Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/e684f6-24ef-4099-bf96-1c63dacabde9/1/I6okgtviNu_cj9cOCt-KxiB5eXQ.roa
File: I6okgtviNu_cj9cOCt-KxiB5eXQ.roa (raw, json)
Hash identifier: tU792umrFNqZqjOUaLFYCN8uaQZtJmL1gqdBuVtrOCg=
Subject key identifier: 23:AA:24:82:DB:E2:36:EF:DC:8F:D7:0E:0A:DF:8A:C6:20:79:79:74
Certificate issuer: /CN=3ad5d7c7be912650d71423cd3c2516da9409edb6
Certificate serial: 0193E8490702ADC15A9A3F53A5AFC2590733
Authority key identifier: 3A:D5:D7:C7:BE:91:26:50:D7:14:23:CD:3C:25:16:DA:94:09:ED:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtXXx76RJlDXFCPNPCUW2pQJ7bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/e684f6-24ef-4099-bf96-1c63dacabde9/1/I6okgtviNu_cj9cOCt-KxiB5eXQ.roa
Signing time: Sat 21 Dec 2024 08:15:20 +0000
ROA not before: Sat 21 Dec 2024 08:15:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214706
IP address blocks: 2a12:6c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e8:49:07:02:ad:c1:5a:9a:3f:53:a5:af:c2:59:07:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad5d7c7be912650d71423cd3c2516da9409edb6
Validity
Not Before: Dec 21 08:15:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23aa2482dbe236efdc8fd70e0adf8ac620797974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1b:27:3f:a2:a1:9c:21:7b:af:d8:98:3e:33:
e4:d0:b1:fb:0e:c1:b9:5d:7c:18:ca:6b:61:60:83:
34:ae:d9:e0:38:b1:86:88:06:54:ae:78:a7:ca:75:
2e:da:fc:b3:79:16:73:45:50:74:d4:3f:0e:00:9b:
20:01:ab:1b:57:1c:b8:3b:5f:f1:29:ca:18:10:a2:
93:81:fc:df:33:3b:5e:85:15:73:5a:06:0b:19:6d:
a1:4d:2e:7a:1e:32:69:17:b1:9a:15:3f:33:1c:ac:
7f:e0:33:16:4e:ec:0f:f2:c3:13:5d:e9:14:02:f6:
b9:6e:f0:58:81:cb:b9:59:61:f8:43:c0:37:96:64:
20:b5:e7:59:8f:ad:9a:0e:2e:79:04:6d:82:4a:f2:
03:92:27:e7:08:05:ec:a4:ce:2d:0d:70:36:09:cd:
e9:8a:72:7c:1d:e9:94:ab:b5:c1:49:91:05:27:07:
e6:3f:51:43:1b:da:60:40:cc:4e:d0:b6:0d:13:b6:
be:42:bd:0a:53:47:ed:ce:78:65:aa:c4:88:12:1c:
75:4e:8a:8d:07:de:77:8b:1a:61:ba:1d:ee:30:d0:
c1:3d:d0:32:fe:c0:19:da:a6:91:cd:aa:9b:95:5c:
5c:fc:80:49:ca:4b:ef:1d:53:87:e5:02:fa:88:91:
c8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AA:24:82:DB:E2:36:EF:DC:8F:D7:0E:0A:DF:8A:C6:20:79:79:74
X509v3 Authority Key Identifier:
keyid:3A:D5:D7:C7:BE:91:26:50:D7:14:23:CD:3C:25:16:DA:94:09:ED:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtXXx76RJlDXFCPNPCUW2pQJ7bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e684f6-24ef-4099-bf96-1c63dacabde9/1/I6okgtviNu_cj9cOCt-KxiB5eXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e684f6-24ef-4099-bf96-1c63dacabde9/1/OtXXx76RJlDXFCPNPCUW2pQJ7bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:6c0::/29
Signature Algorithm: sha256WithRSAEncryption
17:8e:a2:f6:6c:62:13:67:d7:8a:ed:88:43:8e:0c:72:7a:cd:
c2:09:c6:13:4f:2f:60:e8:64:c9:cc:40:f4:85:7e:28:59:f4:
10:71:c1:ea:5c:d2:cf:bc:76:1b:bb:de:4a:80:7b:5a:ec:93:
43:f6:5c:f3:2d:32:9d:aa:e1:7d:84:1c:e4:c5:b7:3e:54:d3:
c8:bc:c8:cf:78:34:65:b3:56:1f:25:cb:8b:c4:46:ad:7f:4b:
6f:e5:24:ba:7d:28:6e:98:17:c7:e2:dd:20:f9:8a:e6:94:72:
23:37:f2:01:09:30:ac:1a:a0:67:08:57:78:5c:0d:23:bf:59:
7c:fa:d4:24:be:a2:ef:37:9f:02:a9:73:d4:18:0a:ec:a4:e8:
a5:9d:b3:ce:18:63:87:51:55:30:d2:02:7a:0f:e2:2c:3d:49:
7d:d0:c5:f0:42:92:7f:59:7b:53:18:20:36:21:5a:5c:a3:1b:
23:49:34:ad:2a:84:d4:79:1d:4c:92:fb:70:7e:15:43:fc:cd:
38:35:4b:a6:a2:9c:26:cf:83:a6:af:f0:64:68:64:ad:35:9e:
ee:1e:1d:8c:7b:e3:a8:0d:c0:ba:f6:a8:d0:8f:78:4f:2f:a4:
1e:38:6e:12:de:03:e6:50:4d:fd:a4:04:60:c1:37:0c:99:07:
f9:14:d5:b2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZPoSQcCrcFamj9Tpa/CWQczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDVkN2M3YmU5MTI2NTBkNzE0MjNjZDNjMjUxNmRhOTQw
OWVkYjYwHhcNMjQxMjIxMDgxNTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2FhMjQ4MmRiZTIzNmVmZGM4ZmQ3MGUwYWRmOGFjNjIwNzk3OTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xsnP6KhnCF7r9iYPjPk0LH7DsG5
XXwYymthYIM0rtngOLGGiAZUrninynUu2vyzeRZzRVB01D8OAJsgAasbVxy4O1/x
KcoYEKKTgfzfMztehRVzWgYLGW2hTS56HjJpF7GaFT8zHKx/4DMWTuwP8sMTXekU
Ava5bvBYgcu5WWH4Q8A3lmQgtedZj62aDi55BG2CSvIDkifnCAXspM4tDXA2Cc3p
inJ8HemUq7XBSZEFJwfmP1FDG9pgQMxO0LYNE7a+Qr0KU0ftznhlqsSIEhx1ToqN
B953ixphuh3uMNDBPdAy/sAZ2qaRzaqblVxc/IBJykvvHVOH5QL6iJHI/QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCOqJILb4jbv3I/XDgrfisYgeXl0MB8GA1UdIwQY
MBaAFDrV18e+kSZQ1xQjzTwlFtqUCe22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RYWHg3NlJKbERYRkNQTlBDVVcycFFKN2JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lNjg0ZjYtMjRlZi00MDk5LWJmOTYt
MWM2M2RhY2FiZGU5LzEvSTZva2d0dmlOdV9jajljT0N0LUt4aUI1ZVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lNjg0ZjYtMjRlZi00MDk5LWJmOTYtMWM2M2RhY2FiZGU5
LzEvT3RYWHg3NlJKbERYRkNQTlBDVVcycFFKN2JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIGwDAN
BgkqhkiG9w0BAQsFAAOCAQEAF46i9mxiE2fXiu2IQ44McnrNwgnGE08vYOhkycxA
9IV+KFn0EHHB6lzSz7x2G7veSoB7WuyTQ/Zc8y0ynarhfYQc5MW3PlTTyLzIz3g0
ZbNWHyXLi8RGrX9Lb+Ukun0obpgXx+LdIPmK5pRyIzfyAQkwrBqgZwhXeFwNI79Z
fPrUJL6i7zefAqlz1BgK7KTopZ2zzhhjh1FVMNICeg/iLD1JfdDF8EKSf1l7Uxgg
NiFaXKMbI0k0rSqE1HkdTJL7cH4VQ/zNODVLpqKcJs+Dpq/wZGhkrTWe7h4djHvj
qA3Auvao0I94Ty+kHjhuEt4D5lBN/aQEYME3DJkH+RTVsg==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:51 2024 by rpki-client on console.sobornost.net