Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/4d2d90-04bb-44dd-ab1b-2a9db942adb7/1/CapXT69USfDAtvoWBOuhiSa51cQ.roa
File: CapXT69USfDAtvoWBOuhiSa51cQ.roa (raw, json)
Hash identifier: 6ip3hgngklPXl+kDMus8sGU+VYsxOaSDSlEBy61Hhtk=
Subject key identifier: 09:AA:57:4F:AF:54:49:F0:C0:B6:FA:16:04:EB:A1:89:26:B9:D5:C4
Certificate issuer: /CN=6d4fc7125c4350892c04de89a673de118c8a4e91
Certificate serial: 018571FA3DFE724CB7D968422BB4BF08CD9F
Authority key identifier: 6D:4F:C7:12:5C:43:50:89:2C:04:DE:89:A6:73:DE:11:8C:8A:4E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bU_HElxDUIksBN6JpnPeEYyKTpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/4d2d90-04bb-44dd-ab1b-2a9db942adb7/1/CapXT69USfDAtvoWBOuhiSa51cQ.roa
Signing time: Mon 02 Jan 2023 10:15:03 +0000
ROA not before: Mon 02 Jan 2023 10:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34734
IP address blocks: 2a11:3880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:3d:fe:72:4c:b7:d9:68:42:2b:b4:bf:08:cd:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d4fc7125c4350892c04de89a673de118c8a4e91
Validity
Not Before: Jan 2 10:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09aa574faf5449f0c0b6fa1604eba18926b9d5c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b7:7d:d2:0d:86:17:9d:17:92:b1:1c:fa:45:
62:c8:ee:6d:64:17:8a:66:54:c0:15:1d:83:29:21:
cc:d6:6b:b6:9c:f2:85:d5:59:2f:91:7e:bd:c8:86:
36:05:82:8e:f9:de:64:81:99:02:f7:a5:7c:6a:18:
9f:fc:09:f9:d9:07:ca:da:ca:ea:ef:b6:5f:58:0e:
f8:61:ba:0a:bd:62:72:f5:ba:f6:66:fa:b3:f1:d5:
c5:19:bd:df:c4:19:69:97:72:87:6e:aa:47:61:b6:
07:0f:47:09:66:58:9d:b0:4e:82:a6:b7:0d:ba:38:
67:bb:36:da:05:a9:a9:e5:d0:c2:82:5b:c7:51:b1:
4e:5a:90:e6:88:fb:b0:d8:36:af:52:5f:fb:dc:f7:
67:d4:7c:19:cd:dd:04:84:a6:c5:ba:82:b3:d7:31:
82:ca:58:49:48:89:57:e9:30:15:4d:bf:33:6c:78:
5b:49:47:cf:a5:e8:f0:ba:e4:d3:43:f2:9c:2b:7a:
43:45:7e:81:8a:ea:b8:23:e5:82:7e:7a:c7:5e:79:
ed:aa:ba:91:65:98:f1:c6:aa:0f:73:45:a0:99:07:
9e:83:f0:3d:80:97:95:1d:f7:5c:dc:43:ef:9e:1d:
ca:eb:e2:fa:11:df:a1:95:1f:4c:04:4c:09:2c:af:
68:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:AA:57:4F:AF:54:49:F0:C0:B6:FA:16:04:EB:A1:89:26:B9:D5:C4
X509v3 Authority Key Identifier:
keyid:6D:4F:C7:12:5C:43:50:89:2C:04:DE:89:A6:73:DE:11:8C:8A:4E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bU_HElxDUIksBN6JpnPeEYyKTpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4d2d90-04bb-44dd-ab1b-2a9db942adb7/1/CapXT69USfDAtvoWBOuhiSa51cQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4d2d90-04bb-44dd-ab1b-2a9db942adb7/1/bU_HElxDUIksBN6JpnPeEYyKTpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3880::/29
Signature Algorithm: sha256WithRSAEncryption
60:58:39:e3:9b:5d:ed:29:8f:21:11:76:3f:cd:be:64:08:20:
c3:8b:b5:bc:a6:7c:11:84:d7:bf:38:9e:30:72:70:66:cd:15:
47:a6:0d:2d:43:a7:77:64:c7:27:57:da:c6:22:55:f3:be:c6:
5a:2f:a8:87:25:b4:e6:f1:86:b8:76:aa:85:74:d5:11:40:36:
8f:71:a5:e8:7d:d2:a7:e1:b3:d1:16:98:08:f6:0b:56:fe:52:
75:6c:1e:6f:51:8d:5e:d6:4e:12:c3:03:f7:f4:4c:a4:fe:1b:
f8:7e:0f:8b:0a:8d:d3:e9:d4:ef:ae:29:ca:40:a5:ec:a4:58:
22:0a:b8:ea:51:31:5e:f2:57:91:2e:7c:45:81:0e:b2:ec:4d:
97:fc:cc:0a:57:86:6f:d3:16:de:c4:ab:c3:d6:8c:4e:a5:c2:
ba:8d:28:6a:5c:bd:cb:3e:67:97:f3:e9:28:ee:81:2d:2d:8a:
3e:34:c9:4e:da:47:15:30:04:e8:34:26:82:80:47:c1:07:b1:
89:d6:23:62:7d:99:3c:d3:12:42:ef:c0:ee:23:30:7a:35:c4:
cd:01:a4:64:88:22:22:74:2f:36:05:16:6e:2f:aa:78:38:7b:
40:f9:4a:ea:9a:6d:e9:22:74:99:1f:d0:11:b7:8d:7e:93:b0:
b4:da:ba:9f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVx+j3+cky32WhCK7S/CM2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNGZjNzEyNWM0MzUwODkyYzA0ZGU4OWE2NzNkZTExOGM4
YTRlOTEwHhcNMjMwMTAyMTAxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWFhNTc0ZmFmNTQ0OWYwYzBiNmZhMTYwNGViYTE4OTI2YjlkNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ld90g2GF50XkrEc+kViyO5tZBeK
ZlTAFR2DKSHM1mu2nPKF1VkvkX69yIY2BYKO+d5kgZkC96V8ahif/An52QfK2srq
77ZfWA74YboKvWJy9br2Zvqz8dXFGb3fxBlpl3KHbqpHYbYHD0cJZlidsE6CprcN
ujhnuzbaBamp5dDCglvHUbFOWpDmiPuw2DavUl/73Pdn1HwZzd0EhKbFuoKz1zGC
ylhJSIlX6TAVTb8zbHhbSUfPpejwuuTTQ/KcK3pDRX6Biuq4I+WCfnrHXnntqrqR
ZZjxxqoPc0WgmQeeg/A9gJeVHfdc3EPvnh3K6+L6Ed+hlR9MBEwJLK9o3wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAmqV0+vVEnwwLb6FgTroYkmudXEMB8GA1UdIwQY
MBaAFG1PxxJcQ1CJLATeiaZz3hGMik6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlVfSEVseERVSWtzQk42SnBuUGVFWXlLVHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80ZDJkOTAtMDRiYi00NGRkLWFiMWIt
MmE5ZGI5NDJhZGI3LzEvQ2FwWFQ2OVVTZkRBdHZvV0JPdWhpU2E1MWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80ZDJkOTAtMDRiYi00NGRkLWFiMWItMmE5ZGI5NDJhZGI3
LzEvYlVfSEVseERVSWtzQk42SnBuUGVFWXlLVHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhE4gDAN
BgkqhkiG9w0BAQsFAAOCAQEAYFg545td7SmPIRF2P82+ZAggw4u1vKZ8EYTXvzie
MHJwZs0VR6YNLUOnd2THJ1faxiJV877GWi+ohyW05vGGuHaqhXTVEUA2j3Gl6H3S
p+Gz0RaYCPYLVv5SdWweb1GNXtZOEsMD9/RMpP4b+H4PiwqN0+nU764pykCl7KRY
Igq46lExXvJXkS58RYEOsuxNl/zMCleGb9MW3sSrw9aMTqXCuo0oaly9yz5nl/Pp
KO6BLS2KPjTJTtpHFTAE6DQmgoBHwQexidYjYn2ZPNMSQu/A7iMwejXEzQGkZIgi
InQvNgUWbi+qeDh7QPlK6ppt6SJ0mR/QEbeNfpOwtNq6nw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:29 2023 by rpki-client on console-ams.rpki-client.org