Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/7e5552-0b7d-400c-95fd-856f43f69aa3/1/sXl-X0lchF1CD-9t0ywtXmeOh84.roa
File: sXl-X0lchF1CD-9t0ywtXmeOh84.roa (raw, json)
Hash identifier: lZEnOlETbXLgf2xSbG4D+g71FW5riIBzDSsW8UXPU+A=
Subject key identifier: B1:79:7E:5F:49:5C:84:5D:42:0F:EF:6D:D3:2C:2D:5E:67:8E:87:CE
Certificate issuer: /CN=2cf3834cdab5abbcdb6bc5cf4e5503d16e84623a
Certificate serial: 01856F6FFF11F0E7E60ECA2BC0D207461404
Authority key identifier: 2C:F3:83:4C:DA:B5:AB:BC:DB:6B:C5:CF:4E:55:03:D1:6E:84:62:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LPODTNq1q7zba8XPTlUD0W6EYjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/7e5552-0b7d-400c-95fd-856f43f69aa3/1/sXl-X0lchF1CD-9t0ywtXmeOh84.roa
Signing time: Sun 01 Jan 2023 22:24:48 +0000
ROA not before: Sun 01 Jan 2023 22:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a12:4c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:ff:11:f0:e7:e6:0e:ca:2b:c0:d2:07:46:14:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cf3834cdab5abbcdb6bc5cf4e5503d16e84623a
Validity
Not Before: Jan 1 22:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1797e5f495c845d420fef6dd32c2d5e678e87ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4a:03:09:56:e4:8e:b4:9e:04:3b:ab:73:db:
84:38:d5:46:72:69:41:73:8b:af:58:b4:da:d0:07:
50:a3:05:9c:e5:70:fb:05:2d:e9:f2:7d:41:e4:66:
cb:ae:a0:ae:32:85:67:6f:a3:a4:e8:81:6e:df:3d:
ce:54:a6:49:91:1c:2f:ff:56:97:d4:99:b4:b9:8c:
b4:52:78:4c:61:6e:62:5c:19:68:26:31:a2:59:57:
ee:7e:1a:c2:8c:78:71:97:f7:3b:11:aa:65:95:2f:
20:20:d6:1a:e0:d0:a4:3c:4a:2f:e5:2a:0a:57:ec:
66:3c:e5:d3:c2:36:97:11:53:77:80:8f:c9:18:1a:
2f:a5:6f:7c:92:7a:cf:d8:c1:c8:d8:72:ba:cd:3e:
79:1c:39:9f:ce:f5:33:82:21:31:af:9f:66:da:e8:
7a:0c:21:44:a9:66:7d:10:69:4d:56:55:1a:d0:75:
1a:ad:1b:7d:28:bc:b8:64:53:76:57:d8:d0:09:b4:
c4:ad:82:93:15:8a:77:16:cc:97:53:40:b5:f3:67:
c3:25:6e:68:b7:15:b2:26:b2:be:3a:4a:69:47:38:
87:6f:46:7b:e1:93:a8:79:52:bc:7e:1a:17:b4:ce:
a5:00:09:a2:38:fb:7f:f7:25:29:3c:b9:84:9f:b2:
bf:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:79:7E:5F:49:5C:84:5D:42:0F:EF:6D:D3:2C:2D:5E:67:8E:87:CE
X509v3 Authority Key Identifier:
keyid:2C:F3:83:4C:DA:B5:AB:BC:DB:6B:C5:CF:4E:55:03:D1:6E:84:62:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LPODTNq1q7zba8XPTlUD0W6EYjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/7e5552-0b7d-400c-95fd-856f43f69aa3/1/sXl-X0lchF1CD-9t0ywtXmeOh84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/7e5552-0b7d-400c-95fd-856f43f69aa3/1/LPODTNq1q7zba8XPTlUD0W6EYjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:4c0::/29
Signature Algorithm: sha256WithRSAEncryption
7b:02:5e:8e:93:db:76:13:27:53:cd:fe:16:ee:e6:80:ea:06:
32:93:21:29:5d:e8:9c:c5:98:04:6d:64:1b:24:a4:eb:b8:b5:
c5:ae:bd:ca:bf:ea:91:90:9d:35:36:98:e8:e7:6e:9c:77:ec:
04:54:2a:8f:ce:0f:64:f2:7e:60:af:c2:24:05:87:f5:dd:59:
55:9c:4f:21:21:47:63:9b:0b:40:0a:4c:6a:f9:51:64:17:a1:
ca:75:10:b7:39:8f:ec:1d:3b:c5:8e:52:d1:8b:23:da:1d:04:
bc:3c:02:a9:99:93:48:c8:4f:df:5c:74:20:c7:48:61:36:b1:
bb:6d:9c:80:e3:17:8f:e6:7a:9d:64:7b:93:4a:40:be:eb:87:
6e:26:b4:49:12:9e:92:88:c8:5f:ee:84:9e:80:4a:e1:a0:f7:
db:31:6b:6e:c9:9e:6d:c5:e6:c1:71:fc:4f:57:fc:fb:52:1f:
8f:15:b9:0f:8c:86:54:20:f1:8b:5a:b7:07:57:a0:e6:16:e4:
dd:14:1d:83:2a:eb:0d:ef:4a:ea:43:d8:b4:c7:93:03:dc:ed:
d0:37:de:a0:c5:09:b2:cb:d0:cf:ee:fd:31:56:d6:bc:ce:b5:
b6:6e:99:62:4c:ca:1e:e3:25:e5:73:22:90:ca:59:6f:57:2d:
7b:06:a7:b6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvb/8R8OfmDsorwNIHRhQEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZjM4MzRjZGFiNWFiYmNkYjZiYzVjZjRlNTUwM2QxNmU4
NDYyM2EwHhcNMjMwMTAxMjIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTc5N2U1ZjQ5NWM4NDVkNDIwZmVmNmRkMzJjMmQ1ZTY3OGU4N2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUoDCVbkjrSeBDurc9uEONVGcmlB
c4uvWLTa0AdQowWc5XD7BS3p8n1B5GbLrqCuMoVnb6Ok6IFu3z3OVKZJkRwv/1aX
1Jm0uYy0UnhMYW5iXBloJjGiWVfufhrCjHhxl/c7EapllS8gINYa4NCkPEov5SoK
V+xmPOXTwjaXEVN3gI/JGBovpW98knrP2MHI2HK6zT55HDmfzvUzgiExr59m2uh6
DCFEqWZ9EGlNVlUa0HUarRt9KLy4ZFN2V9jQCbTErYKTFYp3FsyXU0C182fDJW5o
txWyJrK+OkppRziHb0Z74ZOoeVK8fhoXtM6lAAmiOPt/9yUpPLmEn7K/BwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLF5fl9JXIRdQg/vbdMsLV5njofOMB8GA1UdIwQY
MBaAFCzzg0zatau822vFz05VA9FuhGI6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFBPRFROcTFxN3piYThYUFRsVUQwVzZFWWpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni83ZTU1NTItMGI3ZC00MDBjLTk1ZmQt
ODU2ZjQzZjY5YWEzLzEvc1hsLVgwbGNoRjFDRC05dDB5d3RYbWVPaDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni83ZTU1NTItMGI3ZC00MDBjLTk1ZmQtODU2ZjQzZjY5YWEz
LzEvTFBPRFROcTFxN3piYThYUFRsVUQwVzZFWWpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIEwDAN
BgkqhkiG9w0BAQsFAAOCAQEAewJejpPbdhMnU83+Fu7mgOoGMpMhKV3onMWYBG1k
GySk67i1xa69yr/qkZCdNTaY6OdunHfsBFQqj84PZPJ+YK/CJAWH9d1ZVZxPISFH
Y5sLQApMavlRZBehynUQtzmP7B07xY5S0Ysj2h0EvDwCqZmTSMhP31x0IMdIYTax
u22cgOMXj+Z6nWR7k0pAvuuHbia0SRKekojIX+6EnoBK4aD32zFrbsmebcXmwXH8
T1f8+1IfjxW5D4yGVCDxi1q3B1eg5hbk3RQdgyrrDe9K6kPYtMeTA9zt0DfeoMUJ
ssvQz+79MVbWvM61tm6ZYkzKHuMl5XMikMpZb1ctewantg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:13 2025 by rpki-client