Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/o6IaotI-mEkf5PGc2HKQEewdpsg.roa
File: o6IaotI-mEkf5PGc2HKQEewdpsg.roa (raw, json)
Hash identifier: DqlWjLCnESQUSv02R2JXO4an31s/qz5J+ZDl9IDWdXU=
Subject key identifier: A3:A2:1A:A2:D2:3E:98:49:1F:E4:F1:9C:D8:72:90:11:EC:1D:A6:C8
Certificate issuer: /CN=aace6725a0a0ddd1680480a83785d2cd57bf6ab0
Certificate serial: 018F8635C918320F07EF4AC0CDFD793CB4E1
Authority key identifier: AA:CE:67:25:A0:A0:DD:D1:68:04:80:A8:37:85:D2:CD:57:BF:6A:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qs5nJaCg3dFoBICoN4XSzVe_arA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/o6IaotI-mEkf5PGc2HKQEewdpsg.roa
Signing time: Fri 17 May 2024 11:00:22 +0000
ROA not before: Fri 17 May 2024 11:00:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200443
IP address blocks: 2a13:5f40::/29 maxlen: 29
2a13:5f40::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:86:35:c9:18:32:0f:07:ef:4a:c0:cd:fd:79:3c:b4:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aace6725a0a0ddd1680480a83785d2cd57bf6ab0
Validity
Not Before: May 17 11:00:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3a21aa2d23e98491fe4f19cd8729011ec1da6c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:06:5e:8f:79:32:92:a2:65:85:9a:ef:a5:25:
23:6c:8b:f3:2e:92:eb:52:d4:9c:1d:a9:e0:c6:c7:
0b:cd:81:d1:0a:29:e9:c9:09:ea:b3:9c:92:95:10:
54:81:6a:ea:1a:b4:df:33:3d:1e:a7:e9:26:ef:bc:
c7:e0:fd:86:ac:76:f7:dc:4c:91:1a:a8:7e:a4:8a:
f5:79:9c:0a:ca:b3:d0:8b:bf:c3:31:b6:19:99:d8:
3c:91:bd:99:77:99:e7:51:cf:4e:4e:49:b1:0b:ea:
80:c7:ce:9b:bc:9f:fe:3f:63:66:8d:00:6a:b4:d0:
dd:5e:0d:d4:2d:f6:b1:90:99:01:c2:c3:e8:62:3f:
19:d5:ca:e4:aa:79:57:a4:71:7b:f8:51:92:57:a2:
16:de:33:c4:b1:47:e9:e6:a6:d5:9b:45:a6:3f:d2:
8e:e3:d9:2e:61:7a:ba:04:8e:21:c4:09:30:1a:81:
ce:e7:3b:54:57:61:4a:e5:42:46:82:06:f0:b1:72:
ea:79:b8:25:52:8b:6d:01:6b:81:30:a2:f4:3b:3c:
9a:b7:5a:02:22:07:9f:e9:3d:df:eb:1d:70:84:ca:
55:ba:e0:1e:b5:cc:66:3a:16:66:bd:83:36:0c:13:
44:92:de:94:c1:78:4d:78:58:c9:20:7a:51:18:20:
c5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A2:1A:A2:D2:3E:98:49:1F:E4:F1:9C:D8:72:90:11:EC:1D:A6:C8
X509v3 Authority Key Identifier:
keyid:AA:CE:67:25:A0:A0:DD:D1:68:04:80:A8:37:85:D2:CD:57:BF:6A:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qs5nJaCg3dFoBICoN4XSzVe_arA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/o6IaotI-mEkf5PGc2HKQEewdpsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/qs5nJaCg3dFoBICoN4XSzVe_arA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
68:b8:71:3f:b3:e9:33:59:e5:40:1c:90:c9:17:f1:ff:cf:fd:
38:7f:c9:0e:87:74:d4:a1:b4:da:ee:05:c9:7b:29:0d:a8:d3:
a4:98:da:3a:ac:62:40:97:f3:2c:b7:a2:07:a0:0a:d1:b7:5b:
d3:6d:2f:fe:0e:c4:66:63:b6:f0:40:62:e5:5e:aa:19:24:c4:
24:66:25:a1:1f:89:0f:d6:a5:36:b0:55:f8:3b:e9:7d:a4:0b:
cc:32:4f:3f:f1:64:01:f6:da:22:83:e9:a6:37:d0:a5:5f:2a:
f8:0f:5f:bb:ee:4e:eb:5b:21:aa:dd:8b:2f:89:8f:06:a3:7c:
09:90:8d:a7:bb:69:14:47:b5:5f:4c:90:48:60:af:43:3c:c3:
61:24:67:f7:62:ec:ed:f6:cd:96:1e:b6:37:d9:c8:14:bc:61:
eb:34:4c:7e:ad:87:99:fa:55:b4:7f:bb:37:3e:de:ce:a3:2f:
d4:d6:cc:f9:53:fa:8f:60:6b:3f:99:0b:29:4c:01:be:a2:88:
66:12:94:e9:60:6f:3e:77:72:9c:f6:ea:82:a0:55:f8:d3:e5:
fb:69:10:7b:a5:a5:64:eb:39:a3:40:c3:8e:c7:e4:56:e5:86:
7d:d5:b5:65:fa:3a:2c:a7:0a:64:b4:95:ed:61:65:e8:a3:cd:
c2:ba:0e:e2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+GNckYMg8H70rAzf15PLThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhY2U2NzI1YTBhMGRkZDE2ODA0ODBhODM3ODVkMmNkNTdi
ZjZhYjAwHhcNMjQwNTE3MTEwMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2EyMWFhMmQyM2U5ODQ5MWZlNGYxOWNkODcyOTAxMWVjMWRhNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgZej3kykqJlhZrvpSUjbIvzLpLr
UtScHangxscLzYHRCinpyQnqs5ySlRBUgWrqGrTfMz0ep+km77zH4P2GrHb33EyR
Gqh+pIr1eZwKyrPQi7/DMbYZmdg8kb2Zd5nnUc9OTkmxC+qAx86bvJ/+P2NmjQBq
tNDdXg3ULfaxkJkBwsPoYj8Z1crkqnlXpHF7+FGSV6IW3jPEsUfp5qbVm0WmP9KO
49kuYXq6BI4hxAkwGoHO5ztUV2FK5UJGggbwsXLqebglUottAWuBMKL0Ozyat1oC
Igef6T3f6x1whMpVuuAetcxmOhZmvYM2DBNEkt6UwXhNeFjJIHpRGCDFTwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKOiGqLSPphJH+TxnNhykBHsHabIMB8GA1UdIwQY
MBaAFKrOZyWgoN3RaASAqDeF0s1Xv2qwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXM1bkphQ2czZEZvQklDb040WFN6VmVfYXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84MTEyZmYtYjIxNi00MDZmLThmNTkt
NzJhMDgyY2RiMTgyLzEvbzZJYW90SS1tRWtmNVBHYzJIS1FFZXdkcHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84MTEyZmYtYjIxNi00MDZmLThmNTktNzJhMDgyY2RiMTgy
LzEvcXM1bkphQ2czZEZvQklDb040WFN6VmVfYXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNfQDAN
BgkqhkiG9w0BAQsFAAOCAQEAaLhxP7PpM1nlQByQyRfx/8/9OH/JDod01KG02u4F
yXspDajTpJjaOqxiQJfzLLeiB6AK0bdb020v/g7EZmO28EBi5V6qGSTEJGYloR+J
D9alNrBV+DvpfaQLzDJPP/FkAfbaIoPppjfQpV8q+A9fu+5O61shqt2LL4mPBqN8
CZCNp7tpFEe1X0yQSGCvQzzDYSRn92Ls7fbNlh62N9nIFLxh6zRMfq2HmfpVtH+7
Nz7ezqMv1NbM+VP6j2BrP5kLKUwBvqKIZhKU6WBvPndynPbqgqBV+NPl+2kQe6Wl
ZOs5o0DDjsfkVuWGfdW1Zfo6LKcKZLSV7WFl6KPNwroO4g==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:57 2025 by rpki-client