Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/c5c016-4f1c-4f33-acf0-27498f874d4f/1/v5Z4R9VFAqj_bFLFYapqthnXHMM.roa
File: v5Z4R9VFAqj_bFLFYapqthnXHMM.roa (raw, json)
Hash identifier: uKmi79SrPfmoRI3239Cg5+q6ggTdbH3JUt2FAjglPIo=
Subject key identifier: BF:96:78:47:D5:45:02:A8:FF:6C:52:C5:61:AA:6A:B6:19:D7:1C:C3
Certificate issuer: /CN=4354d70a988e257ec57c3408159dc8b504f5723a
Certificate serial: 0182ABCC2079D919C623F275F892B95F52A3
Authority key identifier: 43:54:D7:0A:98:8E:25:7E:C5:7C:34:08:15:9D:C8:B5:04:F5:72:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1TXCpiOJX7FfDQIFZ3ItQT1cjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/c5c016-4f1c-4f33-acf0-27498f874d4f/1/v5Z4R9VFAqj_bFLFYapqthnXHMM.roa
Signing time: Wed 17 Aug 2022 12:34:17 +0000
ROA not before: Wed 17 Aug 2022 12:34:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204339
IP address blocks: 2a0c:aa42::/32 maxlen: 32
2a0b:7782::/32 maxlen: 32
2a0c:aa45::/32 maxlen: 32
2a0b:7785::/32 maxlen: 32
2a0c:aa41::/32 maxlen: 32
2a0b:7781::/32 maxlen: 32
2a0b:7784::/32 maxlen: 32
2a0c:aa44::/32 maxlen: 32
2a0b:7787::/32 maxlen: 32
2a0c:aa47::/32 maxlen: 32
2a0c:aa46::/32 maxlen: 32
2a0c:aa40::/29 maxlen: 29
2a0b:7786::/32 maxlen: 32
2a0b:7780::/29 maxlen: 29
2a0c:aa43::/32 maxlen: 32
2a0b:7783::/32 maxlen: 32
2a0b:7780::/32 maxlen: 32
2a0c:aa40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ab:cc:20:79:d9:19:c6:23:f2:75:f8:92:b9:5f:52:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354d70a988e257ec57c3408159dc8b504f5723a
Validity
Not Before: Aug 17 12:34:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf967847d54502a8ff6c52c561aa6ab619d71cc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:df:5f:50:94:12:da:1a:bf:cc:f3:f9:78:45:
dc:0c:bd:6e:9c:65:c5:6f:73:68:72:da:05:4e:68:
13:ec:bc:47:55:2d:ad:70:85:d8:94:44:64:34:43:
c5:3e:62:c7:cd:3f:76:81:d6:e1:04:da:5b:af:29:
98:fe:9d:0a:98:17:c3:54:6d:e8:cf:a5:3c:ef:33:
92:e0:de:fa:17:b0:82:b8:e2:b0:82:b5:c1:11:b3:
65:a8:96:b6:1f:df:8a:52:b2:13:50:22:d2:11:59:
a2:52:a9:b1:1e:09:6a:21:69:a1:2e:17:75:69:79:
00:72:41:05:00:25:9d:7e:0f:a4:9d:03:49:a1:22:
62:9b:aa:74:9c:50:cd:20:09:69:7a:bc:b9:1e:8c:
3b:42:79:36:41:cd:5b:79:3d:65:95:07:6a:22:72:
14:ca:93:55:ff:f6:44:72:29:75:d8:6a:74:4c:b4:
62:86:11:d4:2b:37:6b:84:fc:f1:0d:22:54:09:91:
b8:c1:f6:62:30:c5:ce:0c:29:f0:ff:0e:b5:41:6d:
31:30:10:d9:d2:98:be:97:80:b9:04:da:83:cb:3e:
9c:82:46:f8:39:a5:08:b4:4c:94:a1:13:73:48:6f:
b1:be:04:82:28:9b:62:c7:c7:a1:c1:7e:b9:30:f4:
01:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:96:78:47:D5:45:02:A8:FF:6C:52:C5:61:AA:6A:B6:19:D7:1C:C3
X509v3 Authority Key Identifier:
keyid:43:54:D7:0A:98:8E:25:7E:C5:7C:34:08:15:9D:C8:B5:04:F5:72:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1TXCpiOJX7FfDQIFZ3ItQT1cjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c5c016-4f1c-4f33-acf0-27498f874d4f/1/v5Z4R9VFAqj_bFLFYapqthnXHMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c5c016-4f1c-4f33-acf0-27498f874d4f/1/Q1TXCpiOJX7FfDQIFZ3ItQT1cjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:7780::/29
2a0c:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
84:c7:56:17:aa:10:e9:a9:3b:2e:53:e1:3e:37:c1:21:2f:91:
03:dc:20:0b:0f:03:17:50:b4:42:0f:4f:d2:b7:c9:f6:f5:6d:
d6:ad:f4:bb:80:f5:4a:96:73:07:61:6d:c6:85:79:2c:d4:cc:
82:8d:f7:df:22:17:c1:cf:61:08:44:82:fb:30:20:85:24:11:
20:c1:eb:bf:9b:ed:7f:dc:39:d4:dd:2e:7a:a0:05:6d:ae:1f:
2e:e4:39:ee:d3:ca:f7:74:b9:fa:93:70:2b:04:b3:31:af:d8:
70:1b:56:8c:b9:8b:7a:9a:c5:6f:10:f1:3e:0a:6a:8c:cd:25:
ac:98:f5:7d:8c:b8:09:64:a3:0b:76:3d:df:a8:2e:f1:6e:ef:
b9:56:62:dc:cc:f5:aa:23:9f:85:82:74:3c:3f:fd:31:5c:4f:
64:72:aa:4a:e2:70:b3:61:95:38:57:4a:c4:9e:bb:18:b6:4a:
1f:9a:54:00:92:95:2d:8d:87:0d:df:c5:f1:cf:ab:5a:81:a1:
a8:fe:3a:52:f3:94:d6:f8:30:8f:d0:0d:fc:b0:c7:46:9c:14:
b0:80:50:7a:6d:49:38:b8:22:84:3f:79:fd:58:51:4f:be:05:
72:fd:44:8c:00:79:7c:76:35:0a:78:40:9d:be:bb:5d:bf:57:
c7:a8:28:c0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYKrzCB52RnGI/J1+JK5X1KjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRkNzBhOTg4ZTI1N2VjNTdjMzQwODE1OWRjOGI1MDRm
NTcyM2EwHhcNMjIwODE3MTIzNDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjk2Nzg0N2Q1NDUwMmE4ZmY2YzUyYzU2MWFhNmFiNjE5ZDcxY2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvd9fUJQS2hq/zPP5eEXcDL1unGXF
b3NoctoFTmgT7LxHVS2tcIXYlERkNEPFPmLHzT92gdbhBNpbrymY/p0KmBfDVG3o
z6U87zOS4N76F7CCuOKwgrXBEbNlqJa2H9+KUrITUCLSEVmiUqmxHglqIWmhLhd1
aXkAckEFACWdfg+knQNJoSJim6p0nFDNIAlpery5How7Qnk2Qc1beT1llQdqInIU
ypNV//ZEcil12Gp0TLRihhHUKzdrhPzxDSJUCZG4wfZiMMXODCnw/w61QW0xMBDZ
0pi+l4C5BNqDyz6cgkb4OaUItEyUoRNzSG+xvgSCKJtix8ehwX65MPQBewIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFL+WeEfVRQKo/2xSxWGqarYZ1xzDMB8GA1UdIwQY
MBaAFENU1wqYjiV+xXw0CBWdyLUE9XI6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFUWENwaU9KWDdGZkRRSUZaM0l0UVQxY2pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jNWMwMTYtNGYxYy00ZjMzLWFjZjAt
Mjc0OThmODc0ZDRmLzEvdjVaNFI5VkZBcWpfYkZMRllhcHF0aG5YSE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9jNWMwMTYtNGYxYy00ZjMzLWFjZjAtMjc0OThmODc0ZDRm
LzEvUTFUWENwaU9KWDdGZkRRSUZaM0l0UVQxY2pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgt3gAMF
AyoMqkAwDQYJKoZIhvcNAQELBQADggEBAITHVheqEOmpOy5T4T43wSEvkQPcIAsP
AxdQtEIPT9K3yfb1bdat9LuA9UqWcwdhbcaFeSzUzIKN998iF8HPYQhEgvswIIUk
ESDB67+b7X/cOdTdLnqgBW2uHy7kOe7Tyvd0ufqTcCsEszGv2HAbVoy5i3qaxW8Q
8T4KaozNJayY9X2MuAlkowt2Pd+oLvFu77lWYtzM9aojn4WCdDw//TFcT2Ryqkri
cLNhlThXSsSeuxi2Sh+aVACSlS2Nhw3fxfHPq1qBoaj+OlLzlNb4MI/QDfywx0ac
FLCAUHptSTi4IoQ/ef1YUU++BXL9RIwAeXx2NQp4QJ2+u12/V8eoKMA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:21 2024 by rpki-client on console-ams.rpki-client.org