Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/238c6a-c671-4a34-934a-505d681d6172/1/pMzY1i9Rl66cj50aOjBeyN3iOQI.roa
File: pMzY1i9Rl66cj50aOjBeyN3iOQI.roa (raw, json)
Hash identifier: MxKIxKZwRYYzq0S76hDs3ibLgTswS7jOZd7KpE7OqYg=
Subject key identifier: A4:CC:D8:D6:2F:51:97:AE:9C:8F:9D:1A:3A:30:5E:C8:DD:E2:39:02
Certificate issuer: /CN=3d4709d8bd7573ab1df2233b741def2f84c94fee
Certificate serial: 01856ED4B65C479A40D29000B829265F7E0B
Authority key identifier: 3D:47:09:D8:BD:75:73:AB:1D:F2:23:3B:74:1D:EF:2F:84:C9:4F:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUcJ2L11c6sd8iM7dB3vL4TJT-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/238c6a-c671-4a34-934a-505d681d6172/1/pMzY1i9Rl66cj50aOjBeyN3iOQI.roa
Signing time: Sun 01 Jan 2023 19:35:12 +0000
ROA not before: Sun 01 Jan 2023 19:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a11:3c80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:b6:5c:47:9a:40:d2:90:00:b8:29:26:5f:7e:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d4709d8bd7573ab1df2233b741def2f84c94fee
Validity
Not Before: Jan 1 19:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4ccd8d62f5197ae9c8f9d1a3a305ec8dde23902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:c1:4a:24:ff:c3:ea:9f:5e:0a:64:15:25:06:
bc:44:63:05:04:2e:76:56:e0:3c:83:af:66:48:dd:
41:9f:2d:51:ac:2e:38:89:b8:7b:72:9f:2a:41:c7:
d3:a6:9b:c7:94:5c:6c:5a:45:62:78:8c:3d:33:7a:
c4:f6:77:13:0d:9e:83:4a:1c:0c:40:b3:0f:4c:0e:
af:ee:ce:15:46:15:e7:39:e9:0b:6b:56:c6:c5:2a:
f3:10:84:28:29:aa:b8:75:16:37:32:c1:19:1e:e1:
c9:62:b3:4f:65:91:18:b4:91:fd:5c:25:21:9d:88:
e2:ef:4b:42:c8:af:c9:0b:08:de:bf:35:59:49:4d:
5a:ae:d4:54:6e:05:f8:7f:38:71:04:40:08:c6:22:
99:62:00:c8:94:00:ea:1e:d9:d3:55:59:3a:49:09:
4c:6d:74:bc:11:e7:c2:0b:e7:13:13:8a:77:fe:d3:
e6:ca:81:e9:06:a9:df:86:43:19:48:95:8d:27:d9:
70:b8:f7:e7:b3:b4:2e:c7:98:b1:b1:1b:d5:19:c0:
29:c0:bf:51:c0:bd:e4:84:65:a3:dc:06:76:26:6e:
d6:63:70:c3:c3:57:a6:87:4d:75:32:0f:62:16:af:
43:c3:01:72:1d:22:76:88:54:ee:03:ad:70:d9:3d:
cd:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:CC:D8:D6:2F:51:97:AE:9C:8F:9D:1A:3A:30:5E:C8:DD:E2:39:02
X509v3 Authority Key Identifier:
keyid:3D:47:09:D8:BD:75:73:AB:1D:F2:23:3B:74:1D:EF:2F:84:C9:4F:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUcJ2L11c6sd8iM7dB3vL4TJT-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/238c6a-c671-4a34-934a-505d681d6172/1/pMzY1i9Rl66cj50aOjBeyN3iOQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/238c6a-c671-4a34-934a-505d681d6172/1/PUcJ2L11c6sd8iM7dB3vL4TJT-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
43:ed:1a:4f:03:02:ba:05:85:70:1e:c8:2d:18:94:f5:f4:39:
4a:8d:dd:5e:92:3a:d4:4d:43:62:73:09:ba:9b:26:ef:3e:5c:
24:d3:71:cd:30:29:76:95:37:09:88:bf:b1:ac:e5:39:38:04:
93:89:e6:e4:f0:d6:f2:71:b0:31:46:80:2e:f2:6a:93:b6:eb:
0e:fa:05:38:94:b6:bb:26:ba:fa:da:ab:88:1d:93:d2:3e:fd:
ed:1c:70:d9:6c:e7:4b:d0:8c:c9:d4:2a:9d:37:ea:7e:95:24:
cd:60:ef:b3:3f:bc:5a:66:37:79:c8:5b:4a:f9:43:73:42:aa:
1f:39:4a:74:a0:d0:c8:e3:17:74:ba:e7:37:d6:a8:ee:74:86:
1f:41:6d:88:7d:13:60:89:95:70:e9:5c:c4:7b:d6:23:df:c3:
e5:74:74:41:6f:4b:12:e0:09:cd:1b:b7:59:70:a0:87:e7:38:
b4:5e:ba:0f:fd:1d:cf:ca:57:e4:49:47:ed:4d:4c:73:ab:d2:
c8:be:39:cb:63:25:bf:01:26:1d:ad:92:c0:55:91:d0:9e:1c:
cb:ed:09:87:25:c4:23:74:bf:51:8d:33:40:d5:b9:ad:a1:29:
44:34:de:f7:91:ba:8c:09:a2:6c:4d:3e:d5:e1:ca:2a:56:7f:
3e:ea:c1:b3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVu1LZcR5pA0pAAuCkmX34LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNDcwOWQ4YmQ3NTczYWIxZGYyMjMzYjc0MWRlZjJmODRj
OTRmZWUwHhcNMjMwMTAxMTkzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGNjZDhkNjJmNTE5N2FlOWM4ZjlkMWEzYTMwNWVjOGRkZTIzOTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA98FKJP/D6p9eCmQVJQa8RGMFBC52
VuA8g69mSN1Bny1RrC44ibh7cp8qQcfTppvHlFxsWkVieIw9M3rE9ncTDZ6DShwM
QLMPTA6v7s4VRhXnOekLa1bGxSrzEIQoKaq4dRY3MsEZHuHJYrNPZZEYtJH9XCUh
nYji70tCyK/JCwjevzVZSU1artRUbgX4fzhxBEAIxiKZYgDIlADqHtnTVVk6SQlM
bXS8EefCC+cTE4p3/tPmyoHpBqnfhkMZSJWNJ9lwuPfns7Qux5ixsRvVGcApwL9R
wL3khGWj3AZ2Jm7WY3DDw1emh011Mg9iFq9DwwFyHSJ2iFTuA61w2T3NAQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKTM2NYvUZeunI+dGjowXsjd4jkCMB8GA1UdIwQY
MBaAFD1HCdi9dXOrHfIjO3Qd7y+EyU/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFVjSjJMMTFjNnNkOGlNN2RCM3ZMNFRKVC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yMzhjNmEtYzY3MS00YTM0LTkzNGEt
NTA1ZDY4MWQ2MTcyLzEvcE16WTFpOVJsNjZjajUwYU9qQmV5TjNpT1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yMzhjNmEtYzY3MS00YTM0LTkzNGEtNTA1ZDY4MWQ2MTcy
LzEvUFVjSjJMMTFjNnNkOGlNN2RCM3ZMNFRKVC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhE8gDAN
BgkqhkiG9w0BAQsFAAOCAQEAQ+0aTwMCugWFcB7ILRiU9fQ5So3dXpI61E1DYnMJ
upsm7z5cJNNxzTApdpU3CYi/sazlOTgEk4nm5PDW8nGwMUaALvJqk7brDvoFOJS2
uya6+tqriB2T0j797Rxw2WznS9CMydQqnTfqfpUkzWDvsz+8WmY3echbSvlDc0Kq
HzlKdKDQyOMXdLrnN9ao7nSGH0FtiH0TYImVcOlcxHvWI9/D5XR0QW9LEuAJzRu3
WXCgh+c4tF66D/0dz8pX5ElH7U1Mc6vSyL45y2MlvwEmHa2SwFWR0J4cy+0JhyXE
I3S/UY0zQNW5raEpRDTe95G6jAmibE0+1eHKKlZ/PurBsw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:53 2025 by rpki-client