Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/011ee3-8bb5-4646-a5a3-73ac1975f698/1/PKESXhwhPFkk6xNQBvfv4HPD3cE.roa
File: PKESXhwhPFkk6xNQBvfv4HPD3cE.roa (raw, json)
Hash identifier: ayIMiOM/GLUOrePlNyhVc5IP5ZIj7W1PfEu68ECt9tA=
Subject key identifier: 3C:A1:12:5E:1C:21:3C:59:24:EB:13:50:06:F7:EF:E0:73:C3:DD:C1
Certificate issuer: /CN=7bec7ab82baa073bb12e62cb4d04c3e06ce97cfa
Certificate serial: 01856FD50E354257D0AFC11AF217BC34DD1C
Authority key identifier: 7B:EC:7A:B8:2B:AA:07:3B:B1:2E:62:CB:4D:04:C3:E0:6C:E9:7C:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e-x6uCuqBzuxLmLLTQTD4GzpfPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/011ee3-8bb5-4646-a5a3-73ac1975f698/1/PKESXhwhPFkk6xNQBvfv4HPD3cE.roa
Signing time: Mon 02 Jan 2023 00:15:11 +0000
ROA not before: Mon 02 Jan 2023 00:15:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:1980::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:0e:35:42:57:d0:af:c1:1a:f2:17:bc:34:dd:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bec7ab82baa073bb12e62cb4d04c3e06ce97cfa
Validity
Not Before: Jan 2 00:15:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ca1125e1c213c5924eb135006f7efe073c3ddc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a7:2c:bd:e8:af:1f:65:d2:11:5e:8d:1d:c8:
d3:73:48:6a:6b:9f:52:d3:19:f9:63:68:07:49:f5:
7f:2d:c1:48:68:b1:a2:32:cd:b7:da:52:73:4c:92:
71:d0:71:25:95:e7:be:79:c4:28:d2:41:7e:44:74:
c6:25:4a:0f:ea:d1:6c:9f:b4:e7:7d:c1:4d:40:a2:
b3:43:86:f5:e2:7e:b1:dd:93:bc:fd:eb:b8:2f:86:
35:ab:02:1c:6d:dd:e4:10:56:2b:f4:66:1c:6e:da:
ec:0c:6b:1e:d2:65:32:aa:0c:96:c5:9d:a6:6c:17:
83:8b:d1:eb:cb:c3:89:c1:a0:88:cb:ca:37:39:be:
cc:da:92:9c:fc:b1:c0:c8:69:5c:d7:b1:05:3a:92:
55:43:3f:c7:75:20:be:a1:87:a7:75:22:77:94:b2:
4f:ae:93:24:e7:bb:93:16:f6:c6:70:0b:19:23:13:
97:85:bf:ff:87:da:5d:38:8c:5f:51:46:83:9a:f0:
ad:bd:15:4a:2f:e0:86:11:7e:47:c6:48:90:69:99:
12:a5:e5:66:6d:3e:8f:44:3f:17:41:34:90:fb:8e:
df:42:cd:fb:6f:1e:a8:31:e4:ce:93:d7:82:9b:8c:
6a:d0:af:9c:57:de:43:d5:14:eb:70:56:7c:23:48:
a6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A1:12:5E:1C:21:3C:59:24:EB:13:50:06:F7:EF:E0:73:C3:DD:C1
X509v3 Authority Key Identifier:
keyid:7B:EC:7A:B8:2B:AA:07:3B:B1:2E:62:CB:4D:04:C3:E0:6C:E9:7C:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e-x6uCuqBzuxLmLLTQTD4GzpfPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/011ee3-8bb5-4646-a5a3-73ac1975f698/1/PKESXhwhPFkk6xNQBvfv4HPD3cE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/011ee3-8bb5-4646-a5a3-73ac1975f698/1/e-x6uCuqBzuxLmLLTQTD4GzpfPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1980::/29
Signature Algorithm: sha256WithRSAEncryption
33:5f:f0:6d:59:7b:21:d5:9a:21:90:a3:95:f7:a7:9d:15:95:
98:7a:7e:81:ac:c6:aa:a7:56:23:87:c3:11:1f:2f:d1:bf:fb:
fe:7d:aa:06:e2:7b:f2:90:10:41:46:e8:1c:d9:bd:55:d6:43:
ff:66:1d:00:1d:cc:5d:6c:c0:0e:f2:c8:08:f0:a0:9c:82:aa:
31:b4:c9:4e:5c:98:4e:e8:88:d7:75:61:44:cf:47:1e:22:28:
7c:c7:54:00:65:a6:40:59:4a:4d:18:d7:f7:16:6b:e1:d6:49:
ca:dc:b8:f9:d2:8a:1c:e3:ab:97:77:21:bc:c8:a4:8e:95:6c:
cc:aa:12:95:24:c9:95:3f:f9:8b:e1:3e:00:c0:8e:19:fa:6b:
0b:fd:32:7e:34:c7:89:a6:77:c3:f5:a8:d5:75:d9:78:36:c1:
d0:38:f8:21:f9:0c:2c:a4:4d:08:a5:83:65:71:69:c9:b2:e8:
79:da:6c:81:da:a2:d9:8d:d7:42:5f:19:72:8c:5b:55:93:ed:
ba:91:04:25:94:b3:03:f0:a0:9b:47:55:32:7d:64:e2:77:20:
9c:5d:0e:91:90:4d:e5:cb:f1:e6:28:7a:c6:10:9e:62:fd:4a:
7a:f5:93:a4:aa:02:8e:33:ff:65:59:bf:09:91:a4:69:fe:4a:
68:f0:72:08
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVv1Q41QlfQr8Ea8he8NN0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZWM3YWI4MmJhYTA3M2JiMTJlNjJjYjRkMDRjM2UwNmNl
OTdjZmEwHhcNMjMwMTAyMDAxNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2ExMTI1ZTFjMjEzYzU5MjRlYjEzNTAwNmY3ZWZlMDczYzNkZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqcsveivH2XSEV6NHcjTc0hqa59S
0xn5Y2gHSfV/LcFIaLGiMs232lJzTJJx0HEllee+ecQo0kF+RHTGJUoP6tFsn7Tn
fcFNQKKzQ4b14n6x3ZO8/eu4L4Y1qwIcbd3kEFYr9GYcbtrsDGse0mUyqgyWxZ2m
bBeDi9Hry8OJwaCIy8o3Ob7M2pKc/LHAyGlc17EFOpJVQz/HdSC+oYendSJ3lLJP
rpMk57uTFvbGcAsZIxOXhb//h9pdOIxfUUaDmvCtvRVKL+CGEX5HxkiQaZkSpeVm
bT6PRD8XQTSQ+47fQs37bx6oMeTOk9eCm4xq0K+cV95D1RTrcFZ8I0imcwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDyhEl4cITxZJOsTUAb37+Bzw93BMB8GA1UdIwQY
MBaAFHvsergrqgc7sS5iy00Ew+Bs6Xz6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZS14NnVDdXFCenV4TG1MTFRRVEQ0R3pwZlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8wMTFlZTMtOGJiNS00NjQ2LWE1YTMt
NzNhYzE5NzVmNjk4LzEvUEtFU1hod2hQRmtrNnhOUUJ2ZnY0SFBEM2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8wMTFlZTMtOGJiNS00NjQ2LWE1YTMtNzNhYzE5NzVmNjk4
LzEvZS14NnVDdXFCenV4TG1MTFRRVEQ0R3pwZlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhEZgDAN
BgkqhkiG9w0BAQsFAAOCAQEAM1/wbVl7IdWaIZCjlfennRWVmHp+gazGqqdWI4fD
ER8v0b/7/n2qBuJ78pAQQUboHNm9VdZD/2YdAB3MXWzADvLICPCgnIKqMbTJTlyY
TuiI13VhRM9HHiIofMdUAGWmQFlKTRjX9xZr4dZJyty4+dKKHOOrl3chvMikjpVs
zKoSlSTJlT/5i+E+AMCOGfprC/0yfjTHiaZ3w/Wo1XXZeDbB0Dj4IfkMLKRNCKWD
ZXFpybLoedpsgdqi2Y3XQl8ZcoxbVZPtupEEJZSzA/Cgm0dVMn1k4ncgnF0OkZBN
5cvx5ih6xhCeYv1KevWTpKoCjjP/ZVm/CZGkaf5KaPByCA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:39:56 2025 by rpki-client