Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/fe8f31-7ed9-42e7-bb0f-22adef775178/1/nVruXn_IU50OfL_bBSaAHLmQWCo.roa
File: nVruXn_IU50OfL_bBSaAHLmQWCo.roa (raw, json)
Hash identifier: AiP+VOOl36mV2PVgu3fwcgFNMipJZTA0zqfgmrEoY24=
Subject key identifier: 9D:5A:EE:5E:7F:C8:53:9D:0E:7C:BF:DB:05:26:80:1C:B9:90:58:2A
Certificate issuer: /CN=6c7fcb2c1d11bfdac94f3ebb65f97003df4a5506
Certificate serial: 01856D9D25DAC8D1CB367D7C3A551249C628
Authority key identifier: 6C:7F:CB:2C:1D:11:BF:DA:C9:4F:3E:BB:65:F9:70:03:DF:4A:55:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bH_LLB0Rv9rJTz67ZflwA99KVQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/fe8f31-7ed9-42e7-bb0f-22adef775178/1/nVruXn_IU50OfL_bBSaAHLmQWCo.roa
Signing time: Sun 01 Jan 2023 13:54:53 +0000
ROA not before: Sun 01 Jan 2023 13:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a11:8800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:25:da:c8:d1:cb:36:7d:7c:3a:55:12:49:c6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c7fcb2c1d11bfdac94f3ebb65f97003df4a5506
Validity
Not Before: Jan 1 13:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d5aee5e7fc8539d0e7cbfdb0526801cb990582a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:bf:18:b6:a0:ab:3d:7b:88:a7:6f:d3:cf:66:
90:09:95:3d:4d:65:04:92:8c:38:46:8e:c9:ba:1c:
b9:32:7b:a3:89:36:37:58:95:38:31:25:ba:12:f8:
0a:09:db:bb:4a:48:c7:c1:64:ba:9c:0b:93:4a:1b:
f3:81:c7:80:e1:40:b8:fe:41:7a:2d:03:db:41:ff:
35:e5:01:f4:9c:2d:48:e3:c2:65:66:47:9c:de:e7:
83:13:09:ce:b3:de:5a:18:95:e4:0a:e7:64:ec:ad:
3d:3b:2e:cd:89:c9:32:e8:08:13:a3:ce:2d:00:c6:
d4:9d:a0:33:12:44:5b:94:e9:90:50:6f:41:a0:23:
07:7d:e7:d2:28:27:ba:c7:74:01:33:ba:f1:9e:7e:
08:97:bc:9c:5b:a1:56:ee:5b:17:f9:72:53:f7:a1:
d7:a1:04:a7:76:3c:32:3f:63:6b:0a:e6:c4:17:72:
d5:48:a0:1b:dd:62:70:c3:50:4e:be:70:90:c5:85:
81:af:3a:e7:04:fb:c7:68:44:f4:25:b5:80:53:a5:
c4:1c:7b:70:2d:81:e2:69:98:d0:8e:27:80:05:3b:
e7:5b:9c:0f:46:ac:79:95:7c:ac:4d:0e:84:cc:ce:
0f:1a:51:6e:19:9b:97:1c:97:ac:b9:fe:ae:2c:6d:
96:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5A:EE:5E:7F:C8:53:9D:0E:7C:BF:DB:05:26:80:1C:B9:90:58:2A
X509v3 Authority Key Identifier:
keyid:6C:7F:CB:2C:1D:11:BF:DA:C9:4F:3E:BB:65:F9:70:03:DF:4A:55:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bH_LLB0Rv9rJTz67ZflwA99KVQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/fe8f31-7ed9-42e7-bb0f-22adef775178/1/nVruXn_IU50OfL_bBSaAHLmQWCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/fe8f31-7ed9-42e7-bb0f-22adef775178/1/bH_LLB0Rv9rJTz67ZflwA99KVQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8800::/29
Signature Algorithm: sha256WithRSAEncryption
53:bb:71:1c:79:80:11:de:d0:fd:a4:0a:96:7d:d4:ed:1e:58:
a1:97:7f:83:24:ae:4d:7f:29:fd:ad:7b:ca:c5:c2:0a:79:24:
86:9b:ed:c6:47:9b:6d:ac:ba:24:b4:58:b0:2e:69:84:de:b1:
7b:f2:ae:f0:27:59:77:52:b7:e7:a5:00:65:fb:7f:c7:f7:3e:
75:ea:bf:1b:64:78:59:b0:67:b0:1c:2e:27:c2:96:7f:6f:21:
79:f3:66:2b:3d:7a:a3:ce:d1:89:56:f1:e7:88:b3:e3:d4:a7:
dc:24:a1:df:ce:a5:a4:06:52:13:00:27:3c:d7:49:87:5a:90:
75:ad:f2:e0:c5:53:1a:fe:c0:fe:68:8b:b1:ed:aa:10:80:19:
e3:2f:64:68:77:af:dd:17:16:e2:81:64:d0:d5:8f:3e:81:5b:
e1:31:44:06:1f:ab:ab:67:e8:ab:b0:62:ce:13:b6:90:84:b6:
a6:73:0b:63:72:f2:58:ed:67:56:94:8f:ff:9d:f3:63:4a:ee:
67:ea:a2:06:f3:b4:0c:e6:12:a2:72:e9:40:77:8a:35:a9:c8:
cf:91:cf:c8:cf:7d:1b:4b:81:9b:cb:4e:4e:b6:f2:54:42:08:
a6:bc:ca:9e:24:82:50:c6:7f:4c:41:e0:f1:94:05:a4:2d:e4:
f2:43:fa:fa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtnSXayNHLNn18OlUSScYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjN2ZjYjJjMWQxMWJmZGFjOTRmM2ViYjY1Zjk3MDAzZGY0
YTU1MDYwHhcNMjMwMTAxMTM1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDVhZWU1ZTdmYzg1MzlkMGU3Y2JmZGIwNTI2ODAxY2I5OTA1ODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyr8YtqCrPXuIp2/Tz2aQCZU9TWUE
kow4Ro7Juhy5MnujiTY3WJU4MSW6EvgKCdu7SkjHwWS6nAuTShvzgceA4UC4/kF6
LQPbQf815QH0nC1I48JlZkec3ueDEwnOs95aGJXkCudk7K09Oy7Nicky6AgTo84t
AMbUnaAzEkRblOmQUG9BoCMHfefSKCe6x3QBM7rxnn4Il7ycW6FW7lsX+XJT96HX
oQSndjwyP2NrCubEF3LVSKAb3WJww1BOvnCQxYWBrzrnBPvHaET0JbWAU6XEHHtw
LYHiaZjQjieABTvnW5wPRqx5lXysTQ6EzM4PGlFuGZuXHJesuf6uLG2WfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ1a7l5/yFOdDny/2wUmgBy5kFgqMB8GA1UdIwQY
MBaAFGx/yywdEb/ayU8+u2X5cAPfSlUGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkhfTExCMFJ2OXJKVHo2N1pmbHdBOTlLVlFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9mZThmMzEtN2VkOS00MmU3LWJiMGYt
MjJhZGVmNzc1MTc4LzEvblZydVhuX0lVNTBPZkxfYkJTYUFITG1RV0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9mZThmMzEtN2VkOS00MmU3LWJiMGYtMjJhZGVmNzc1MTc4
LzEvYkhfTExCMFJ2OXJKVHo2N1pmbHdBOTlLVlFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGIADAN
BgkqhkiG9w0BAQsFAAOCAQEAU7txHHmAEd7Q/aQKln3U7R5YoZd/gySuTX8p/a17
ysXCCnkkhpvtxkebbay6JLRYsC5phN6xe/Ku8CdZd1K356UAZft/x/c+deq/G2R4
WbBnsBwuJ8KWf28hefNmKz16o87RiVbx54iz49Sn3CSh386lpAZSEwAnPNdJh1qQ
da3y4MVTGv7A/miLse2qEIAZ4y9kaHev3RcW4oFk0NWPPoFb4TFEBh+rq2foq7Bi
zhO2kIS2pnMLY3LyWO1nVpSP/53zY0ruZ+qiBvO0DOYSonLpQHeKNanIz5HPyM99
G0uBm8tOTrbyVEIIprzKniSCUMZ/TEHg8ZQFpC3k8kP6+g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:17 2025 by rpki-client