Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/e6d996-87d9-4fdc-b654-46705881b161/1/dTxU0pY0HzQ4OYyIZFnXCkPDET8.roa
File: dTxU0pY0HzQ4OYyIZFnXCkPDET8.roa (raw, json)
Hash identifier: jxf7cKGzeoJjzHn1/sWIp2JZv0wMn+3s8vxtuvmtJCc=
Subject key identifier: 75:3C:54:D2:96:34:1F:34:38:39:8C:88:64:59:D7:0A:43:C3:11:3F
Certificate issuer: /CN=d191342b98368ad4be832a67e355db275c8da3ad
Certificate serial: 0185710BE8DEB612178F4FCC8BCB44FCC147
Authority key identifier: D1:91:34:2B:98:36:8A:D4:BE:83:2A:67:E3:55:DB:27:5C:8D:A3:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ZE0K5g2itS-gypn41XbJ1yNo60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/e6d996-87d9-4fdc-b654-46705881b161/1/dTxU0pY0HzQ4OYyIZFnXCkPDET8.roa
Signing time: Mon 02 Jan 2023 05:54:43 +0000
ROA not before: Mon 02 Jan 2023 05:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a12:4200::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:e8:de:b6:12:17:8f:4f:cc:8b:cb:44:fc:c1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d191342b98368ad4be832a67e355db275c8da3ad
Validity
Not Before: Jan 2 05:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=753c54d296341f3438398c886459d70a43c3113f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:54:ed:50:da:de:d5:58:f6:9f:5d:b3:ec:23:
90:ea:2c:98:22:97:c2:8a:24:0f:95:9e:95:40:7d:
5e:98:87:ae:54:e2:a0:b7:42:bd:5c:d9:4a:88:e5:
e1:c3:e6:26:0d:da:3a:4c:de:1a:77:de:5d:b3:b0:
cb:4e:6a:ca:05:75:7c:79:de:fa:6a:6a:14:6c:43:
ca:4d:bc:99:b6:e0:04:a0:e6:fe:ba:ab:03:11:64:
a2:09:89:ee:1e:2d:c7:3f:3a:67:75:23:16:ad:25:
91:a6:0d:7e:d5:6d:0a:69:fd:44:fb:1c:18:6a:09:
41:91:14:b0:2e:4b:31:bb:ea:03:8a:88:0f:bb:37:
4a:d9:27:70:0b:bf:12:fe:5a:37:79:e6:45:1f:db:
aa:02:ab:be:37:6e:66:ac:13:7e:95:b1:fd:50:38:
f3:f7:7c:ff:9d:89:f0:5c:e4:08:d4:7b:14:e3:bb:
02:b6:f2:78:e3:71:d7:2a:d9:15:a7:0b:df:69:5b:
f5:82:80:5e:4a:43:12:20:8d:16:86:ec:4c:a6:c1:
1a:de:9e:d8:e4:01:ea:b4:7b:75:04:f2:57:44:92:
c2:f4:0e:10:b0:b2:15:a4:78:7b:0e:6d:a7:94:36:
7a:26:60:8e:3c:f7:9e:a5:fa:4d:f9:79:07:ef:c3:
bb:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:3C:54:D2:96:34:1F:34:38:39:8C:88:64:59:D7:0A:43:C3:11:3F
X509v3 Authority Key Identifier:
keyid:D1:91:34:2B:98:36:8A:D4:BE:83:2A:67:E3:55:DB:27:5C:8D:A3:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ZE0K5g2itS-gypn41XbJ1yNo60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e6d996-87d9-4fdc-b654-46705881b161/1/dTxU0pY0HzQ4OYyIZFnXCkPDET8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e6d996-87d9-4fdc-b654-46705881b161/1/0ZE0K5g2itS-gypn41XbJ1yNo60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:4200::/29
Signature Algorithm: sha256WithRSAEncryption
11:df:97:4a:42:72:7f:29:d9:50:66:ee:70:28:fc:2e:44:5a:
5f:62:14:9c:ce:42:8a:f4:e4:8a:f4:42:ac:8f:86:9e:18:88:
20:9f:47:04:29:9f:67:81:7a:64:e9:73:3c:0b:c2:d4:03:60:
16:59:cc:30:55:57:86:f9:ac:f0:97:0a:99:04:d6:78:97:d8:
b2:f6:c5:05:f4:70:e0:3f:3c:3c:58:dc:22:e9:fa:e3:f1:0b:
4d:50:2b:03:b4:a9:34:3d:ea:7e:44:d6:64:63:31:a8:ee:48:
3e:5e:32:1d:19:1c:34:b5:cd:8d:ad:fe:fa:a0:6f:57:67:5b:
96:88:0e:0c:0e:68:4e:39:be:37:f9:11:73:a5:8a:0d:f6:37:
03:66:3f:e3:4c:3d:21:39:ab:21:fa:98:61:3a:94:d9:80:ea:
df:27:cc:bc:e6:81:e1:2b:4b:0b:44:0b:15:e3:84:af:f3:fe:
26:03:89:69:e1:fa:c5:f1:9d:fb:61:9f:4e:e1:f2:3d:4c:26:
52:63:bc:c7:c5:23:cd:60:2f:4e:b1:31:82:15:f0:c0:1e:85:
8a:a1:3c:3d:77:1e:e2:e7:49:de:e2:4d:69:6d:4c:78:60:71:
9f:26:88:cc:19:be:cd:77:a6:0d:77:69:10:2d:a5:c5:41:45:
58:03:75:6c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxC+jethIXj0/Mi8tE/MFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxOTEzNDJiOTgzNjhhZDRiZTgzMmE2N2UzNTVkYjI3NWM4
ZGEzYWQwHhcNMjMwMTAyMDU1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTNjNTRkMjk2MzQxZjM0MzgzOThjODg2NDU5ZDcwYTQzYzMxMTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFTtUNre1Vj2n12z7COQ6iyYIpfC
iiQPlZ6VQH1emIeuVOKgt0K9XNlKiOXhw+YmDdo6TN4ad95ds7DLTmrKBXV8ed76
amoUbEPKTbyZtuAEoOb+uqsDEWSiCYnuHi3HPzpndSMWrSWRpg1+1W0Kaf1E+xwY
aglBkRSwLksxu+oDiogPuzdK2SdwC78S/lo3eeZFH9uqAqu+N25mrBN+lbH9UDjz
93z/nYnwXOQI1HsU47sCtvJ443HXKtkVpwvfaVv1goBeSkMSII0WhuxMpsEa3p7Y
5AHqtHt1BPJXRJLC9A4QsLIVpHh7Dm2nlDZ6JmCOPPeepfpN+XkH78O7hQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHU8VNKWNB80ODmMiGRZ1wpDwxE/MB8GA1UdIwQY
MBaAFNGRNCuYNorUvoMqZ+NV2ydcjaOtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFpFMEs1ZzJpdFMtZ3lwbjQxWGJKMXlObzYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lNmQ5OTYtODdkOS00ZmRjLWI2NTQt
NDY3MDU4ODFiMTYxLzEvZFR4VTBwWTBIelE0T1l5SVpGblhDa1BERVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9lNmQ5OTYtODdkOS00ZmRjLWI2NTQtNDY3MDU4ODFiMTYx
LzEvMFpFMEs1ZzJpdFMtZ3lwbjQxWGJKMXlObzYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJCADAN
BgkqhkiG9w0BAQsFAAOCAQEAEd+XSkJyfynZUGbucCj8LkRaX2IUnM5CivTkivRC
rI+GnhiIIJ9HBCmfZ4F6ZOlzPAvC1ANgFlnMMFVXhvms8JcKmQTWeJfYsvbFBfRw
4D88PFjcIun64/ELTVArA7SpND3qfkTWZGMxqO5IPl4yHRkcNLXNja3++qBvV2db
logODA5oTjm+N/kRc6WKDfY3A2Y/40w9ITmrIfqYYTqU2YDq3yfMvOaB4StLC0QL
FeOEr/P+JgOJaeH6xfGd+2GfTuHyPUwmUmO8x8UjzWAvTrExghXwwB6FiqE8PXce
4udJ3uJNaW1MeGBxnyaIzBm+zXemDXdpEC2lxUFFWAN1bA==
-----END CERTIFICATE-----
Generated at Tue Nov 7 14:04:28 2023 by rpki-client on console-ams.rpki-client.org