Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/58d593-70ed-4604-92c7-9796571533ed/1/YA5hMzrXPRNgPOhuAb6pFXXBmtU.roa
File: YA5hMzrXPRNgPOhuAb6pFXXBmtU.roa (raw, json)
Hash identifier: irQaHpdy/OOzX3dLwQl2nkZSymhEbAu+D/h4mH6Ebuc=
Subject key identifier: 60:0E:61:33:3A:D7:3D:13:60:3C:E8:6E:01:BE:A9:15:75:C1:9A:D5
Certificate issuer: /CN=e0accc5dc342112a66e83f38cca0e09e5f3a172c
Certificate serial: 01828D14C3BF62D00A6B28A497CE622F44F9
Authority key identifier: E0:AC:CC:5D:C3:42:11:2A:66:E8:3F:38:CC:A0:E0:9E:5F:3A:17:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4KzMXcNCESpm6D84zKDgnl86Fyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/58d593-70ed-4604-92c7-9796571533ed/1/YA5hMzrXPRNgPOhuAb6pFXXBmtU.roa
Signing time: Thu 11 Aug 2022 13:25:24 +0000
ROA not before: Thu 11 Aug 2022 13:25:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59469
IP address blocks: 2a07:aa40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:14:c3:bf:62:d0:0a:6b:28:a4:97:ce:62:2f:44:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0accc5dc342112a66e83f38cca0e09e5f3a172c
Validity
Not Before: Aug 11 13:25:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=600e61333ad73d13603ce86e01bea91575c19ad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:11:f4:38:03:8c:ef:df:22:af:a5:63:8c:9b:
f9:d6:39:83:b2:bc:fe:9a:34:ac:9f:75:11:e2:3b:
cb:38:be:c2:47:43:87:45:e3:9a:2a:18:2e:47:37:
7f:19:3c:02:70:17:c3:8e:89:5e:cc:e8:5f:cc:c3:
59:29:12:06:4a:88:b5:07:eb:4b:58:ed:16:18:f3:
d5:c6:66:9d:f3:47:50:b9:d2:88:6d:ef:14:c7:dd:
4c:5a:98:1f:0d:ca:2e:ad:f6:5c:79:55:e3:fa:1a:
5a:5f:e3:5d:25:65:f1:b2:44:3a:e4:ca:82:6c:6d:
77:fc:e1:66:8b:58:4d:b6:75:de:3f:5f:55:9a:41:
29:47:68:a7:43:6e:78:b9:b9:33:24:0f:7e:68:1f:
13:0f:46:67:cd:31:87:c9:7d:93:a5:de:f8:86:5c:
67:64:c6:dd:01:8a:d8:75:8b:3e:95:5b:64:89:e8:
a9:f0:a4:6b:e4:e1:f4:f1:8f:ab:4c:f3:cd:7f:bc:
89:35:0d:0f:47:d7:7f:c6:19:85:14:24:26:58:9c:
07:a0:b7:2b:b1:84:bb:7e:c3:dc:3b:d8:99:17:64:
5f:8d:23:68:5f:9b:2f:50:a8:fe:e3:26:4c:ed:21:
3a:01:a1:e6:a5:be:87:e0:10:c8:23:d8:b9:c9:e7:
90:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0E:61:33:3A:D7:3D:13:60:3C:E8:6E:01:BE:A9:15:75:C1:9A:D5
X509v3 Authority Key Identifier:
keyid:E0:AC:CC:5D:C3:42:11:2A:66:E8:3F:38:CC:A0:E0:9E:5F:3A:17:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KzMXcNCESpm6D84zKDgnl86Fyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/58d593-70ed-4604-92c7-9796571533ed/1/YA5hMzrXPRNgPOhuAb6pFXXBmtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/58d593-70ed-4604-92c7-9796571533ed/1/4KzMXcNCESpm6D84zKDgnl86Fyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
aa:96:8d:12:f1:54:7f:a5:bb:8f:b4:1f:04:35:1b:48:9c:1f:
46:19:92:a9:b6:96:d4:aa:95:f4:00:06:ad:8f:33:d7:e5:c3:
80:09:b5:7a:e6:83:1d:46:46:0a:0b:63:c4:3a:99:38:85:96:
5e:a0:47:6f:12:0f:74:b0:a2:2f:2c:74:e8:11:cb:a9:c6:09:
63:24:cf:d8:9f:08:00:8f:7b:cb:ed:a4:d3:e3:c8:92:2f:ab:
df:b2:57:49:e9:dc:d4:3b:a5:ea:34:95:4f:f5:8e:fc:bc:7d:
e6:d3:ee:2d:00:31:7c:36:aa:cc:01:23:3d:3d:e2:59:4e:f0:
bc:c7:49:4d:ec:1e:54:c7:3a:0a:ed:e3:36:c2:ed:35:20:e2:
0a:00:26:5a:7f:34:4c:0c:11:c6:bf:7c:6f:20:9f:dc:20:6e:
c7:13:c8:02:1a:7a:57:95:42:19:35:80:10:c0:a2:86:8f:6b:
f5:d0:cb:bc:f1:df:23:3b:b2:a8:20:57:c6:66:36:0d:80:81:
78:d3:ae:6e:c2:26:93:0b:23:50:65:9a:ff:08:51:3d:e8:ef:
f6:ce:cc:af:66:b3:0a:c0:2a:f5:19:93:03:e5:85:4b:b6:5c:
81:0a:ad:f8:19:83:43:65:f4:ac:74:be:3a:7f:09:a9:68:4f:
bb:56:b5:e7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYKNFMO/YtAKayikl85iL0T5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYWNjYzVkYzM0MjExMmE2NmU4M2YzOGNjYTBlMDllNWYz
YTE3MmMwHhcNMjIwODExMTMyNTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDBlNjEzMzNhZDczZDEzNjAzY2U4NmUwMWJlYTkxNTc1YzE5YWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRH0OAOM798ir6VjjJv51jmDsrz+
mjSsn3UR4jvLOL7CR0OHReOaKhguRzd/GTwCcBfDjolezOhfzMNZKRIGSoi1B+tL
WO0WGPPVxmad80dQudKIbe8Ux91MWpgfDcourfZceVXj+hpaX+NdJWXxskQ65MqC
bG13/OFmi1hNtnXeP19VmkEpR2inQ254ubkzJA9+aB8TD0ZnzTGHyX2Tpd74hlxn
ZMbdAYrYdYs+lVtkieip8KRr5OH08Y+rTPPNf7yJNQ0PR9d/xhmFFCQmWJwHoLcr
sYS7fsPcO9iZF2RfjSNoX5svUKj+4yZM7SE6AaHmpb6H4BDII9i5yeeQqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGAOYTM61z0TYDzobgG+qRV1wZrVMB8GA1UdIwQY
MBaAFOCszF3DQhEqZug/OMyg4J5fOhcsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEt6TVhjTkNFU3BtNkQ4NHpLRGdubDg2Rnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi81OGQ1OTMtNzBlZC00NjA0LTkyYzct
OTc5NjU3MTUzM2VkLzEvWUE1aE16clhQUk5nUE9odUFiNnBGWFhCbXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi81OGQ1OTMtNzBlZC00NjA0LTkyYzctOTc5NjU3MTUzM2Vk
LzEvNEt6TVhjTkNFU3BtNkQ4NHpLRGdubDg2Rnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgeqQDAN
BgkqhkiG9w0BAQsFAAOCAQEAqpaNEvFUf6W7j7QfBDUbSJwfRhmSqbaW1KqV9AAG
rY8z1+XDgAm1euaDHUZGCgtjxDqZOIWWXqBHbxIPdLCiLyx06BHLqcYJYyTP2J8I
AI97y+2k0+PIki+r37JXSenc1Dul6jSVT/WO/Lx95tPuLQAxfDaqzAEjPT3iWU7w
vMdJTeweVMc6Cu3jNsLtNSDiCgAmWn80TAwRxr98byCf3CBuxxPIAhp6V5VCGTWA
EMCiho9r9dDLvPHfIzuyqCBXxmY2DYCBeNOubsImkwsjUGWa/whRPejv9s7Mr2az
CsAq9RmTA+WFS7ZcgQqt+BmDQ2X0rHS+On8JqWhPu1a15w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:57 2023 by rpki-client on console-ams.rpki-client.org