Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/IDwpbVeQ5bU0mYCoZMy_agUBxyU.roa
File: IDwpbVeQ5bU0mYCoZMy_agUBxyU.roa (raw, json)
Hash identifier: peXQh3QWmnZ3VPtnQm/aCS07QdFYppqfOXmmWhlHBK0=
Subject key identifier: 20:3C:29:6D:57:90:E5:B5:34:99:80:A8:64:CC:BF:6A:05:01:C7:25
Certificate issuer: /CN=33f5ce1fc37927cb5a4e67b176c7a63b32ff6e89
Certificate serial: 018486C05F4CA90C17DA751D5A4D1C3BB785
Authority key identifier: 33:F5:CE:1F:C3:79:27:CB:5A:4E:67:B1:76:C7:A6:3B:32:FF:6E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_XOH8N5J8taTmexdsemOzL_bok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/IDwpbVeQ5bU0mYCoZMy_agUBxyU.roa
Signing time: Thu 17 Nov 2022 18:01:04 +0000
ROA not before: Thu 17 Nov 2022 18:01:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a0b:3c00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:c0:5f:4c:a9:0c:17:da:75:1d:5a:4d:1c:3b:b7:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33f5ce1fc37927cb5a4e67b176c7a63b32ff6e89
Validity
Not Before: Nov 17 18:01:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=203c296d5790e5b5349980a864ccbf6a0501c725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4a:f0:f9:35:d0:f9:06:6e:bc:41:3d:75:8b:
87:4b:84:58:db:ec:d0:51:ec:8e:4a:b2:75:70:12:
5f:c8:1c:70:b6:b6:dd:10:65:b6:a8:e7:13:36:5f:
d5:8e:11:4c:df:5f:4d:d4:98:4a:9c:84:f9:fb:73:
bc:9f:df:f0:27:ab:8b:c7:60:03:1d:d2:6d:55:d5:
da:c1:53:ef:3a:66:c7:7f:ef:59:5d:61:a3:30:44:
31:be:71:3b:4f:c0:96:22:e6:10:bb:23:b8:79:17:
b7:81:c0:0c:3e:0f:4b:cd:0a:1d:67:9e:91:a2:99:
b3:25:14:22:d7:7c:ca:20:52:5c:a1:87:7f:cf:55:
32:a4:db:1c:c3:c1:59:c4:5e:a9:66:c0:d0:2d:cb:
f9:dc:be:b5:f1:f4:20:7c:ed:3f:e5:68:64:e5:71:
a9:a6:88:42:5a:81:cf:66:65:39:73:b8:06:63:a7:
5f:f4:e6:d2:e9:ce:f7:cc:ee:a1:c4:69:7e:5b:49:
ee:b8:f3:1f:58:86:b8:b9:4e:2d:6b:75:30:e1:5d:
fc:27:62:ba:3e:d4:3b:8c:07:8d:1f:e4:fd:ac:7a:
29:f1:93:7b:d4:b7:84:38:2e:7b:ff:6a:e4:36:0b:
c0:5c:30:3d:d1:7f:88:b3:31:0a:62:ad:ee:b1:4f:
9f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:3C:29:6D:57:90:E5:B5:34:99:80:A8:64:CC:BF:6A:05:01:C7:25
X509v3 Authority Key Identifier:
keyid:33:F5:CE:1F:C3:79:27:CB:5A:4E:67:B1:76:C7:A6:3B:32:FF:6E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_XOH8N5J8taTmexdsemOzL_bok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/IDwpbVeQ5bU0mYCoZMy_agUBxyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/M_XOH8N5J8taTmexdsemOzL_bok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:3c00::/29
Signature Algorithm: sha256WithRSAEncryption
09:db:7c:2d:b5:6e:c6:19:86:91:7a:18:84:6e:c4:f1:71:2f:
61:d3:57:ec:11:11:45:d8:cf:55:5f:04:3b:78:f1:8c:be:21:
40:9a:0b:f5:76:b1:ed:7e:15:48:30:c3:9d:bf:b8:0b:2a:4e:
42:b3:cf:29:09:db:6b:4e:60:97:98:be:b8:bd:8f:e6:07:ac:
23:73:a1:d8:61:fb:dd:7b:46:bb:7f:57:b4:c0:41:f8:0f:ee:
c9:7e:0e:86:21:97:51:83:de:75:77:bf:24:47:55:bc:04:5c:
7e:16:67:bf:c7:96:0d:fe:f7:b3:17:a8:e6:85:d0:dd:71:a8:
89:80:e1:6a:73:0a:ab:30:f5:3e:51:03:b8:2a:fa:08:f9:75:
bb:b6:62:4f:45:c4:72:30:bf:bd:e0:ba:6d:a3:f3:9c:fa:50:
4d:b5:91:f0:0c:c3:3c:b5:d9:76:05:d5:5c:73:59:05:eb:d3:
14:35:2c:fb:a1:18:88:e7:ad:b3:3e:45:6d:e6:4b:03:c9:18:
6a:23:74:19:5c:6d:41:01:21:8b:cf:43:ba:a1:aa:e0:36:e1:
80:a0:f1:cd:24:aa:55:1f:8c:b2:60:0b:61:09:92:96:fa:0b:
b0:ba:ce:ad:aa:28:ce:c3:17:0b:63:e9:7f:72:eb:12:ed:b9:
1b:6b:6f:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSGwF9MqQwX2nUdWk0cO7eFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZjVjZTFmYzM3OTI3Y2I1YTRlNjdiMTc2YzdhNjNiMzJm
ZjZlODkwHhcNMjIxMTE3MTgwMTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDNjMjk2ZDU3OTBlNWI1MzQ5OTgwYTg2NGNjYmY2YTA1MDFjNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUrw+TXQ+QZuvEE9dYuHS4RY2+zQ
UeyOSrJ1cBJfyBxwtrbdEGW2qOcTNl/VjhFM319N1JhKnIT5+3O8n9/wJ6uLx2AD
HdJtVdXawVPvOmbHf+9ZXWGjMEQxvnE7T8CWIuYQuyO4eRe3gcAMPg9LzQodZ56R
opmzJRQi13zKIFJcoYd/z1UypNscw8FZxF6pZsDQLcv53L618fQgfO0/5Whk5XGp
pohCWoHPZmU5c7gGY6df9ObS6c73zO6hxGl+W0nuuPMfWIa4uU4ta3Uw4V38J2K6
PtQ7jAeNH+T9rHop8ZN71LeEOC57/2rkNgvAXDA90X+IszEKYq3usU+f3QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCA8KW1XkOW1NJmAqGTMv2oFAcclMB8GA1UdIwQY
MBaAFDP1zh/DeSfLWk5nsXbHpjsy/26JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTV9YT0g4TjVKOHRhVG1leGRzZW1PekxfYm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zYmI5ZDgtYmY1NC00ZThmLTgzZTUt
M2ZmYzAxZmNiZmI2LzEvSUR3cGJWZVE1YlUwbVlDb1pNeV9hZ1VCeHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zYmI5ZDgtYmY1NC00ZThmLTgzZTUtM2ZmYzAxZmNiZmI2
LzEvTV9YT0g4TjVKOHRhVG1leGRzZW1PekxfYm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgs8ADAN
BgkqhkiG9w0BAQsFAAOCAQEACdt8LbVuxhmGkXoYhG7E8XEvYdNX7BERRdjPVV8E
O3jxjL4hQJoL9Xax7X4VSDDDnb+4CypOQrPPKQnba05gl5i+uL2P5gesI3Oh2GH7
3XtGu39XtMBB+A/uyX4OhiGXUYPedXe/JEdVvARcfhZnv8eWDf73sxeo5oXQ3XGo
iYDhanMKqzD1PlEDuCr6CPl1u7ZiT0XEcjC/veC6baPznPpQTbWR8AzDPLXZdgXV
XHNZBevTFDUs+6EYiOetsz5FbeZLA8kYaiN0GVxtQQEhi89DuqGq4DbhgKDxzSSq
VR+MsmALYQmSlvoLsLrOraoozsMXC2Ppf3LrEu25G2tvLA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:16 2025 by rpki-client