Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/185e80-7339-4cc0-8b7c-4edf4244a9f9/1/3TXMmtPiIhLYfOvxrDVYJJ-1s_A.roa
File: 3TXMmtPiIhLYfOvxrDVYJJ-1s_A.roa (raw, json)
Hash identifier: KYuD0Xa61dicY89+iMFVxt+7ppQgOvBDxDFeEgmQchs=
Subject key identifier: DD:35:CC:9A:D3:E2:22:12:D8:7C:EB:F1:AC:35:58:24:9F:B5:B3:F0
Certificate issuer: /CN=baa63d3ba6dae4a4493bc14a675b94ad2aa45b69
Certificate serial: 01857203549C518EBD7E27B55751D289D49E
Authority key identifier: BA:A6:3D:3B:A6:DA:E4:A4:49:3B:C1:4A:67:5B:94:AD:2A:A4:5B:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqY9O6ba5KRJO8FKZ1uUrSqkW2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/185e80-7339-4cc0-8b7c-4edf4244a9f9/1/3TXMmtPiIhLYfOvxrDVYJJ-1s_A.roa
Signing time: Mon 02 Jan 2023 10:24:58 +0000
ROA not before: Mon 02 Jan 2023 10:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210661
IP address blocks: 2a11:5500::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:54:9c:51:8e:bd:7e:27:b5:57:51:d2:89:d4:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa63d3ba6dae4a4493bc14a675b94ad2aa45b69
Validity
Not Before: Jan 2 10:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd35cc9ad3e22212d87cebf1ac3558249fb5b3f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:92:28:46:51:c0:75:98:c8:d3:79:fd:86:88:
6d:75:c2:aa:a0:4d:53:07:f7:c1:1b:25:6f:78:9f:
5a:fd:6c:04:a5:44:54:8c:fe:23:54:f9:c2:bb:b7:
af:79:f9:fa:ad:e0:1c:a0:7e:7c:e1:63:b2:3a:5f:
e6:f0:9d:4e:24:47:9e:01:81:85:af:6c:b9:6f:fd:
1b:02:fe:f9:04:d8:57:c5:54:4c:b0:c2:2e:17:e4:
0e:52:3a:d6:7c:16:f5:6c:9a:55:97:69:c7:72:af:
1d:81:cc:fb:14:57:0c:90:91:f3:82:10:ce:73:2a:
01:51:9d:80:3e:82:db:1a:31:ff:6f:72:7d:41:c4:
5c:39:c5:fd:18:d9:57:1b:9f:4e:18:27:16:53:52:
da:dc:d3:84:09:de:50:8c:6c:9b:c1:f6:ab:9b:05:
90:fa:be:64:da:33:2d:65:39:3e:74:f4:89:a1:95:
e4:f4:07:94:f8:fa:da:6a:fd:e1:d4:2c:4d:c1:94:
77:1b:86:d5:4a:c8:ac:6a:d1:24:aa:4d:aa:64:8e:
2d:32:a7:eb:80:03:64:32:ab:55:65:6c:c3:6a:b8:
ee:02:41:12:41:6d:74:04:f6:47:da:48:5c:55:dd:
cf:4a:69:37:31:ce:fa:cd:89:be:4b:0d:7e:3f:19:
57:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:35:CC:9A:D3:E2:22:12:D8:7C:EB:F1:AC:35:58:24:9F:B5:B3:F0
X509v3 Authority Key Identifier:
keyid:BA:A6:3D:3B:A6:DA:E4:A4:49:3B:C1:4A:67:5B:94:AD:2A:A4:5B:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqY9O6ba5KRJO8FKZ1uUrSqkW2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/185e80-7339-4cc0-8b7c-4edf4244a9f9/1/3TXMmtPiIhLYfOvxrDVYJJ-1s_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/185e80-7339-4cc0-8b7c-4edf4244a9f9/1/uqY9O6ba5KRJO8FKZ1uUrSqkW2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5500::/29
Signature Algorithm: sha256WithRSAEncryption
72:eb:5e:19:4c:34:57:e7:20:52:c4:69:67:9f:da:ce:2d:ed:
2f:9a:fc:3d:13:1d:65:2b:4e:3f:80:09:dd:7e:b5:6b:7b:5d:
07:bc:35:c6:d2:94:2c:a2:41:d1:58:9c:c7:21:57:6c:78:c4:
38:8c:81:6c:60:44:cd:bf:6c:15:53:8a:f4:c4:9d:87:19:a6:
f4:f1:1b:02:fb:54:95:83:29:d2:80:eb:93:81:6d:03:54:e2:
2a:09:e1:0f:4f:d5:f5:1c:c9:c1:ed:19:43:e4:bf:87:36:dc:
73:1d:b5:1e:80:b6:82:f8:52:d8:b8:14:00:e3:24:f0:56:44:
b3:3b:ec:a9:b5:79:e1:02:17:0d:f1:3e:4d:fa:28:2f:2b:34:
11:24:91:4e:1f:73:84:b9:be:75:4f:c6:63:40:f8:80:16:8f:
07:a3:88:e5:40:c6:2a:c3:b5:c0:48:57:3e:35:d4:fe:ac:f0:
fa:78:76:26:44:56:06:ff:10:4b:a3:66:85:2b:60:c5:06:5f:
8a:7c:0d:5c:d6:3d:40:79:ed:28:44:bb:46:4a:02:81:54:e4:
1d:05:6b:b0:56:de:59:68:57:ef:5e:b5:07:12:f9:a8:23:7a:
8f:94:02:26:53:99:6f:68:ec:64:9e:07:ee:b3:99:dc:90:4a:
f4:6e:e1:c8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVyA1ScUY69fie1V1HSidSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTYzZDNiYTZkYWU0YTQ0OTNiYzE0YTY3NWI5NGFkMmFh
NDViNjkwHhcNMjMwMTAyMTAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDM1Y2M5YWQzZTIyMjEyZDg3Y2ViZjFhYzM1NTgyNDlmYjViM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpIoRlHAdZjI03n9hohtdcKqoE1T
B/fBGyVveJ9a/WwEpURUjP4jVPnCu7evefn6reAcoH584WOyOl/m8J1OJEeeAYGF
r2y5b/0bAv75BNhXxVRMsMIuF+QOUjrWfBb1bJpVl2nHcq8dgcz7FFcMkJHzghDO
cyoBUZ2APoLbGjH/b3J9QcRcOcX9GNlXG59OGCcWU1La3NOECd5QjGybwfarmwWQ
+r5k2jMtZTk+dPSJoZXk9AeU+Praav3h1CxNwZR3G4bVSsisatEkqk2qZI4tMqfr
gANkMqtVZWzDarjuAkESQW10BPZH2khcVd3PSmk3Mc76zYm+Sw1+PxlXZQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN01zJrT4iIS2Hzr8aw1WCSftbPwMB8GA1UdIwQY
MBaAFLqmPTum2uSkSTvBSmdblK0qpFtpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFZOU82YmE1S1JKTzhGS1oxdVVyU3FrVzJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8xODVlODAtNzMzOS00Y2MwLThiN2Mt
NGVkZjQyNDRhOWY5LzEvM1RYTW10UGlJaExZZk92eHJEVllKSi0xc19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8xODVlODAtNzMzOS00Y2MwLThiN2MtNGVkZjQyNDRhOWY5
LzEvdXFZOU82YmE1S1JKTzhGS1oxdVVyU3FrVzJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFVADAN
BgkqhkiG9w0BAQsFAAOCAQEAcuteGUw0V+cgUsRpZ5/azi3tL5r8PRMdZStOP4AJ
3X61a3tdB7w1xtKULKJB0VicxyFXbHjEOIyBbGBEzb9sFVOK9MSdhxmm9PEbAvtU
lYMp0oDrk4FtA1TiKgnhD0/V9RzJwe0ZQ+S/hzbccx21HoC2gvhS2LgUAOMk8FZE
szvsqbV54QIXDfE+TfooLys0ESSRTh9zhLm+dU/GY0D4gBaPB6OI5UDGKsO1wEhX
PjXU/qzw+nh2JkRWBv8QS6NmhStgxQZfinwNXNY9QHntKES7RkoCgVTkHQVrsFbe
WWhX7161BxL5qCN6j5QCJlOZb2jsZJ4H7rOZ3JBK9G7hyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:52 2024 by rpki-client on console-fra.rpki-client.org