Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/RJ3Xse1XS-Qj8O6P78Gokcl1-MU.roa
File: RJ3Xse1XS-Qj8O6P78Gokcl1-MU.roa (raw, json)
Hash identifier: F2PblK95KfA5DkP7ohFiUWgenRKpreKXWxnG7RHJVFU=
Subject key identifier: 44:9D:D7:B1:ED:57:4B:E4:23:F0:EE:8F:EF:C1:A8:91:C9:75:F8:C5
Certificate issuer: /CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Certificate serial: 01856BAED47E45BABD245D6ED0DD63A8E750
Authority key identifier: D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/RJ3Xse1XS-Qj8O6P78Gokcl1-MU.roa
Signing time: Sun 01 Jan 2023 04:54:57 +0000
ROA not before: Sun 01 Jan 2023 04:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a11:9c80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:d4:7e:45:ba:bd:24:5d:6e:d0:dd:63:a8:e7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Validity
Not Before: Jan 1 04:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=449dd7b1ed574be423f0ee8fefc1a891c975f8c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a4:73:e9:f5:4e:7e:8f:56:21:28:b4:01:ae:
f1:2d:37:61:49:ce:57:6a:c2:c9:b6:26:b4:da:24:
b6:bf:8f:7c:46:2b:d5:60:8f:d2:3f:e2:9a:97:e5:
19:04:a1:27:4a:3f:1d:2f:48:ad:94:49:aa:27:15:
9c:d8:12:5c:14:24:9c:48:b2:67:76:9d:f7:bf:86:
1e:d8:b5:94:c8:20:b0:b7:34:c2:77:69:6a:a2:37:
a4:f1:e0:e1:03:12:6d:b9:ec:f0:3a:20:1c:b1:b5:
12:33:e0:47:b5:38:cd:77:88:d6:3a:1f:81:07:4f:
5e:bc:d1:39:47:d8:d3:63:d2:85:ac:b4:f8:8f:f5:
21:4f:b9:24:b5:e3:97:6b:e4:3f:ba:69:a6:ea:b1:
6c:1d:49:8b:32:d5:69:85:a6:b6:fd:0b:c4:ac:cf:
8e:79:30:59:5b:0a:30:d2:c1:0e:cd:0c:45:93:eb:
22:4c:83:b4:de:e3:3c:f7:1c:b3:b2:eb:87:1a:bd:
ee:ac:93:c2:91:b5:f2:eb:32:21:0e:28:fa:a9:eb:
90:3c:37:e5:4e:08:00:06:c2:70:f3:ce:1e:8d:9c:
00:bb:fd:27:34:84:fe:78:e4:e1:ad:df:1a:56:e6:
6e:dd:3e:e7:4b:36:ba:c8:27:2a:bc:39:b4:aa:d7:
36:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:9D:D7:B1:ED:57:4B:E4:23:F0:EE:8F:EF:C1:A8:91:C9:75:F8:C5
X509v3 Authority Key Identifier:
keyid:D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/RJ3Xse1XS-Qj8O6P78Gokcl1-MU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
10:e3:b5:97:2c:d3:2e:4d:93:b6:79:0e:39:31:8d:91:c4:1f:
0d:96:72:4f:ae:e2:d0:80:3d:fd:fd:60:33:2d:7f:14:f9:4c:
7f:90:87:3e:39:ab:a6:4a:4b:97:bc:2e:21:2d:df:57:d6:80:
8f:db:b8:b2:ec:f9:c2:15:ea:6b:0c:5a:12:3f:27:52:d3:23:
15:08:33:84:4c:ab:23:69:ed:4d:25:b4:93:c8:f7:f6:df:4d:
79:42:67:b1:9f:44:e9:02:b0:61:c9:42:58:8a:85:d5:f2:53:
42:f8:6b:ce:82:bd:da:18:07:cb:ae:f0:6e:dc:df:6a:0a:76:
13:80:f6:2f:65:44:c4:37:d0:d5:d2:d5:1d:4d:90:5d:e1:ce:
03:8a:fe:ff:d0:9d:61:79:95:85:93:3e:9b:f8:ac:38:22:87:
e3:61:95:64:00:93:b7:84:c7:65:62:46:08:bc:f8:d9:f5:c4:
62:05:2e:00:4e:7d:bc:93:39:af:7c:39:5a:1f:62:60:da:41:
4e:25:70:eb:c0:cb:77:6b:c5:aa:57:d7:12:c0:a8:15:41:13:
a1:10:3e:26:8c:e9:0f:3f:f2:2e:41:9a:82:19:18:01:39:52:
e7:3a:a4:2b:f1:23:c9:3b:5f:a5:d1:e4:b9:70:d2:1d:63:85:
52:44:9d:6b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVrrtR+Rbq9JF1u0N1jqOdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGZhNmJlM2Y1YzM4ZjRiYjdlMDYyYjY3MDc3NDdmNDk2
MWEwNDgwHhcNMjMwMTAxMDQ1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDlkZDdiMWVkNTc0YmU0MjNmMGVlOGZlZmMxYTg5MWM5NzVmOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaRz6fVOfo9WISi0Aa7xLTdhSc5X
asLJtia02iS2v498RivVYI/SP+Kal+UZBKEnSj8dL0itlEmqJxWc2BJcFCScSLJn
dp33v4Ye2LWUyCCwtzTCd2lqojek8eDhAxJtuezwOiAcsbUSM+BHtTjNd4jWOh+B
B09evNE5R9jTY9KFrLT4j/UhT7kkteOXa+Q/ummm6rFsHUmLMtVphaa2/QvErM+O
eTBZWwow0sEOzQxFk+siTIO03uM89xyzsuuHGr3urJPCkbXy6zIhDij6qeuQPDfl
TggABsJw884ejZwAu/0nNIT+eOThrd8aVuZu3T7nSza6yCcqvDm0qtc2VQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFESd17HtV0vkI/Duj+/BqJHJdfjFMB8GA1UdIwQY
MBaAFNNPpr4/XDj0u34GK2cHdH9JYaBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDAtbXZqOWNPUFM3ZmdZclp3ZDBmMGxob0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zYmM3MDctNzZlNy00OTg3LWJlZmEt
OTgxMTg0ZGVlMTMxLzEvUkozWHNlMVhTLVFqOE82UDc4R29rY2wxLU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zYmM3MDctNzZlNy00OTg3LWJlZmEtOTgxMTg0ZGVlMTMx
LzEvMDAtbXZqOWNPUFM3ZmdZclp3ZDBmMGxob0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGcgDAN
BgkqhkiG9w0BAQsFAAOCAQEAEOO1lyzTLk2TtnkOOTGNkcQfDZZyT67i0IA9/f1g
My1/FPlMf5CHPjmrpkpLl7wuIS3fV9aAj9u4suz5whXqawxaEj8nUtMjFQgzhEyr
I2ntTSW0k8j39t9NeUJnsZ9E6QKwYclCWIqF1fJTQvhrzoK92hgHy67wbtzfagp2
E4D2L2VExDfQ1dLVHU2QXeHOA4r+/9CdYXmVhZM+m/isOCKH42GVZACTt4THZWJG
CLz42fXEYgUuAE59vJM5r3w5Wh9iYNpBTiVw68DLd2vFqlfXEsCoFUEToRA+Jozp
Dz/yLkGaghkYATlS5zqkK/EjyTtfpdHkuXDSHWOFUkSdaw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:49:03 2025 by rpki-client