Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/31a95f-1b56-4db3-90b6-29c838f6278d/1/xCmUsx7SM1ZUIrvwc5qiYiWMXF0.roa
File: xCmUsx7SM1ZUIrvwc5qiYiWMXF0.roa (raw, json)
Hash identifier: Tiio1uNeoUWLoTfOEF7h3gm6ijUpBV8R/K2COyFx84Q=
Subject key identifier: C4:29:94:B3:1E:D2:33:56:54:22:BB:F0:73:9A:A2:62:25:8C:5C:5D
Certificate issuer: /CN=1e9f66ed6e695f1c0c482f682cce3f069f804ede
Certificate serial: 0185719539404B6778D2663ECC6DEE6B6DDD
Authority key identifier: 1E:9F:66:ED:6E:69:5F:1C:0C:48:2F:68:2C:CE:3F:06:9F:80:4E:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp9m7W5pXxwMSC9oLM4_Bp-ATt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/31a95f-1b56-4db3-90b6-29c838f6278d/1/xCmUsx7SM1ZUIrvwc5qiYiWMXF0.roa
Signing time: Mon 02 Jan 2023 08:24:42 +0000
ROA not before: Mon 02 Jan 2023 08:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:3a80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:39:40:4b:67:78:d2:66:3e:cc:6d:ee:6b:6d:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9f66ed6e695f1c0c482f682cce3f069f804ede
Validity
Not Before: Jan 2 08:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c42994b31ed233565422bbf0739aa262258c5c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e9:16:e2:a1:0a:4a:4f:f4:02:5c:57:c4:b4:
9e:f6:81:31:d8:66:c5:04:a1:83:de:b2:8e:1a:5d:
22:88:d2:4f:23:3e:0f:80:38:93:a8:76:30:df:72:
7b:b4:b7:6e:55:3d:cd:ac:3f:85:e2:9c:3b:af:e4:
05:25:d9:0f:52:e1:e5:9f:9f:26:10:61:ae:dc:64:
30:d5:e9:28:22:4a:03:42:4d:5b:46:26:07:93:47:
60:5e:51:40:80:6a:3e:69:4e:be:11:89:37:53:28:
9a:82:fa:52:53:03:97:0a:45:ea:4d:22:a7:40:01:
fd:5c:7e:d9:71:6a:7d:e3:50:54:33:47:a0:f5:10:
8b:87:64:58:b6:eb:75:5e:9a:bd:7c:a4:b8:65:c2:
93:9c:d9:63:48:0e:6c:8d:f8:97:8a:d5:0d:98:9c:
cb:15:b2:96:99:c1:c7:d4:8c:f7:20:e8:02:aa:3e:
5d:05:8a:34:92:3d:fa:e2:11:23:17:16:ad:7e:67:
7c:15:ab:01:d8:0f:1f:74:46:8c:d9:bf:70:f8:56:
8a:2c:a5:61:91:52:9b:46:85:4d:59:e2:d8:51:ed:
c8:23:47:67:f2:90:c8:12:f4:42:c0:49:28:9d:f7:
f8:55:d6:23:3e:8b:da:a4:ed:a3:bf:4e:e8:40:c6:
29:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:29:94:B3:1E:D2:33:56:54:22:BB:F0:73:9A:A2:62:25:8C:5C:5D
X509v3 Authority Key Identifier:
keyid:1E:9F:66:ED:6E:69:5F:1C:0C:48:2F:68:2C:CE:3F:06:9F:80:4E:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp9m7W5pXxwMSC9oLM4_Bp-ATt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/31a95f-1b56-4db3-90b6-29c838f6278d/1/xCmUsx7SM1ZUIrvwc5qiYiWMXF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/31a95f-1b56-4db3-90b6-29c838f6278d/1/Hp9m7W5pXxwMSC9oLM4_Bp-ATt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3a80::/29
Signature Algorithm: sha256WithRSAEncryption
19:81:5e:e4:ed:41:40:df:59:3a:1c:e7:a9:55:5c:a4:82:12:
fa:8a:19:77:f2:0f:b9:a7:ea:67:42:bd:e1:47:74:5e:23:10:
9b:68:5b:9f:24:32:10:72:b3:a7:79:e9:09:26:25:24:b5:da:
9a:df:88:a7:d1:61:4f:9a:28:c0:8f:72:9f:70:0f:38:52:60:
1f:7d:dc:53:48:ad:3f:85:b7:ff:1a:8a:43:1b:ae:17:f0:41:
5d:3b:75:13:2b:cf:c3:bd:2b:6e:69:5a:39:ed:57:19:f6:e6:
24:1d:c8:43:96:cf:0a:08:c9:6f:cf:5b:d7:94:2e:6c:e9:17:
e8:5d:34:7a:21:9e:3f:b7:e3:17:53:ef:31:f2:c3:31:63:f4:
df:d4:15:b6:f9:96:ad:ef:e4:42:04:ab:6c:53:2b:cd:9d:fe:
4e:4b:e7:2a:43:51:bf:cd:11:d5:7f:c2:b3:0b:7c:07:44:7b:
fa:6a:91:3e:42:ba:42:92:b5:ce:c6:17:58:64:1c:df:e8:e0:
8f:54:9b:b8:5a:a5:e2:76:b3:cb:c0:f3:af:97:63:05:5b:2d:
82:d7:5b:60:cd:a1:57:82:2c:e4:e6:05:d1:ba:b7:f1:af:5b:
18:a0:71:7c:1c:19:0a:9e:35:b6:5a:89:cd:aa:6e:5e:fe:b9:
7f:4c:c5:86
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxlTlAS2d40mY+zG3ua23dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWY2NmVkNmU2OTVmMWMwYzQ4MmY2ODJjY2UzZjA2OWY4
MDRlZGUwHhcNMjMwMTAyMDgyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDI5OTRiMzFlZDIzMzU2NTQyMmJiZjA3MzlhYTI2MjI1OGM1YzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OkW4qEKSk/0AlxXxLSe9oEx2GbF
BKGD3rKOGl0iiNJPIz4PgDiTqHYw33J7tLduVT3NrD+F4pw7r+QFJdkPUuHln58m
EGGu3GQw1ekoIkoDQk1bRiYHk0dgXlFAgGo+aU6+EYk3UyiagvpSUwOXCkXqTSKn
QAH9XH7ZcWp941BUM0eg9RCLh2RYtut1Xpq9fKS4ZcKTnNljSA5sjfiXitUNmJzL
FbKWmcHH1Iz3IOgCqj5dBYo0kj364hEjFxatfmd8FasB2A8fdEaM2b9w+FaKLKVh
kVKbRoVNWeLYUe3II0dn8pDIEvRCwEkonff4VdYjPovapO2jv07oQMYpmQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMQplLMe0jNWVCK78HOaomIljFxdMB8GA1UdIwQY
MBaAFB6fZu1uaV8cDEgvaCzOPwafgE7eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHA5bTdXNXBYeHdNU0M5b0xNNF9CcC1BVHQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8zMWE5NWYtMWI1Ni00ZGIzLTkwYjYt
MjljODM4ZjYyNzhkLzEveENtVXN4N1NNMVpVSXJ2d2M1cWlZaVdNWEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8zMWE5NWYtMWI1Ni00ZGIzLTkwYjYtMjljODM4ZjYyNzhk
LzEvSHA5bTdXNXBYeHdNU0M5b0xNNF9CcC1BVHQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhE6gDAN
BgkqhkiG9w0BAQsFAAOCAQEAGYFe5O1BQN9ZOhznqVVcpIIS+ooZd/IPuafqZ0K9
4Ud0XiMQm2hbnyQyEHKzp3npCSYlJLXamt+Ip9FhT5oowI9yn3APOFJgH33cU0it
P4W3/xqKQxuuF/BBXTt1EyvPw70rbmlaOe1XGfbmJB3IQ5bPCgjJb89b15QubOkX
6F00eiGeP7fjF1PvMfLDMWP039QVtvmWre/kQgSrbFMrzZ3+TkvnKkNRv80R1X/C
swt8B0R7+mqRPkK6QpK1zsYXWGQc3+jgj1SbuFql4nazy8Dzr5djBVstgtdbYM2h
V4Is5OYF0bq38a9bGKBxfBwZCp41tlqJzapuXv65f0zFhg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:36:23 2025 by rpki-client