Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/cjOaaf4JjzPpVTD6oyxLCE7heuY.roa
File: cjOaaf4JjzPpVTD6oyxLCE7heuY.roa (raw, json)
Hash identifier: P/rzkg3b/uTlQEaUa4Pm4mD539a8tD+cappw+uSDXcA=
Subject key identifier: 72:33:9A:69:FE:09:8F:33:E9:55:30:FA:A3:2C:4B:08:4E:E1:7A:E6
Certificate issuer: /CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Certificate serial: 033072CE
Authority key identifier: D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/cjOaaf4JjzPpVTD6oyxLCE7heuY.roa
Signing time: Fri 10 Jun 2022 17:53:02 +0000
ROA not before: Fri 10 Jun 2022 17:53:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 31.6.12.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53506766 (0x33072ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Validity
Not Before: Jun 10 17:53:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72339a69fe098f33e95530faa32c4b084ee17ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:09:be:12:36:c8:b7:13:ed:6b:62:7e:ba:db:
39:a2:81:bc:d6:ae:46:21:65:46:55:14:de:89:13:
b2:01:1e:53:da:cb:08:b4:ac:ff:e8:db:b3:21:dd:
ca:bc:aa:d8:54:be:a0:be:68:5a:c0:29:12:cc:c3:
03:f8:dd:77:90:c2:71:f4:c7:06:86:5e:6b:33:67:
f4:30:0b:2c:af:40:0b:d4:61:e7:84:c8:36:d7:6a:
64:ba:79:26:5c:a0:a5:51:af:67:90:bc:e4:85:0b:
15:97:c2:38:6c:3e:86:20:5b:1e:dd:49:ae:2a:90:
c0:8a:01:94:1f:5d:70:b5:c2:e5:dd:7c:08:1e:8b:
01:36:1e:11:44:c8:a7:29:d3:f4:12:b4:ab:84:76:
80:93:fd:77:18:b6:71:69:9e:2a:13:2e:0f:0e:a5:
b8:80:0c:b5:d1:cc:45:5c:96:37:1d:b9:38:6d:cf:
1f:97:60:2f:45:0e:13:8d:db:bb:7e:9c:87:e6:9e:
01:e4:a6:ac:79:03:4e:7e:14:7a:ec:a2:98:d8:08:
33:b6:5a:4b:fa:91:5d:df:57:8b:1a:02:74:a8:57:
74:1e:90:98:70:ac:53:0f:29:79:da:c9:70:6e:dc:
eb:02:4d:4f:81:03:92:d2:51:76:f3:5f:b3:81:d1:
d8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:33:9A:69:FE:09:8F:33:E9:55:30:FA:A3:2C:4B:08:4E:E1:7A:E6
X509v3 Authority Key Identifier:
keyid:D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/cjOaaf4JjzPpVTD6oyxLCE7heuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.12.0/22
Signature Algorithm: sha256WithRSAEncryption
28:86:78:20:ad:39:3d:a8:fc:92:79:1f:83:4a:0f:0c:be:17:
cc:16:08:26:94:00:be:9b:f2:e9:f2:41:ff:08:48:8e:92:f6:
e9:02:9c:6a:ff:08:76:05:23:8b:38:c8:8d:b5:ee:a3:89:55:
93:47:a3:7b:77:46:84:a6:05:a2:d4:16:49:b0:e8:19:25:c6:
13:8c:8d:26:5b:4e:b5:3a:88:9f:42:86:b9:00:0a:ab:14:fd:
00:bf:cb:c7:f1:df:e8:5c:57:1d:65:af:d6:b9:b5:47:5b:8b:
1e:63:a5:ab:cc:fb:b6:9a:11:1d:5a:e3:35:99:bb:2f:bf:30:
fd:c4:ed:c1:9f:93:57:7c:3d:7d:b2:3b:bd:78:b1:dd:1a:8e:
69:ff:6f:4a:12:40:a9:1d:e4:d4:ff:5d:5e:ee:48:ea:bd:00:
fb:a5:e5:b6:0e:dc:33:d4:5c:0f:91:37:8e:85:8e:08:42:c2:
92:ed:cb:8f:44:8b:d2:86:a4:31:72:90:2c:68:31:53:f0:8b:
30:7d:8b:41:69:a5:5a:70:ce:1f:be:f9:4b:4d:4c:36:ac:68:
fc:33:ee:b5:ac:77:d1:9a:06:c0:b3:98:db:e8:a4:5d:0c:33:
59:fd:29:87:8c:9a:a1:88:ce:a5:9b:b6:5d:8a:63:30:95:1a:
be:6b:df:5a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAzByzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTNlY2U3MWVmNmViZjU1YmI3Yjg3ZTUwNjY1YmExMWZkYzc3ZjA4MB4XDTIyMDYx
MDE3NTMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzIzMzlhNjlmZTA5
OGYzM2U5NTUzMGZhYTMyYzRiMDg0ZWUxN2FlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoJvhI2yLcT7WtifrrbOaKBvNauRiFlRlUU3okTsgEeU9rL
CLSs/+jbsyHdyryq2FS+oL5oWsApEszDA/jdd5DCcfTHBoZeazNn9DALLK9AC9Rh
54TINtdqZLp5JlygpVGvZ5C85IULFZfCOGw+hiBbHt1JriqQwIoBlB9dcLXC5d18
CB6LATYeEUTIpynT9BK0q4R2gJP9dxi2cWmeKhMuDw6luIAMtdHMRVyWNx25OG3P
H5dgL0UOE43bu36ch+aeAeSmrHkDTn4UeuyimNgIM7ZaS/qRXd9XixoCdKhXdB6Q
mHCsUw8pedrJcG7c6wJNT4EDktJRdvNfs4HR2OkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRyM5pp/gmPM+lVMPqjLEsITuF65jAfBgNVHSMEGDAWgBTVPs5x726/Vbt7
h+UGZboR/cd/CDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFUN09jZTl1djFXN2U0ZmxCbVc2RWYzSGZ3Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvYzgxNjY5LTI1MTktNGRhNS1iZDVkLTFjMjYyNjU5MGQyOC8x
L2NqT2FhZjRKanpQcFZURDZveXhMQ0U3aGV1WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
YzgxNjY5LTI1MTktNGRhNS1iZDVkLTFjMjYyNjU5MGQyOC8xLzFUN09jZTl1djFX
N2U0ZmxCbVc2RWYzSGZ3Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAh8GDDANBgkqhkiG9w0BAQsFAAOC
AQEAKIZ4IK05Paj8knkfg0oPDL4XzBYIJpQAvpvy6fJB/whIjpL26QKcav8IdgUj
izjIjbXuo4lVk0eje3dGhKYFotQWSbDoGSXGE4yNJltOtTqIn0KGuQAKqxT9AL/L
x/Hf6FxXHWWv1rm1R1uLHmOlq8z7tpoRHVrjNZm7L78w/cTtwZ+TV3w9fbI7vXix
3RqOaf9vShJAqR3k1P9dXu5I6r0A+6Xltg7cM9RcD5E3joWOCELCku3Lj0SL0oak
MXKQLGgxU/CLMH2LQWmlWnDOH775S01MNqxo/DPutax30ZoGwLOY2+ikXQwzWf0p
h4yaoYjOpZu2XYpjMJUavmvfWg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:44 2025 by rpki-client