Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c65eae-e4ee-462a-aa56-0ce30699ad78/1/h2OPzE-FnARnJJsuUxsFCchMfck.roa
File: h2OPzE-FnARnJJsuUxsFCchMfck.roa (raw, json)
Hash identifier: eIKcHftXzFClHCLPxvAzqmZ1u1TLAwy1qpS65P4X2d8=
Subject key identifier: 87:63:8F:CC:4F:85:9C:04:67:24:9B:2E:53:1B:05:09:C8:4C:7D:C9
Certificate issuer: /CN=d3ac8e30a183155f85989e249b5eee069187fd3f
Certificate serial: AC48FE
Authority key identifier: D3:AC:8E:30:A1:83:15:5F:85:98:9E:24:9B:5E:EE:06:91:87:FD:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/06yOMKGDFV-FmJ4km17uBpGH_T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c65eae-e4ee-462a-aa56-0ce30699ad78/1/h2OPzE-FnARnJJsuUxsFCchMfck.roa
Signing time: Sat 01 Jan 2022 00:50:27 +0000
ROA not before: Sat 01 Jan 2022 00:50:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a11:d140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11290878 (0xac48fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3ac8e30a183155f85989e249b5eee069187fd3f
Validity
Not Before: Jan 1 00:50:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87638fcc4f859c0467249b2e531b0509c84c7dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c1:d6:ec:f2:18:0e:77:36:5d:67:fd:f7:28:
5f:4b:cd:15:cc:62:07:ce:a7:17:43:f4:1d:ca:98:
28:f3:8e:ed:11:32:90:62:95:38:66:0f:ce:bf:3e:
27:9b:ac:aa:38:2c:39:ea:70:1b:e9:d7:d4:62:06:
22:32:44:2c:b2:29:f0:7d:20:38:31:a4:bf:c6:44:
77:3a:f6:8c:11:30:a7:32:e9:a2:0f:50:d5:e4:ca:
8e:5f:28:c2:f3:20:d8:d2:ef:b0:ff:9d:95:ef:73:
e3:28:25:ae:7c:f9:ff:9f:30:6b:06:a8:f9:fd:27:
1f:83:9c:b6:40:d7:2e:bc:2f:65:61:eb:79:1b:87:
bd:b0:1a:09:2a:c0:86:a9:ab:f6:67:8c:ed:b4:6a:
28:8b:b6:83:f6:18:c7:79:36:19:00:c4:6e:79:c8:
6f:b6:30:fd:70:05:f3:53:c4:43:13:73:97:d0:3f:
11:0b:b7:73:5b:6c:99:74:3f:ec:0e:d0:db:ca:de:
13:a8:5f:60:3e:8c:15:f3:db:e0:40:3d:12:d1:99:
c1:f7:51:61:87:1c:6e:9a:1c:db:56:1b:0a:a0:ba:
a6:6b:e9:09:ed:b6:ac:18:75:06:f9:0c:8b:8f:9f:
8b:2a:8f:05:1c:9c:d9:55:3f:f4:4f:0e:08:17:34:
0c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:63:8F:CC:4F:85:9C:04:67:24:9B:2E:53:1B:05:09:C8:4C:7D:C9
X509v3 Authority Key Identifier:
keyid:D3:AC:8E:30:A1:83:15:5F:85:98:9E:24:9B:5E:EE:06:91:87:FD:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/06yOMKGDFV-FmJ4km17uBpGH_T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c65eae-e4ee-462a-aa56-0ce30699ad78/1/h2OPzE-FnARnJJsuUxsFCchMfck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c65eae-e4ee-462a-aa56-0ce30699ad78/1/06yOMKGDFV-FmJ4km17uBpGH_T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:d140::/29
Signature Algorithm: sha256WithRSAEncryption
76:99:26:5d:a0:85:01:35:1f:86:8d:58:c1:95:be:a1:7f:95:
3f:84:fc:f5:fb:42:77:78:65:50:74:4a:48:ec:82:ed:93:85:
64:06:4c:f5:ea:d2:7d:00:de:75:fa:5c:c6:df:d0:ab:db:aa:
34:6c:94:2e:66:67:2d:29:d6:9d:22:b2:cb:d4:3a:ea:e8:ef:
04:0c:36:f1:7e:97:4b:9b:ed:17:5a:a6:c3:36:56:fc:76:47:
10:77:53:26:e4:32:76:7f:d1:4f:7f:cf:ab:b7:7d:ef:d8:41:
fe:ed:71:0a:cd:6b:d4:0b:5f:77:6a:02:09:dc:bc:54:65:81:
01:14:68:13:22:f0:00:33:1e:6e:98:a4:d2:04:c1:a7:39:64:
8c:57:bb:7c:13:af:9f:13:01:6d:0d:eb:21:cf:92:cc:5a:23:
49:5b:66:c6:28:33:d9:8a:a6:60:25:4f:19:bc:d3:eb:a2:cd:
de:f0:3e:a3:23:4a:40:86:bb:05:dc:b0:63:ef:50:31:4f:b6:
b3:ee:a5:88:f3:d8:ed:4c:24:b7:be:bc:68:b0:08:ba:56:e6:
bf:25:0a:74:5e:c2:3e:38:8a:4a:e6:d4:3f:2c:ba:60:65:99:
5f:db:a6:6b:8e:ed:45:7e:b0:95:71:cb:e5:ff:64:c4:d7:59:
ac:dd:8b:19
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAKxI/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2FjOGUzMGExODMxNTVmODU5ODllMjQ5YjVlZWUwNjkxODdmZDNmMB4XDTIyMDEw
MTAwNTAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODc2MzhmY2M0Zjg1
OWMwNDY3MjQ5YjJlNTMxYjA1MDljODRjN2RjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrB1uzyGA53Nl1n/fcoX0vNFcxiB86nF0P0HcqYKPOO7REy
kGKVOGYPzr8+J5usqjgsOepwG+nX1GIGIjJELLIp8H0gODGkv8ZEdzr2jBEwpzLp
og9Q1eTKjl8owvMg2NLvsP+dle9z4yglrnz5/58wawao+f0nH4OctkDXLrwvZWHr
eRuHvbAaCSrAhqmr9meM7bRqKIu2g/YYx3k2GQDEbnnIb7Yw/XAF81PEQxNzl9A/
EQu3c1tsmXQ/7A7Q28reE6hfYD6MFfPb4EA9EtGZwfdRYYccbpoc21YbCqC6pmvp
Ce22rBh1BvkMi4+fiyqPBRyc2VU/9E8OCBc0DMsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSHY4/MT4WcBGckmy5TGwUJyEx9yTAfBgNVHSMEGDAWgBTTrI4woYMVX4WY
niSbXu4GkYf9PzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA2eU9NS0dERlYtRm1KNGttMTd1QnBHSF9UOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzY1ZWFlLWU0ZWUtNDYyYS1hYTU2LTBjZTMwNjk5YWQ3OC8x
L2gyT1B6RS1GbkFSbkpKc3VVeHNGQ2NoTWZjay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzY1ZWFlLWU0ZWUtNDYyYS1hYTU2LTBjZTMwNjk5YWQ3OC8xLzA2eU9NS0dERlYt
Rm1KNGttMTd1QnBHSF9UOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoR0UAwDQYJKoZIhvcNAQELBQAD
ggEBAHaZJl2ghQE1H4aNWMGVvqF/lT+E/PX7Qnd4ZVB0Skjsgu2ThWQGTPXq0n0A
3nX6XMbf0KvbqjRslC5mZy0p1p0issvUOuro7wQMNvF+l0ub7RdapsM2Vvx2RxB3
UybkMnZ/0U9/z6u3fe/YQf7tcQrNa9QLX3dqAgncvFRlgQEUaBMi8AAzHm6YpNIE
wac5ZIxXu3wTr58TAW0N6yHPksxaI0lbZsYoM9mKpmAlTxm80+uizd7wPqMjSkCG
uwXcsGPvUDFPtrPupYjz2O1MJLe+vGiwCLpW5r8lCnRewj44ikrm1D8sumBlmV/b
pmuO7UV+sJVxy+X/ZMTXWazdixk=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:27:40 2025 by rpki-client