c8:1c:9d:41:06:10:08:4e:a4:9c:94:58:
fe:27:01:40:36:38:a3:61:0b:d0:25:9c:27:b4:4d:e2:9d:b4:
c5:87:ab:ba:56:7a:ac:13:e3:77:b1:b1:89:db:ee:a6:7d:76:
65:c1:eb:58:96:ea:80:45:c8:26:ab:18:d0:32:72:5a:31:92:
ad:ad:ed:55:b4:27:81:37:0c:72:76:e9:47:93:80:bf:8a:0d:
00:f8:4e:5e:98:7e:f3:02:90:24:87:13:66:8f:25:b4:8e:90:
1f:d7:69:aa:3e:ac:6d:e6:7a:6e:6f:34:d4:bf:9c:80:7e:f8:
91:63:14:84:2c:59:e2:61:54:38:da:62:5f:8b:22:80:b6:6c:
c6:53:6f:28:d5:3d:e4:95:9e:92:69:f9:93:f8:bb:63:6a:90:
d6:db:91:67:4d:98:98:ae:f6:1e:09:47:10:75:00:e7:6d:da:
42:4f:71:cf:ee:68:56:d6:09:45:79:fd:fe:a3:67:40:6f:b5:
0f:be:b9:18:23:90:52:8b:c3:aa:f8:10:99:fa:67:3d:b1:5d:
24:8a:1f:96
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZA6YjskOg4wbyslA/RJKwPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNWVlNjdkNGExMmQ1M2M0NGU3MDFjYmQ4OTZhNDg1NzVl
YjI1MDMwHhcNMjQwNjIxMTA0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWM4YmQxNzM0Yzc5MTA4NWJjNTBiYTAzMjVjNjVkOTRkOWY1YmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7zeGhTGAEQ7BUsFznn7BIYtl2n2V
ibEavTLzgByAL1/nQCqiU8ftIF9kPVuI6aP8E5XFL4Bn0EhPAACdVqW16euFrHkM
2lDEFPHHEQ3XcqgS+nCD8sbI8KX3fNtYmU9LbxJm/Js5T7NBcQYZcvjbcQqMotcg
sb4qbbYNqku51k8eX+EitNCD+HZNwSj8XmLBlq0s+l0bIz8KXiMxkGw3RISpqdjq
eaMcHPZCc3bukwpCLqLyuLJwRE3iwDwCsGoPN35Lpiq7HT+1lUr4j7jMRaUAMzfU
SAWAddsK6r1vS3ISXyBorbqpCINy5IwsNLEyOFix1QMWN4ayO13mU9UopwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJHIvRc0x5EIW8ULoDJcZdlNn1vXMB8GA1UdIwQY
MBaAFHBe5n1KEtU8ROcBy9iWpIV16yUDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0Y3bWZVb1MxVHhFNXdITDJKYWtoWFhySlFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kNjc1MjItNmUyMS00MzdiLWJkMjQt
Njg5YTRkOTc2Zjk1LzEva2NpOUZ6VEhrUWhieFF1Z01seGwyVTJmVzljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kNjc1MjItNmUyMS00MzdiLWJkMjQtNjg5YTRkOTc2Zjk1
LzEvY0Y3bWZVb1MxVHhFNXdITDJKYWtoWFhySlFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhI9QDAN
BgkqhkiG9w0BAQsFAAOCAQEAtknUXHkKYoZ/QHoDfgJlmq1ba58f6ZpbOev6lzTG
KROmWo4p07NTElBbyBydQQYQCE6knJRY/icBQDY4o2EL0CWcJ7RN4p20xYerulZ6
rBPjd7Gxidvupn12ZcHrWJbqgEXIJqsY0DJyWjGSra3tVbQngTcMcnbpR5OAv4oN
APhOXph+8wKQJIcTZo8ltI6QH9dpqj6sbeZ6bm801L+cgH74kWMUhCxZ4mFUONpi
X4sigLZsxlNvKNU95JWekmn5k/i7Y2qQ1tuRZ02YmK72HglHEHUA523aQk9xz+5o
VtYJRXn9/qNnQG+1D765GCOQUovDqvgQmfpnPbFdJIoflg==
-----END CERTIFICATE-----
Generated at Mon Jun 24 16:22:19 2024 by rpki-client on console-ams.rpki-client.org