Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/c5c016-4f1c-4f33-acf0-27498f874d4f/1/GRhaEEJm8mRhIGvGRq6Ct0AD1bk.roa
File: GRhaEEJm8mRhIGvGRq6Ct0AD1bk.roa (raw, json)
Hash identifier: ZQzVigGtejtkLuYbdokZeOrMyBYKZy4CK+7zjf0FUDs=
Subject key identifier: 19:18:5A:10:42:66:F2:64:61:20:6B:C6:46:AE:82:B7:40:03:D5:B9
Certificate issuer: /CN=4354d70a988e257ec57c3408159dc8b504f5723a
Certificate serial: 0182A0A9C0166C8DD84A4EE999C87CBC1703
Authority key identifier: 43:54:D7:0A:98:8E:25:7E:C5:7C:34:08:15:9D:C8:B5:04:F5:72:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1TXCpiOJX7FfDQIFZ3ItQT1cjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/c5c016-4f1c-4f33-acf0-27498f874d4f/1/GRhaEEJm8mRhIGvGRq6Ct0AD1bk.roa
Signing time: Mon 15 Aug 2022 08:40:55 +0000
ROA not before: Mon 15 Aug 2022 08:40:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204339
IP address blocks: 2a0c:aa42::/32 maxlen: 32
2a0c:aa45::/32 maxlen: 32
2a0c:aa46::/32 maxlen: 32
2a0c:aa41::/32 maxlen: 32
2a0c:aa40::/29 maxlen: 29
2a0c:aa43::/32 maxlen: 32
2a0c:aa44::/32 maxlen: 32
2a0c:aa47::/32 maxlen: 32
2a0c:aa40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a0:a9:c0:16:6c:8d:d8:4a:4e:e9:99:c8:7c:bc:17:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354d70a988e257ec57c3408159dc8b504f5723a
Validity
Not Before: Aug 15 08:40:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19185a104266f26461206bc646ae82b74003d5b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:66:a6:f1:a4:bf:e6:6b:24:9c:25:91:2c:5a:
d3:c4:25:ab:c2:a0:5a:02:38:2e:91:fd:b2:a6:5f:
66:f7:47:e7:4f:9c:0f:b0:08:03:70:73:3d:37:88:
71:f4:f3:8d:69:9a:ee:df:04:a2:ff:88:17:79:1e:
e4:0c:f3:4c:1f:98:2a:bb:d5:bd:f6:5f:f1:43:bc:
97:2e:d1:de:88:51:f8:7a:13:74:e1:34:61:1c:6b:
a8:6d:34:dc:c0:29:3c:18:f1:fa:a9:b3:2c:40:e8:
3c:1d:d4:f6:a5:75:ca:8a:77:2b:db:ba:70:e1:7f:
f6:81:c4:b4:c6:eb:b3:19:3c:2a:c1:6b:2f:da:ba:
d3:f1:24:01:59:16:4c:09:2d:0a:08:1d:3e:51:cd:
0d:aa:18:59:7c:1a:30:e7:ff:ad:06:9f:d6:26:7b:
32:0b:0b:98:0d:98:ba:76:02:ed:83:64:f7:34:44:
91:9f:bd:02:f1:a0:da:33:38:44:34:38:80:0f:e5:
a3:0b:af:44:2c:cb:05:44:d3:ad:e5:89:62:8f:46:
ad:90:b2:cb:04:0e:3d:ab:bb:6e:80:23:1e:12:4d:
50:02:57:0a:e0:03:21:08:35:32:60:34:ae:b1:53:
20:53:a6:f8:92:1d:58:f7:b7:f4:5b:f2:bf:dd:bd:
1a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:18:5A:10:42:66:F2:64:61:20:6B:C6:46:AE:82:B7:40:03:D5:B9
X509v3 Authority Key Identifier:
keyid:43:54:D7:0A:98:8E:25:7E:C5:7C:34:08:15:9D:C8:B5:04:F5:72:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1TXCpiOJX7FfDQIFZ3ItQT1cjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c5c016-4f1c-4f33-acf0-27498f874d4f/1/GRhaEEJm8mRhIGvGRq6Ct0AD1bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c5c016-4f1c-4f33-acf0-27498f874d4f/1/Q1TXCpiOJX7FfDQIFZ3ItQT1cjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
0c:49:61:46:5e:21:33:2e:0b:38:ef:71:c4:85:09:37:50:f5:
a3:4f:2d:79:fb:91:9a:41:3b:d4:c2:1e:0f:3e:ce:e0:39:35:
f3:7a:46:15:da:7f:2b:87:59:68:a3:cc:f7:4c:c8:4b:df:c8:
1b:16:1f:0c:2c:f4:fa:6c:95:a4:4f:44:af:c1:ac:70:80:ac:
37:df:de:7d:84:68:13:fe:2f:79:45:e8:91:d3:16:78:d3:f2:
2f:22:56:f5:21:c2:47:e9:4c:a8:f1:92:12:7a:f3:8e:aa:6a:
21:3e:c5:af:3a:91:03:f5:3e:87:4e:0a:fc:b3:60:2b:fc:2a:
cc:bf:3a:44:2f:85:92:9f:ad:dc:61:ef:3a:de:12:04:55:06:
a6:71:9d:46:08:f9:a1:1d:5b:34:5e:03:28:e3:48:73:fd:a5:
31:03:5b:0e:c4:20:05:b9:f7:0a:be:04:4c:7b:02:d1:a9:30:
e2:5a:9b:73:e4:fe:a0:07:40:c8:72:67:55:bb:43:c2:fd:76:
8d:d0:e6:cf:7d:b6:65:ee:56:10:cf:89:44:9f:a3:b6:c6:55:
b5:7c:eb:a7:c2:65:00:f8:9e:d7:44:1a:cb:a0:69:cd:2e:b7:
93:f0:06:3b:bb:78:8b:aa:c5:9b:a7:32:1a:a3:4a:68:3c:d7:
a6:df:82:a4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYKgqcAWbI3YSk7pmch8vBcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRkNzBhOTg4ZTI1N2VjNTdjMzQwODE1OWRjOGI1MDRm
NTcyM2EwHhcNMjIwODE1MDg0MDU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTE4NWExMDQyNjZmMjY0NjEyMDZiYzY0NmFlODJiNzQwMDNkNWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomam8aS/5msknCWRLFrTxCWrwqBa
Ajgukf2ypl9m90fnT5wPsAgDcHM9N4hx9PONaZru3wSi/4gXeR7kDPNMH5gqu9W9
9l/xQ7yXLtHeiFH4ehN04TRhHGuobTTcwCk8GPH6qbMsQOg8HdT2pXXKincr27pw
4X/2gcS0xuuzGTwqwWsv2rrT8SQBWRZMCS0KCB0+Uc0NqhhZfBow5/+tBp/WJnsy
CwuYDZi6dgLtg2T3NESRn70C8aDaMzhENDiAD+WjC69ELMsFRNOt5Ylij0atkLLL
BA49q7tugCMeEk1QAlcK4AMhCDUyYDSusVMgU6b4kh1Y97f0W/K/3b0a0wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBkYWhBCZvJkYSBrxkaugrdAA9W5MB8GA1UdIwQY
MBaAFENU1wqYjiV+xXw0CBWdyLUE9XI6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFUWENwaU9KWDdGZkRRSUZaM0l0UVQxY2pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jNWMwMTYtNGYxYy00ZjMzLWFjZjAt
Mjc0OThmODc0ZDRmLzEvR1JoYUVFSm04bVJoSUd2R1JxNkN0MEFEMWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9jNWMwMTYtNGYxYy00ZjMzLWFjZjAtMjc0OThmODc0ZDRm
LzEvUTFUWENwaU9KWDdGZkRRSUZaM0l0UVQxY2pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgyqQDAN
BgkqhkiG9w0BAQsFAAOCAQEADElhRl4hMy4LOO9xxIUJN1D1o08tefuRmkE71MIe
Dz7O4Dk183pGFdp/K4dZaKPM90zIS9/IGxYfDCz0+myVpE9Er8GscICsN9/efYRo
E/4veUXokdMWeNPyLyJW9SHCR+lMqPGSEnrzjqpqIT7FrzqRA/U+h04K/LNgK/wq
zL86RC+Fkp+t3GHvOt4SBFUGpnGdRgj5oR1bNF4DKONIc/2lMQNbDsQgBbn3Cr4E
THsC0akw4lqbc+T+oAdAyHJnVbtDwv12jdDmz322Ze5WEM+JRJ+jtsZVtXzrp8Jl
APie10Qay6BpzS63k/AGO7t4i6rFm6cyGqNKaDzXpt+CpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:57 2024 by rpki-client on console-fra.rpki-client.org