Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/84ec37-3241-4758-b04a-842c6875bb40/1/CMGFwDzA7bFYucJN8cI62RFlmi0.roa
File: CMGFwDzA7bFYucJN8cI62RFlmi0.roa (raw, json)
Hash identifier: nVAUfOaPvIhsLuey90Zb0h+9PM86dJbVnIH9jndzlrQ=
Subject key identifier: 08:C1:85:C0:3C:C0:ED:B1:58:B9:C2:4D:F1:C2:3A:D9:11:65:9A:2D
Certificate issuer: /CN=9f6988bbdf625347e9c4a7fc3f4fc63dcee6ab07
Certificate serial: 0193945D1B028001B0A37453AE4E71776B5C
Authority key identifier: 9F:69:88:BB:DF:62:53:47:E9:C4:A7:FC:3F:4F:C6:3D:CE:E6:AB:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n2mIu99iU0fpxKf8P0_GPc7mqwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/84ec37-3241-4758-b04a-842c6875bb40/1/CMGFwDzA7bFYucJN8cI62RFlmi0.roa
Signing time: Thu 05 Dec 2024 01:09:09 +0000
ROA not before: Thu 05 Dec 2024 01:09:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38676
IP address blocks: 2a14:c000::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:94:5d:1b:02:80:01:b0:a3:74:53:ae:4e:71:77:6b:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f6988bbdf625347e9c4a7fc3f4fc63dcee6ab07
Validity
Not Before: Dec 5 01:09:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08c185c03cc0edb158b9c24df1c23ad911659a2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:81:27:56:1b:86:2d:e9:c1:3b:41:e5:d9:c8:
68:90:78:36:19:b4:8c:e5:5e:b4:06:02:7f:12:08:
6d:40:d0:44:4a:a4:f1:87:91:8e:c3:fa:57:8a:49:
c7:26:4c:ad:f4:34:79:df:f9:91:c0:03:ff:e6:ed:
86:00:81:10:ff:8e:9a:52:77:3a:75:c1:d2:11:82:
22:47:e7:c5:7b:d2:f3:fe:71:ea:a7:1c:97:8a:b4:
77:d1:9d:88:7e:ef:71:a7:2a:39:98:1f:2c:9e:a4:
03:38:34:cf:e6:e1:c0:90:0e:6d:a4:4b:60:db:b0:
ff:72:19:a7:e7:53:b6:42:9b:97:39:b4:0e:5a:c2:
f9:a2:9a:0e:cd:3b:5d:e7:30:91:b7:a9:43:d9:e1:
95:b5:ea:22:d4:d9:d8:63:5d:66:1d:1d:f8:5e:fa:
83:49:82:0d:96:58:b7:97:e4:52:a6:7c:b9:1e:ff:
89:2d:5c:f0:31:9b:ad:94:d2:68:08:91:7d:fe:ee:
4b:4a:9d:bc:0b:ab:bf:fd:e5:97:57:98:a2:0f:66:
6e:c7:32:bc:54:1d:36:a4:1c:60:f8:6c:79:ae:59:
8f:1f:db:a8:ac:bd:22:1d:9f:06:56:d2:15:d3:bd:
d6:d8:6d:ac:f0:e0:1f:4f:85:2b:8b:9d:6e:36:4b:
06:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C1:85:C0:3C:C0:ED:B1:58:B9:C2:4D:F1:C2:3A:D9:11:65:9A:2D
X509v3 Authority Key Identifier:
keyid:9F:69:88:BB:DF:62:53:47:E9:C4:A7:FC:3F:4F:C6:3D:CE:E6:AB:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2mIu99iU0fpxKf8P0_GPc7mqwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/84ec37-3241-4758-b04a-842c6875bb40/1/CMGFwDzA7bFYucJN8cI62RFlmi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/84ec37-3241-4758-b04a-842c6875bb40/1/n2mIu99iU0fpxKf8P0_GPc7mqwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c000::/29
Signature Algorithm: sha256WithRSAEncryption
7e:f1:87:d0:a1:2a:f7:15:c8:a0:f7:20:81:be:35:a3:39:26:
60:99:a1:3f:f7:16:28:e7:d0:c0:69:f6:29:8b:c8:e3:06:cf:
e5:d8:13:4d:39:22:26:61:ea:9c:88:8a:71:73:a4:28:d4:ab:
48:90:06:d5:28:eb:4e:6c:b5:3d:11:3d:19:8e:bb:44:a0:54:
46:28:34:23:06:ea:b4:9c:4e:47:c2:00:9d:79:c2:a5:0b:73:
8b:e5:d7:30:d7:6b:5e:39:cc:e2:d0:b3:c1:82:53:c6:e6:23:
55:1d:31:6a:e2:ee:e3:83:9c:12:65:c5:a6:de:5f:9d:a9:f2:
09:34:2b:4e:aa:44:e0:84:e1:bb:0b:81:4f:a4:f0:4a:a4:6e:
cb:5c:3d:8c:5b:c0:65:d1:3b:74:86:13:ca:43:37:29:a5:a8:
4c:1e:f4:5a:94:13:75:e8:85:e6:9d:0e:b0:01:4e:1a:d0:06:
ba:af:39:f5:12:60:b0:a8:a9:ca:c8:81:59:39:91:f9:d6:04:
a3:80:27:f9:c0:9e:b6:41:a7:b2:e0:d1:a0:8f:74:ab:27:ab:
4c:cd:07:98:59:92:73:ca:ec:65:c6:ac:b9:34:cc:c6:85:b4:
9f:78:44:1e:42:89:5b:42:dd:dc:87:7d:51:d6:ad:e0:45:ec:
0f:0e:13:4a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOUXRsCgAGwo3RTrk5xd2tcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNjk4OGJiZGY2MjUzNDdlOWM0YTdmYzNmNGZjNjNkY2Vl
NmFiMDcwHhcNMjQxMjA1MDEwOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGMxODVjMDNjYzBlZGIxNThiOWMyNGRmMWMyM2FkOTExNjU5YTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4EnVhuGLenBO0Hl2chokHg2GbSM
5V60BgJ/EghtQNBESqTxh5GOw/pXiknHJkyt9DR53/mRwAP/5u2GAIEQ/46aUnc6
dcHSEYIiR+fFe9Lz/nHqpxyXirR30Z2Ifu9xpyo5mB8snqQDODTP5uHAkA5tpEtg
27D/chmn51O2QpuXObQOWsL5opoOzTtd5zCRt6lD2eGVteoi1NnYY11mHR34XvqD
SYINlli3l+RSpny5Hv+JLVzwMZutlNJoCJF9/u5LSp28C6u//eWXV5iiD2ZuxzK8
VB02pBxg+Gx5rlmPH9uorL0iHZ8GVtIV073W2G2s8OAfT4Uri51uNksGWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAjBhcA8wO2xWLnCTfHCOtkRZZotMB8GA1UdIwQY
MBaAFJ9piLvfYlNH6cSn/D9Pxj3O5qsHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjJtSXU5OWlVMGZweEtmOFAwX0dQYzdtcXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS84NGVjMzctMzI0MS00NzU4LWIwNGEt
ODQyYzY4NzViYjQwLzEvQ01HRndEekE3YkZZdWNKTjhjSTYyUkZsbWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS84NGVjMzctMzI0MS00NzU4LWIwNGEtODQyYzY4NzViYjQw
LzEvbjJtSXU5OWlVMGZweEtmOFAwX0dQYzdtcXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhTAADAN
BgkqhkiG9w0BAQsFAAOCAQEAfvGH0KEq9xXIoPcggb41ozkmYJmhP/cWKOfQwGn2
KYvI4wbP5dgTTTkiJmHqnIiKcXOkKNSrSJAG1SjrTmy1PRE9GY67RKBURig0Iwbq
tJxOR8IAnXnCpQtzi+XXMNdrXjnM4tCzwYJTxuYjVR0xauLu44OcEmXFpt5fnany
CTQrTqpE4IThuwuBT6TwSqRuy1w9jFvAZdE7dIYTykM3KaWoTB70WpQTdeiF5p0O
sAFOGtAGuq859RJgsKipysiBWTmR+dYEo4An+cCetkGnsuDRoI90qyerTM0HmFmS
c8rsZcasuTTMxoW0n3hEHkKJW0Ld3Id9Udat4EXsDw4TSg==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:00 2024 by rpki-client on console.sobornost.net