Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/37fd7b-1303-404f-a588-cbb3cd9fedfe/1/QlGR4TWD6H_8sga1tCNTL7b1Kf4.roa
File: QlGR4TWD6H_8sga1tCNTL7b1Kf4.roa (raw, json)
Hash identifier: Q1BzTpKiVp38nM5Y3K3hXYrpQ6AiLEpV69hti4MEBrg=
Subject key identifier: 42:51:91:E1:35:83:E8:7F:FC:B2:06:B5:B4:23:53:2F:B6:F5:29:FE
Certificate issuer: /CN=bc55b1ca3724255d60a0a1ef295727df08e3b14c
Certificate serial: 01849E7B10BEB2F045332C949B355A5F8BAA
Authority key identifier: BC:55:B1:CA:37:24:25:5D:60:A0:A1:EF:29:57:27:DF:08:E3:B1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vFWxyjckJV1goKHvKVcn3wjjsUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/37fd7b-1303-404f-a588-cbb3cd9fedfe/1/QlGR4TWD6H_8sga1tCNTL7b1Kf4.roa
Signing time: Tue 22 Nov 2022 08:36:16 +0000
ROA not before: Tue 22 Nov 2022 08:36:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212144
IP address blocks: 2a0f:e3c0::/30 maxlen: 30
2a0f:89c0::/29 maxlen: 29
2a0f:e3c4::/31 maxlen: 31
2a10:3e84::/30 maxlen: 30
2a0f:63c0::/29 maxlen: 29
2a07:f240::/29 maxlen: 32
2a10:a9c0::/29 maxlen: 29
2a0f:9bc0::/29 maxlen: 30
2a0b:a4c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:7b:10:be:b2:f0:45:33:2c:94:9b:35:5a:5f:8b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc55b1ca3724255d60a0a1ef295727df08e3b14c
Validity
Not Before: Nov 22 08:36:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=425191e13583e87ffcb206b5b423532fb6f529fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7e:48:b5:79:48:00:fb:6d:50:1d:dc:f7:48:
59:25:4b:68:ee:b1:0e:8c:6d:ea:e5:08:d7:ca:a9:
18:d9:23:20:cb:cc:2e:b1:aa:cf:95:e5:15:4f:0d:
ca:59:8c:23:93:e4:b9:65:3a:b0:66:44:a5:cd:98:
31:4b:04:1f:fa:9b:cb:0e:5f:22:f9:c8:8b:7d:7a:
94:00:06:e2:12:a2:69:9d:a7:1c:9a:50:07:81:ef:
d8:78:63:39:b2:08:44:af:f0:db:75:6a:8d:af:aa:
a3:e3:a8:97:2f:93:ab:54:a0:f6:aa:75:f6:27:20:
92:bf:b9:db:ba:e7:94:77:6f:cc:e8:d1:a8:d7:a1:
0c:cc:33:4e:31:75:c9:31:94:24:0d:6c:4d:4c:71:
ef:a4:0b:0d:76:ed:90:ac:44:ff:85:49:77:32:f5:
50:fd:ff:4e:56:33:21:6b:7c:5c:37:ae:6e:d8:40:
f8:6f:67:ac:9f:d3:7b:44:ad:ef:4a:91:f9:ab:07:
45:b2:ba:cf:2f:9b:5d:75:23:67:65:89:9f:3a:24:
14:5b:56:26:d2:b6:55:56:d2:ca:32:09:07:08:41:
3c:50:59:69:02:56:47:06:e9:a6:23:d7:86:13:cd:
64:65:28:fc:85:17:d8:a1:d7:cf:8e:8c:15:fe:e1:
3d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:51:91:E1:35:83:E8:7F:FC:B2:06:B5:B4:23:53:2F:B6:F5:29:FE
X509v3 Authority Key Identifier:
keyid:BC:55:B1:CA:37:24:25:5D:60:A0:A1:EF:29:57:27:DF:08:E3:B1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vFWxyjckJV1goKHvKVcn3wjjsUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/37fd7b-1303-404f-a588-cbb3cd9fedfe/1/QlGR4TWD6H_8sga1tCNTL7b1Kf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/37fd7b-1303-404f-a588-cbb3cd9fedfe/1/vFWxyjckJV1goKHvKVcn3wjjsUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f240::/29
2a0b:a4c0::/29
2a0f:63c0::/29
2a0f:89c0::/29
2a0f:9bc0::/29
2a0f:e3c0::-2a0f:e3c5:ffff:ffff:ffff:ffff:ffff:ffff
2a10:3e84::/30
2a10:a9c0::/29
Signature Algorithm: sha256WithRSAEncryption
69:3d:a6:9a:4d:38:af:36:d2:a7:e6:ad:85:b2:a2:70:f0:bc:
f0:b6:52:39:38:65:39:2f:98:2a:2e:52:d1:c1:b7:70:0e:7b:
c1:7a:93:64:b8:73:cb:64:e5:ef:72:ce:18:c4:9e:67:7b:6c:
7d:a4:84:eb:e8:e2:6c:da:da:ab:b1:f8:26:dc:99:05:d4:b4:
c2:50:dc:ce:4a:46:19:6c:17:98:eb:8a:b5:6a:01:b5:fa:0c:
9c:88:b4:f6:14:67:9d:9b:13:15:00:6d:dc:23:3a:5e:77:25:
35:f3:70:49:0a:30:04:e9:47:74:a6:32:09:59:82:d9:5d:04:
45:46:52:0f:43:3a:e6:be:4b:fa:b7:eb:6b:8a:21:53:dd:ec:
06:5b:30:57:25:4f:1d:e9:9a:19:6e:77:a8:db:d5:89:64:ea:
bc:b2:ec:49:7b:0c:bb:b8:0f:18:2a:b6:ce:9f:bf:8f:eb:2a:
70:6f:35:af:96:10:52:ae:7d:f8:ca:4c:cd:40:f0:22:a5:1c:
83:fe:0d:af:42:50:af:5e:c1:d5:0f:11:b6:ed:7a:39:3b:fb:
6b:27:51:ea:50:51:24:d8:04:3f:a6:0a:9f:4d:9d:28:63:6f:
36:9d:94:18:21:c5:af:68:5f:32:55:1c:c3:45:01:3b:4e:b0:
6c:2c:66:b7
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYSeexC+svBFMyyUmzVaX4uqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNTViMWNhMzcyNDI1NWQ2MGEwYTFlZjI5NTcyN2RmMDhl
M2IxNGMwHhcNMjIxMTIyMDgzNjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjUxOTFlMTM1ODNlODdmZmNiMjA2YjViNDIzNTMyZmI2ZjUyOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv35ItXlIAPttUB3c90hZJUto7rEO
jG3q5QjXyqkY2SMgy8wusarPleUVTw3KWYwjk+S5ZTqwZkSlzZgxSwQf+pvLDl8i
+ciLfXqUAAbiEqJpnaccmlAHge/YeGM5sghEr/DbdWqNr6qj46iXL5OrVKD2qnX2
JyCSv7nbuueUd2/M6NGo16EMzDNOMXXJMZQkDWxNTHHvpAsNdu2QrET/hUl3MvVQ
/f9OVjMha3xcN65u2ED4b2esn9N7RK3vSpH5qwdFsrrPL5tddSNnZYmfOiQUW1Ym
0rZVVtLKMgkHCEE8UFlpAlZHBummI9eGE81kZSj8hRfYodfPjowV/uE9/QIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFEJRkeE1g+h//LIGtbQjUy+29Sn+MB8GA1UdIwQY
MBaAFLxVsco3JCVdYKCh7ylXJ98I47FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkZXeHlqY2tKVjFnb0tIdktWY24zd2pqc1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zN2ZkN2ItMTMwMy00MDRmLWE1ODgt
Y2JiM2NkOWZlZGZlLzEvUWxHUjRUV0Q2SF84c2dhMXRDTlRMN2IxS2Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zN2ZkN2ItMTMwMy00MDRmLWE1ODgtY2JiM2NkOWZlZGZl
LzEvdkZXeHlqY2tKVjFnb0tIdktWY24zd2pqc1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwUDKgfyQAMF
AyoLpMADBQMqD2PAAwUDKg+JwAMFAyoPm8AwDgMFBioP48ADBQEqD+PEAwUCKhA+
hAMFAyoQqcAwDQYJKoZIhvcNAQELBQADggEBAGk9pppNOK820qfmrYWyonDwvPC2
Ujk4ZTkvmCouUtHBt3AOe8F6k2S4c8tk5e9yzhjEnmd7bH2khOvo4mza2qux+Cbc
mQXUtMJQ3M5KRhlsF5jrirVqAbX6DJyItPYUZ52bExUAbdwjOl53JTXzcEkKMATp
R3SmMglZgtldBEVGUg9DOua+S/q362uKIVPd7AZbMFclTx3pmhlud6jb1Ylk6ryy
7El7DLu4Dxgqts6fv4/rKnBvNa+WEFKuffjKTM1A8CKlHIP+Da9CUK9ewdUPEbbt
ejk7+2snUepQUSTYBD+mCp9NnShjbzadlBghxa9oXzJVHMNFATtOsGwsZrc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:47 2024 by rpki-client on console-fra.rpki-client.org