Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/i3KKY-I4iip3d-fyqTJDj67QkDI.roa
File: i3KKY-I4iip3d-fyqTJDj67QkDI.roa (raw, json)
Hash identifier: blnuR93hO7k+iYyql9J22wdIDK72xjNgOJ62Zjj13hg=
Subject key identifier: 8B:72:8A:63:E2:38:8A:2A:77:77:E7:F2:A9:32:43:8F:AE:D0:90:32
Certificate issuer: /CN=54914541fd1b95e7c0afc875fbef78794f55386b
Certificate serial: 0182BAE0E287D06E127432CEFA5D06F278B2
Authority key identifier: 54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/i3KKY-I4iip3d-fyqTJDj67QkDI.roa
Signing time: Sat 20 Aug 2022 10:51:16 +0000
ROA not before: Sat 20 Aug 2022 10:51:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204333
IP address blocks: 2a06:a005:d21::/48 maxlen: 48
2a06:a000:130::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ba:e0:e2:87:d0:6e:12:74:32:ce:fa:5d:06:f2:78:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54914541fd1b95e7c0afc875fbef78794f55386b
Validity
Not Before: Aug 20 10:51:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b728a63e2388a2a7777e7f2a932438faed09032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1b:6d:f5:d1:21:15:d4:fd:e5:82:a0:34:56:
05:b3:1a:d4:6e:5d:03:e6:ee:b1:c0:5c:47:81:e3:
8f:5a:6d:ef:96:2a:e3:88:fa:9d:5d:f6:63:84:85:
27:6b:53:8d:07:35:ed:f1:8d:9e:b7:64:b1:33:ec:
aa:47:4c:21:7d:0e:95:01:3f:67:16:9c:52:fa:d7:
4e:72:34:15:9e:8d:9c:07:b8:02:cb:5f:45:96:90:
74:0f:81:9f:fb:67:cd:e6:c8:84:d7:57:74:f0:1c:
f0:89:3d:05:ab:7c:6c:6a:a9:7c:14:ca:ac:0d:0d:
59:cb:7c:ec:a8:2f:c7:1d:ed:eb:82:67:c2:42:70:
63:24:d8:1f:23:31:8a:d0:c5:3d:e0:58:09:a9:e2:
ed:7a:f2:52:56:9f:5c:ef:b4:e3:8c:64:72:a3:fd:
9d:18:dd:b0:9e:4b:d8:e3:bf:07:e3:5f:8f:45:78:
91:21:d4:3a:9d:16:a5:b6:76:1f:4b:79:40:7f:4c:
51:83:a0:bf:e0:d5:9d:e6:5d:11:d8:fd:fa:96:a0:
a8:2b:f0:8f:68:f3:6e:b1:5c:1f:e8:e1:a7:27:35:
86:d0:13:16:7b:5f:05:40:8f:e0:90:e6:78:b1:13:
ce:7a:13:bc:82:65:b6:f4:cc:0c:c3:6b:c5:59:d6:
52:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:72:8A:63:E2:38:8A:2A:77:77:E7:F2:A9:32:43:8F:AE:D0:90:32
X509v3 Authority Key Identifier:
keyid:54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/i3KKY-I4iip3d-fyqTJDj67QkDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/VJFFQf0blefAr8h1--94eU9VOGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a000:130::/44
2a06:a005:d21::/48
Signature Algorithm: sha256WithRSAEncryption
87:20:90:0c:b3:10:db:70:f5:4a:d8:ea:25:db:4d:fe:b3:d7:
56:01:9d:6d:12:03:d1:bc:96:46:d5:7d:82:bb:59:f2:e1:ea:
1a:ad:4b:a4:5a:ab:2d:af:22:61:2a:89:79:08:4f:52:20:de:
92:22:50:14:3a:fd:e8:d4:1a:84:2e:d3:c3:dc:8e:d3:0b:08:
2a:62:34:03:17:3d:05:a2:47:1e:c3:0a:dc:5f:36:69:41:11:
ac:45:00:3e:53:53:00:8c:32:c1:ee:18:42:6f:a0:6b:02:26:
4c:7c:f1:79:f0:04:97:fb:77:fa:43:6e:9d:c9:ac:8b:fc:c1:
90:35:6f:1b:7a:11:8b:d4:41:f2:75:7d:a5:87:6d:37:55:f0:
75:c4:60:be:52:0f:3e:a7:9a:5d:6e:2b:90:fb:ae:27:c2:a6:
40:ef:5d:e4:68:5f:0d:a1:92:f7:40:be:c3:7f:f1:45:10:f2:
1b:de:fa:9b:b5:8e:1d:58:1f:f6:7c:63:6e:b1:13:4d:f3:d1:
74:89:81:86:08:a0:23:c4:16:e3:a9:20:a7:a9:45:7e:96:8c:
0e:c3:1b:ea:81:c4:10:40:76:be:de:dd:bd:33:97:10:37:19:
81:31:1b:89:a7:9b:c2:bb:4b:7e:7e:0c:fa:bc:7b:17:9f:b2:
52:e7:d3:7b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYK64OKH0G4SdDLO+l0G8niyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0OTE0NTQxZmQxYjk1ZTdjMGFmYzg3NWZiZWY3ODc5NGY1
NTM4NmIwHhcNMjIwODIwMTA1MTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjcyOGE2M2UyMzg4YTJhNzc3N2U3ZjJhOTMyNDM4ZmFlZDA5MDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBtt9dEhFdT95YKgNFYFsxrUbl0D
5u6xwFxHgeOPWm3vlirjiPqdXfZjhIUna1ONBzXt8Y2et2SxM+yqR0whfQ6VAT9n
FpxS+tdOcjQVno2cB7gCy19FlpB0D4Gf+2fN5siE11d08BzwiT0Fq3xsaql8FMqs
DQ1Zy3zsqC/HHe3rgmfCQnBjJNgfIzGK0MU94FgJqeLtevJSVp9c77TjjGRyo/2d
GN2wnkvY478H41+PRXiRIdQ6nRaltnYfS3lAf0xRg6C/4NWd5l0R2P36lqCoK/CP
aPNusVwf6OGnJzWG0BMWe18FQI/gkOZ4sRPOehO8gmW29MwMw2vFWdZSRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFItyimPiOIoqd3fn8qkyQ4+u0JAyMB8GA1UdIwQY
MBaAFFSRRUH9G5XnwK/IdfvveHlPVThrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEt
ZDlmNmQ5NjQyNTM3LzEvaTNLS1ktSTRpaXAzZC1meXFUSkRqNjdRa0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEtZDlmNmQ5NjQyNTM3
LzEvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgagAAEw
AwcAKgagBQ0hMA0GCSqGSIb3DQEBCwUAA4IBAQCHIJAMsxDbcPVK2Ool203+s9dW
AZ1tEgPRvJZG1X2Cu1ny4eoarUukWqstryJhKol5CE9SIN6SIlAUOv3o1BqELtPD
3I7TCwgqYjQDFz0FokcewwrcXzZpQRGsRQA+U1MAjDLB7hhCb6BrAiZMfPF58ASX
+3f6Q26dyayL/MGQNW8behGL1EHydX2lh203VfB1xGC+Ug8+p5pdbiuQ+64nwqZA
713kaF8NoZL3QL7Df/FFEPIb3vqbtY4dWB/2fGNusRNN89F0iYGGCKAjxBbjqSCn
qUV+lowOwxvqgcQQQHa+3t29M5cQNxmBMRuJp5vCu0t+fgz6vHsXn7JS59N7
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:04 2023 by rpki-client on console.sobornost.net