Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/4d693f-5369-411b-add3-564ae771b1a4/1/BJidAqR0g1bl_Bg3FczZ4noqqbY.roa
File: BJidAqR0g1bl_Bg3FczZ4noqqbY.roa (raw, json)
Hash identifier: KIEkc/pZ2Cw41CSm/Oc1a7D38s28KcJcPGwWKlD5s9c=
Subject key identifier: 04:98:9D:02:A4:74:83:56:E5:FC:18:37:15:CC:D9:E2:7A:2A:A9:B6
Certificate issuer: /CN=849ff2cc8e0b8ac046f7a49a5e3268dd402a5907
Certificate serial: 01856D54016F59A3D6DF1751CAE06008806D
Authority key identifier: 84:9F:F2:CC:8E:0B:8A:C0:46:F7:A4:9A:5E:32:68:DD:40:2A:59:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hJ_yzI4LisBG96SaXjJo3UAqWQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/4d693f-5369-411b-add3-564ae771b1a4/1/BJidAqR0g1bl_Bg3FczZ4noqqbY.roa
Signing time: Sun 01 Jan 2023 12:34:59 +0000
ROA not before: Sun 01 Jan 2023 12:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18779
IP address blocks: 2a11:5840::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:01:6f:59:a3:d6:df:17:51:ca:e0:60:08:80:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=849ff2cc8e0b8ac046f7a49a5e3268dd402a5907
Validity
Not Before: Jan 1 12:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04989d02a4748356e5fc183715ccd9e27a2aa9b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a8:2a:fd:e6:21:8c:a8:68:03:9f:39:88:83:
82:59:1d:f8:d7:f1:87:45:e5:6d:85:ae:27:cc:1b:
3f:93:f7:c6:7f:b1:58:ad:e3:7d:b1:a2:e9:c5:74:
78:b5:c0:27:30:28:20:96:66:17:1f:dc:d0:f5:2b:
e0:81:d6:12:24:4c:d4:9b:0b:55:1c:f5:62:09:08:
7d:4c:a3:97:00:d4:d6:ed:50:5f:4e:20:c2:6d:74:
ae:73:c0:2f:50:99:80:07:d9:6e:9a:23:45:47:12:
c3:ad:a0:51:4c:ad:eb:05:11:73:e3:62:af:2c:34:
5c:b2:8a:19:e9:d3:e7:10:77:41:76:29:9c:3a:0b:
af:7c:3b:00:e9:78:b0:38:bc:f4:f5:5c:ca:32:ac:
c6:96:7b:e2:e1:ea:35:f6:3d:27:3c:0c:9c:b3:cb:
44:f8:c0:8c:1c:f1:83:ac:90:66:9e:3e:81:8b:a1:
c3:47:61:a3:f4:a7:4f:8d:78:b1:3d:89:8b:87:92:
62:c2:cc:50:bf:84:0f:24:0b:3d:22:36:cc:35:e6:
8f:46:7e:ef:7d:4e:aa:6f:f2:6b:42:c0:f4:9a:81:
cb:2d:87:55:d1:64:be:37:5a:a7:fb:fb:b0:6b:65:
bd:c8:a0:00:64:8b:0a:06:6a:20:b5:82:3b:33:17:
25:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:98:9D:02:A4:74:83:56:E5:FC:18:37:15:CC:D9:E2:7A:2A:A9:B6
X509v3 Authority Key Identifier:
keyid:84:9F:F2:CC:8E:0B:8A:C0:46:F7:A4:9A:5E:32:68:DD:40:2A:59:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJ_yzI4LisBG96SaXjJo3UAqWQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4d693f-5369-411b-add3-564ae771b1a4/1/BJidAqR0g1bl_Bg3FczZ4noqqbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4d693f-5369-411b-add3-564ae771b1a4/1/hJ_yzI4LisBG96SaXjJo3UAqWQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5840::/29
Signature Algorithm: sha256WithRSAEncryption
50:f7:64:48:6f:a1:ab:21:14:ff:18:95:b9:f4:db:c0:fe:bf:
94:05:2f:d9:77:a9:6e:48:1a:2f:80:12:16:78:b8:5b:88:d7:
92:d1:6f:54:85:dd:bd:24:a3:58:ba:66:dd:34:5f:45:09:52:
aa:74:d4:af:bc:d9:d9:d7:12:4a:01:ba:45:13:85:e8:e6:54:
8d:4e:56:c5:df:00:3f:3f:60:d3:73:27:93:d1:55:4b:8d:93:
50:26:dd:3e:ad:af:4d:f0:b3:33:07:62:54:28:01:e0:0e:08:
94:e7:48:4c:18:ad:ab:04:8c:89:7d:22:d3:c5:da:4e:90:b4:
0f:0c:81:aa:97:7c:fa:f2:f3:5c:fe:d2:4b:0f:35:64:9b:b5:
f7:1e:08:00:3e:4c:dc:a3:9e:f0:e5:18:83:70:92:2b:1f:f9:
24:62:e9:6f:6d:be:86:df:b4:46:da:7d:bc:5f:0e:0c:6f:b2:
01:b3:d2:e4:de:61:92:ca:3a:73:72:de:e2:e9:2a:2a:95:9b:
e3:80:74:b5:e0:29:d0:f4:1d:2b:87:da:a1:21:17:c2:9c:a9:
cf:85:51:91:e7:7b:fe:44:1b:2f:43:c6:c4:7c:6c:73:d8:14:
a8:1e:ea:7c:c9:65:15:e9:5c:85:07:1e:38:b0:5a:e8:72:0f:
1b:58:c8:d1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtVAFvWaPW3xdRyuBgCIBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWZmMmNjOGUwYjhhYzA0NmY3YTQ5YTVlMzI2OGRkNDAy
YTU5MDcwHhcNMjMwMTAxMTIzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDk4OWQwMmE0NzQ4MzU2ZTVmYzE4MzcxNWNjZDllMjdhMmFhOWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Kgq/eYhjKhoA585iIOCWR341/GH
ReVtha4nzBs/k/fGf7FYreN9saLpxXR4tcAnMCgglmYXH9zQ9SvggdYSJEzUmwtV
HPViCQh9TKOXANTW7VBfTiDCbXSuc8AvUJmAB9lumiNFRxLDraBRTK3rBRFz42Kv
LDRcsooZ6dPnEHdBdimcOguvfDsA6XiwOLz09VzKMqzGlnvi4eo19j0nPAycs8tE
+MCMHPGDrJBmnj6Bi6HDR2Gj9KdPjXixPYmLh5JiwsxQv4QPJAs9IjbMNeaPRn7v
fU6qb/JrQsD0moHLLYdV0WS+N1qn+/uwa2W9yKAAZIsKBmogtYI7MxclAQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFASYnQKkdINW5fwYNxXM2eJ6Kqm2MB8GA1UdIwQY
MBaAFISf8syOC4rARvekml4yaN1AKlkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEpfeXpJNExpc0JHOTZTYVhqSm8zVUFxV1FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy80ZDY5M2YtNTM2OS00MTFiLWFkZDMt
NTY0YWU3NzFiMWE0LzEvQkppZEFxUjBnMWJsX0JnM0Zjelo0bm9xcWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy80ZDY5M2YtNTM2OS00MTFiLWFkZDMtNTY0YWU3NzFiMWE0
LzEvaEpfeXpJNExpc0JHOTZTYVhqSm8zVUFxV1FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFYQDAN
BgkqhkiG9w0BAQsFAAOCAQEAUPdkSG+hqyEU/xiVufTbwP6/lAUv2XepbkgaL4AS
Fni4W4jXktFvVIXdvSSjWLpm3TRfRQlSqnTUr7zZ2dcSSgG6RROF6OZUjU5Wxd8A
Pz9g03Mnk9FVS42TUCbdPq2vTfCzMwdiVCgB4A4IlOdITBitqwSMiX0i08XaTpC0
DwyBqpd8+vLzXP7SSw81ZJu19x4IAD5M3KOe8OUYg3CSKx/5JGLpb22+ht+0Rtp9
vF8ODG+yAbPS5N5hkso6c3Le4ukqKpWb44B0teAp0PQdK4faoSEXwpypz4VRked7
/kQbL0PGxHxsc9gUqB7qfMllFelchQceOLBa6HIPG1jI0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:24 2024 by rpki-client on console-fra.rpki-client.org