Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/a32411-1e43-412b-82fe-23eb3da556fc/1/9iysRM0wdLiWcF08cXwGEIVTZac.roa
File: 9iysRM0wdLiWcF08cXwGEIVTZac.roa (raw, json)
Hash identifier: JfcSjr42DBpLBEo2jOSXXtPW1+ZB0fstZ+FV/fkM9xA=
Subject key identifier: F6:2C:AC:44:CD:30:74:B8:96:70:5D:3C:71:7C:06:10:85:53:65:A7
Certificate issuer: /CN=e66cf1f3904620aa773742915add0da8e63501b8
Certificate serial: 018EDD7E9F4AB3A9D0DAA01080EE13F983A3
Authority key identifier: E6:6C:F1:F3:90:46:20:AA:77:37:42:91:5A:DD:0D:A8:E6:35:01:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5mzx85BGIKp3N0KRWt0NqOY1Abg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/a32411-1e43-412b-82fe-23eb3da556fc/1/9iysRM0wdLiWcF08cXwGEIVTZac.roa
Signing time: Sun 14 Apr 2024 16:44:06 +0000
ROA not before: Sun 14 Apr 2024 16:44:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215751
IP address blocks: 2a0b:4e04::/48 maxlen: 48
2a0b:4e04:3333::/48 maxlen: 48
2a0b:4e04:b00b::/48 maxlen: 48
2a0b:4e04:beef::/48 maxlen: 48
2a0b:4e04:f00d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:dd:7e:9f:4a:b3:a9:d0:da:a0:10:80:ee:13:f9:83:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e66cf1f3904620aa773742915add0da8e63501b8
Validity
Not Before: Apr 14 16:44:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f62cac44cd3074b896705d3c717c0610855365a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3e:d3:e3:c0:c5:dd:18:b1:f0:f4:7d:9f:fe:
b9:9e:74:e7:eb:7c:b5:24:f0:12:06:27:4c:6c:34:
71:c6:18:9e:23:f0:e3:b8:05:65:cd:cc:f8:92:7f:
cc:d0:d7:c7:7c:e4:65:d0:5b:8b:4e:45:71:04:6d:
f0:26:a9:2d:dc:f4:2a:cd:24:74:23:fd:84:9f:58:
08:25:82:96:d2:01:29:98:fe:3b:28:a0:d7:2a:c7:
aa:df:3f:7f:61:82:45:9c:33:4f:83:d5:c5:61:ed:
c4:fb:62:db:c7:59:f2:7e:76:0b:d6:da:93:e0:d8:
ca:32:7c:02:90:d6:41:6a:b2:60:e2:09:e3:4e:fe:
11:8f:46:d7:ae:cd:db:6b:9d:39:8c:0e:91:07:ce:
64:85:48:4a:f0:bc:ad:78:fd:5b:10:8f:ac:b4:27:
12:e4:be:44:5e:34:07:96:0e:6d:d8:76:fb:1e:27:
4a:b8:8c:d1:62:94:fe:94:0b:5a:4f:b1:53:de:a4:
65:aa:37:51:18:e1:33:1d:51:b4:ec:ae:7c:0f:7f:
ce:5c:90:c3:50:b5:59:f8:02:c1:5f:d7:df:96:7b:
67:8d:f2:26:34:cf:c1:2c:6a:76:a7:6a:9c:9d:2a:
94:c3:fb:96:c3:b5:c8:a4:20:49:9c:7b:f1:99:4b:
fa:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:2C:AC:44:CD:30:74:B8:96:70:5D:3C:71:7C:06:10:85:53:65:A7
X509v3 Authority Key Identifier:
keyid:E6:6C:F1:F3:90:46:20:AA:77:37:42:91:5A:DD:0D:A8:E6:35:01:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5mzx85BGIKp3N0KRWt0NqOY1Abg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/a32411-1e43-412b-82fe-23eb3da556fc/1/9iysRM0wdLiWcF08cXwGEIVTZac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/a32411-1e43-412b-82fe-23eb3da556fc/1/5mzx85BGIKp3N0KRWt0NqOY1Abg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e04::/48
2a0b:4e04:3333::/48
2a0b:4e04:b00b::/48
2a0b:4e04:beef::/48
2a0b:4e04:f00d::/48
Signature Algorithm: sha256WithRSAEncryption
21:09:ce:5d:c5:65:12:77:29:eb:7b:a2:6a:28:da:bc:4a:d5:
eb:6b:ba:45:ed:df:6d:29:29:d4:12:0c:c6:78:7e:05:a0:a8:
ea:fe:2c:31:e9:ac:1b:e7:8a:09:d9:0b:89:b5:da:fa:4b:f6:
12:29:88:aa:92:fc:40:2f:64:a6:4b:2d:f2:fb:bd:4c:7b:f5:
c4:e0:b1:0a:7e:bb:fa:c2:97:f0:ba:9b:56:9a:c6:fc:be:fb:
07:0e:22:78:3c:dd:b4:e6:55:cc:16:cf:67:8e:0b:e1:ab:f1:
df:ce:5c:fc:2d:68:af:e7:44:96:83:b9:58:66:9e:61:ab:f0:
9f:1f:e3:a4:4b:ef:2d:b4:31:5d:b4:df:f5:2e:bb:f9:a4:a4:
c3:f7:76:be:c9:f9:2c:15:0e:33:10:a0:e3:cb:96:3f:9d:22:
aa:93:76:9b:df:cd:23:4c:0f:a9:da:36:a4:dc:af:f3:ea:8e:
d3:b6:9a:2d:17:87:b5:b9:22:87:b5:eb:49:d0:7f:79:ea:ef:
72:86:07:fa:c9:c0:4a:34:2a:8b:c2:ca:8d:b0:25:77:e5:0e:
63:60:85:42:24:62:e4:5b:c6:55:7f:0a:02:78:80:c2:ef:5f:
3b:db:88:b9:8a:3d:a6:95:40:b9:70:5a:e3:b9:92:86:fb:7b:
7c:cb:d3:59
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY7dfp9Ks6nQ2qAQgO4T+YOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2NmNmMWYzOTA0NjIwYWE3NzM3NDI5MTVhZGQwZGE4ZTYz
NTAxYjgwHhcNMjQwNDE0MTY0NDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjJjYWM0NGNkMzA3NGI4OTY3MDVkM2M3MTdjMDYxMDg1NTM2NWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAij7T48DF3Rix8PR9n/65nnTn63y1
JPASBidMbDRxxhieI/DjuAVlzcz4kn/M0NfHfORl0FuLTkVxBG3wJqkt3PQqzSR0
I/2En1gIJYKW0gEpmP47KKDXKseq3z9/YYJFnDNPg9XFYe3E+2Lbx1nyfnYL1tqT
4NjKMnwCkNZBarJg4gnjTv4Rj0bXrs3ba505jA6RB85khUhK8LyteP1bEI+stCcS
5L5EXjQHlg5t2Hb7HidKuIzRYpT+lAtaT7FT3qRlqjdRGOEzHVG07K58D3/OXJDD
ULVZ+ALBX9fflntnjfImNM/BLGp2p2qcnSqUw/uWw7XIpCBJnHvxmUv6pwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPYsrETNMHS4lnBdPHF8BhCFU2WnMB8GA1UdIwQY
MBaAFOZs8fOQRiCqdzdCkVrdDajmNQG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNW16eDg1QkdJS3AzTjBLUld0ME5xT1kxQWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hMzI0MTEtMWU0My00MTJiLTgyZmUt
MjNlYjNkYTU1NmZjLzEvOWl5c1JNMHdkTGlXY0YwOGNYd0dFSVZUWmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hMzI0MTEtMWU0My00MTJiLTgyZmUtMjNlYjNkYTU1NmZj
LzEvNW16eDg1QkdJS3AzTjBLUld0ME5xT1kxQWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKgtOBAAA
AwcAKgtOBDMzAwcAKgtOBLALAwcAKgtOBL7vAwcAKgtOBPANMA0GCSqGSIb3DQEB
CwUAA4IBAQAhCc5dxWUSdynre6JqKNq8StXra7pF7d9tKSnUEgzGeH4FoKjq/iwx
6awb54oJ2QuJtdr6S/YSKYiqkvxAL2SmSy3y+71Me/XE4LEKfrv6wpfwuptWmsb8
vvsHDiJ4PN205lXMFs9njgvhq/Hfzlz8LWiv50SWg7lYZp5hq/CfH+OkS+8ttDFd
tN/1Lrv5pKTD93a+yfksFQ4zEKDjy5Y/nSKqk3ab380jTA+p2jak3K/z6o7Ttpot
F4e1uSKHtetJ0H956u9yhgf6ycBKNCqLwsqNsCV35Q5jYIVCJGLkW8ZVfwoCeIDC
718724i5ij2mlUC5cFrjuZKG+3t8y9NZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:05 2025 by rpki-client