Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/z03C4kSKEMbznh3Q8X4PWhqM5SU.roa
File: z03C4kSKEMbznh3Q8X4PWhqM5SU.roa (raw, json)
Hash identifier: ZMtwz4UDJaX85dZJKXJP6ZYW86vvwdhDQwcW22xH+ww=
Subject key identifier: CF:4D:C2:E2:44:8A:10:C6:F3:9E:1D:D0:F1:7E:0F:5A:1A:8C:E5:25
Certificate issuer: /CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Certificate serial: 019391EBCD49AB5555F8744A6B61A0D7C362
Authority key identifier: FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/z03C4kSKEMbznh3Q8X4PWhqM5SU.roa
Signing time: Wed 04 Dec 2024 13:46:10 +0000
ROA not before: Wed 04 Dec 2024 13:46:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57698
IP address blocks: 2a10:ba80:10::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:91:eb:cd:49:ab:55:55:f8:74:4a:6b:61:a0:d7:c3:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Validity
Not Before: Dec 4 13:46:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf4dc2e2448a10c6f39e1dd0f17e0f5a1a8ce525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5f:e4:b4:98:86:82:c6:62:9a:2a:2e:d6:1b:
e4:bf:e2:b8:db:1c:85:5c:35:d3:bf:18:15:2d:7c:
c0:58:9e:bc:e7:cb:c0:0a:1e:c8:8c:af:cf:25:38:
f4:42:3f:fa:2d:e1:70:32:5b:f9:50:90:c1:95:57:
8b:cb:73:7a:68:96:e0:d4:92:f5:e1:ef:aa:0c:74:
29:ec:2d:ad:6d:a6:4c:99:1e:85:bb:f5:ae:e4:30:
10:9c:67:b6:6e:06:e0:fe:0d:72:fa:5b:d0:f4:68:
8c:1c:c0:87:16:49:ef:68:26:6a:28:ea:4d:2d:fd:
ae:f8:4a:0e:e2:d6:b5:24:e4:33:69:9b:27:c0:e0:
76:2f:7e:b2:da:d7:1d:14:ff:74:a8:bc:32:01:c9:
0d:b4:05:f3:df:a2:26:13:17:d3:44:f2:6d:d3:c2:
eb:65:15:84:be:dd:f9:96:cf:ad:13:0b:91:e9:b1:
a7:3e:f1:9b:f9:35:50:ea:4c:af:be:4a:12:37:56:
a0:6d:f1:14:82:24:5e:ae:a4:c3:f8:4a:23:fb:6e:
29:0d:a0:e7:e9:50:4c:ba:35:69:d2:a4:32:71:8a:
e3:b6:7d:21:86:7b:3f:16:07:c0:a4:64:d4:b4:bf:
39:53:6a:8a:2e:ea:82:e6:a6:8e:4d:31:5c:aa:28:
ce:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4D:C2:E2:44:8A:10:C6:F3:9E:1D:D0:F1:7E:0F:5A:1A:8C:E5:25
X509v3 Authority Key Identifier:
keyid:FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/z03C4kSKEMbznh3Q8X4PWhqM5SU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ba80:10::/44
Signature Algorithm: sha256WithRSAEncryption
a9:57:6c:62:04:98:60:f1:ff:35:47:61:5d:e6:71:a2:f0:c8:
bb:21:20:9e:f2:04:9d:16:39:ec:2e:b4:d9:7c:3c:d3:90:06:
ef:ad:89:f4:9b:f7:4f:e1:0e:dd:10:51:d2:3c:2a:48:8d:bd:
f8:d3:35:62:f2:88:23:bc:5d:fa:3f:59:e3:17:f1:9f:5e:0c:
2b:b3:ba:02:83:1a:ac:53:9d:30:6d:7b:52:e8:5b:70:87:2b:
a2:26:ee:c0:be:4e:64:89:22:b2:ae:ce:c4:43:bf:74:d9:9d:
42:73:af:f1:f9:03:a2:99:f6:a8:76:4b:e3:cc:6e:d1:d0:4b:
41:d4:4c:2f:0b:be:a8:26:49:f6:63:60:19:59:3e:72:5e:e1:
ca:94:cc:1f:7d:1a:a2:a6:30:70:a2:dd:8b:9c:f2:08:ed:9e:
a4:42:c4:b8:68:14:0a:68:cb:f7:16:39:31:56:3b:a3:d1:2b:
06:c6:b5:81:31:cb:52:08:68:3f:e0:00:21:1d:77:d7:5a:dc:
39:3f:cb:b7:f6:00:0b:1a:57:15:e0:56:45:e5:3d:70:ee:e1:
00:d7:c4:7d:ff:e7:d7:21:f9:f0:ac:66:8d:54:56:01:26:99:
a9:40:b6:d8:dd:23:49:bd:1d:fd:1c:4c:e8:d3:57:c9:ac:f0:
33:78:01:0d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZOR681Jq1VV+HRKa2Gg18NiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjFjYjRiYWExNTg2MmQxYjU3NzNiZjJiZTYwY2E1ZjRm
YzI0ZDQwHhcNMjQxMjA0MTM0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjRkYzJlMjQ0OGExMGM2ZjM5ZTFkZDBmMTdlMGY1YTFhOGNlNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4F/ktJiGgsZimiou1hvkv+K42xyF
XDXTvxgVLXzAWJ6858vACh7IjK/PJTj0Qj/6LeFwMlv5UJDBlVeLy3N6aJbg1JL1
4e+qDHQp7C2tbaZMmR6Fu/Wu5DAQnGe2bgbg/g1y+lvQ9GiMHMCHFknvaCZqKOpN
Lf2u+EoO4ta1JOQzaZsnwOB2L36y2tcdFP90qLwyAckNtAXz36ImExfTRPJt08Lr
ZRWEvt35ls+tEwuR6bGnPvGb+TVQ6kyvvkoSN1agbfEUgiRerqTD+Eoj+24pDaDn
6VBMujVp0qQycYrjtn0hhns/FgfApGTUtL85U2qKLuqC5qaOTTFcqijOzwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM9NwuJEihDG854d0PF+D1oajOUlMB8GA1UdIwQY
MBaAFP0hy0uqFYYtG1dzvyvmDKX0/CTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUt
YmU1NTIwYTVjODIxLzEvejAzQzRrU0tFTWJ6bmgzUThYNFBXaHFNNVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUtYmU1NTIwYTVjODIx
LzEvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhC6gAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCpV2xiBJhg8f81R2Fd5nGi8Mi7ISCe8gSdFjns
LrTZfDzTkAbvrYn0m/dP4Q7dEFHSPCpIjb340zVi8ogjvF36P1njF/GfXgwrs7oC
gxqsU50wbXtS6FtwhyuiJu7Avk5kiSKyrs7EQ7902Z1Cc6/x+QOimfaodkvjzG7R
0EtB1EwvC76oJkn2Y2AZWT5yXuHKlMwffRqipjBwot2LnPII7Z6kQsS4aBQKaMv3
FjkxVjuj0SsGxrWBMctSCGg/4AAhHXfXWtw5P8u39gALGlcV4FZF5T1w7uEA18R9
/+fXIfnwrGaNVFYBJpmpQLbY3SNJvR39HEzo01fJrPAzeAEN
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:41 2024 by rpki-client on console.sobornost.net