Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/a3ef3b-57a8-42a5-b340-f93743bbb8f0/1/KEW8XecdK40rRilKfy9dw_W2hQk.roa
File: KEW8XecdK40rRilKfy9dw_W2hQk.roa (raw, json)
Hash identifier: uGP64sAgxYzVd4vSszcpgGUwFcqVEsl8+vkTv1vDWV8=
Subject key identifier: 28:45:BC:5D:E7:1D:2B:8D:2B:46:29:4A:7F:2F:5D:C3:F5:B6:85:09
Certificate issuer: /CN=6ca1bf52af2c9092cae2681ac64f8ca6cdb01594
Certificate serial: 01856D787C7B7219A929BE4002A60AB2D7A0
Authority key identifier: 6C:A1:BF:52:AF:2C:90:92:CA:E2:68:1A:C6:4F:8C:A6:CD:B0:15:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bKG_Uq8skJLK4mgaxk-Mps2wFZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/a3ef3b-57a8-42a5-b340-f93743bbb8f0/1/KEW8XecdK40rRilKfy9dw_W2hQk.roa
Signing time: Sun 01 Jan 2023 13:14:50 +0000
ROA not before: Sun 01 Jan 2023 13:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a11:8340::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:7c:7b:72:19:a9:29:be:40:02:a6:0a:b2:d7:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ca1bf52af2c9092cae2681ac64f8ca6cdb01594
Validity
Not Before: Jan 1 13:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2845bc5de71d2b8d2b46294a7f2f5dc3f5b68509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f7:d3:7d:f2:43:36:78:db:01:fc:c7:6b:eb:
24:f8:2c:9e:21:65:08:f6:85:97:1e:f8:13:ed:99:
40:f5:f7:9f:86:f1:f7:88:52:ce:d9:a8:73:1f:3e:
be:5b:20:5f:14:3f:21:ad:5d:b9:45:ad:dd:1b:51:
25:2d:ea:8a:e1:31:fc:ca:e1:eb:79:37:e9:43:cd:
f7:84:74:cd:41:9f:2c:4c:a0:87:a7:8f:ee:96:5e:
70:8f:91:70:e5:8f:a0:3f:4c:ac:e3:50:f0:0b:2f:
08:35:f9:cb:d1:08:3b:3e:26:c6:f6:8d:ec:99:ce:
6e:7e:3f:3e:ae:33:88:75:d1:c8:50:10:20:4d:a2:
51:3d:52:9b:f6:50:ea:de:55:08:c1:eb:81:b0:39:
6a:ff:25:25:4b:c7:8f:f1:22:d4:21:cb:eb:f5:c1:
91:57:c9:3e:46:44:d4:0f:15:78:4e:ea:38:3c:1e:
53:38:58:19:80:96:7c:39:ec:0c:0e:c1:23:70:56:
e9:93:f0:ab:c3:34:b1:06:f9:cb:a5:b5:10:c0:20:
cf:f8:93:52:46:45:0d:0d:3a:7b:9e:9f:58:59:23:
43:d9:c4:e9:e9:91:1a:30:64:8f:ea:fa:5f:08:df:
ef:03:d4:9e:f6:d1:1c:c2:9a:56:9a:0d:01:1a:1f:
c8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:45:BC:5D:E7:1D:2B:8D:2B:46:29:4A:7F:2F:5D:C3:F5:B6:85:09
X509v3 Authority Key Identifier:
keyid:6C:A1:BF:52:AF:2C:90:92:CA:E2:68:1A:C6:4F:8C:A6:CD:B0:15:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bKG_Uq8skJLK4mgaxk-Mps2wFZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/a3ef3b-57a8-42a5-b340-f93743bbb8f0/1/KEW8XecdK40rRilKfy9dw_W2hQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/a3ef3b-57a8-42a5-b340-f93743bbb8f0/1/bKG_Uq8skJLK4mgaxk-Mps2wFZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8340::/29
Signature Algorithm: sha256WithRSAEncryption
72:10:20:e2:9c:db:fe:38:fd:e1:9b:2f:0e:b3:fa:7d:ce:4f:
bc:11:42:42:62:fa:25:a9:0d:f8:91:87:00:e8:0b:c8:26:91:
a8:99:42:ca:e7:ce:41:99:fd:40:d3:19:48:8f:1b:12:55:a1:
d5:ec:eb:a8:fb:ba:c4:82:8f:17:b8:b4:68:b2:16:05:8c:c8:
64:d7:ae:68:fd:af:38:f1:99:b1:89:3e:16:e2:23:79:ff:bc:
97:6d:8f:f5:bc:c2:7c:43:e2:61:97:83:7e:23:1a:8b:fa:97:
3c:23:aa:0b:86:e8:b8:6f:16:67:d1:02:22:ca:24:10:f7:87:
42:fc:83:b6:94:c0:f8:e0:e6:14:fb:66:b0:76:16:37:99:15:
01:d5:2c:f0:d4:75:40:34:cd:e8:67:bc:b7:b6:52:f0:41:d9:
8e:f5:23:fe:11:7d:f1:de:09:21:cc:87:25:2f:51:32:b8:24:
aa:87:ac:e4:b2:a4:4b:0c:22:20:14:3c:fd:80:ee:02:b9:62:
6d:cf:da:e3:01:62:af:2e:62:d9:61:d2:4b:b1:4b:22:6c:2b:
8d:a0:6d:f5:47:78:a3:b0:99:fa:38:17:4f:ab:dc:bb:05:bd:
bb:81:8b:1f:36:e4:da:ca:af:30:a7:fb:d8:97:03:e8:93:0e:
84:7c:e3:32
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVteHx7chmpKb5AAqYKstegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYTFiZjUyYWYyYzkwOTJjYWUyNjgxYWM2NGY4Y2E2Y2Ri
MDE1OTQwHhcNMjMwMTAxMTMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODQ1YmM1ZGU3MWQyYjhkMmI0NjI5NGE3ZjJmNWRjM2Y1YjY4NTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPfTffJDNnjbAfzHa+sk+CyeIWUI
9oWXHvgT7ZlA9fefhvH3iFLO2ahzHz6+WyBfFD8hrV25Ra3dG1ElLeqK4TH8yuHr
eTfpQ833hHTNQZ8sTKCHp4/ull5wj5Fw5Y+gP0ys41DwCy8INfnL0Qg7PibG9o3s
mc5ufj8+rjOIddHIUBAgTaJRPVKb9lDq3lUIweuBsDlq/yUlS8eP8SLUIcvr9cGR
V8k+RkTUDxV4Tuo4PB5TOFgZgJZ8OewMDsEjcFbpk/CrwzSxBvnLpbUQwCDP+JNS
RkUNDTp7np9YWSND2cTp6ZEaMGSP6vpfCN/vA9Se9tEcwppWmg0BGh/IqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFChFvF3nHSuNK0YpSn8vXcP1toUJMB8GA1UdIwQY
MBaAFGyhv1KvLJCSyuJoGsZPjKbNsBWUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYktHX1VxOHNrSkxLNG1nYXhrLU1wczJ3RlpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hM2VmM2ItNTdhOC00MmE1LWIzNDAt
ZjkzNzQzYmJiOGYwLzEvS0VXOFhlY2RLNDByUmlsS2Z5OWR3X1cyaFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hM2VmM2ItNTdhOC00MmE1LWIzNDAtZjkzNzQzYmJiOGYw
LzEvYktHX1VxOHNrSkxLNG1nYXhrLU1wczJ3RlpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGDQDAN
BgkqhkiG9w0BAQsFAAOCAQEAchAg4pzb/jj94ZsvDrP6fc5PvBFCQmL6JakN+JGH
AOgLyCaRqJlCyufOQZn9QNMZSI8bElWh1ezrqPu6xIKPF7i0aLIWBYzIZNeuaP2v
OPGZsYk+FuIjef+8l22P9bzCfEPiYZeDfiMai/qXPCOqC4bouG8WZ9ECIsokEPeH
QvyDtpTA+ODmFPtmsHYWN5kVAdUs8NR1QDTN6Ge8t7ZS8EHZjvUj/hF98d4JIcyH
JS9RMrgkqoes5LKkSwwiIBQ8/YDuArlibc/a4wFiry5i2WHSS7FLImwrjaBt9Ud4
o7CZ+jgXT6vcuwW9u4GLHzbk2sqvMKf72JcD6JMOhHzjMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:03 2024 by rpki-client on console-fra.rpki-client.org