Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/426ab9-ea35-477d-9a3a-e10c8a570b70/1/iBr4hy4L-KC9LYABX4VEym4YbH0.roa
File: iBr4hy4L-KC9LYABX4VEym4YbH0.roa (raw, json)
Hash identifier: FhBKZ/FK3emxAx/9M4XVWoCZ3ppmM2Ejfas32v+mdVU=
Subject key identifier: 88:1A:F8:87:2E:0B:F8:A0:BD:2D:80:01:5F:85:44:CA:6E:18:6C:7D
Certificate issuer: /CN=bb9d4574a1473c54a60d6fabbe46025a0f1df800
Certificate serial: 020D605D
Authority key identifier: BB:9D:45:74:A1:47:3C:54:A6:0D:6F:AB:BE:46:02:5A:0F:1D:F8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u51FdKFHPFSmDW-rvkYCWg8d-AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/426ab9-ea35-477d-9a3a-e10c8a570b70/1/iBr4hy4L-KC9LYABX4VEym4YbH0.roa
Signing time: Sat 01 Jan 2022 08:03:47 +0000
ROA not before: Sat 01 Jan 2022 08:03:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8888
IP address blocks: 2a11::/29 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34431069 (0x20d605d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb9d4574a1473c54a60d6fabbe46025a0f1df800
Validity
Not Before: Jan 1 08:03:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=881af8872e0bf8a0bd2d80015f8544ca6e186c7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3a:bc:35:66:07:06:68:12:79:16:49:60:8a:
12:a8:ce:c4:4a:cf:a1:53:93:cc:79:81:a5:17:59:
e3:8c:b7:5b:a0:28:67:c4:28:d2:7e:7a:1c:58:47:
70:d3:cc:0a:e4:c2:aa:49:60:5a:40:79:44:3f:1a:
c2:f4:62:53:8c:39:ea:4c:a8:ac:12:e6:cc:29:17:
f2:c4:97:24:e4:b3:d2:0d:bf:7e:bb:1a:cb:a0:d7:
b1:ba:87:a5:9b:5e:cc:40:fb:17:b4:2c:7d:90:29:
47:a9:8c:e1:ab:92:ff:07:7d:6d:47:b3:c5:73:12:
e5:17:e7:59:16:e8:55:76:e1:4d:fe:fa:95:08:4d:
32:e6:2e:79:21:e5:7a:79:8c:00:32:fb:89:7e:01:
9a:36:f9:28:fd:91:2c:b9:6c:b7:4f:e0:56:45:4e:
43:1b:0e:57:e2:09:b0:cb:b9:b6:40:f3:9c:3d:a7:
71:60:7e:bb:b0:cc:b9:ba:62:1f:97:c0:5a:99:c5:
2f:0e:b2:3e:bc:48:b5:50:b4:51:ef:f8:ba:b9:39:
da:48:72:57:4e:e0:55:26:61:80:6c:40:e6:c3:69:
ab:46:4e:08:53:49:2b:c0:38:39:54:76:03:36:2b:
df:ea:c4:7c:10:67:c7:a5:98:a3:75:db:e5:4a:59:
7c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:1A:F8:87:2E:0B:F8:A0:BD:2D:80:01:5F:85:44:CA:6E:18:6C:7D
X509v3 Authority Key Identifier:
keyid:BB:9D:45:74:A1:47:3C:54:A6:0D:6F:AB:BE:46:02:5A:0F:1D:F8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u51FdKFHPFSmDW-rvkYCWg8d-AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/426ab9-ea35-477d-9a3a-e10c8a570b70/1/iBr4hy4L-KC9LYABX4VEym4YbH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/426ab9-ea35-477d-9a3a-e10c8a570b70/1/u51FdKFHPFSmDW-rvkYCWg8d-AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11::/29
Signature Algorithm: sha256WithRSAEncryption
01:a6:c5:6b:e1:71:eb:c7:51:9d:4c:a4:76:28:8b:b9:3f:14:
8b:1d:f5:af:50:ff:ed:d1:74:30:d9:a9:bd:34:75:1d:f0:dd:
f5:f2:f9:43:ae:c3:54:7b:3c:6f:89:6e:99:c0:2b:22:dc:ee:
cb:33:77:79:f9:2d:1e:49:9e:c3:7c:a2:7d:97:40:de:86:bb:
72:28:5b:21:4b:4b:a0:3f:b0:2b:06:6a:b0:49:2f:88:86:86:
82:84:54:89:5f:3d:1a:60:13:a1:a7:c1:10:2e:de:b4:e5:e5:
0c:1b:2c:09:b4:b6:3f:a2:52:c3:fb:2d:85:fe:cf:da:5d:dc:
35:62:57:21:44:a8:68:e9:ae:7f:cf:73:15:88:ad:6d:2b:22:
a5:c8:71:e3:5b:b2:01:47:6b:3f:e9:d5:79:ad:d1:56:66:fe:
84:b4:23:ac:4e:33:a0:25:03:20:00:fb:ae:77:9e:bf:46:87:
29:68:ee:b1:d2:54:64:ce:87:66:40:24:8c:43:59:ce:c7:89:
38:fb:64:ec:a8:82:77:17:20:21:b7:94:40:20:9a:bd:40:d5:
37:1c:64:a0:a6:ed:b2:8e:da:4a:03:d6:c2:1c:c9:03:9e:c0:
ac:38:bd:1a:49:24:13:a3:a7:81:4d:04:60:54:02:e7:3d:6f:
a5:f2:8d:f5
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAg1gXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjlkNDU3NGExNDczYzU0YTYwZDZmYWJiZTQ2MDI1YTBmMWRmODAwMB4XDTIyMDEw
MTA4MDM0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODgxYWY4ODcyZTBi
ZjhhMGJkMmQ4MDAxNWY4NTQ0Y2E2ZTE4NmM3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANs6vDVmBwZoEnkWSWCKEqjOxErPoVOTzHmBpRdZ44y3W6Ao
Z8Qo0n56HFhHcNPMCuTCqklgWkB5RD8awvRiU4w56kyorBLmzCkX8sSXJOSz0g2/
frsay6DXsbqHpZtezED7F7QsfZApR6mM4auS/wd9bUezxXMS5RfnWRboVXbhTf76
lQhNMuYueSHlenmMADL7iX4Bmjb5KP2RLLlst0/gVkVOQxsOV+IJsMu5tkDznD2n
cWB+u7DMubpiH5fAWpnFLw6yPrxItVC0Ue/4urk52khyV07gVSZhgGxA5sNpq0ZO
CFNJK8A4OVR2AzYr3+rEfBBnx6WYo3Xb5UpZfD0CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSIGviHLgv4oL0tgAFfhUTKbhhsfTAfBgNVHSMEGDAWgBS7nUV0oUc8VKYN
b6u+RgJaDx34ADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U1MUZkS0ZIUEZTbURXLXJ2a1lDV2c4ZC1BQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjcvNDI2YWI5LWVhMzUtNDc3ZC05YTNhLWUxMGM4YTU3MGI3MC8x
L2lCcjRoeTRMLUtDOUxZQUJYNFZFeW00WWJIMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcv
NDI2YWI5LWVhMzUtNDc3ZC05YTNhLWUxMGM4YTU3MGI3MC8xL3U1MUZkS0ZIUEZT
bURXLXJ2a1lDV2c4ZC1BQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRAAAwDQYJKoZIhvcNAQELBQAD
ggEBAAGmxWvhcevHUZ1MpHYoi7k/FIsd9a9Q/+3RdDDZqb00dR3w3fXy+UOuw1R7
PG+JbpnAKyLc7sszd3n5LR5JnsN8on2XQN6Gu3IoWyFLS6A/sCsGarBJL4iGhoKE
VIlfPRpgE6GnwRAu3rTl5QwbLAm0tj+iUsP7LYX+z9pd3DViVyFEqGjprn/PcxWI
rW0rIqXIceNbsgFHaz/p1Xmt0VZm/oS0I6xOM6AlAyAA+653nr9Ghylo7rHSVGTO
h2ZAJIxDWc7HiTj7ZOyogncXICG3lEAgmr1A1TccZKCm7bKO2koD1sIcyQOewKw4
vRpJJBOjp4FNBGBUAuc9b6XyjfU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:09 2024 by rpki-client on console-ams.rpki-client.org