Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7e3bce-4c30-402d-9692-dbc79d708ff3/1/gSx2PwKoXXOQOTrT2b0YMw1E8VU.roa
File: gSx2PwKoXXOQOTrT2b0YMw1E8VU.roa (raw, json)
Hash identifier: nm3B8OfRMQezybU83k7uMmljX+d3lw+/9gYXVyma0Uc=
Subject key identifier: 81:2C:76:3F:02:A8:5D:73:90:39:3A:D3:D9:BD:18:33:0D:44:F1:55
Certificate issuer: /CN=c7308faa4710efe23d2d844b4f0dcb0accc44ceb
Certificate serial: 0182371257443F25D1F73AD0EE1949790825
Authority key identifier: C7:30:8F:AA:47:10:EF:E2:3D:2D:84:4B:4F:0D:CB:0A:CC:C4:4C:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xzCPqkcQ7-I9LYRLTw3LCszETOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/7e3bce-4c30-402d-9692-dbc79d708ff3/1/gSx2PwKoXXOQOTrT2b0YMw1E8VU.roa
Signing time: Mon 25 Jul 2022 20:35:24 +0000
ROA not before: Mon 25 Jul 2022 20:35:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a11:5ac0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:37:12:57:44:3f:25:d1:f7:3a:d0:ee:19:49:79:08:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7308faa4710efe23d2d844b4f0dcb0accc44ceb
Validity
Not Before: Jul 25 20:35:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=812c763f02a85d7390393ad3d9bd18330d44f155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b4:a1:94:2a:1d:93:9d:67:e3:90:77:0c:cb:
61:42:32:ac:15:43:11:bc:9e:80:d8:09:aa:ef:47:
50:f5:81:8b:70:d6:01:6d:de:8a:55:4d:ca:fa:63:
45:ee:c6:7f:2a:58:04:90:65:6c:d0:1e:ce:c5:a2:
18:11:68:58:8a:18:85:d3:ad:af:76:83:45:16:f3:
ee:fc:ed:86:6b:78:90:26:7b:17:6d:93:f4:d3:99:
35:91:91:a8:77:5b:35:73:0c:6f:dd:fa:dc:00:ac:
ff:7d:aa:22:d4:3d:69:59:db:2f:d7:b6:90:67:a3:
c1:6b:e5:59:b3:f3:a7:af:f9:a3:0f:8d:0f:4d:75:
0e:9f:98:49:1c:20:cd:78:92:27:99:2c:39:42:d4:
62:e0:ba:09:26:00:44:11:cc:93:5e:96:41:96:a4:
51:e6:48:0c:55:ff:48:45:4e:24:68:16:b2:dc:be:
e1:d3:f0:02:12:df:6d:63:ac:41:12:c2:4c:3c:7d:
55:af:67:65:af:90:29:f7:48:8f:6f:11:2a:f6:8f:
d7:6c:3a:61:86:62:cb:81:79:02:78:f8:66:4b:01:
74:94:45:af:14:92:d4:37:89:19:47:84:98:51:e1:
d4:9b:92:5f:79:69:7b:61:a5:bb:e7:10:0d:b7:49:
08:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:2C:76:3F:02:A8:5D:73:90:39:3A:D3:D9:BD:18:33:0D:44:F1:55
X509v3 Authority Key Identifier:
keyid:C7:30:8F:AA:47:10:EF:E2:3D:2D:84:4B:4F:0D:CB:0A:CC:C4:4C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xzCPqkcQ7-I9LYRLTw3LCszETOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7e3bce-4c30-402d-9692-dbc79d708ff3/1/gSx2PwKoXXOQOTrT2b0YMw1E8VU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7e3bce-4c30-402d-9692-dbc79d708ff3/1/xzCPqkcQ7-I9LYRLTw3LCszETOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5ac0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:17:ff:d0:1d:3a:e6:a6:ee:e9:a7:7a:5c:73:8e:87:4b:fa:
d1:f4:bb:9e:97:7e:a8:c4:1c:6b:e2:9e:9e:a4:f7:ad:75:12:
ea:67:7c:22:c7:0e:83:0f:dc:93:cc:c0:7c:00:dd:98:eb:9a:
46:d8:bf:50:fc:2f:29:0d:87:f4:78:af:b8:e1:44:46:ec:9b:
4c:10:3e:ec:a3:16:cd:4a:3b:b8:4b:68:d3:ec:ec:22:ae:0b:
9c:d7:f1:66:07:14:a6:cd:98:09:f9:fc:e8:90:ce:ee:94:e9:
12:4a:69:51:b8:85:88:02:a6:4f:69:bd:5f:a8:7d:62:ef:1b:
dc:6b:e1:6c:69:3d:c7:ff:0d:72:ce:06:00:69:c2:3b:62:e7:
5f:b6:c1:02:1b:82:d2:b5:2b:df:81:a1:fd:24:12:89:05:34:
65:9e:8a:e5:ee:a5:7f:d4:dd:6b:cc:5a:5a:bc:58:4b:48:ec:
48:7a:81:ed:b4:91:88:66:aa:1a:5d:1f:d3:17:2d:c3:3d:70:
e7:88:f5:93:fa:3c:58:a8:1b:0c:35:07:49:14:1c:9d:b9:39:
33:28:dd:95:3c:e1:95:44:8e:0b:16:d7:e9:ed:4a:80:84:26:
58:42:3e:cb:f5:9a:4a:f1:72:a5:04:f1:48:71:5d:b9:22:cc:
f7:30:cf:00
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYI3EldEPyXR9zrQ7hlJeQglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MzA4ZmFhNDcxMGVmZTIzZDJkODQ0YjRmMGRjYjBhY2Nj
NDRjZWIwHhcNMjIwNzI1MjAzNTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTJjNzYzZjAyYTg1ZDczOTAzOTNhZDNkOWJkMTgzMzBkNDRmMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrShlCodk51n45B3DMthQjKsFUMR
vJ6A2Amq70dQ9YGLcNYBbd6KVU3K+mNF7sZ/KlgEkGVs0B7OxaIYEWhYihiF062v
doNFFvPu/O2Ga3iQJnsXbZP005k1kZGod1s1cwxv3frcAKz/faoi1D1pWdsv17aQ
Z6PBa+VZs/Onr/mjD40PTXUOn5hJHCDNeJInmSw5QtRi4LoJJgBEEcyTXpZBlqRR
5kgMVf9IRU4kaBay3L7h0/ACEt9tY6xBEsJMPH1Vr2dlr5Ap90iPbxEq9o/XbDph
hmLLgXkCePhmSwF0lEWvFJLUN4kZR4SYUeHUm5JfeWl7YaW75xANt0kIawIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIEsdj8CqF1zkDk609m9GDMNRPFVMB8GA1UdIwQY
MBaAFMcwj6pHEO/iPS2ES08NywrMxEzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHpDUHFrY1E3LUk5TFlSTFR3M0xDc3pFVE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83ZTNiY2UtNGMzMC00MDJkLTk2OTIt
ZGJjNzlkNzA4ZmYzLzEvZ1N4MlB3S29YWE9RT1RyVDJiMFlNdzFFOFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83ZTNiY2UtNGMzMC00MDJkLTk2OTItZGJjNzlkNzA4ZmYz
LzEveHpDUHFrY1E3LUk5TFlSTFR3M0xDc3pFVE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFawDAN
BgkqhkiG9w0BAQsFAAOCAQEAoxf/0B065qbu6ad6XHOOh0v60fS7npd+qMQca+Ke
nqT3rXUS6md8IscOgw/ck8zAfADdmOuaRti/UPwvKQ2H9HivuOFERuybTBA+7KMW
zUo7uEto0+zsIq4LnNfxZgcUps2YCfn86JDO7pTpEkppUbiFiAKmT2m9X6h9Yu8b
3GvhbGk9x/8Ncs4GAGnCO2LnX7bBAhuC0rUr34Gh/SQSiQU0ZZ6K5e6lf9Tda8xa
WrxYS0jsSHqB7bSRiGaqGl0f0xctwz1w54j1k/o8WKgbDDUHSRQcnbk5MyjdlTzh
lUSOCxbX6e1KgIQmWEI+y/WaSvFypQTxSHFduSLM9zDPAA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:09:34 2025 by rpki-client