Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/62acce-e639-46df-be35-42ed5030f13c/1/THBpkfAr22VoKugs6PSAN8wHHWk.roa
File: THBpkfAr22VoKugs6PSAN8wHHWk.roa (raw, json)
Hash identifier: VZc3QhAq25OXaf6klQ2Fs+mcNEP/S2IH2Ax3XeVeXvw=
Subject key identifier: 4C:70:69:91:F0:2B:DB:65:68:2A:E8:2C:E8:F4:80:37:CC:07:1D:69
Certificate issuer: /CN=57b81833f364bc6425b4255b7ee33de0072200b3
Certificate serial: 018AA70C8517B6BC273CEB8B1E0FF7E5203C
Authority key identifier: 57:B8:18:33:F3:64:BC:64:25:B4:25:5B:7E:E3:3D:E0:07:22:00:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7gYM_NkvGQltCVbfuM94AciALM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/62acce-e639-46df-be35-42ed5030f13c/1/THBpkfAr22VoKugs6PSAN8wHHWk.roa
Signing time: Mon 18 Sep 2023 06:48:50 +0000
ROA not before: Mon 18 Sep 2023 06:48:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205227
IP address blocks: 2a11:58c0::/29 maxlen: 29
2a11:58c4::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:0c:85:17:b6:bc:27:3c:eb:8b:1e:0f:f7:e5:20:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b81833f364bc6425b4255b7ee33de0072200b3
Validity
Not Before: Sep 18 06:48:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c706991f02bdb65682ae82ce8f48037cc071d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c5:8d:74:49:1d:e0:f1:e0:b0:48:b6:3b:de:
48:70:98:56:9d:e0:12:60:b9:e4:d8:1a:e4:69:89:
98:27:18:7c:0c:64:18:d9:8e:8e:ba:ed:b4:2b:c4:
71:e6:49:b3:33:d5:b4:29:57:bb:10:e5:89:5d:2c:
01:42:97:c9:c4:13:30:29:bd:ce:23:bc:c9:a0:54:
b8:a3:c2:bf:a1:0d:e4:b7:b9:74:20:63:54:1c:6b:
84:0b:e6:98:26:ff:0c:10:2d:58:f4:49:87:97:a2:
70:98:d8:9a:c0:28:b9:17:2d:a3:c6:28:2a:0f:da:
d4:d9:e9:ce:82:fe:e5:db:4d:02:80:b5:de:38:fc:
51:dc:ef:bd:18:52:46:c3:59:d1:0d:95:76:c6:3f:
5d:19:bf:61:9b:de:12:50:c1:5a:17:4e:3e:b6:67:
db:70:29:73:e8:11:fc:5b:53:20:56:8e:b2:29:ec:
52:24:6d:4f:8b:67:ab:6e:52:ec:4d:16:e5:d3:5f:
91:b7:6b:05:de:37:fd:21:af:e4:7e:21:1c:7c:4a:
5d:c8:a0:e0:40:55:dd:8b:7c:7b:30:fb:b4:ac:32:
2c:3e:49:f0:25:31:3c:65:db:72:ab:b1:75:8e:05:
7f:6d:69:ac:7e:e6:3c:da:8b:93:47:31:63:47:2d:
05:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:70:69:91:F0:2B:DB:65:68:2A:E8:2C:E8:F4:80:37:CC:07:1D:69
X509v3 Authority Key Identifier:
keyid:57:B8:18:33:F3:64:BC:64:25:B4:25:5B:7E:E3:3D:E0:07:22:00:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7gYM_NkvGQltCVbfuM94AciALM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/62acce-e639-46df-be35-42ed5030f13c/1/THBpkfAr22VoKugs6PSAN8wHHWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/62acce-e639-46df-be35-42ed5030f13c/1/V7gYM_NkvGQltCVbfuM94AciALM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:58c0::/29
Signature Algorithm: sha256WithRSAEncryption
87:05:4e:c2:8c:0e:8e:da:28:9a:35:b8:79:3a:ba:92:2c:56:
fc:8f:86:66:03:28:18:92:f7:1e:a9:08:d7:7a:26:7e:f9:ff:
7b:53:17:47:5a:cd:cb:d0:6a:1e:d2:d0:2f:c3:02:d0:8c:97:
e5:32:19:a4:91:b7:5e:13:d9:0c:9b:b4:14:ad:30:90:77:32:
b7:e2:d3:99:10:ae:e7:a2:f6:e3:1d:c0:88:23:77:6b:d8:44:
97:4b:fe:e1:0b:18:93:0a:db:c9:c1:1c:e9:f2:2c:e9:a7:db:
56:02:23:a8:8c:99:df:fd:3e:ed:bd:56:06:30:da:03:3b:b3:
ef:94:30:f8:07:82:12:1e:39:5d:21:34:e1:9b:5e:d8:36:93:
86:20:d1:1a:ac:0d:b7:fc:22:c9:73:7c:9b:ab:7a:e0:68:4a:
3d:87:8b:cd:a3:d7:22:93:d5:ff:25:93:38:f3:5d:fd:a1:f1:
54:71:53:aa:1b:e3:b0:14:e0:e3:b8:a9:8c:7e:08:44:b4:5c:
e2:11:7a:9d:85:18:b6:8e:2d:da:f6:9f:a0:9d:a7:1f:ac:02:
23:da:6e:b2:21:9f:f6:f6:c8:ee:ef:2e:8a:44:87:e7:0f:1d:
00:38:a2:02:68:09:db:2d:4e:5d:56:e8:3d:47:da:11:76:59:
a6:62:09:5b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYqnDIUXtrwnPOuLHg/35SA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjgxODMzZjM2NGJjNjQyNWI0MjU1YjdlZTMzZGUwMDcy
MjAwYjMwHhcNMjMwOTE4MDY0ODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzcwNjk5MWYwMmJkYjY1NjgyYWU4MmNlOGY0ODAzN2NjMDcxZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicWNdEkd4PHgsEi2O95IcJhWneAS
YLnk2BrkaYmYJxh8DGQY2Y6Ouu20K8Rx5kmzM9W0KVe7EOWJXSwBQpfJxBMwKb3O
I7zJoFS4o8K/oQ3kt7l0IGNUHGuEC+aYJv8MEC1Y9EmHl6JwmNiawCi5Fy2jxigq
D9rU2enOgv7l200CgLXeOPxR3O+9GFJGw1nRDZV2xj9dGb9hm94SUMFaF04+tmfb
cClz6BH8W1MgVo6yKexSJG1Pi2erblLsTRbl01+Rt2sF3jf9Ia/kfiEcfEpdyKDg
QFXdi3x7MPu0rDIsPknwJTE8Zdtyq7F1jgV/bWmsfuY82ouTRzFjRy0F7wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFExwaZHwK9tlaCroLOj0gDfMBx1pMB8GA1UdIwQY
MBaAFFe4GDPzZLxkJbQlW37jPeAHIgCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdnWU1fTmt2R1FsdENWYmZ1TTk0QWNpQUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS82MmFjY2UtZTYzOS00NmRmLWJlMzUt
NDJlZDUwMzBmMTNjLzEvVEhCcGtmQXIyMlZvS3VnczZQU0FOOHdISFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS82MmFjY2UtZTYzOS00NmRmLWJlMzUtNDJlZDUwMzBmMTNj
LzEvVjdnWU1fTmt2R1FsdENWYmZ1TTk0QWNpQUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFYwDAN
BgkqhkiG9w0BAQsFAAOCAQEAhwVOwowOjtoomjW4eTq6kixW/I+GZgMoGJL3HqkI
13omfvn/e1MXR1rNy9BqHtLQL8MC0IyX5TIZpJG3XhPZDJu0FK0wkHcyt+LTmRCu
56L24x3AiCN3a9hEl0v+4QsYkwrbycEc6fIs6afbVgIjqIyZ3/0+7b1WBjDaAzuz
75Qw+AeCEh45XSE04Zte2DaThiDRGqwNt/wiyXN8m6t64GhKPYeLzaPXIpPV/yWT
OPNd/aHxVHFTqhvjsBTg47ipjH4IRLRc4hF6nYUYto4t2vafoJ2nH6wCI9pusiGf
9vbI7u8uikSH5w8dADiiAmgJ2y1OXVboPUfaEXZZpmIJWw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:51 2023 by rpki-client on console.sobornost.net