Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/f33dff-8270-4894-ba8a-bbf2e37438d5/1/CrTleAgl0-LZTN7EYV-ozb1g4D8.roa
File: CrTleAgl0-LZTN7EYV-ozb1g4D8.roa (raw, json)
Hash identifier: CMXoV8TSdqAwvN946jDp8ZonPGmk8rvDl9DBYd0e2wI=
Subject key identifier: 0A:B4:E5:78:08:25:D3:E2:D9:4C:DE:C4:61:5F:A8:CD:BD:60:E0:3F
Certificate issuer: /CN=d7475ecb0f680a56d20f581bbdce521cfb7eb46d
Certificate serial: 018CC4253B7812673A27E9D3675185C214A8
Authority key identifier: D7:47:5E:CB:0F:68:0A:56:D2:0F:58:1B:BD:CE:52:1C:FB:7E:B4:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10deyw9oClbSD1gbvc5SHPt-tG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/f33dff-8270-4894-ba8a-bbf2e37438d5/1/CrTleAgl0-LZTN7EYV-ozb1g4D8.roa
Signing time: Mon 01 Jan 2024 08:30:23 +0000
ROA not before: Mon 01 Jan 2024 08:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47689
IP address blocks: 2001:67c:81c::/48 maxlen: 48
2001:67c:b90::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3b:78:12:67:3a:27:e9:d3:67:51:85:c2:14:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7475ecb0f680a56d20f581bbdce521cfb7eb46d
Validity
Not Before: Jan 1 08:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ab4e5780825d3e2d94cdec4615fa8cdbd60e03f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:da:fe:67:43:72:66:7e:5e:d5:07:0f:49:49:
21:ba:bd:55:4f:db:3f:b2:e0:ac:a5:2f:9a:e2:98:
61:13:24:02:fe:7a:d4:8b:3a:8b:67:b8:49:b6:59:
82:11:c4:0d:1c:83:9f:5d:fe:b7:d2:b4:b8:ae:bd:
d7:f0:7b:ce:5c:b2:30:74:f1:c8:d2:a0:83:52:bc:
95:e3:49:03:7f:f4:36:13:0e:cd:15:f9:6a:09:34:
9b:97:27:13:ca:c7:3c:2c:c7:9f:28:fa:c0:41:08:
33:7a:13:09:fb:2a:94:0b:40:81:0d:e9:d0:5f:02:
cd:0b:c0:e7:89:dd:6b:75:c4:59:e5:94:1a:41:79:
72:d4:31:0f:12:20:3b:f1:1e:21:c7:85:8d:8e:e2:
a8:74:fc:e8:fb:98:8a:a8:59:0e:bf:bf:17:29:96:
2a:4a:7f:a4:02:6b:35:58:de:0e:33:2b:cc:38:df:
6e:bd:db:95:ec:bb:7a:2e:40:18:57:5a:d7:2a:a5:
a8:b4:24:0a:02:d0:9c:5d:9f:68:ed:b2:ca:82:1c:
d4:b3:ac:e8:8d:1b:a2:a8:fe:4d:ef:49:67:a6:e8:
4d:c6:1e:53:27:14:c4:1c:69:2e:02:04:05:9a:7b:
68:9c:69:7f:10:33:d7:56:b0:d5:bc:2f:19:d7:51:
6c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B4:E5:78:08:25:D3:E2:D9:4C:DE:C4:61:5F:A8:CD:BD:60:E0:3F
X509v3 Authority Key Identifier:
keyid:D7:47:5E:CB:0F:68:0A:56:D2:0F:58:1B:BD:CE:52:1C:FB:7E:B4:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10deyw9oClbSD1gbvc5SHPt-tG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f33dff-8270-4894-ba8a-bbf2e37438d5/1/CrTleAgl0-LZTN7EYV-ozb1g4D8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f33dff-8270-4894-ba8a-bbf2e37438d5/1/10deyw9oClbSD1gbvc5SHPt-tG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:81c::/48
2001:67c:b90::/48
Signature Algorithm: sha256WithRSAEncryption
3f:7a:b2:a4:57:fe:da:c6:41:a9:b4:b8:07:e6:1b:0d:3b:a2:
fe:d1:d6:86:5b:fe:3d:62:d5:10:88:c4:18:8d:16:b4:b4:b2:
68:1f:fd:20:98:fe:f0:a1:ad:9e:e6:04:df:b1:11:25:46:d0:
c4:ac:df:d0:1f:d8:0f:f0:87:a0:ae:65:cb:3b:13:44:be:cb:
a9:71:91:cf:75:20:47:7e:cf:65:33:4e:3e:0b:dc:bb:e6:f3:
2c:0f:35:ef:93:a5:2a:ec:ea:21:ad:82:f7:99:6c:a2:a1:09:
b8:8f:97:67:6d:a8:17:27:59:77:3e:80:46:73:70:20:7b:dc:
1b:ca:a7:f9:76:ae:61:96:5d:05:30:5c:56:fb:20:51:61:3a:
14:a9:39:45:c9:0f:26:77:0a:89:20:28:99:41:71:aa:fe:80:
68:48:78:a6:49:ba:be:4b:3d:da:6a:36:bd:9a:d8:84:49:e0:
d9:d8:5d:fa:a5:68:e4:fb:1e:2f:86:88:92:e3:e3:e2:05:93:
cd:20:e9:22:fe:e0:9b:28:49:65:82:e3:18:ed:8d:65:3f:63:
d2:2d:59:47:3f:56:c4:5e:22:f5:15:ef:7a:bd:c0:02:38:77:
7d:5f:18:a0:e8:23:e0:b1:2d:f9:a4:58:63:c2:be:f4:93:6d:
2a:26:f9:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJTt4Emc6J+nTZ1GFwhSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDc1ZWNiMGY2ODBhNTZkMjBmNTgxYmJkY2U1MjFjZmI3
ZWI0NmQwHhcNMjQwMTAxMDgzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWI0ZTU3ODA4MjVkM2UyZDk0Y2RlYzQ2MTVmYThjZGJkNjBlMDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9r+Z0NyZn5e1QcPSUkhur1VT9s/
suCspS+a4phhEyQC/nrUizqLZ7hJtlmCEcQNHIOfXf630rS4rr3X8HvOXLIwdPHI
0qCDUryV40kDf/Q2Ew7NFflqCTSblycTysc8LMefKPrAQQgzehMJ+yqUC0CBDenQ
XwLNC8Dnid1rdcRZ5ZQaQXly1DEPEiA78R4hx4WNjuKodPzo+5iKqFkOv78XKZYq
Sn+kAms1WN4OMyvMON9uvduV7Lt6LkAYV1rXKqWotCQKAtCcXZ9o7bLKghzUs6zo
jRuiqP5N70lnpuhNxh5TJxTEHGkuAgQFmntonGl/EDPXVrDVvC8Z11FsGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAq05XgIJdPi2UzexGFfqM29YOA/MB8GA1UdIwQY
MBaAFNdHXssPaApW0g9YG73OUhz7frRtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBkZXl3OW9DbGJTRDFnYnZjNVNIUHQtdEcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9mMzNkZmYtODI3MC00ODk0LWJhOGEt
YmJmMmUzNzQzOGQ1LzEvQ3JUbGVBZ2wwLUxaVE43RVlWLW96YjFnNEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9mMzNkZmYtODI3MC00ODk0LWJhOGEtYmJmMmUzNzQzOGQ1
LzEvMTBkZXl3OW9DbGJTRDFnYnZjNVNIUHQtdEcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfAgc
AwcAIAEGfAuQMA0GCSqGSIb3DQEBCwUAA4IBAQA/erKkV/7axkGptLgH5hsNO6L+
0daGW/49YtUQiMQYjRa0tLJoH/0gmP7woa2e5gTfsRElRtDErN/QH9gP8IegrmXL
OxNEvsupcZHPdSBHfs9lM04+C9y75vMsDzXvk6Uq7OohrYL3mWyioQm4j5dnbagX
J1l3PoBGc3Age9wbyqf5dq5hll0FMFxW+yBRYToUqTlFyQ8mdwqJICiZQXGq/oBo
SHimSbq+Sz3aaja9mtiESeDZ2F36pWjk+x4vhoiS4+PiBZPNIOki/uCbKEllguMY
7Y1lP2PSLVlHP1bEXiL1Fe96vcACOHd9Xxig6CPgsS35pFhjwr70k20qJvnS
-----END CERTIFICATE-----
Generated at Sun Feb 11 06:34:30 2024 by rpki-client on console-fra.rpki-client.org