Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/4cd064-5e46-4a3f-83c5-86bcb7f59d98/1/PnTtMzNTA_oD_5Uhii64r00AXZI.roa
File: PnTtMzNTA_oD_5Uhii64r00AXZI.roa (raw, json)
Hash identifier: IlsNGCt+dGi/40W2tSx0HIMPOxDDE+DWjdcgDuVpXnQ=
Subject key identifier: 3E:74:ED:33:33:53:03:FA:03:FF:95:21:8A:2E:B8:AF:4D:00:5D:92
Certificate issuer: /CN=8bcb6154f9c893e0a40b87afa0a2fa27fccf31eb
Certificate serial: 018CC7948078ABAF1CDEB9D2F89F5C097761
Authority key identifier: 8B:CB:61:54:F9:C8:93:E0:A4:0B:87:AF:A0:A2:FA:27:FC:CF:31:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i8thVPnIk-CkC4evoKL6J_zPMes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/4cd064-5e46-4a3f-83c5-86bcb7f59d98/1/PnTtMzNTA_oD_5Uhii64r00AXZI.roa
Signing time: Tue 02 Jan 2024 00:30:47 +0000
ROA not before: Tue 02 Jan 2024 00:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31736
IP address blocks: 2a12:44c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:80:78:ab:af:1c:de:b9:d2:f8:9f:5c:09:77:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bcb6154f9c893e0a40b87afa0a2fa27fccf31eb
Validity
Not Before: Jan 2 00:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e74ed33335303fa03ff95218a2eb8af4d005d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ed:06:84:06:7c:9a:5d:a1:b8:55:67:2b:4e:
20:84:6e:85:92:87:4c:92:1c:91:2f:49:20:6f:0d:
bb:3d:5e:39:ba:82:83:b6:69:95:ce:4c:10:04:a5:
bb:07:34:e8:80:84:e2:1c:34:b7:d5:3e:f5:0c:9f:
4b:59:32:bd:40:b0:db:15:d2:24:b3:44:5a:a0:aa:
5e:4d:54:b2:20:87:58:f5:6c:16:73:4c:50:cd:97:
ba:d6:12:c9:3b:8f:e2:8f:b5:e2:b7:b2:d0:ec:51:
9a:83:cf:37:d0:d9:9a:c1:4d:02:73:5d:45:b5:e1:
39:40:16:6a:4a:da:5e:27:0d:e8:22:95:6b:0d:7c:
b0:2a:f5:a3:f5:83:6d:be:61:a3:14:02:91:74:d9:
c5:1d:72:84:54:77:91:96:fe:12:33:c7:47:e4:f4:
0c:5c:af:30:2c:25:be:39:6f:bb:7a:0b:f0:13:ab:
cc:2b:1d:83:e2:bf:75:17:04:8e:df:26:71:60:19:
db:16:58:ac:8b:6b:9d:05:ce:a9:e8:03:42:92:55:
70:50:2d:fe:f7:cc:93:c9:f9:c6:99:23:91:3f:34:
f6:eb:c6:2c:0b:bd:22:64:60:22:9d:7c:21:2b:ad:
d3:19:47:32:e4:4d:e6:55:2a:80:10:13:25:45:f9:
c4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:74:ED:33:33:53:03:FA:03:FF:95:21:8A:2E:B8:AF:4D:00:5D:92
X509v3 Authority Key Identifier:
keyid:8B:CB:61:54:F9:C8:93:E0:A4:0B:87:AF:A0:A2:FA:27:FC:CF:31:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i8thVPnIk-CkC4evoKL6J_zPMes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4cd064-5e46-4a3f-83c5-86bcb7f59d98/1/PnTtMzNTA_oD_5Uhii64r00AXZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4cd064-5e46-4a3f-83c5-86bcb7f59d98/1/i8thVPnIk-CkC4evoKL6J_zPMes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:44c0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:a6:11:20:15:05:bf:63:53:c7:6d:b7:b6:a4:eb:07:46:19:
40:4a:0a:c2:37:35:5c:2f:30:6d:11:2f:ef:2c:1e:50:6b:32:
bd:f8:e9:dd:f3:7a:c4:4c:f9:e3:84:cc:63:6c:82:de:a9:05:
84:52:bf:aa:80:53:8c:af:e9:b2:0b:fb:69:58:ea:62:09:6a:
70:98:59:a1:29:4a:54:20:22:11:92:d7:03:74:2f:c0:95:b2:
34:85:f7:77:00:aa:44:e7:aa:72:5f:9a:34:bc:bb:5a:6d:8b:
50:d1:9e:0f:5d:11:ea:3b:6f:01:46:c2:62:06:6e:32:a9:c6:
87:f9:bb:80:5a:00:83:b9:04:47:45:a1:f3:ee:4e:5f:bb:d2:
52:49:f8:cb:e5:db:2b:17:cd:3d:c7:a6:97:7d:40:b9:0a:0b:
50:ea:85:27:c0:36:ad:37:ba:b8:ee:ed:b1:b7:cd:2b:59:c9:
d4:d3:f6:4f:f1:94:51:27:6d:c7:f2:50:4d:ae:ce:99:77:ba:
7b:a2:9e:d5:8b:59:57:c9:a6:89:47:2c:3a:ec:bc:bb:64:99:
d0:b3:05:2b:ef:ab:f1:4c:c9:4e:f9:ba:bd:48:a5:d3:1d:83:
b0:a1:22:0d:c1:04:3d:9a:68:2c:0c:a5:17:38:a7:1b:b1:aa:
87:f9:3c:55
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHlIB4q68c3rnS+J9cCXdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiY2I2MTU0ZjljODkzZTBhNDBiODdhZmEwYTJmYTI3ZmNj
ZjMxZWIwHhcNMjQwMTAyMDAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTc0ZWQzMzMzNTMwM2ZhMDNmZjk1MjE4YTJlYjhhZjRkMDA1ZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+0GhAZ8ml2huFVnK04ghG6FkodM
khyRL0kgbw27PV45uoKDtmmVzkwQBKW7BzTogITiHDS31T71DJ9LWTK9QLDbFdIk
s0RaoKpeTVSyIIdY9WwWc0xQzZe61hLJO4/ij7Xit7LQ7FGag8830NmawU0Cc11F
teE5QBZqStpeJw3oIpVrDXywKvWj9YNtvmGjFAKRdNnFHXKEVHeRlv4SM8dH5PQM
XK8wLCW+OW+7egvwE6vMKx2D4r91FwSO3yZxYBnbFlisi2udBc6p6ANCklVwUC3+
98yTyfnGmSORPzT268YsC70iZGAinXwhK63TGUcy5E3mVSqAEBMlRfnEgwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFD507TMzUwP6A/+VIYouuK9NAF2SMB8GA1UdIwQY
MBaAFIvLYVT5yJPgpAuHr6Ci+if8zzHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTh0aFZQbklrLUNrQzRldm9LTDZKX3pQTWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80Y2QwNjQtNWU0Ni00YTNmLTgzYzUt
ODZiY2I3ZjU5ZDk4LzEvUG5UdE16TlRBX29EXzVVaGlpNjRyMDBBWFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80Y2QwNjQtNWU0Ni00YTNmLTgzYzUtODZiY2I3ZjU5ZDk4
LzEvaTh0aFZQbklrLUNrQzRldm9LTDZKX3pQTWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJEwDAN
BgkqhkiG9w0BAQsFAAOCAQEAbqYRIBUFv2NTx223tqTrB0YZQEoKwjc1XC8wbREv
7yweUGsyvfjp3fN6xEz544TMY2yC3qkFhFK/qoBTjK/psgv7aVjqYglqcJhZoSlK
VCAiEZLXA3QvwJWyNIX3dwCqROeqcl+aNLy7Wm2LUNGeD10R6jtvAUbCYgZuMqnG
h/m7gFoAg7kER0Wh8+5OX7vSUkn4y+XbKxfNPceml31AuQoLUOqFJ8A2rTe6uO7t
sbfNK1nJ1NP2T/GUUSdtx/JQTa7OmXe6e6Ke1YtZV8mmiUcsOuy8u2SZ0LMFK++r
8UzJTvm6vUil0x2DsKEiDcEEPZpoLAylFzinG7Gqh/k8VQ==
-----END CERTIFICATE-----
Generated at Thu Nov 7 15:01:50 2024 by rpki-client on console-fra.rpki-client.org