Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/deeb1f-1f35-4c61-ab30-cbfa17e326fb/1/pd0F7yYLh6FhHq0w7ejx8POIYwY.roa
File: pd0F7yYLh6FhHq0w7ejx8POIYwY.roa (raw, json)
Hash identifier: dDQG9Ed0p1I7Fkhrr8UT9vAWsZHKM6WHdjr6rlG4S5c=
Subject key identifier: A5:DD:05:EF:26:0B:87:A1:61:1E:AD:30:ED:E8:F1:F0:F3:88:63:06
Certificate issuer: /CN=7b7645c8328f39afcdd079fa54a0ba3be78d4287
Certificate serial: 018572B41F2039A7913B418CCA92CFFB0BC2
Authority key identifier: 7B:76:45:C8:32:8F:39:AF:CD:D0:79:FA:54:A0:BA:3B:E7:8D:42:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e3ZFyDKPOa_N0Hn6VKC6O-eNQoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/deeb1f-1f35-4c61-ab30-cbfa17e326fb/1/pd0F7yYLh6FhHq0w7ejx8POIYwY.roa
Signing time: Mon 02 Jan 2023 13:38:05 +0000
ROA not before: Mon 02 Jan 2023 13:38:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a11:1ac0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:1f:20:39:a7:91:3b:41:8c:ca:92:cf:fb:0b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b7645c8328f39afcdd079fa54a0ba3be78d4287
Validity
Not Before: Jan 2 13:38:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5dd05ef260b87a1611ead30ede8f1f0f3886306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a0:49:7b:89:4b:f2:16:38:7c:9e:ab:c1:63:
d1:58:1f:09:ac:21:8d:70:1c:0e:a0:f0:64:2e:5a:
6b:d3:8e:48:b2:a2:7e:6f:d4:da:fe:ed:67:a5:e1:
e4:bd:bf:24:db:44:e7:20:41:07:a9:08:59:09:54:
3e:fc:53:f1:37:b8:64:82:bb:40:e3:ff:08:d7:70:
d4:75:04:d5:ad:49:cf:9f:8c:f1:a9:91:04:1f:6c:
1a:d4:3e:11:99:0d:e6:a7:cc:ad:30:4d:ed:37:53:
30:8c:47:07:7f:d6:f7:72:6d:b9:dc:5c:ed:a3:b8:
63:05:72:f5:92:ac:b2:1e:6c:f5:86:54:5a:f5:73:
7d:f1:24:dc:a5:ec:d4:26:57:89:65:d2:d5:e7:31:
a3:8e:b6:83:5d:b4:ea:ed:b0:95:72:ee:44:c3:49:
39:1b:29:be:1b:4e:38:a6:5d:23:b6:c4:0a:72:d4:
82:69:15:70:e7:d6:58:78:b9:27:e3:e6:50:62:c0:
ea:f5:62:49:09:c6:b0:ac:b0:9a:1d:85:5c:57:5d:
05:8e:7b:85:af:28:e9:94:a2:67:0b:6d:65:67:f1:
06:97:a1:f1:0e:5d:98:3f:02:da:90:05:67:65:75:
48:cd:2a:39:82:97:4d:4b:2a:8c:59:1e:f9:ca:59:
c8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:DD:05:EF:26:0B:87:A1:61:1E:AD:30:ED:E8:F1:F0:F3:88:63:06
X509v3 Authority Key Identifier:
keyid:7B:76:45:C8:32:8F:39:AF:CD:D0:79:FA:54:A0:BA:3B:E7:8D:42:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3ZFyDKPOa_N0Hn6VKC6O-eNQoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/deeb1f-1f35-4c61-ab30-cbfa17e326fb/1/pd0F7yYLh6FhHq0w7ejx8POIYwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/deeb1f-1f35-4c61-ab30-cbfa17e326fb/1/e3ZFyDKPOa_N0Hn6VKC6O-eNQoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1ac0::/29
Signature Algorithm: sha256WithRSAEncryption
d1:bf:dc:7c:f5:93:f8:e9:92:ee:5b:77:5a:bd:3b:7e:c0:1d:
7c:4d:d2:f8:37:c7:cb:0f:c4:62:bd:77:20:a9:e3:bd:5e:cd:
98:c0:66:4f:84:bc:69:a5:b2:13:8b:cb:e7:f0:fe:63:49:7f:
3c:1a:a8:20:9f:9e:ad:78:58:82:71:f4:23:e6:98:fd:eb:1b:
41:57:74:fc:ed:a6:0d:b7:f7:45:a1:de:4c:f4:69:ea:de:51:
ad:3a:f1:fc:11:c5:cc:0f:64:7f:f3:e5:1a:fb:d6:3c:89:fa:
bf:cd:3a:a5:9f:8f:15:ae:2f:7f:ee:09:3a:6e:ad:f3:e8:02:
44:11:99:07:2f:57:91:9e:b3:54:9a:04:a2:9e:29:1e:69:e2:
eb:f3:5b:f6:dd:7f:ac:69:5f:2d:75:e8:60:89:90:f3:ec:fd:
33:39:fd:1e:3f:97:e0:61:af:84:8c:5f:22:05:75:c8:c4:0c:
fb:fc:13:4b:af:e2:ac:fd:aa:81:49:9b:b9:bd:06:d0:99:c6:
b3:dc:cc:fd:a2:c7:ee:97:d7:15:cd:f2:49:81:46:3c:8f:8c:
64:a2:42:29:77:66:04:92:dc:a6:bf:51:e5:4a:0f:e0:4b:29:
7d:84:64:04:a1:b2:ac:91:e1:58:9a:88:65:f2:e2:e8:0e:06:
8c:b0:d5:2d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVytB8gOaeRO0GMypLP+wvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNzY0NWM4MzI4ZjM5YWZjZGQwNzlmYTU0YTBiYTNiZTc4
ZDQyODcwHhcNMjMwMTAyMTMzODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWRkMDVlZjI2MGI4N2ExNjExZWFkMzBlZGU4ZjFmMGYzODg2MzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6BJe4lL8hY4fJ6rwWPRWB8JrCGN
cBwOoPBkLlpr045IsqJ+b9Ta/u1npeHkvb8k20TnIEEHqQhZCVQ+/FPxN7hkgrtA
4/8I13DUdQTVrUnPn4zxqZEEH2wa1D4RmQ3mp8ytME3tN1MwjEcHf9b3cm253Fzt
o7hjBXL1kqyyHmz1hlRa9XN98STcpezUJleJZdLV5zGjjraDXbTq7bCVcu5Ew0k5
Gym+G044pl0jtsQKctSCaRVw59ZYeLkn4+ZQYsDq9WJJCcawrLCaHYVcV10FjnuF
ryjplKJnC21lZ/EGl6HxDl2YPwLakAVnZXVIzSo5gpdNSyqMWR75ylnIoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKXdBe8mC4ehYR6tMO3o8fDziGMGMB8GA1UdIwQY
MBaAFHt2RcgyjzmvzdB5+lSgujvnjUKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTNaRnlES1BPYV9OMEhuNlZLQzZPLWVOUW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kZWViMWYtMWYzNS00YzYxLWFiMzAt
Y2JmYTE3ZTMyNmZiLzEvcGQwRjd5WUxoNkZoSHEwdzdlang4UE9JWXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kZWViMWYtMWYzNS00YzYxLWFiMzAtY2JmYTE3ZTMyNmZi
LzEvZTNaRnlES1BPYV9OMEhuNlZLQzZPLWVOUW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhEawDAN
BgkqhkiG9w0BAQsFAAOCAQEA0b/cfPWT+OmS7lt3Wr07fsAdfE3S+DfHyw/EYr13
IKnjvV7NmMBmT4S8aaWyE4vL5/D+Y0l/PBqoIJ+erXhYgnH0I+aY/esbQVd0/O2m
Dbf3RaHeTPRp6t5RrTrx/BHFzA9kf/PlGvvWPIn6v806pZ+PFa4vf+4JOm6t8+gC
RBGZBy9XkZ6zVJoEop4pHmni6/Nb9t1/rGlfLXXoYImQ8+z9Mzn9Hj+X4GGvhIxf
IgV1yMQM+/wTS6/irP2qgUmbub0G0JnGs9zM/aLH7pfXFc3ySYFGPI+MZKJCKXdm
BJLcpr9R5UoP4EspfYRkBKGyrJHhWJqIZfLi6A4GjLDVLQ==
-----END CERTIFICATE-----
Generated at Wed Apr 23 07:26:43 2025 by rpki-client