Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/47012a-e1cf-43d7-9351-0edf2c4f7ec0/1/bXu4lG6GhcBdH_d52CkFD9QyND8.roa
File: bXu4lG6GhcBdH_d52CkFD9QyND8.roa (raw, json)
Hash identifier: 8lMGQTiVWFC1FjyB0mX286o9Y+c93HngjBYu87LShTk=
Subject key identifier: 6D:7B:B8:94:6E:86:85:C0:5D:1F:F7:79:D8:29:05:0F:D4:32:34:3F
Certificate issuer: /CN=df4657812435bb1af4802f96032f91c57cbcc933
Certificate serial: 01856CEF46ECB84AA09CFDBE02C840DA385E
Authority key identifier: DF:46:57:81:24:35:BB:1A:F4:80:2F:96:03:2F:91:C5:7C:BC:C9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/30ZXgSQ1uxr0gC-WAy-RxXy8yTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/47012a-e1cf-43d7-9351-0edf2c4f7ec0/1/bXu4lG6GhcBdH_d52CkFD9QyND8.roa
Signing time: Sun 01 Jan 2023 10:44:58 +0000
ROA not before: Sun 01 Jan 2023 10:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a0f:ff80::/29 maxlen: 29
2a0d:fb40::/29 maxlen: 29
2a09:cb00::/29 maxlen: 29
2a09:3c80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:46:ec:b8:4a:a0:9c:fd:be:02:c8:40:da:38:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df4657812435bb1af4802f96032f91c57cbcc933
Validity
Not Before: Jan 1 10:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d7bb8946e8685c05d1ff779d829050fd432343f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0e:f6:41:0a:2d:49:3e:6b:bb:bc:a8:0f:04:
1b:ea:13:e4:f9:6b:00:a4:bd:06:b3:52:d4:f4:bf:
ff:1a:34:64:72:5e:c2:ef:1e:b3:f1:17:e3:e2:40:
ec:5f:4c:6f:b0:10:8e:45:02:0d:dc:f8:81:08:35:
9c:a4:dd:a6:db:b4:5d:6c:17:09:54:81:de:6f:43:
39:c7:cc:5a:71:ea:82:cf:e4:a3:d7:e6:e0:5d:f7:
84:7e:f4:74:21:a5:fb:58:17:58:38:67:8c:52:d8:
6f:04:ea:b1:3b:64:23:c5:2c:1d:db:6a:09:02:9c:
57:6a:1b:01:4c:c4:24:03:99:6f:41:a2:69:57:2a:
d7:ed:f0:63:38:37:ba:3a:bb:bc:b7:77:e0:dd:68:
12:c9:f0:d6:74:90:d6:d2:95:66:2c:32:86:52:d8:
1d:5f:99:b9:93:e6:13:b8:d5:71:76:89:fa:55:27:
ae:56:81:63:32:0f:14:bf:69:39:60:a7:08:7f:2d:
0d:22:2f:95:4f:a0:32:e9:75:51:fd:86:08:3d:27:
37:94:9d:a2:c4:ba:10:2b:13:13:16:87:43:01:8c:
04:e7:c3:a7:a6:da:88:42:4a:f1:9f:2e:fd:60:01:
ae:3c:83:95:8f:78:6f:18:fa:28:e5:aa:32:f6:a2:
48:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:7B:B8:94:6E:86:85:C0:5D:1F:F7:79:D8:29:05:0F:D4:32:34:3F
X509v3 Authority Key Identifier:
keyid:DF:46:57:81:24:35:BB:1A:F4:80:2F:96:03:2F:91:C5:7C:BC:C9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/30ZXgSQ1uxr0gC-WAy-RxXy8yTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/47012a-e1cf-43d7-9351-0edf2c4f7ec0/1/bXu4lG6GhcBdH_d52CkFD9QyND8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/47012a-e1cf-43d7-9351-0edf2c4f7ec0/1/30ZXgSQ1uxr0gC-WAy-RxXy8yTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3c80::/29
2a09:cb00::/29
2a0d:fb40::/29
2a0f:ff80::/29
Signature Algorithm: sha256WithRSAEncryption
51:ca:45:52:41:01:f7:80:9f:a3:0d:cf:55:a0:48:e3:1b:99:
ec:b1:95:12:f6:58:f4:3a:ed:07:28:b4:82:c4:52:2f:b6:de:
dc:6a:72:17:9e:67:79:d7:ab:1e:31:04:00:fd:23:ee:fc:e7:
b4:3c:0d:84:90:6c:ca:e5:3d:1c:de:89:4a:ad:0d:6b:3e:72:
ba:d2:54:2c:61:21:a4:68:65:22:01:ad:dc:e3:ed:2f:8f:6f:
8f:25:78:38:71:55:ae:fc:b5:d7:c3:c1:fe:29:22:19:d7:cc:
fc:02:fe:52:0c:78:55:72:ad:c4:0f:c1:f8:da:88:b9:88:ba:
cf:1f:b2:e8:10:4a:c9:54:1a:61:9b:cd:9f:c2:84:c4:6d:3c:
eb:59:3a:1b:00:ec:04:aa:b4:4c:24:76:5b:25:f8:66:cc:76:
67:a1:36:00:c2:66:45:4d:1a:ee:1c:6e:fa:7e:ee:e7:bc:64:
3f:c8:97:67:78:65:e6:17:fc:1e:21:07:f5:8d:48:55:0d:3a:
b2:13:b3:7d:5c:7d:71:f6:61:71:27:4b:e7:53:34:24:6c:b8:
a8:04:96:02:0a:e9:02:32:cf:5e:ca:de:aa:49:25:73:fc:70:
c2:e4:20:87:3a:c9:8c:eb:fa:ed:07:12:14:f5:a2:42:f9:b1:
7c:c2:39:be
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVs70bsuEqgnP2+AshA2jheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNDY1NzgxMjQzNWJiMWFmNDgwMmY5NjAzMmY5MWM1N2Ni
Y2M5MzMwHhcNMjMwMTAxMTA0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDdiYjg5NDZlODY4NWMwNWQxZmY3NzlkODI5MDUwZmQ0MzIzNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw72QQotST5ru7yoDwQb6hPk+WsA
pL0Gs1LU9L//GjRkcl7C7x6z8Rfj4kDsX0xvsBCORQIN3PiBCDWcpN2m27RdbBcJ
VIHeb0M5x8xaceqCz+Sj1+bgXfeEfvR0IaX7WBdYOGeMUthvBOqxO2QjxSwd22oJ
ApxXahsBTMQkA5lvQaJpVyrX7fBjODe6Oru8t3fg3WgSyfDWdJDW0pVmLDKGUtgd
X5m5k+YTuNVxdon6VSeuVoFjMg8Uv2k5YKcIfy0NIi+VT6Ay6XVR/YYIPSc3lJ2i
xLoQKxMTFodDAYwE58OnptqIQkrxny79YAGuPIOVj3hvGPoo5aoy9qJI9QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFG17uJRuhoXAXR/3edgpBQ/UMjQ/MB8GA1UdIwQY
MBaAFN9GV4EkNbsa9IAvlgMvkcV8vMkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzBaWGdTUTF1eHIwZ0MtV0F5LVJ4WHk4eVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy80NzAxMmEtZTFjZi00M2Q3LTkzNTEt
MGVkZjJjNGY3ZWMwLzEvYlh1NGxHNkdoY0JkSF9kNTJDa0ZEOVF5TkQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy80NzAxMmEtZTFjZi00M2Q3LTkzNTEtMGVkZjJjNGY3ZWMw
LzEvMzBaWGdTUTF1eHIwZ0MtV0F5LVJ4WHk4eVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgk8gAMF
AyoJywADBQMqDftAAwUDKg//gDANBgkqhkiG9w0BAQsFAAOCAQEAUcpFUkEB94Cf
ow3PVaBI4xuZ7LGVEvZY9DrtByi0gsRSL7be3GpyF55nederHjEEAP0j7vzntDwN
hJBsyuU9HN6JSq0Naz5yutJULGEhpGhlIgGt3OPtL49vjyV4OHFVrvy118PB/iki
GdfM/AL+Ugx4VXKtxA/B+NqIuYi6zx+y6BBKyVQaYZvNn8KExG0861k6GwDsBKq0
TCR2WyX4Zsx2Z6E2AMJmRU0a7hxu+n7u57xkP8iXZ3hl5hf8HiEH9Y1IVQ06shOz
fVx9cfZhcSdL51M0JGy4qASWAgrpAjLPXsreqkklc/xwwuQghzrJjOv67QcSFPWi
QvmxfMI5vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:31 2024 by rpki-client on console-fra.rpki-client.org