Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/31a95f-1b56-4db3-90b6-29c838f6278d/1/1OTzmvyt-UcXkZKqEfKBRPU21-4.roa
File: 1OTzmvyt-UcXkZKqEfKBRPU21-4.roa (raw, json)
Hash identifier: Tuogx6p8/NrtCaXmS1qjRNw908chmwSDbT64lrpFlZQ=
Subject key identifier: D4:E4:F3:9A:FC:AD:F9:47:17:91:92:AA:11:F2:81:44:F5:36:D7:EE
Certificate issuer: /CN=1e9f66ed6e695f1c0c482f682cce3f069f804ede
Certificate serial: D95D3E
Authority key identifier: 1E:9F:66:ED:6E:69:5F:1C:0C:48:2F:68:2C:CE:3F:06:9F:80:4E:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp9m7W5pXxwMSC9oLM4_Bp-ATt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/31a95f-1b56-4db3-90b6-29c838f6278d/1/1OTzmvyt-UcXkZKqEfKBRPU21-4.roa
Signing time: Sat 01 Jan 2022 10:54:22 +0000
ROA not before: Sat 01 Jan 2022 10:54:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:3a80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14245182 (0xd95d3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9f66ed6e695f1c0c482f682cce3f069f804ede
Validity
Not Before: Jan 1 10:54:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4e4f39afcadf947179192aa11f28144f536d7ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:60:0e:06:44:68:91:73:16:94:d3:01:a0:e7:
b6:f5:29:6e:7f:09:e2:c2:0c:c0:e1:4e:d0:b3:ad:
cd:c0:38:b6:fc:4e:9b:1f:db:71:8f:48:30:ec:12:
46:56:e2:82:79:3d:b8:dd:d0:f2:ac:fb:72:ba:a6:
46:47:7e:b6:8a:1b:6c:14:81:e8:57:2a:88:e9:ea:
5e:1a:f8:b9:8f:82:b2:a0:ee:0f:bd:01:18:90:62:
01:a1:e4:2f:42:b0:db:2c:a8:28:aa:eb:13:c9:8a:
79:07:7c:fd:21:45:ae:de:3c:78:71:b9:af:37:a5:
72:be:02:35:52:dc:58:0d:1d:f7:d1:b6:eb:63:4b:
d8:6a:a1:e8:02:16:7e:62:29:66:3e:d1:d1:31:39:
eb:38:57:b6:4a:5c:ec:5b:90:34:93:b4:db:df:5c:
55:99:d1:b4:e3:73:d8:a7:cf:ca:e9:aa:61:65:50:
95:9c:e2:72:83:8b:31:f8:91:56:09:8f:a2:b4:3a:
6f:d1:67:46:99:91:77:25:19:ad:a6:15:cf:91:37:
71:36:52:90:b2:a5:f8:35:42:d7:e5:9c:cb:8f:0d:
71:89:18:55:e2:3c:fa:6c:d9:32:af:74:39:9b:fe:
ed:a0:b9:1b:84:ba:91:da:96:b4:7d:d1:82:73:ba:
ad:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E4:F3:9A:FC:AD:F9:47:17:91:92:AA:11:F2:81:44:F5:36:D7:EE
X509v3 Authority Key Identifier:
keyid:1E:9F:66:ED:6E:69:5F:1C:0C:48:2F:68:2C:CE:3F:06:9F:80:4E:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp9m7W5pXxwMSC9oLM4_Bp-ATt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/31a95f-1b56-4db3-90b6-29c838f6278d/1/1OTzmvyt-UcXkZKqEfKBRPU21-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/31a95f-1b56-4db3-90b6-29c838f6278d/1/Hp9m7W5pXxwMSC9oLM4_Bp-ATt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3a80::/29
Signature Algorithm: sha256WithRSAEncryption
40:ff:ac:4f:89:ef:e5:fb:08:26:41:10:dc:16:7e:fc:19:8e:
e2:de:5b:db:c4:6f:d7:37:1f:2c:06:e6:63:6e:39:ce:67:66:
c2:14:26:bb:9c:00:7d:8f:f2:c6:18:f0:1c:54:c9:de:a4:bf:
7f:f4:24:9f:51:27:e9:b2:a2:e1:85:fb:91:d9:23:63:5a:92:
ee:9a:e2:1f:77:71:28:ec:63:63:4f:06:d9:b2:90:41:ce:7c:
65:b8:07:3b:ad:77:f7:7b:e9:c8:d8:00:5f:c0:dc:06:30:1c:
60:f3:1d:44:ef:3e:cc:71:52:67:ec:bb:a2:89:75:7a:41:cd:
00:c9:47:8d:7d:f3:e5:2a:c6:6e:05:01:fe:87:70:46:74:93:
e7:50:20:0c:b1:4d:2b:2b:80:49:ef:64:92:9f:3e:ba:50:b8:
f9:f2:de:15:13:6e:4e:20:ec:5a:c3:d0:c8:a7:d9:c5:12:bb:
d2:c0:e6:e5:5b:e4:75:a4:79:db:b4:a1:73:3c:d3:8d:b0:f0:
14:c3:14:01:d9:74:c1:cc:6c:a4:3f:40:2d:0a:06:ee:00:42:
e3:14:c1:0c:5e:09:2a:8e:4c:20:1c:d1:fc:25:be:55:14:7e:
26:5f:5f:ff:ba:91:1d:ad:c4:27:c5:52:67:9d:44:9e:e9:b8:
fe:ba:2c:d3
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEANldPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZTlmNjZlZDZlNjk1ZjFjMGM0ODJmNjgyY2NlM2YwNjlmODA0ZWRlMB4XDTIyMDEw
MTEwNTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDRlNGYzOWFmY2Fk
Zjk0NzE3OTE5MmFhMTFmMjgxNDRmNTM2ZDdlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOFgDgZEaJFzFpTTAaDntvUpbn8J4sIMwOFO0LOtzcA4tvxO
mx/bcY9IMOwSRlbignk9uN3Q8qz7crqmRkd+toobbBSB6FcqiOnqXhr4uY+CsqDu
D70BGJBiAaHkL0Kw2yyoKKrrE8mKeQd8/SFFrt48eHG5rzelcr4CNVLcWA0d99G2
62NL2Gqh6AIWfmIpZj7R0TE56zhXtkpc7FuQNJO0299cVZnRtONz2KfPyumqYWVQ
lZzicoOLMfiRVgmPorQ6b9FnRpmRdyUZraYVz5E3cTZSkLKl+DVC1+Wcy48NcYkY
VeI8+mzZMq90OZv+7aC5G4S6kdqWtH3RgnO6rasCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTU5POa/K35RxeRkqoR8oFE9TbX7jAfBgNVHSMEGDAWgBQen2btbmlfHAxI
L2gszj8Gn4BO3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hwOW03VzVwWHh3TVNDOW9MTTRfQnAtQVR0NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvMzFhOTVmLTFiNTYtNGRiMy05MGI2LTI5YzgzOGY2Mjc4ZC8x
LzFPVHptdnl0LVVjWGtaS3FFZktCUlBVMjEtNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
MzFhOTVmLTFiNTYtNGRiMy05MGI2LTI5YzgzOGY2Mjc4ZC8xL0hwOW03VzVwWHh3
TVNDOW9MTTRfQnAtQVR0NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoROoAwDQYJKoZIhvcNAQELBQAD
ggEBAED/rE+J7+X7CCZBENwWfvwZjuLeW9vEb9c3HywG5mNuOc5nZsIUJrucAH2P
8sYY8BxUyd6kv3/0JJ9RJ+myouGF+5HZI2Naku6a4h93cSjsY2NPBtmykEHOfGW4
Bzutd/d76cjYAF/A3AYwHGDzHUTvPsxxUmfsu6KJdXpBzQDJR4198+Uqxm4FAf6H
cEZ0k+dQIAyxTSsrgEnvZJKfPrpQuPny3hUTbk4g7FrD0Min2cUSu9LA5uVb5HWk
edu0oXM8042w8BTDFAHZdMHMbKQ/QC0KBu4AQuMUwQxeCSqOTCAc0fwlvlUUfiZf
X/+6kR2txCfFUmedRJ7puP66LNM=
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:29:00 2025 by rpki-client