Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/45f808-6c27-4579-8529-2bf8618b6f36/1/CIRMKfaUM2PGGwRospWDwxMttHQ.roa
File: CIRMKfaUM2PGGwRospWDwxMttHQ.roa (raw, json)
Hash identifier: seqHCFSH7xZjObopmqapAIm+D2md8tMCrHHSMKKCvBY=
Subject key identifier: 08:84:4C:29:F6:94:33:63:C6:1B:04:68:B2:95:83:C3:13:2D:B4:74
Certificate issuer: /CN=3001d9bd20658eac2b261ab16872b8f4764ebbb7
Certificate serial: 0181DAD07A9525FBB82B3F982506ECFA6285
Authority key identifier: 30:01:D9:BD:20:65:8E:AC:2B:26:1A:B1:68:72:B8:F4:76:4E:BB:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAHZvSBljqwrJhqxaHK49HZOu7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/45f808-6c27-4579-8529-2bf8618b6f36/1/CIRMKfaUM2PGGwRospWDwxMttHQ.roa
Signing time: Thu 07 Jul 2022 22:38:24 +0000
ROA not before: Thu 07 Jul 2022 22:38:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 701
IP address blocks: 2a11:59c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:da:d0:7a:95:25:fb:b8:2b:3f:98:25:06:ec:fa:62:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3001d9bd20658eac2b261ab16872b8f4764ebbb7
Validity
Not Before: Jul 7 22:38:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08844c29f6943363c61b0468b29583c3132db474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:78:87:d2:ec:c0:90:7f:b9:e3:78:35:04:1d:
25:8b:39:27:1e:fe:19:cf:b3:8d:86:c4:bc:ac:77:
45:56:92:e5:27:a0:99:42:1b:b4:bc:ba:50:47:12:
ea:2d:3e:64:16:80:ca:be:75:86:87:a3:56:bf:c7:
a5:7b:75:b0:ea:87:db:c3:49:90:bc:fe:15:46:69:
5d:4b:d9:a3:0a:2e:39:07:69:a6:31:4f:df:30:fb:
2c:64:c7:62:61:14:9f:7d:56:bf:3e:18:90:3e:91:
d6:e6:86:19:19:36:3a:db:f7:76:e8:57:55:1e:d2:
97:67:40:81:f6:ac:e0:77:23:81:f0:7f:e5:3b:67:
bf:10:a7:5c:79:ac:d3:c1:73:1d:83:e4:db:05:26:
cd:59:64:95:5a:2a:e6:c6:ae:eb:1f:82:85:f6:e8:
5e:87:f0:d8:2d:4f:d6:73:68:08:93:60:8e:7f:9c:
1f:7b:2e:c2:c0:a7:8f:8d:a5:b5:13:77:56:35:dd:
04:17:31:a5:b0:41:ee:f4:8c:a1:a1:23:a8:40:37:
37:68:34:8e:09:54:3b:78:d8:cf:53:af:cf:a4:b6:
81:b9:0c:cf:ce:43:42:13:9e:24:38:d8:d1:83:c0:
8b:eb:d7:d8:c3:11:78:72:7d:e3:13:b2:de:65:14:
23:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:84:4C:29:F6:94:33:63:C6:1B:04:68:B2:95:83:C3:13:2D:B4:74
X509v3 Authority Key Identifier:
keyid:30:01:D9:BD:20:65:8E:AC:2B:26:1A:B1:68:72:B8:F4:76:4E:BB:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAHZvSBljqwrJhqxaHK49HZOu7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/45f808-6c27-4579-8529-2bf8618b6f36/1/CIRMKfaUM2PGGwRospWDwxMttHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/45f808-6c27-4579-8529-2bf8618b6f36/1/MAHZvSBljqwrJhqxaHK49HZOu7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:59c0::/29
Signature Algorithm: sha256WithRSAEncryption
75:de:de:9c:e8:5a:ce:b8:20:30:aa:72:83:e8:f8:aa:14:52:
d3:73:df:07:92:73:0f:07:53:7f:90:32:f5:d0:c7:3e:2d:e0:
f2:2d:06:43:69:7d:4d:6b:f1:21:b5:1a:68:30:fd:f1:dd:9a:
6a:e8:80:dc:b2:b1:10:03:1e:b6:79:c5:03:dd:f8:4d:07:b2:
e8:16:a5:99:e2:a3:35:08:5c:14:45:15:63:22:90:b1:c6:c9:
ee:ea:ca:4e:70:58:01:54:f9:b9:0e:60:de:c8:a5:0d:a8:7d:
1e:51:fe:36:26:87:68:28:c1:b3:ae:63:a4:a9:ab:ea:b1:91:
53:0b:ad:27:84:8f:1a:81:83:71:2a:df:ed:fe:e7:5e:ed:70:
71:9b:d3:2c:03:62:22:47:87:33:4e:23:54:3d:8c:ea:46:38:
b1:e7:4a:96:1e:82:ed:ea:14:93:9d:9c:c7:8f:bd:b5:5a:1b:
ad:49:cc:b7:b2:94:48:d8:39:ee:6e:94:e3:1f:02:00:03:fa:
e0:7c:80:fa:47:85:45:a8:0f:42:8c:09:a7:5e:e6:c4:82:e6:
69:4b:49:99:14:08:0b:d1:c6:bd:b6:ca:a3:a3:c0:b3:cb:fd:
a2:dc:db:4b:d4:ba:97:3d:31:73:6b:d1:95:ea:d7:5f:9f:77:
1b:e8:d6:36
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYHa0HqVJfu4Kz+YJQbs+mKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDFkOWJkMjA2NThlYWMyYjI2MWFiMTY4NzJiOGY0NzY0
ZWJiYjcwHhcNMjIwNzA3MjIzODI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODg0NGMyOWY2OTQzMzYzYzYxYjA0NjhiMjk1ODNjMzEzMmRiNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXiH0uzAkH+543g1BB0lizknHv4Z
z7ONhsS8rHdFVpLlJ6CZQhu0vLpQRxLqLT5kFoDKvnWGh6NWv8ele3Ww6ofbw0mQ
vP4VRmldS9mjCi45B2mmMU/fMPssZMdiYRSffVa/PhiQPpHW5oYZGTY62/d26FdV
HtKXZ0CB9qzgdyOB8H/lO2e/EKdceazTwXMdg+TbBSbNWWSVWirmxq7rH4KF9uhe
h/DYLU/Wc2gIk2COf5wfey7CwKePjaW1E3dWNd0EFzGlsEHu9IyhoSOoQDc3aDSO
CVQ7eNjPU6/PpLaBuQzPzkNCE54kONjRg8CL69fYwxF4cn3jE7LeZRQjSwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAiETCn2lDNjxhsEaLKVg8MTLbR0MB8GA1UdIwQY
MBaAFDAB2b0gZY6sKyYasWhyuPR2Tru3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFIWnZTQmxqcXdySmhxeGFISzQ5SFpPdTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80NWY4MDgtNmMyNy00NTc5LTg1Mjkt
MmJmODYxOGI2ZjM2LzEvQ0lSTUtmYVVNMlBHR3dSb3NwV0R3eE10dEhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80NWY4MDgtNmMyNy00NTc5LTg1MjktMmJmODYxOGI2ZjM2
LzEvTUFIWnZTQmxqcXdySmhxeGFISzQ5SFpPdTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFZwDAN
BgkqhkiG9w0BAQsFAAOCAQEAdd7enOhazrggMKpyg+j4qhRS03PfB5JzDwdTf5Ay
9dDHPi3g8i0GQ2l9TWvxIbUaaDD98d2aauiA3LKxEAMetnnFA934TQey6BalmeKj
NQhcFEUVYyKQscbJ7urKTnBYAVT5uQ5g3silDah9HlH+NiaHaCjBs65jpKmr6rGR
UwutJ4SPGoGDcSrf7f7nXu1wcZvTLANiIkeHM04jVD2M6kY4sedKlh6C7eoUk52c
x4+9tVobrUnMt7KUSNg57m6U4x8CAAP64HyA+keFRagPQowJp17mxILmaUtJmRQI
C9HGvbbKo6PAs8v9otzbS9S6lz0xc2vRlerXX593G+jWNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:31 2024 by rpki-client on console-ams.rpki-client.org