Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/0f809b-1c8c-47cb-82fd-4d4f81b56b38/1/1clt2kjp2e23pQi5uOgE7XqiepY.roa
File: 1clt2kjp2e23pQi5uOgE7XqiepY.roa (raw, json)
Hash identifier: BqV553CvErrdbkGFPtH1/A1wx1DL/JhQOVGRP8P2TNE=
Subject key identifier: D5:C9:6D:DA:48:E9:D9:ED:B7:A5:08:B9:B8:E8:04:ED:7A:A2:7A:96
Certificate issuer: /CN=30febc8c06aeed36017bbdd705bdf5adb2e730ad
Certificate serial: 0187614B5EFFA32A4A5E807EAD4A385558E6
Authority key identifier: 30:FE:BC:8C:06:AE:ED:36:01:7B:BD:D7:05:BD:F5:AD:B2:E7:30:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MP68jAau7TYBe73XBb31rbLnMK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/0f809b-1c8c-47cb-82fd-4d4f81b56b38/1/1clt2kjp2e23pQi5uOgE7XqiepY.roa
Signing time: Sat 08 Apr 2023 14:35:42 +0000
ROA not before: Sat 08 Apr 2023 14:35:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210852
IP address blocks: 2a11:df40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:61:4b:5e:ff:a3:2a:4a:5e:80:7e:ad:4a:38:55:58:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30febc8c06aeed36017bbdd705bdf5adb2e730ad
Validity
Not Before: Apr 8 14:35:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5c96dda48e9d9edb7a508b9b8e804ed7aa27a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:11:a3:f5:f1:62:41:c0:73:1c:50:cd:85:d8:
10:0e:9c:4a:5b:0f:15:4d:ee:35:ec:f0:09:71:76:
9d:10:ec:7c:e9:60:88:62:c9:04:d2:6c:5c:55:47:
30:69:5f:04:b8:3d:69:dc:ed:9b:9c:16:93:b5:22:
aa:d5:cc:3d:62:5f:db:11:0e:d4:16:92:e3:72:88:
60:1b:32:82:da:de:4b:9c:06:47:3b:eb:b7:27:52:
c1:0e:b2:ff:b6:3f:2d:fb:da:d3:18:51:b4:33:67:
85:15:8e:8a:a9:1b:7e:eb:9f:cd:0e:9c:1a:ad:8d:
3a:1f:4d:42:68:51:51:79:46:21:05:d4:b5:0c:57:
48:db:77:5d:57:0d:2c:e9:df:72:b8:c7:5f:7a:91:
9c:7a:93:99:a9:54:c0:bf:97:f2:dd:f7:1d:08:ae:
ad:71:42:fc:69:d8:7a:f1:15:49:7c:da:2b:fa:7b:
1c:ef:42:40:65:e7:b1:34:02:7d:c1:ad:b0:d0:2e:
bd:d5:f2:52:94:00:5f:86:d4:4b:02:e2:e8:59:e0:
fa:4a:db:af:ba:e2:2b:f4:fd:07:ef:6d:46:22:48:
49:23:6e:27:64:a1:f8:3d:e4:58:52:5a:d9:02:fe:
9d:41:e5:ab:84:3c:b2:c7:21:9f:fe:51:7d:c5:47:
db:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C9:6D:DA:48:E9:D9:ED:B7:A5:08:B9:B8:E8:04:ED:7A:A2:7A:96
X509v3 Authority Key Identifier:
keyid:30:FE:BC:8C:06:AE:ED:36:01:7B:BD:D7:05:BD:F5:AD:B2:E7:30:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MP68jAau7TYBe73XBb31rbLnMK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0f809b-1c8c-47cb-82fd-4d4f81b56b38/1/1clt2kjp2e23pQi5uOgE7XqiepY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0f809b-1c8c-47cb-82fd-4d4f81b56b38/1/MP68jAau7TYBe73XBb31rbLnMK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:df40::/32
Signature Algorithm: sha256WithRSAEncryption
61:4f:6d:06:a2:c8:a1:20:20:b9:68:b9:e3:8a:01:25:4a:0f:
18:f1:a2:10:41:f2:54:b3:13:c0:45:c8:fc:fe:19:55:3b:3c:
28:97:7a:40:da:66:4a:81:64:ea:05:9c:9a:73:8e:4d:63:5f:
56:13:3a:fd:e1:eb:ff:28:83:12:34:91:53:de:d1:0a:d2:d3:
21:a7:8c:dc:be:dd:ca:60:28:62:f6:23:68:da:97:92:0c:20:
4c:a5:12:85:df:f6:e3:ea:36:75:a5:10:1e:fd:8e:90:fc:3d:
78:cc:a7:c3:96:77:25:92:03:17:81:28:5f:e7:4d:ef:e4:95:
a7:f3:f0:5b:21:79:0e:2a:67:ec:6f:fe:0d:f1:6d:5f:7d:57:
3e:d9:01:c4:82:97:09:bf:1c:a9:04:b0:89:c2:86:68:01:7a:
6a:ad:85:dc:27:d4:9a:e0:54:aa:39:62:13:8d:7d:c7:47:51:
e9:79:36:ce:ce:0b:14:42:ea:49:6f:b2:73:15:ee:20:31:c7:
f2:b8:f2:db:08:6d:2b:f1:2e:7c:1b:5a:46:4f:c7:9d:0f:78:
04:6a:33:af:17:d6:91:41:2c:d7:a7:57:cb:87:db:35:c4:3b:
77:07:d9:55:af:21:1b:b8:a5:e0:8f:ba:11:52:27:2d:01:8e:
70:a7:b0:4f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYdhS17/oypKXoB+rUo4VVjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZmViYzhjMDZhZWVkMzYwMTdiYmRkNzA1YmRmNWFkYjJl
NzMwYWQwHhcNMjMwNDA4MTQzNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWM5NmRkYTQ4ZTlkOWVkYjdhNTA4YjliOGU4MDRlZDdhYTI3YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBGj9fFiQcBzHFDNhdgQDpxKWw8V
Te417PAJcXadEOx86WCIYskE0mxcVUcwaV8EuD1p3O2bnBaTtSKq1cw9Yl/bEQ7U
FpLjcohgGzKC2t5LnAZHO+u3J1LBDrL/tj8t+9rTGFG0M2eFFY6KqRt+65/NDpwa
rY06H01CaFFReUYhBdS1DFdI23ddVw0s6d9yuMdfepGcepOZqVTAv5fy3fcdCK6t
cUL8adh68RVJfNor+nsc70JAZeexNAJ9wa2w0C691fJSlABfhtRLAuLoWeD6Stuv
uuIr9P0H721GIkhJI24nZKH4PeRYUlrZAv6dQeWrhDyyxyGf/lF9xUfbuwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNXJbdpI6dntt6UIubjoBO16onqWMB8GA1UdIwQY
MBaAFDD+vIwGru02AXu91wW99a2y5zCtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVA2OGpBYXU3VFlCZTczWEJiMzFyYkxuTUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wZjgwOWItMWM4Yy00N2NiLTgyZmQt
NGQ0ZjgxYjU2YjM4LzEvMWNsdDJranAyZTIzcFFpNXVPZ0U3WHFpZXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wZjgwOWItMWM4Yy00N2NiLTgyZmQtNGQ0ZjgxYjU2YjM4
LzEvTVA2OGpBYXU3VFlCZTczWEJiMzFyYkxuTUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhHfQDAN
BgkqhkiG9w0BAQsFAAOCAQEAYU9tBqLIoSAguWi544oBJUoPGPGiEEHyVLMTwEXI
/P4ZVTs8KJd6QNpmSoFk6gWcmnOOTWNfVhM6/eHr/yiDEjSRU97RCtLTIaeM3L7d
ymAoYvYjaNqXkgwgTKUShd/24+o2daUQHv2OkPw9eMynw5Z3JZIDF4EoX+dN7+SV
p/PwWyF5Dipn7G/+DfFtX31XPtkBxIKXCb8cqQSwicKGaAF6aq2F3CfUmuBUqjli
E419x0dR6Xk2zs4LFELqSW+ycxXuIDHH8rjy2whtK/EufBtaRk/HnQ94BGozrxfW
kUEs16dXy4fbNcQ7dwfZVa8hG7il4I+6EVInLQGOcKewTw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:13:29 2025 by rpki-client