Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/9dd5e3-576f-44a1-a5cc-6509cb5f27f8/1/g2Rs_7avCFtdLMtrzQBZvDli5aY.roa
File: g2Rs_7avCFtdLMtrzQBZvDli5aY.roa (raw, json)
Hash identifier: Z7MGtbFvlJ4YC/C3jHBYTz6l1GJ07OcHzMjrU70I2yo=
Subject key identifier: 83:64:6C:FF:B6:AF:08:5B:5D:2C:CB:6B:CD:00:59:BC:39:62:E5:A6
Certificate issuer: /CN=6fa104f6a8978bb16cd05314f98a786e0d0d9564
Certificate serial: 018CC5DBF2EB82D41DDD169726A41EDE8B94
Authority key identifier: 6F:A1:04:F6:A8:97:8B:B1:6C:D0:53:14:F9:8A:78:6E:0D:0D:95:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6EE9qiXi7Fs0FMU-Yp4bg0NlWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/9dd5e3-576f-44a1-a5cc-6509cb5f27f8/1/g2Rs_7avCFtdLMtrzQBZvDli5aY.roa
Signing time: Mon 01 Jan 2024 16:29:35 +0000
ROA not before: Mon 01 Jan 2024 16:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41327
IP address blocks: 171.22.208.0/22 maxlen: 22
2a09:3e40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f2:eb:82:d4:1d:dd:16:97:26:a4:1e:de:8b:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fa104f6a8978bb16cd05314f98a786e0d0d9564
Validity
Not Before: Jan 1 16:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83646cffb6af085b5d2ccb6bcd0059bc3962e5a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4c:72:b9:dd:58:6e:b6:b8:7b:6a:27:d1:87:
14:3a:13:82:57:f1:1d:53:4a:be:5f:87:19:37:22:
f3:a0:7f:1f:60:28:1d:1c:1f:cd:08:10:2c:6f:1c:
00:49:d5:63:b9:be:c1:6a:9b:f5:e0:f1:03:06:0a:
95:1f:4f:e0:0a:61:d9:c2:07:0a:77:c5:91:c2:c5:
9e:1b:90:90:a9:c4:45:d5:7a:15:84:66:6a:00:45:
54:a6:81:12:d8:de:28:1a:72:8c:10:ac:0a:d9:27:
c5:d3:88:01:e9:c9:dd:5f:f4:77:be:ce:2c:4a:ce:
3f:b4:71:bb:04:3f:17:97:b6:7e:da:a4:de:7e:df:
ff:6b:a4:bd:21:1e:6d:f6:05:1f:82:b8:a1:ac:4f:
50:c4:52:68:e0:dc:e5:19:ba:2d:bd:26:04:6a:ff:
9d:fc:85:52:47:5e:12:42:cf:df:84:f3:31:63:91:
82:b5:a2:1d:33:6d:67:4e:0c:11:8b:3c:cd:20:ac:
c7:59:f3:91:7a:0d:b7:a1:a5:8d:cf:32:df:59:f8:
fb:de:ae:95:62:fc:71:b2:0b:02:a7:eb:32:1d:d5:
42:0f:f8:f2:f5:cc:80:c5:a8:6b:6f:26:ac:51:87:
69:48:f4:f2:98:76:e1:f3:eb:78:9a:76:78:8a:a8:
89:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:64:6C:FF:B6:AF:08:5B:5D:2C:CB:6B:CD:00:59:BC:39:62:E5:A6
X509v3 Authority Key Identifier:
keyid:6F:A1:04:F6:A8:97:8B:B1:6C:D0:53:14:F9:8A:78:6E:0D:0D:95:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6EE9qiXi7Fs0FMU-Yp4bg0NlWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/9dd5e3-576f-44a1-a5cc-6509cb5f27f8/1/g2Rs_7avCFtdLMtrzQBZvDli5aY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/9dd5e3-576f-44a1-a5cc-6509cb5f27f8/1/b6EE9qiXi7Fs0FMU-Yp4bg0NlWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.208.0/22
IPv6:
2a09:3e40::/29
Signature Algorithm: sha256WithRSAEncryption
0f:25:dd:4a:99:d0:9d:47:81:bb:76:cc:dc:ee:05:72:cd:5f:
19:27:ac:28:4c:9b:8c:73:d3:c6:59:dc:cc:b5:32:ac:93:37:
e3:cb:dc:8f:4c:c7:47:8b:a6:31:15:3f:e1:ac:5a:5e:cc:0a:
af:21:c2:69:b8:05:e0:d9:b5:08:62:b9:a9:da:e2:86:4b:54:
62:bd:83:66:39:b4:0c:6b:fa:87:4b:01:2c:06:bb:02:d9:09:
88:8c:16:9d:08:ae:8a:26:24:28:b9:af:f6:c1:1a:35:1d:fa:
1e:66:27:7b:f3:1c:e7:7a:61:32:f6:30:20:e7:0a:53:ca:ce:
84:c7:eb:9e:97:94:50:d3:81:55:e7:ad:4f:4b:28:3a:92:d2:
b4:3a:e7:e0:03:b9:7f:59:ae:df:b1:58:37:0a:5f:ca:70:cd:
8a:c7:8a:59:ff:a8:10:de:66:07:93:c3:93:e6:ab:8e:34:a4:
49:aa:32:65:d8:58:33:27:dc:08:d3:0b:fa:8c:79:a6:82:3a:
c8:74:27:cd:d6:2a:a9:9c:f0:92:c9:6e:28:8b:5d:eb:5d:8f:
f1:22:08:c0:61:fd:76:37:8e:2f:23:82:cd:a9:1f:f5:27:0d:
13:8c:5a:08:bd:1f:ee:62:9d:1b:17:bc:1e:9b:db:48:69:92:
28:aa:48:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF2/LrgtQd3RaXJqQe3ouUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYTEwNGY2YTg5NzhiYjE2Y2QwNTMxNGY5OGE3ODZlMGQw
ZDk1NjQwHhcNMjQwMTAxMTYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzY0NmNmZmI2YWYwODViNWQyY2NiNmJjZDAwNTliYzM5NjJlNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUxyud1Ybra4e2on0YcUOhOCV/Ed
U0q+X4cZNyLzoH8fYCgdHB/NCBAsbxwASdVjub7Bapv14PEDBgqVH0/gCmHZwgcK
d8WRwsWeG5CQqcRF1XoVhGZqAEVUpoES2N4oGnKMEKwK2SfF04gB6cndX/R3vs4s
Ss4/tHG7BD8Xl7Z+2qTeft//a6S9IR5t9gUfgrihrE9QxFJo4NzlGbotvSYEav+d
/IVSR14SQs/fhPMxY5GCtaIdM21nTgwRizzNIKzHWfOReg23oaWNzzLfWfj73q6V
YvxxsgsCp+syHdVCD/jy9cyAxahrbyasUYdpSPTymHbh8+t4mnZ4iqiJqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFINkbP+2rwhbXSzLa80AWbw5YuWmMB8GA1UdIwQY
MBaAFG+hBPaol4uxbNBTFPmKeG4NDZVkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZFRTlxaVhpN0ZzMEZNVS1ZcDRiZzBObFdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy85ZGQ1ZTMtNTc2Zi00NGExLWE1Y2Mt
NjUwOWNiNWYyN2Y4LzEvZzJSc183YXZDRnRkTE10cnpRQlp2RGxpNWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy85ZGQ1ZTMtNTc2Zi00NGExLWE1Y2MtNjUwOWNiNWYyN2Y4
LzEvYjZFRTlxaVhpN0ZzMEZNVS1ZcDRiZzBObFdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCqxbQMA0E
AgACMAcDBQMqCT5AMA0GCSqGSIb3DQEBCwUAA4IBAQAPJd1KmdCdR4G7dszc7gVy
zV8ZJ6woTJuMc9PGWdzMtTKskzfjy9yPTMdHi6YxFT/hrFpezAqvIcJpuAXg2bUI
Yrmp2uKGS1RivYNmObQMa/qHSwEsBrsC2QmIjBadCK6KJiQoua/2wRo1HfoeZid7
8xznemEy9jAg5wpTys6Ex+uel5RQ04FV561PSyg6ktK0OufgA7l/Wa7fsVg3Cl/K
cM2Kx4pZ/6gQ3mYHk8OT5quONKRJqjJl2FgzJ9wI0wv6jHmmgjrIdCfN1iqpnPCS
yW4oi13rXY/xIgjAYf12N44vI4LNqR/1Jw0TjFoIvR/uYp0bF7wem9tIaZIoqkil
-----END CERTIFICATE-----
Generated at Tue Jul 30 01:00:51 2024 by rpki-client on console.sobornost.net