Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7e3bce-4c30-402d-9692-dbc79d708ff3/1/nlUwfy6XO6qvqxKt4flxvNOiRUQ.roa
File: nlUwfy6XO6qvqxKt4flxvNOiRUQ.roa (raw, json)
Hash identifier: cIf6NP+ctAW9ngje1Vrtwhar6yHR4mTl5n0FwtFDgjI=
Subject key identifier: 9E:55:30:7F:2E:97:3B:AA:AF:AB:12:AD:E1:F9:71:BC:D3:A2:45:44
Certificate issuer: /CN=c7308faa4710efe23d2d844b4f0dcb0accc44ceb
Certificate serial: 0181DACF8F99649DA792F00BDB5F9C7F809D
Authority key identifier: C7:30:8F:AA:47:10:EF:E2:3D:2D:84:4B:4F:0D:CB:0A:CC:C4:4C:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xzCPqkcQ7-I9LYRLTw3LCszETOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/7e3bce-4c30-402d-9692-dbc79d708ff3/1/nlUwfy6XO6qvqxKt4flxvNOiRUQ.roa
Signing time: Thu 07 Jul 2022 22:37:24 +0000
ROA not before: Thu 07 Jul 2022 22:37:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 701
IP address blocks: 2a11:5ac0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:da:cf:8f:99:64:9d:a7:92:f0:0b:db:5f:9c:7f:80:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7308faa4710efe23d2d844b4f0dcb0accc44ceb
Validity
Not Before: Jul 7 22:37:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e55307f2e973baaafab12ade1f971bcd3a24544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:70:25:5a:61:c5:87:4d:5b:0a:83:93:9c:7e:
d0:c6:5e:33:5e:9f:b7:98:56:1c:a0:c7:ed:0f:c4:
5e:e5:47:fe:cb:0d:2c:cb:54:b1:1a:45:0d:86:29:
d1:0e:20:f1:62:2a:c0:e5:c9:db:eb:0e:fc:b3:f8:
0d:89:02:7a:fe:d7:2c:fe:47:6f:cd:52:de:0e:a4:
ba:cc:73:13:af:cc:0b:18:50:26:66:44:99:6a:5b:
fc:53:33:44:52:3f:9b:27:cc:aa:40:4e:97:cb:b5:
50:72:a2:51:41:4a:86:07:ee:58:c5:78:f9:ac:a2:
13:f2:06:96:c6:4c:a9:b1:19:2c:a0:e3:74:68:7c:
43:87:43:d9:81:2f:74:f6:1e:c6:6d:03:8c:84:6d:
96:7d:3b:07:fe:c7:27:5b:4c:5c:8b:4d:76:6b:29:
99:8a:a8:c7:f5:b4:52:a0:64:34:14:7e:0f:8f:69:
00:04:ea:3c:7b:6f:90:68:d5:6c:4e:07:72:d7:0f:
4c:73:0f:f7:0d:a6:33:a2:38:9d:e7:6f:78:77:a0:
15:38:89:92:0a:36:b6:ff:17:29:86:c3:19:15:b1:
42:8f:b7:32:ce:27:cd:f6:4c:21:ab:a3:ea:e0:dd:
e0:fb:9b:95:57:a5:b8:c7:7e:bf:3a:3e:42:a1:0b:
b8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:55:30:7F:2E:97:3B:AA:AF:AB:12:AD:E1:F9:71:BC:D3:A2:45:44
X509v3 Authority Key Identifier:
keyid:C7:30:8F:AA:47:10:EF:E2:3D:2D:84:4B:4F:0D:CB:0A:CC:C4:4C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xzCPqkcQ7-I9LYRLTw3LCszETOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7e3bce-4c30-402d-9692-dbc79d708ff3/1/nlUwfy6XO6qvqxKt4flxvNOiRUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7e3bce-4c30-402d-9692-dbc79d708ff3/1/xzCPqkcQ7-I9LYRLTw3LCszETOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5ac0::/29
Signature Algorithm: sha256WithRSAEncryption
0b:d6:58:da:96:75:d7:e3:9f:d8:d2:31:4f:bf:6d:9f:12:65:
9c:37:6a:3f:9b:36:cd:54:96:cc:ab:0c:9e:7c:b4:1b:93:81:
e0:8c:98:1e:55:e7:8f:f6:2a:84:42:c0:86:05:49:19:26:5f:
48:bc:2b:3c:21:a6:cd:b4:3f:05:31:ff:db:fc:44:f2:e1:e2:
6f:6f:4d:c5:01:16:24:93:b3:93:44:fe:7f:56:cd:d0:1b:16:
e8:a0:97:b4:83:44:35:2a:3e:e0:5a:60:73:16:b3:a4:c1:31:
b9:bf:27:6e:f2:c3:25:20:5f:82:e1:e2:21:83:10:65:0c:1c:
7f:c6:52:2d:11:07:21:8b:df:27:6e:26:e7:fc:90:1a:e0:b3:
1e:f4:0a:b8:c3:de:a0:ac:02:53:3d:aa:b5:5e:02:0e:c8:9e:
89:bc:27:f3:de:17:cb:60:fd:14:d2:db:6a:d3:20:58:18:b7:
f5:1d:6f:27:f1:02:fa:c3:56:e7:12:bc:d1:c2:b1:12:e4:b5:
10:42:42:dc:48:25:42:56:f5:ea:7b:0b:ba:1d:ac:86:ed:83:
96:cb:28:b0:c1:37:28:ce:28:27:c2:fc:8b:e1:80:ba:2d:02:
57:c6:14:b1:a6:b4:31:d7:6b:99:33:ef:f3:f1:27:c1:75:45:
23:55:4c:92
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYHaz4+ZZJ2nkvAL21+cf4CdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MzA4ZmFhNDcxMGVmZTIzZDJkODQ0YjRmMGRjYjBhY2Nj
NDRjZWIwHhcNMjIwNzA3MjIzNzI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTU1MzA3ZjJlOTczYmFhYWZhYjEyYWRlMWY5NzFiY2QzYTI0NTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3AlWmHFh01bCoOTnH7Qxl4zXp+3
mFYcoMftD8Re5Uf+yw0sy1SxGkUNhinRDiDxYirA5cnb6w78s/gNiQJ6/tcs/kdv
zVLeDqS6zHMTr8wLGFAmZkSZalv8UzNEUj+bJ8yqQE6Xy7VQcqJRQUqGB+5YxXj5
rKIT8gaWxkypsRksoON0aHxDh0PZgS909h7GbQOMhG2WfTsH/scnW0xci012aymZ
iqjH9bRSoGQ0FH4Pj2kABOo8e2+QaNVsTgdy1w9Mcw/3DaYzojid5294d6AVOImS
Cja2/xcphsMZFbFCj7cyzifN9kwhq6Pq4N3g+5uVV6W4x36/Oj5CoQu43wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ5VMH8ulzuqr6sSreH5cbzTokVEMB8GA1UdIwQY
MBaAFMcwj6pHEO/iPS2ES08NywrMxEzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHpDUHFrY1E3LUk5TFlSTFR3M0xDc3pFVE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83ZTNiY2UtNGMzMC00MDJkLTk2OTIt
ZGJjNzlkNzA4ZmYzLzEvbmxVd2Z5NlhPNnF2cXhLdDRmbHh2Tk9pUlVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83ZTNiY2UtNGMzMC00MDJkLTk2OTItZGJjNzlkNzA4ZmYz
LzEveHpDUHFrY1E3LUk5TFlSTFR3M0xDc3pFVE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFawDAN
BgkqhkiG9w0BAQsFAAOCAQEAC9ZY2pZ11+Of2NIxT79tnxJlnDdqP5s2zVSWzKsM
nny0G5OB4IyYHlXnj/YqhELAhgVJGSZfSLwrPCGmzbQ/BTH/2/xE8uHib29NxQEW
JJOzk0T+f1bN0BsW6KCXtINENSo+4FpgcxazpMExub8nbvLDJSBfguHiIYMQZQwc
f8ZSLREHIYvfJ24m5/yQGuCzHvQKuMPeoKwCUz2qtV4CDsieibwn894Xy2D9FNLb
atMgWBi39R1vJ/EC+sNW5xK80cKxEuS1EEJC3EglQlb16nsLuh2shu2DlssosME3
KM4oJ8L8i+GAui0CV8YUsaa0MddrmTPv8/EnwXVFI1VMkg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:30:04 2025 by rpki-client