Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/37fd7b-1303-404f-a588-cbb3cd9fedfe/1/1Uuz8q6RFNk7DBXGKxokdIvwn40.roa
File: 1Uuz8q6RFNk7DBXGKxokdIvwn40.roa (raw, json)
Hash identifier: tRdfrC/JwAg6g98/1VVnmP8N2X6EqOdpp/kImHljSfw=
Subject key identifier: D5:4B:B3:F2:AE:91:14:D9:3B:0C:15:C6:2B:1A:24:74:8B:F0:9F:8D
Certificate issuer: /CN=bc55b1ca3724255d60a0a1ef295727df08e3b14c
Certificate serial: 018A8E537A384DF2FB4B87D2CEE8888403B6
Authority key identifier: BC:55:B1:CA:37:24:25:5D:60:A0:A1:EF:29:57:27:DF:08:E3:B1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vFWxyjckJV1goKHvKVcn3wjjsUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/37fd7b-1303-404f-a588-cbb3cd9fedfe/1/1Uuz8q6RFNk7DBXGKxokdIvwn40.roa
Signing time: Wed 13 Sep 2023 11:35:50 +0000
ROA not before: Wed 13 Sep 2023 11:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212144
IP address blocks: 2a0f:e3c0::/30 maxlen: 30
2a0f:89c0::/29 maxlen: 29
2a0f:e3c4::/31 maxlen: 31
2a0f:63c0::/29 maxlen: 29
2a0f:9bc0::/29 maxlen: 30
2a0b:a4c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:53:7a:38:4d:f2:fb:4b:87:d2:ce:e8:88:84:03:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc55b1ca3724255d60a0a1ef295727df08e3b14c
Validity
Not Before: Sep 13 11:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d54bb3f2ae9114d93b0c15c62b1a24748bf09f8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cf:03:57:f3:5a:7a:fa:44:7f:44:44:06:e4:
b7:81:08:f7:19:6a:c3:35:05:52:07:b7:84:4d:a1:
f4:6b:9d:4c:b5:1d:00:b8:42:70:13:b0:34:8b:45:
f9:56:78:d4:72:01:de:38:ea:20:6a:6c:f3:c0:97:
3f:b2:59:7e:24:26:1c:fa:b6:8b:f2:ba:c5:25:90:
71:78:f7:a0:b8:78:9b:2b:16:32:98:9f:5a:5c:95:
9e:5d:98:b9:86:7e:ec:a1:13:1d:70:4f:8d:86:55:
a9:e9:08:c4:0a:ac:8c:01:01:3f:1a:15:a7:d4:aa:
31:03:6e:ca:1e:10:8d:a0:40:03:1b:43:59:fb:84:
8c:21:f7:b2:0b:09:c0:55:b5:91:db:1e:94:4e:ff:
cd:01:6a:15:e3:d6:a3:9d:aa:49:f1:2d:52:fc:8e:
23:9e:2b:82:0e:d4:2d:dc:1f:14:b7:79:c4:0b:35:
6d:ef:a9:95:57:d9:5e:20:b8:0e:88:d2:ed:29:e3:
30:fe:95:87:0a:2c:97:65:01:67:30:8a:13:f4:08:
fd:ee:ff:75:18:2e:66:f6:1e:df:d7:c7:a6:56:2d:
61:df:a2:2c:b9:08:a9:2d:eb:3d:49:10:40:1d:15:
c2:31:6b:67:a0:56:e0:9b:43:1b:4f:6b:ce:67:d9:
f1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:4B:B3:F2:AE:91:14:D9:3B:0C:15:C6:2B:1A:24:74:8B:F0:9F:8D
X509v3 Authority Key Identifier:
keyid:BC:55:B1:CA:37:24:25:5D:60:A0:A1:EF:29:57:27:DF:08:E3:B1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vFWxyjckJV1goKHvKVcn3wjjsUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/37fd7b-1303-404f-a588-cbb3cd9fedfe/1/1Uuz8q6RFNk7DBXGKxokdIvwn40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/37fd7b-1303-404f-a588-cbb3cd9fedfe/1/vFWxyjckJV1goKHvKVcn3wjjsUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:a4c0::/29
2a0f:63c0::/29
2a0f:89c0::/29
2a0f:9bc0::/29
2a0f:e3c0::-2a0f:e3c5:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
33:11:25:82:30:40:88:1e:71:db:5a:58:02:52:11:fa:6b:75:
9a:81:7a:9f:3d:cf:bc:ae:8f:90:7c:28:01:8b:d6:82:c0:f7:
94:20:41:29:ab:d1:2a:af:d7:e5:ed:46:c7:1d:86:c5:2c:d2:
0a:82:be:58:dc:d6:c5:f0:a7:71:79:8e:d1:29:28:ff:c0:48:
b2:ea:2a:5d:9b:2c:18:8a:66:05:aa:01:f9:5d:d7:2c:9f:aa:
3f:78:b7:42:e8:53:2c:1b:24:c5:b8:76:4f:9c:7c:b9:6f:3d:
c0:52:a1:bd:b5:80:9a:29:40:55:ba:0b:59:1b:62:69:8a:46:
9f:92:0f:e5:f3:e1:b4:29:32:69:1b:c0:05:36:9d:8c:de:0b:
10:79:6f:be:3f:fc:00:7d:71:52:2d:51:f7:47:ae:ed:7d:97:
e5:e1:4c:8f:d2:7a:d5:c3:27:ad:d8:ee:00:ac:48:69:e4:b8:
cc:7e:3a:d5:4d:ca:d7:43:59:89:30:46:01:c8:40:90:d9:4c:
51:e2:3d:b8:08:61:be:75:e0:92:6e:f3:52:42:98:01:1c:a0:
e2:33:20:bb:37:c9:27:1b:de:0c:81:6e:a8:67:87:86:c9:a8:
ad:18:80:67:5d:33:4b:39:d7:dc:c3:de:59:0a:70:a5:61:10:
9a:8d:e6:37
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYqOU3o4TfL7S4fSzuiIhAO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNTViMWNhMzcyNDI1NWQ2MGEwYTFlZjI5NTcyN2RmMDhl
M2IxNGMwHhcNMjMwOTEzMTEzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTRiYjNmMmFlOTExNGQ5M2IwYzE1YzYyYjFhMjQ3NDhiZjA5ZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsc8DV/NaevpEf0REBuS3gQj3GWrD
NQVSB7eETaH0a51MtR0AuEJwE7A0i0X5VnjUcgHeOOogamzzwJc/sll+JCYc+raL
8rrFJZBxePeguHibKxYymJ9aXJWeXZi5hn7soRMdcE+NhlWp6QjECqyMAQE/GhWn
1KoxA27KHhCNoEADG0NZ+4SMIfeyCwnAVbWR2x6UTv/NAWoV49ajnapJ8S1S/I4j
niuCDtQt3B8Ut3nECzVt76mVV9leILgOiNLtKeMw/pWHCiyXZQFnMIoT9Aj97v91
GC5m9h7f18emVi1h36IsuQipLes9SRBAHRXCMWtnoFbgm0MbT2vOZ9nxcwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNVLs/KukRTZOwwVxisaJHSL8J+NMB8GA1UdIwQY
MBaAFLxVsco3JCVdYKCh7ylXJ98I47FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkZXeHlqY2tKVjFnb0tIdktWY24zd2pqc1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zN2ZkN2ItMTMwMy00MDRmLWE1ODgt
Y2JiM2NkOWZlZGZlLzEvMVV1ejhxNlJGTms3REJYR0t4b2tkSXZ3bjQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zN2ZkN2ItMTMwMy00MDRmLWE1ODgtY2JiM2NkOWZlZGZl
LzEvdkZXeHlqY2tKVjFnb0tIdktWY24zd2pqc1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsAwUDKgukwAMF
AyoPY8ADBQMqD4nAAwUDKg+bwDAOAwUGKg/jwAMFASoP48QwDQYJKoZIhvcNAQEL
BQADggEBADMRJYIwQIgecdtaWAJSEfprdZqBep89z7yuj5B8KAGL1oLA95QgQSmr
0Sqv1+XtRscdhsUs0gqCvljc1sXwp3F5jtEpKP/ASLLqKl2bLBiKZgWqAfld1yyf
qj94t0LoUywbJMW4dk+cfLlvPcBSob21gJopQFW6C1kbYmmKRp+SD+Xz4bQpMmkb
wAU2nYzeCxB5b74//AB9cVItUfdHru19l+XhTI/SetXDJ63Y7gCsSGnkuMx+OtVN
ytdDWYkwRgHIQJDZTFHiPbgIYb514JJu81JCmAEcoOIzILs3yScb3gyBbqhnh4bJ
qK0YgGddM0s519zD3lkKcKVhEJqN5jc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:41 2024 by rpki-client on console-ams.rpki-client.org