Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/7Z0zfJyumEq6PQBdZKcbE76lUL8.roa
File: 7Z0zfJyumEq6PQBdZKcbE76lUL8.roa (raw, json)
Hash identifier: LA0UWi8nIdX+iB45r2XgQZOG7L76/oMOpnzIulyrEjY=
Subject key identifier: ED:9D:33:7C:9C:AE:98:4A:BA:3D:00:5D:64:A7:1B:13:BE:A5:50:BF
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 01932A5A20F4A60CFE22D0E2CA676C88F912
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/7Z0zfJyumEq6PQBdZKcbE76lUL8.roa
Signing time: Thu 14 Nov 2024 11:06:09 +0000
ROA not before: Thu 14 Nov 2024 11:06:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5378
IP address blocks: 2a01:840::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2a:5a:20:f4:a6:0c:fe:22:d0:e2:ca:67:6c:88:f9:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 14 11:06:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed9d337c9cae984aba3d005d64a71b13bea550bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:44:78:1d:66:ed:31:86:6c:56:4e:ba:68:a2:
e9:2f:65:69:1f:c1:82:9c:f0:b6:fb:b6:5e:c8:9f:
16:31:6d:42:f5:2d:a5:d8:48:03:62:8c:ef:fd:7f:
41:5b:03:6c:9c:fc:60:3e:9e:6b:3e:55:ef:68:ba:
0b:ab:70:30:bf:af:72:87:ac:c2:c2:06:83:a6:13:
d5:70:71:d5:68:cc:f9:60:27:91:75:59:5d:3c:48:
a4:ed:26:41:ce:3e:f2:6f:6a:b3:91:f6:0d:f9:bb:
fe:bb:e8:e6:d9:e7:c0:b9:4a:f2:ae:0c:b7:8f:fc:
21:81:f3:76:1c:a0:99:90:42:78:cd:0b:f2:1a:47:
38:26:3a:64:8a:89:04:0a:e9:25:7f:90:9c:59:8c:
df:b6:c6:d7:03:17:e2:67:18:1a:cf:5c:f2:7a:7c:
cf:bc:27:ba:e7:14:4b:cb:2b:a9:4f:65:57:49:bc:
0f:b0:4d:af:1a:82:7a:fd:ec:50:78:33:2d:47:3c:
43:b8:62:1a:e4:e2:79:36:6f:ef:14:2a:a4:ad:8e:
b8:d7:7f:01:a0:34:0a:73:97:7c:f5:a5:96:77:bf:
30:d6:0e:0b:7f:c6:e1:8f:43:4d:7d:a0:24:61:ec:
fc:85:0f:5f:87:56:aa:82:6a:97:9b:2a:cc:4c:ac:
c7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:9D:33:7C:9C:AE:98:4A:BA:3D:00:5D:64:A7:1B:13:BE:A5:50:BF
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/7Z0zfJyumEq6PQBdZKcbE76lUL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:840::/32
Signature Algorithm: sha256WithRSAEncryption
54:b2:60:fe:35:8d:7d:1b:49:8d:e3:1e:99:31:fe:6b:4d:c0:
ec:b2:89:8f:cb:53:d8:69:1b:90:ec:b0:0b:d6:42:d4:26:04:
49:f4:e7:24:07:a2:be:69:e9:c2:9d:92:3c:dc:f8:ec:29:6e:
35:77:08:08:01:3c:c4:84:93:e7:5a:34:cf:3c:50:e0:33:e1:
03:26:b3:09:ed:fd:d6:cf:58:e6:0b:70:2b:a3:ce:e4:b5:5c:
9d:24:eb:79:bf:bc:fb:43:f6:da:a7:19:ed:32:64:de:a9:31:
5e:4a:70:4a:f3:7b:33:3c:5a:10:8a:e2:c7:82:86:ab:3c:23:
68:ea:bc:80:ad:e5:bc:f7:08:02:b4:4c:42:4f:ee:64:bf:a1:
f2:fc:f8:1c:0e:7b:d9:05:3b:d0:21:cd:5f:29:89:3f:fd:0b:
aa:a4:f4:19:c1:8a:52:1d:77:80:dd:46:a6:93:e9:bb:75:1a:
c7:0a:c1:f5:2e:72:e0:2b:54:15:cf:a1:7f:19:f2:57:1b:f2:
99:d8:1e:15:5c:0a:73:f4:67:45:7e:c8:3b:7f:6c:bd:62:5b:
e9:c7:26:46:e6:d9:74:c7:30:3d:31:e0:c1:11:11:ee:fd:39:
04:b9:04:70:5f:8e:21:ac:60:2e:3d:8f:97:63:03:46:5f:b2:
08:c9:b0:5b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZMqWiD0pgz+ItDiymdsiPkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjQxMTE0MTEwNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDlkMzM3YzljYWU5ODRhYmEzZDAwNWQ2NGE3MWIxM2JlYTU1MGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkR4HWbtMYZsVk66aKLpL2VpH8GC
nPC2+7ZeyJ8WMW1C9S2l2EgDYozv/X9BWwNsnPxgPp5rPlXvaLoLq3Awv69yh6zC
wgaDphPVcHHVaMz5YCeRdVldPEik7SZBzj7yb2qzkfYN+bv+u+jm2efAuUryrgy3
j/whgfN2HKCZkEJ4zQvyGkc4JjpkiokECuklf5CcWYzftsbXAxfiZxgaz1zyenzP
vCe65xRLyyupT2VXSbwPsE2vGoJ6/exQeDMtRzxDuGIa5OJ5Nm/vFCqkrY64138B
oDQKc5d89aWWd78w1g4Lf8bhj0NNfaAkYez8hQ9fh1aqgmqXmyrMTKzHKwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFO2dM3ycrphKuj0AXWSnGxO+pVC/MB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvN1owemZKeXVtRXE2UFFCZFpLY2JFNzZsVUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgEIQDAN
BgkqhkiG9w0BAQsFAAOCAQEAVLJg/jWNfRtJjeMemTH+a03A7LKJj8tT2GkbkOyw
C9ZC1CYESfTnJAeivmnpwp2SPNz47CluNXcICAE8xIST51o0zzxQ4DPhAyazCe39
1s9Y5gtwK6PO5LVcnSTreb+8+0P22qcZ7TJk3qkxXkpwSvN7MzxaEIrix4KGqzwj
aOq8gK3lvPcIArRMQk/uZL+h8vz4HA572QU70CHNXymJP/0LqqT0GcGKUh13gN1G
ppPpu3UaxwrB9S5y4CtUFc+hfxnyVxvymdgeFVwKc/RnRX7IO39svWJb6ccmRubZ
dMcwPTHgwRER7v05BLkEcF+OIaxgLj2Pl2MDRl+yCMmwWw==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:56 2024 by rpki-client on console.sobornost.net