Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/SEkhwnCQ9lt-kIIj9WNtKd2Q9r4.roa
File: SEkhwnCQ9lt-kIIj9WNtKd2Q9r4.roa (raw, json)
Hash identifier: 6Y4m7S6BOh9kBkraBXGemBeKK5othWTIda9Ld6IzDZ4=
Subject key identifier: 48:49:21:C2:70:90:F6:5B:7E:90:82:23:F5:63:6D:29:DD:90:F6:BE
Certificate issuer: /CN=caf2488824b714a1f30c2c809fbdb68575652b4a
Certificate serial: 01857139EED1C208B08D5799211612D68507
Authority key identifier: CA:F2:48:88:24:B7:14:A1:F3:0C:2C:80:9F:BD:B6:85:75:65:2B:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvJIiCS3FKHzDCyAn722hXVlK0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/SEkhwnCQ9lt-kIIj9WNtKd2Q9r4.roa
Signing time: Mon 02 Jan 2023 06:45:00 +0000
ROA not before: Mon 02 Jan 2023 06:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210777
IP address blocks: 2a10:6747:5::/48 maxlen: 48
2a10:6747::/32 maxlen: 32
2a10:6747:a::/48 maxlen: 48
2a10:6747:f::/48 maxlen: 48
2a10:6747:4::/48 maxlen: 48
2a10:6747:9::/48 maxlen: 48
2a10:6747:e::/48 maxlen: 48
2a10:6747:3::/48 maxlen: 48
2a10:6747:8::/48 maxlen: 48
2a10:6747:d::/48 maxlen: 48
2a10:6747:2::/48 maxlen: 48
2a10:6747:7::/48 maxlen: 48
2a10:6747:c::/48 maxlen: 48
2a10:6747:1::/48 maxlen: 48
2a10:6747:6::/48 maxlen: 48
2a10:6747:b::/48 maxlen: 48
2a10:6747::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:ee:d1:c2:08:b0:8d:57:99:21:16:12:d6:85:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf2488824b714a1f30c2c809fbdb68575652b4a
Validity
Not Before: Jan 2 06:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=484921c27090f65b7e908223f5636d29dd90f6be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:59:ed:81:70:f7:dd:0a:39:81:ab:e6:28:08:
77:82:26:15:09:2e:f4:ef:96:b3:04:3d:42:9f:c3:
4c:f1:07:36:59:d8:4a:26:ca:83:34:fa:81:da:90:
eb:da:d4:9b:3a:fb:2b:f6:f8:74:56:c3:e0:4f:e3:
a3:42:51:ae:42:19:03:d8:83:37:50:50:b3:b0:62:
5a:40:b6:36:c1:8b:5d:28:c5:e7:c0:9d:0f:db:ec:
89:58:36:00:f6:21:23:77:b2:ec:34:3f:ff:eb:8e:
e5:37:b1:45:da:64:ff:03:a0:c6:9c:4f:ce:37:7b:
e8:a6:42:32:03:38:ef:5e:a7:6b:59:b4:7f:7b:b1:
ea:ed:c8:e5:cb:fd:89:a4:64:fa:1c:d1:ce:1e:a5:
8a:51:65:fa:ce:c1:b2:cf:bc:ab:8e:bb:ca:12:42:
de:34:00:7d:ab:3c:db:25:f5:b5:22:7f:ab:f9:d5:
b0:dd:05:2c:45:a8:da:d7:ab:67:02:ab:e1:73:0b:
dd:83:2e:e8:f7:73:96:d4:d8:d2:2c:69:0f:7c:65:
3b:79:b8:c0:b5:e4:0b:41:77:ee:1d:88:08:4e:17:
92:07:a7:a0:42:1b:d5:b6:16:90:e9:fe:f9:48:ed:
79:ad:3b:b0:76:b9:6e:01:3e:03:27:62:69:c4:61:
dd:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:49:21:C2:70:90:F6:5B:7E:90:82:23:F5:63:6D:29:DD:90:F6:BE
X509v3 Authority Key Identifier:
keyid:CA:F2:48:88:24:B7:14:A1:F3:0C:2C:80:9F:BD:B6:85:75:65:2B:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvJIiCS3FKHzDCyAn722hXVlK0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/SEkhwnCQ9lt-kIIj9WNtKd2Q9r4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/yvJIiCS3FKHzDCyAn722hXVlK0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:6747::/32
Signature Algorithm: sha256WithRSAEncryption
0b:fe:c6:2b:03:16:13:b8:e8:ed:af:28:a3:48:19:ba:f2:00:
7f:a8:e6:43:7e:cf:24:5d:cb:35:0e:71:23:6a:9b:2e:f2:f4:
12:e7:1c:21:41:03:ce:9a:8f:46:20:3b:fe:49:64:0d:25:99:
4b:4c:cf:97:4a:b8:96:8f:14:ca:1c:0a:64:4e:98:1e:25:6a:
cd:7c:b8:12:9f:87:16:4f:d0:7d:23:07:d9:3e:98:7a:e0:f1:
cc:4d:62:c9:5c:a1:1c:46:75:16:26:29:36:b5:5c:bc:2f:cb:
4b:c9:fd:5f:2f:9d:71:3a:97:95:c2:cc:d0:27:d4:87:43:ed:
2d:5b:5f:73:ec:e5:af:03:13:a3:3a:ea:e5:f3:d0:c0:22:b9:
60:3a:40:69:48:9e:42:e4:f7:49:72:48:f4:31:38:98:fb:eb:
eb:e3:b8:49:56:b1:0a:0a:55:52:85:e7:e5:64:62:7a:a4:41:
42:82:a9:7c:af:c3:5c:c5:a1:67:16:56:13:62:a2:ba:b8:9d:
e1:62:a4:75:e2:f6:1b:98:3b:b2:93:4f:51:92:1b:d4:63:ed:
1d:a4:24:65:49:f3:40:fe:8b:d1:f8:05:20:f6:0d:48:7b:f1:
6d:77:e0:b4:a8:c6:d2:66:3b:84:d6:3a:86:80:e4:f2:63:ab:
f2:37:f8:94
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxOe7RwgiwjVeZIRYS1oUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZjI0ODg4MjRiNzE0YTFmMzBjMmM4MDlmYmRiNjg1NzU2
NTJiNGEwHhcNMjMwMTAyMDY0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODQ5MjFjMjcwOTBmNjViN2U5MDgyMjNmNTYzNmQyOWRkOTBmNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FntgXD33Qo5gavmKAh3giYVCS70
75azBD1Cn8NM8Qc2WdhKJsqDNPqB2pDr2tSbOvsr9vh0VsPgT+OjQlGuQhkD2IM3
UFCzsGJaQLY2wYtdKMXnwJ0P2+yJWDYA9iEjd7LsND//647lN7FF2mT/A6DGnE/O
N3vopkIyAzjvXqdrWbR/e7Hq7cjly/2JpGT6HNHOHqWKUWX6zsGyz7yrjrvKEkLe
NAB9qzzbJfW1In+r+dWw3QUsRaja16tnAqvhcwvdgy7o93OW1NjSLGkPfGU7ebjA
teQLQXfuHYgITheSB6egQhvVthaQ6f75SO15rTuwdrluAT4DJ2JpxGHdgQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEhJIcJwkPZbfpCCI/VjbSndkPa+MB8GA1UdIwQY
MBaAFMrySIgktxSh8wwsgJ+9toV1ZStKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZKSWlDUzNGS0h6REN5QW43MjJoWFZsSzBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS83YTkzNmMtZDZlMi00Y2MxLTllNGIt
ZDIzN2E5ZTZhYjE0LzEvU0VraHduQ1E5bHQta0lJajlXTnRLZDJROXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS83YTkzNmMtZDZlMi00Y2MxLTllNGItZDIzN2E5ZTZhYjE0
LzEveXZKSWlDUzNGS0h6REN5QW43MjJoWFZsSzBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhBnRzAN
BgkqhkiG9w0BAQsFAAOCAQEAC/7GKwMWE7jo7a8oo0gZuvIAf6jmQ37PJF3LNQ5x
I2qbLvL0EuccIUEDzpqPRiA7/klkDSWZS0zPl0q4lo8UyhwKZE6YHiVqzXy4Ep+H
Fk/QfSMH2T6YeuDxzE1iyVyhHEZ1FiYpNrVcvC/LS8n9Xy+dcTqXlcLM0CfUh0Pt
LVtfc+zlrwMTozrq5fPQwCK5YDpAaUieQuT3SXJI9DE4mPvr6+O4SVaxCgpVUoXn
5WRieqRBQoKpfK/DXMWhZxZWE2Kiurid4WKkdeL2G5g7spNPUZIb1GPtHaQkZUnz
QP6L0fgFIPYNSHvxbXfgtKjG0mY7hNY6hoDk8mOr8jf4lA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:50 2024 by rpki-client on console-ams.rpki-client.org