Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/q1n7lB8W81qCsPYAe1u0IO-uoRM.roa
File: q1n7lB8W81qCsPYAe1u0IO-uoRM.roa (raw, json)
Hash identifier: II/bb4kebr85/BwdpOUlXYkU2yVjavDAFcmgQM9e7yk=
Subject key identifier: AB:59:FB:94:1F:16:F3:5A:82:B0:F6:00:7B:5B:B4:20:EF:AE:A1:13
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 019386CC843B81A8363F85A23A9D0341916A
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/q1n7lB8W81qCsPYAe1u0IO-uoRM.roa
Signing time: Mon 02 Dec 2024 09:56:10 +0000
ROA not before: Mon 02 Dec 2024 09:56:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8246
IP address blocks: 2001:4190:8025::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:cc:84:3b:81:a8:36:3f:85:a2:3a:9d:03:41:91:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Dec 2 09:56:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab59fb941f16f35a82b0f6007b5bb420efaea113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9b:c1:28:4f:1c:04:31:fc:75:8c:e6:f0:22:
a6:a5:f2:46:fd:78:69:21:e7:96:d9:b9:b1:99:b4:
0d:32:86:17:4c:11:e7:4e:d9:6e:4f:f2:89:c9:7f:
41:7e:9c:56:55:20:aa:51:f6:c0:67:93:7d:4b:ad:
2f:38:e4:23:57:61:53:0d:02:1d:21:a8:a5:6d:29:
80:da:3c:00:be:c5:e4:12:85:9e:2a:ef:bd:69:c4:
da:ae:84:b0:7d:cb:12:d3:37:5a:9a:56:58:a2:12:
3c:26:ed:af:b4:65:b9:9b:05:4c:17:32:65:10:a7:
f5:a7:95:e8:2d:0e:06:74:c0:f2:ff:3f:1a:1a:07:
4f:3b:d3:b8:d4:ee:6b:1e:b3:72:15:72:db:f1:1a:
01:c4:8b:37:cb:a3:ce:99:9b:9c:49:12:e3:f9:4d:
5f:f9:fd:e9:e4:35:26:79:c6:59:a2:9b:c2:3e:d1:
5c:40:2d:6b:e9:78:88:4d:5e:fa:49:0f:e9:72:b4:
ac:f9:a1:83:72:10:36:68:66:07:a1:1a:69:f1:eb:
34:f0:1d:05:bb:71:a8:ee:11:88:87:85:6f:5b:67:
4f:d4:72:ac:c9:8f:f2:99:f1:25:75:5d:5a:da:4f:
de:ff:4d:f7:17:83:98:ec:3d:83:a6:02:64:4c:3f:
d0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:59:FB:94:1F:16:F3:5A:82:B0:F6:00:7B:5B:B4:20:EF:AE:A1:13
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/q1n7lB8W81qCsPYAe1u0IO-uoRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4190:8025::/48
Signature Algorithm: sha256WithRSAEncryption
5a:ab:41:31:ea:5b:68:09:2f:4f:c8:dd:8f:e0:83:39:a8:7b:
43:68:e1:90:11:df:40:46:bb:37:9a:5b:a7:0f:bc:4e:ae:c2:
68:68:59:e9:6e:61:5b:fb:1f:7a:0f:44:dc:75:e1:cc:f5:72:
58:ac:71:5d:3d:bd:36:e8:63:96:9e:e4:98:79:a6:74:3a:ab:
2e:54:0a:e4:4b:08:f9:e7:7d:fa:b2:f4:6a:6e:c4:18:d2:4d:
99:e7:9f:fb:ff:c6:63:fd:7a:f6:89:f5:60:24:ba:79:ff:e3:
6c:8a:0e:e4:e4:60:c7:45:99:61:7d:8a:f2:66:7a:43:cb:04:
71:68:42:b2:9f:d4:a6:1e:50:7a:32:7f:6f:b4:4d:de:60:ae:
88:42:02:09:84:6e:a7:23:e6:5d:28:ab:a4:e2:9d:8b:71:ba:
27:5c:a6:1b:98:c0:e6:9b:67:ae:d1:d4:1f:27:cd:51:0e:25:
00:ff:61:9f:a3:27:16:e4:bf:cf:6d:06:bd:88:35:18:33:60:
c4:b2:42:c5:2a:2a:0c:58:b7:2b:5f:b7:3a:ed:83:ae:9f:7d:
a6:60:cb:5d:c8:36:2c:89:b2:11:8a:1c:81:04:39:e1:2c:6c:
8d:57:4a:32:25:97:26:af:0f:95:48:63:a9:18:6a:3f:af:cc:
9a:61:22:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZOGzIQ7gag2P4WiOp0DQZFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjQxMjAyMDk1NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjU5ZmI5NDFmMTZmMzVhODJiMGY2MDA3YjViYjQyMGVmYWVhMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZvBKE8cBDH8dYzm8CKmpfJG/Xhp
IeeW2bmxmbQNMoYXTBHnTtluT/KJyX9BfpxWVSCqUfbAZ5N9S60vOOQjV2FTDQId
IailbSmA2jwAvsXkEoWeKu+9acTaroSwfcsS0zdamlZYohI8Ju2vtGW5mwVMFzJl
EKf1p5XoLQ4GdMDy/z8aGgdPO9O41O5rHrNyFXLb8RoBxIs3y6POmZucSRLj+U1f
+f3p5DUmecZZopvCPtFcQC1r6XiITV76SQ/pcrSs+aGDchA2aGYHoRpp8es08B0F
u3Go7hGIh4VvW2dP1HKsyY/ymfEldV1a2k/e/033F4OY7D2DpgJkTD/QCQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKtZ+5QfFvNagrD2AHtbtCDvrqETMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvcTFuN2xCOFc4MXFDc1BZQWUxdTBJTy11b1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAFBkIAl
MA0GCSqGSIb3DQEBCwUAA4IBAQBaq0Ex6ltoCS9PyN2P4IM5qHtDaOGQEd9ARrs3
mlunD7xOrsJoaFnpbmFb+x96D0TcdeHM9XJYrHFdPb026GOWnuSYeaZ0OqsuVArk
Swj55336svRqbsQY0k2Z55/7/8Zj/Xr2ifVgJLp5/+Nsig7k5GDHRZlhfYryZnpD
ywRxaEKyn9SmHlB6Mn9vtE3eYK6IQgIJhG6nI+ZdKKuk4p2LcbonXKYbmMDmm2eu
0dQfJ81RDiUA/2GfoycW5L/PbQa9iDUYM2DEskLFKioMWLcrX7c67YOun32mYMtd
yDYsibIRihyBBDnhLGyNV0oyJZcmrw+VSGOpGGo/r8yaYSIl
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:40 2024 by rpki-client on console.sobornost.net