Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/768e6f-9444-4633-825d-6010261eee91/1/foDInVDDMIHsrUCjxc6XkS5gKvA.roa
File: foDInVDDMIHsrUCjxc6XkS5gKvA.roa (raw, json)
Hash identifier: 2lk7javdqVu7Bvq2VQ6kL5AWfUMPB35khZNUraPube0=
Subject key identifier: 7E:80:C8:9D:50:C3:30:81:EC:AD:40:A3:C5:CE:97:91:2E:60:2A:F0
Certificate issuer: /CN=ba71f98150538eee69deed2d532312aa29d7c721
Certificate serial: 01856D8ABEED953EDCF18931511110897F7C
Authority key identifier: BA:71:F9:81:50:53:8E:EE:69:DE:ED:2D:53:23:12:AA:29:D7:C7:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/unH5gVBTju5p3u0tUyMSqinXxyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/768e6f-9444-4633-825d-6010261eee91/1/foDInVDDMIHsrUCjxc6XkS5gKvA.roa
Signing time: Sun 01 Jan 2023 13:34:47 +0000
ROA not before: Sun 01 Jan 2023 13:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18779
IP address blocks: 2a11:bd40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:be:ed:95:3e:dc:f1:89:31:51:11:10:89:7f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba71f98150538eee69deed2d532312aa29d7c721
Validity
Not Before: Jan 1 13:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e80c89d50c33081ecad40a3c5ce97912e602af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3d:b1:83:ec:61:42:f6:31:91:30:46:9b:64:
8a:dd:08:d5:61:d0:69:a5:fd:d8:b2:10:fc:08:50:
df:5c:6f:c9:5a:6b:bf:70:d9:00:5b:e8:a5:fc:d4:
fb:35:d4:14:de:a1:9a:8d:9d:55:e3:20:2d:87:da:
31:ca:fc:a5:8b:6d:17:a7:41:0e:ae:83:f2:26:3d:
c7:92:f8:57:fd:53:2a:5e:f6:ba:3c:41:19:1a:24:
31:78:a6:05:e3:45:60:5e:60:bf:f0:5b:20:2d:51:
44:96:9f:be:e5:64:4c:1c:10:a2:5c:07:70:b9:d5:
75:7f:95:ec:40:e9:1e:82:9c:75:ed:96:4d:f4:f7:
e8:a0:6a:43:32:dc:94:4f:10:4b:6c:8a:37:bb:1e:
ee:94:d6:f6:5b:92:a0:35:67:22:ef:2c:26:19:52:
f7:9e:3b:02:c8:af:4d:b2:fb:3d:4f:c6:fc:ca:30:
88:90:03:9e:91:2a:41:ce:57:e1:d7:fc:0b:b6:e8:
0e:73:6d:24:4e:d5:cc:cf:53:c9:c7:29:c3:e8:08:
90:6f:7e:f0:17:b5:f3:79:07:9e:37:3b:54:a0:b2:
7d:83:5a:78:f7:98:8b:3b:73:71:77:4c:cf:78:d9:
db:c6:19:95:e1:5b:bb:0b:9e:97:ef:c8:4b:37:a0:
5a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:80:C8:9D:50:C3:30:81:EC:AD:40:A3:C5:CE:97:91:2E:60:2A:F0
X509v3 Authority Key Identifier:
keyid:BA:71:F9:81:50:53:8E:EE:69:DE:ED:2D:53:23:12:AA:29:D7:C7:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/unH5gVBTju5p3u0tUyMSqinXxyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/768e6f-9444-4633-825d-6010261eee91/1/foDInVDDMIHsrUCjxc6XkS5gKvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/768e6f-9444-4633-825d-6010261eee91/1/unH5gVBTju5p3u0tUyMSqinXxyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
97:53:1a:57:b0:a7:48:3a:d9:80:f6:ef:01:fe:53:26:69:26:
7a:9f:b7:d1:16:a9:f9:46:f7:1c:25:85:31:c3:8c:40:0b:75:
67:9b:58:68:a3:df:79:d2:0b:55:0b:d2:a0:13:42:74:31:1c:
26:16:b6:78:a6:d4:a5:58:37:3b:ae:e7:2f:f2:bf:3e:3b:5b:
fb:70:97:0b:d9:f4:05:ff:13:7d:8e:ef:81:8f:d4:01:b3:0c:
03:65:dd:e6:ea:03:37:0a:f1:72:2d:29:60:6c:79:f0:aa:aa:
e3:6c:dd:14:de:da:3c:05:b1:e3:d6:95:1e:30:8e:38:0c:10:
79:0a:fd:9b:3f:75:18:58:ba:ba:a7:ce:9b:68:c1:8b:cb:51:
16:4f:be:66:f3:c5:7e:c1:92:22:97:ea:64:8a:20:01:b5:9b:
70:39:82:6a:aa:50:b8:83:18:ba:b1:8e:22:ff:e4:b5:19:c4:
20:44:1e:e8:e0:fd:5a:6c:78:d8:44:88:f1:dd:2a:e1:a0:11:
05:97:d8:fa:b6:2c:0a:91:55:9f:e7:81:05:71:54:ed:52:14:
ef:4a:c7:f4:c9:5a:c2:ec:b4:9b:34:27:7e:4c:04:41:d1:3d:
53:8b:af:dc:08:7e:76:97:0c:d2:53:11:cb:f2:6d:92:07:06:
ef:bd:35:b5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtir7tlT7c8YkxUREQiX98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNzFmOTgxNTA1MzhlZWU2OWRlZWQyZDUzMjMxMmFhMjlk
N2M3MjEwHhcNMjMwMTAxMTMzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTgwYzg5ZDUwYzMzMDgxZWNhZDQwYTNjNWNlOTc5MTJlNjAyYWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT2xg+xhQvYxkTBGm2SK3QjVYdBp
pf3YshD8CFDfXG/JWmu/cNkAW+il/NT7NdQU3qGajZ1V4yAth9oxyvyli20Xp0EO
roPyJj3HkvhX/VMqXva6PEEZGiQxeKYF40VgXmC/8FsgLVFElp++5WRMHBCiXAdw
udV1f5XsQOkegpx17ZZN9PfooGpDMtyUTxBLbIo3ux7ulNb2W5KgNWci7ywmGVL3
njsCyK9Nsvs9T8b8yjCIkAOekSpBzlfh1/wLtugOc20kTtXMz1PJxynD6AiQb37w
F7XzeQeeNztUoLJ9g1p495iLO3Nxd0zPeNnbxhmV4Vu7C56X78hLN6BaaQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH6AyJ1QwzCB7K1Ao8XOl5EuYCrwMB8GA1UdIwQY
MBaAFLpx+YFQU47uad7tLVMjEqop18chMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW5INWdWQlRqdTVwM3UwdFV5TVNxaW5YeHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NjhlNmYtOTQ0NC00NjMzLTgyNWQt
NjAxMDI2MWVlZTkxLzEvZm9ESW5WRERNSUhzclVDanhjNlhrUzVnS3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NjhlNmYtOTQ0NC00NjMzLTgyNWQtNjAxMDI2MWVlZTkx
LzEvdW5INWdWQlRqdTVwM3UwdFV5TVNxaW5YeHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhG9QDAN
BgkqhkiG9w0BAQsFAAOCAQEAl1MaV7CnSDrZgPbvAf5TJmkmep+30Rap+Ub3HCWF
McOMQAt1Z5tYaKPfedILVQvSoBNCdDEcJha2eKbUpVg3O67nL/K/Pjtb+3CXC9n0
Bf8TfY7vgY/UAbMMA2Xd5uoDNwrxci0pYGx58Kqq42zdFN7aPAWx49aVHjCOOAwQ
eQr9mz91GFi6uqfOm2jBi8tRFk++ZvPFfsGSIpfqZIogAbWbcDmCaqpQuIMYurGO
Iv/ktRnEIEQe6OD9Wmx42ESI8d0q4aARBZfY+rYsCpFVn+eBBXFU7VIU70rH9Mla
wuy0mzQnfkwEQdE9U4uv3Ah+dpcM0lMRy/JtkgcG7701tQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:32:53 2025 by rpki-client