Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/wzJmOlO0oXPIvEjHg2En07mccws.roa
File: wzJmOlO0oXPIvEjHg2En07mccws.roa (raw, json)
Hash identifier: gIpVcqwJdV1hhK08tzVXKkKPdk7wDeINmMt+QhhlpEc=
Subject key identifier: C3:32:66:3A:53:B4:A1:73:C8:BC:48:C7:83:61:27:D3:B9:9C:73:0B
Certificate issuer: /CN=3753dbc5829ec500b33426a188d0399395b806aa
Certificate serial: 0190533E0F1803EDA1C7D8BDE4D8F30D40F4
Authority key identifier: 37:53:DB:C5:82:9E:C5:00:B3:34:26:A1:88:D0:39:93:95:B8:06:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1PbxYKexQCzNCahiNA5k5W4Bqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/wzJmOlO0oXPIvEjHg2En07mccws.roa
Signing time: Wed 26 Jun 2024 06:31:34 +0000
ROA not before: Wed 26 Jun 2024 06:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21277
IP address blocks: 2a03:47c0::/29 maxlen: 29
2a03:47c0::/32 maxlen: 32
2a03:47c0:1080::/48 maxlen: 48
2a03:47c0:20c0::/48 maxlen: 48
2a03:47c0:2180::/48 maxlen: 48
2a03:47c0:2280::/48 maxlen: 48
2a03:47c0:2400::/48 maxlen: 48
2a03:47c0:2480::/48 maxlen: 48
2a03:47c1::/32 maxlen: 32
2a03:47c2::/32 maxlen: 32
2a03:47c3::/32 maxlen: 32
2a03:47c4::/32 maxlen: 32
2a03:47c5::/32 maxlen: 32
2a03:47c6::/32 maxlen: 32
2a03:47c7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:3e:0f:18:03:ed:a1:c7:d8:bd:e4:d8:f3:0d:40:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3753dbc5829ec500b33426a188d0399395b806aa
Validity
Not Before: Jun 26 06:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c332663a53b4a173c8bc48c7836127d3b99c730b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:50:5a:94:74:99:f3:e9:11:7e:d3:a9:60:35:
72:79:c0:85:6b:c5:45:0d:81:43:68:c2:5c:f5:8a:
28:39:d0:fe:7d:53:e9:e8:b2:1e:24:a0:e0:3f:e3:
b7:fe:5c:db:08:41:d6:f2:f9:9a:0a:b3:40:a7:c4:
6a:3a:cb:9e:fa:ea:81:79:e5:12:8c:7e:03:83:d0:
8c:96:68:41:80:0f:82:22:19:6c:84:25:10:70:40:
c1:f1:16:0b:86:c9:60:62:3f:bf:9e:87:bb:97:ad:
37:9d:7f:fd:57:b6:77:85:74:5d:9d:93:61:4e:67:
16:46:58:56:81:83:d7:99:aa:8b:40:39:24:e0:03:
ff:21:28:f7:a6:fa:1e:09:0b:c1:a7:00:c6:a5:2b:
08:76:39:a2:4c:22:92:3b:94:4e:a1:19:85:f5:07:
db:69:26:65:6c:1c:dd:27:e5:ec:c6:63:3f:d6:ac:
be:60:44:a2:80:14:c8:7d:26:2c:d5:5a:fc:81:e9:
e9:35:f0:35:b5:78:0c:28:f1:58:17:4f:dd:8d:d2:
00:ea:dc:02:eb:1c:b5:7a:d2:fe:d7:93:8c:39:39:
a9:f6:9c:0e:cf:16:59:05:3c:5c:05:61:06:f5:40:
e7:63:a8:6f:0b:1c:3d:af:4d:a6:d9:db:ba:15:ae:
52:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:32:66:3A:53:B4:A1:73:C8:BC:48:C7:83:61:27:D3:B9:9C:73:0B
X509v3 Authority Key Identifier:
keyid:37:53:DB:C5:82:9E:C5:00:B3:34:26:A1:88:D0:39:93:95:B8:06:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1PbxYKexQCzNCahiNA5k5W4Bqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/wzJmOlO0oXPIvEjHg2En07mccws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/N1PbxYKexQCzNCahiNA5k5W4Bqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
32:88:6c:b4:a5:10:cf:7f:c0:94:16:c3:bd:a0:83:e8:d0:24:
43:f7:1f:d1:84:58:09:5c:02:3a:91:16:83:94:24:a3:cb:26:
a7:d1:24:08:ba:35:82:5f:30:f5:c7:e6:62:36:6c:d2:e2:c8:
bb:fa:13:d6:e7:4c:bf:cf:40:55:fe:7a:e3:d2:f0:fb:03:18:
7c:a0:5e:5d:a1:31:76:0b:54:14:fd:46:d8:9a:6d:7f:be:3d:
07:73:9e:df:85:62:64:3a:a5:d8:64:5e:6e:5b:95:1e:e0:69:
84:eb:41:10:fa:a5:bf:68:a7:cf:ab:0a:0b:1c:d3:ec:24:ac:
94:61:14:a0:03:e2:78:6b:ff:38:08:10:bd:be:60:98:54:9e:
80:56:54:79:b7:ff:de:bf:70:8b:db:bd:06:eb:f0:4b:ea:50:
7f:80:d0:17:64:d4:69:84:e5:24:d7:6e:46:b4:8d:80:8b:20:
4d:3e:8e:e5:51:fc:28:03:5a:9f:35:24:eb:3e:3a:b5:d2:79:
7d:48:e8:18:6c:fe:64:12:1c:6e:bd:ab:8a:7f:8a:2a:5d:65:
10:ba:50:a8:01:8e:65:ac:04:d9:ba:62:aa:1f:78:7d:74:5f:
13:f7:68:75:fb:cc:7a:96:96:4c:77:20:16:68:e2:9d:49:ae:
40:94:71:a5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZBTPg8YA+2hx9i95NjzDUD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTNkYmM1ODI5ZWM1MDBiMzM0MjZhMTg4ZDAzOTkzOTVi
ODA2YWEwHhcNMjQwNjI2MDYzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzMyNjYzYTUzYjRhMTczYzhiYzQ4Yzc4MzYxMjdkM2I5OWM3MzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolBalHSZ8+kRftOpYDVyecCFa8VF
DYFDaMJc9YooOdD+fVPp6LIeJKDgP+O3/lzbCEHW8vmaCrNAp8RqOsue+uqBeeUS
jH4Dg9CMlmhBgA+CIhlshCUQcEDB8RYLhslgYj+/noe7l603nX/9V7Z3hXRdnZNh
TmcWRlhWgYPXmaqLQDkk4AP/ISj3pvoeCQvBpwDGpSsIdjmiTCKSO5ROoRmF9Qfb
aSZlbBzdJ+XsxmM/1qy+YESigBTIfSYs1Vr8genpNfA1tXgMKPFYF0/djdIA6twC
6xy1etL+15OMOTmp9pwOzxZZBTxcBWEG9UDnY6hvCxw9r02m2du6Fa5SjwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMMyZjpTtKFzyLxIx4NhJ9O5nHMLMB8GA1UdIwQY
MBaAFDdT28WCnsUAszQmoYjQOZOVuAaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFQYnhZS2V4UUN6TkNhaGlOQTVrNVc0QnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8zNDE1MDgtYTBhYS00MGM5LWFlMGMt
MDM3OTkzMGY4Mjg2LzEvd3pKbU9sTzBvWFBJdkVqSGcyRW4wN21jY3dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8zNDE1MDgtYTBhYS00MGM5LWFlMGMtMDM3OTkzMGY4Mjg2
LzEvTjFQYnhZS2V4UUN6TkNhaGlOQTVrNVc0QnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgNHwDAN
BgkqhkiG9w0BAQsFAAOCAQEAMohstKUQz3/AlBbDvaCD6NAkQ/cf0YRYCVwCOpEW
g5Qko8smp9EkCLo1gl8w9cfmYjZs0uLIu/oT1udMv89AVf5649Lw+wMYfKBeXaEx
dgtUFP1G2Jptf749B3Oe34ViZDql2GRebluVHuBphOtBEPqlv2inz6sKCxzT7CSs
lGEUoAPieGv/OAgQvb5gmFSegFZUebf/3r9wi9u9BuvwS+pQf4DQF2TUaYTlJNdu
RrSNgIsgTT6O5VH8KANanzUk6z46tdJ5fUjoGGz+ZBIcbr2rin+KKl1lELpQqAGO
ZawE2bpiqh94fXRfE/dodfvMepaWTHcgFmjinUmuQJRxpQ==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:37 2024 by rpki-client on console.sobornost.net