Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/DXN4IvP4r9enFnRsgXN2huYA0Z8.roa
File: DXN4IvP4r9enFnRsgXN2huYA0Z8.roa (raw, json)
Hash identifier: AbRXjQz1Ap/9ajkFZOToS+DyoAniHC2nv5TUv9QIf3k=
Subject key identifier: 0D:73:78:22:F3:F8:AF:D7:A7:16:74:6C:81:73:76:86:E6:00:D1:9F
Certificate issuer: /CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Certificate serial: 0331A97B
Authority key identifier: D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/DXN4IvP4r9enFnRsgXN2huYA0Z8.roa
Signing time: Fri 10 Jun 2022 17:53:03 +0000
ROA not before: Fri 10 Jun 2022 17:53:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398465
IP address blocks: 31.6.12.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53586299 (0x331a97b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Validity
Not Before: Jun 10 17:53:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d737822f3f8afd7a716746c81737686e600d19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7a:d1:b3:ba:31:8e:b0:8c:71:c6:c5:e9:1e:
66:c9:b3:43:9c:d7:e3:bc:cc:c2:85:0a:87:0e:80:
66:cc:51:05:bb:11:7c:ad:ab:15:38:2d:8c:7a:b6:
8a:93:c4:d3:e1:98:32:27:3d:7a:f1:77:00:da:f6:
7d:70:45:0d:0d:49:21:c0:5c:fa:4d:be:61:c1:76:
c3:09:1f:60:7e:1c:6e:b4:3b:43:b3:cb:c2:bb:ef:
17:db:8b:9d:67:96:9c:ae:f0:33:4f:a3:ba:12:32:
2c:31:79:8f:6b:95:5c:2b:1c:10:35:53:9b:3c:43:
21:4f:29:a4:84:c4:88:94:6a:3b:36:e8:1f:63:b2:
b2:a6:f2:68:5a:82:3a:ca:11:13:b4:8e:4d:42:ff:
2f:a6:67:d4:72:62:75:ba:81:af:89:fa:60:c7:78:
18:e3:24:2a:dc:ba:06:bd:af:7f:7b:7d:e6:d3:b5:
61:86:d6:f7:c4:29:3c:7f:09:2a:ae:0b:cf:ce:a9:
06:52:83:c5:87:36:e4:fc:b6:09:5a:8b:c8:05:d0:
53:bb:d5:0f:cb:7a:bd:92:95:29:13:8c:5f:b4:41:
35:f4:c2:c0:95:37:8e:ac:37:21:a7:68:66:cd:ad:
a3:17:8c:30:4d:65:54:2e:0c:ef:7d:d8:4e:9a:82:
96:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:73:78:22:F3:F8:AF:D7:A7:16:74:6C:81:73:76:86:E6:00:D1:9F
X509v3 Authority Key Identifier:
keyid:D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/DXN4IvP4r9enFnRsgXN2huYA0Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.12.0/22
Signature Algorithm: sha256WithRSAEncryption
11:ac:89:ec:71:ce:3b:46:07:02:4c:18:08:dc:b2:8c:c1:4a:
de:82:32:2a:ef:1d:29:da:a8:a3:a0:d1:69:7d:6c:85:64:50:
ad:e4:3d:a9:05:14:45:83:4c:41:57:8b:91:50:d9:c6:b4:15:
61:e3:8e:1d:36:a0:c5:cc:74:ca:4b:e0:32:65:dd:a0:68:1f:
fc:70:6d:67:76:f1:72:1a:9c:e0:5d:f6:b7:bd:bc:d6:ce:3f:
1c:e2:a8:55:1e:21:cb:41:91:75:3a:48:6f:60:2c:74:9a:50:
88:ad:7c:2d:72:d4:66:0f:a4:3b:c2:98:b2:a9:b0:c5:95:ba:
10:da:11:bf:8f:3d:68:40:ea:84:ef:de:dc:ff:8d:f1:0c:4b:
23:82:ce:19:86:86:58:80:7d:be:8f:90:df:46:ff:d2:3d:8b:
e0:8f:ab:44:09:5a:fa:bc:16:ba:0c:bc:93:bd:86:8b:33:8e:
0c:ad:15:43:5a:9d:56:27:b4:f6:1b:0c:f3:64:e4:5f:e8:8f:
8e:da:a0:0e:df:ea:f9:4c:d1:11:8a:7c:11:d9:08:8d:76:9d:
46:4b:bc:7e:ea:8d:ec:64:e1:26:17:99:43:f3:3b:fa:7d:3e:
86:bf:05:5a:a8:20:73:7f:d5:a0:e3:82:17:aa:99:b6:62:b5:
66:f4:f4:83
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAzGpezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTNlY2U3MWVmNmViZjU1YmI3Yjg3ZTUwNjY1YmExMWZkYzc3ZjA4MB4XDTIyMDYx
MDE3NTMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQ3Mzc4MjJmM2Y4
YWZkN2E3MTY3NDZjODE3Mzc2ODZlNjAwZDE5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK160bO6MY6wjHHGxekeZsmzQ5zX47zMwoUKhw6AZsxRBbsR
fK2rFTgtjHq2ipPE0+GYMic9evF3ANr2fXBFDQ1JIcBc+k2+YcF2wwkfYH4cbrQ7
Q7PLwrvvF9uLnWeWnK7wM0+juhIyLDF5j2uVXCscEDVTmzxDIU8ppITEiJRqOzbo
H2OysqbyaFqCOsoRE7SOTUL/L6Zn1HJidbqBr4n6YMd4GOMkKty6Br2vf3t95tO1
YYbW98QpPH8JKq4Lz86pBlKDxYc25Py2CVqLyAXQU7vVD8t6vZKVKROMX7RBNfTC
wJU3jqw3IadoZs2toxeMME1lVC4M733YTpqCljMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQNc3gi8/iv16cWdGyBc3aG5gDRnzAfBgNVHSMEGDAWgBTVPs5x726/Vbt7
h+UGZboR/cd/CDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFUN09jZTl1djFXN2U0ZmxCbVc2RWYzSGZ3Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvYzgxNjY5LTI1MTktNGRhNS1iZDVkLTFjMjYyNjU5MGQyOC8x
L0RYTjRJdlA0cjllbkZuUnNnWE4yaHVZQTBaOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
YzgxNjY5LTI1MTktNGRhNS1iZDVkLTFjMjYyNjU5MGQyOC8xLzFUN09jZTl1djFX
N2U0ZmxCbVc2RWYzSGZ3Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAh8GDDANBgkqhkiG9w0BAQsFAAOC
AQEAEayJ7HHOO0YHAkwYCNyyjMFK3oIyKu8dKdqoo6DRaX1shWRQreQ9qQUURYNM
QVeLkVDZxrQVYeOOHTagxcx0ykvgMmXdoGgf/HBtZ3bxchqc4F32t7281s4/HOKo
VR4hy0GRdTpIb2AsdJpQiK18LXLUZg+kO8KYsqmwxZW6ENoRv489aEDqhO/e3P+N
8QxLI4LOGYaGWIB9vo+Q30b/0j2L4I+rRAla+rwWugy8k72GizOODK0VQ1qdVie0
9hsM82TkX+iPjtqgDt/q+UzREYp8EdkIjXadRku8fuqN7GThJheZQ/M7+n0+hr8F
Wqggc3/VoOOCF6qZtmK1ZvT0gw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:26 2025 by rpki-client