Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/ThmYagiwC5SDvL15LfgNQ1m3iWk.roa
File: ThmYagiwC5SDvL15LfgNQ1m3iWk.roa (raw, json)
Hash identifier: GIwlUgrzLLgsqjG12Zy5hAjSY14sD3pBt+dNE7i2trE=
Subject key identifier: 4E:19:98:6A:08:B0:0B:94:83:BC:BD:79:2D:F8:0D:43:59:B7:89:69
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0193F8B274A58863913FAA1AE2A27AC4A624
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/ThmYagiwC5SDvL15LfgNQ1m3iWk.roa
Signing time: Tue 24 Dec 2024 12:44:25 +0000
ROA not before: Tue 24 Dec 2024 12:44:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214168
IP address blocks: 2a11:4540::/29 maxlen: 29
2a11:5980::/29 maxlen: 29
2a11:7b00::/29 maxlen: 29
2a11:8740::/29 maxlen: 29
2a11:bbc0::/29 maxlen: 29
2a12:8580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f8:b2:74:a5:88:63:91:3f:aa:1a:e2:a2:7a:c4:a6:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Dec 24 12:44:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e19986a08b00b9483bcbd792df80d4359b78969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:51:20:ff:21:54:1a:74:b9:23:d8:c1:89:37:
77:83:1f:ba:ab:21:8f:c2:5e:b6:2e:b0:45:bc:eb:
48:3c:0a:df:15:eb:c9:9d:e0:99:36:8a:85:ae:97:
8c:d1:c5:0a:26:aa:2e:75:56:05:9c:37:c1:9f:ce:
7b:78:5e:ad:6f:1b:c0:fc:03:59:3a:67:fc:5a:c9:
75:83:d3:09:4e:97:ff:da:03:db:be:24:30:c5:12:
b3:ae:79:52:7f:52:71:27:a9:0c:79:46:07:f7:61:
f3:a0:14:74:e6:f4:6a:f1:59:81:3c:71:17:4b:30:
48:a3:23:75:05:5b:57:94:95:a0:95:c7:c3:17:42:
05:d2:ff:7a:8a:3f:b7:7c:e0:80:c5:9e:b5:e8:5c:
73:d0:4f:40:c0:e6:ea:b4:29:27:8c:61:e2:2d:f7:
cd:93:03:75:0c:20:76:98:80:80:0a:b9:a6:db:22:
44:31:f9:de:64:da:8c:a4:17:e6:fe:e2:38:3d:56:
4d:c0:e8:48:97:93:d0:de:e0:48:d2:78:38:03:63:
43:a1:86:34:0e:52:20:e9:ff:f5:cf:34:e4:cb:f5:
dd:dd:cb:a2:a7:6b:36:9a:32:98:6e:a3:6f:a1:8f:
f1:b2:36:f2:97:a6:31:b2:d5:f7:e7:98:4d:96:c9:
be:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:19:98:6A:08:B0:0B:94:83:BC:BD:79:2D:F8:0D:43:59:B7:89:69
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/ThmYagiwC5SDvL15LfgNQ1m3iWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4540::/29
2a11:5980::/29
2a11:7b00::/29
2a11:8740::/29
2a11:bbc0::/29
2a12:8580::/29
Signature Algorithm: sha256WithRSAEncryption
3c:ca:70:6b:cf:06:43:31:71:c8:ee:f6:6b:6f:b5:81:c6:0e:
f9:eb:46:89:d6:5c:6b:64:b5:16:1b:11:22:3e:31:8a:21:6a:
36:f8:82:f3:bf:10:88:ae:6f:be:48:3b:4e:2a:5b:91:4f:76:
05:cb:3a:37:42:25:c8:61:56:2f:39:e3:38:f6:66:3a:45:a3:
f4:da:16:58:23:a9:df:41:f6:a2:ba:41:e5:ad:3f:c0:29:ef:
c6:15:ce:a4:4b:1a:f2:59:18:74:b1:ad:68:20:92:29:a0:6f:
a2:bb:4a:19:7d:5c:08:bc:9a:8b:da:2f:57:e9:4a:ea:95:03:
2b:12:8b:41:6a:c8:7d:20:73:3a:70:2d:f3:6a:38:a3:83:33:
3a:69:e4:dc:47:dd:f6:c0:da:32:0e:59:20:52:3e:a8:bb:74:
0e:f1:0a:8e:7b:b7:f5:43:bb:63:52:0d:d5:46:b5:2a:ff:14:
bf:5f:84:55:3f:17:8b:73:bb:c7:06:18:d7:72:84:bb:c7:77:
43:37:02:e0:9a:4d:73:a6:33:10:71:a9:fe:06:93:0e:9f:09:
c2:49:6a:b8:8d:8c:b3:24:f1:8a:bb:3c:42:eb:14:e1:b2:e1:
50:04:ce:ac:f1:03:e1:69:c8:b2:ee:99:6d:c4:32:2b:67:f1:
d8:83:d6:12
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZP4snSliGORP6oa4qJ6xKYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQxMjI0MTI0NDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTE5OTg2YTA4YjAwYjk0ODNiY2JkNzkyZGY4MGQ0MzU5Yjc4OTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFEg/yFUGnS5I9jBiTd3gx+6qyGP
wl62LrBFvOtIPArfFevJneCZNoqFrpeM0cUKJqoudVYFnDfBn857eF6tbxvA/ANZ
Omf8Wsl1g9MJTpf/2gPbviQwxRKzrnlSf1JxJ6kMeUYH92HzoBR05vRq8VmBPHEX
SzBIoyN1BVtXlJWglcfDF0IF0v96ij+3fOCAxZ616Fxz0E9AwObqtCknjGHiLffN
kwN1DCB2mICACrmm2yJEMfneZNqMpBfm/uI4PVZNwOhIl5PQ3uBI0ng4A2NDoYY0
DlIg6f/1zzTky/Xd3cuip2s2mjKYbqNvoY/xsjbyl6YxstX355hNlsm+eQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFE4ZmGoIsAuUg7y9eS34DUNZt4lpMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvVGhtWWFnaXdDNVNEdkwxNUxmZ05RMW0zaVdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKhFFQAMF
AyoRWYADBQMqEXsAAwUDKhGHQAMFAyoRu8ADBQMqEoWAMA0GCSqGSIb3DQEBCwUA
A4IBAQA8ynBrzwZDMXHI7vZrb7WBxg7560aJ1lxrZLUWGxEiPjGKIWo2+ILzvxCI
rm++SDtOKluRT3YFyzo3QiXIYVYvOeM49mY6RaP02hZYI6nfQfaiukHlrT/AKe/G
Fc6kSxryWRh0sa1oIJIpoG+iu0oZfVwIvJqL2i9X6UrqlQMrEotBash9IHM6cC3z
ajijgzM6aeTcR932wNoyDlkgUj6ou3QO8QqOe7f1Q7tjUg3VRrUq/xS/X4RVPxeL
c7vHBhjXcoS7x3dDNwLgmk1zpjMQcan+BpMOnwnCSWq4jYyzJPGKuzxC6xThsuFQ
BM6s8QPhaciy7pltxDIrZ/HYg9YS
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:47 2024 by rpki-client on console.sobornost.net