Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/3cKHleXXt6N8N4-epesG-EVH5qU.roa
File: 3cKHleXXt6N8N4-epesG-EVH5qU.roa (raw, json)
Hash identifier: MBniWloaD18JEgDJ0YWoeKD3v01CBWgo7hOAhntn3YY=
Subject key identifier: DD:C2:87:95:E5:D7:B7:A3:7C:37:8F:9E:A5:EB:06:F8:45:47:E6:A5
Certificate issuer: /CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Certificate serial: 01856E6FA138A46D07544F3C53DAF773A2DB
Authority key identifier: 3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/3cKHleXXt6N8N4-epesG-EVH5qU.roa
Signing time: Sun 01 Jan 2023 17:44:47 +0000
ROA not before: Sun 01 Jan 2023 17:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21371
IP address blocks: 2a03:6c80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:a1:38:a4:6d:07:54:4f:3c:53:da:f7:73:a2:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Validity
Not Before: Jan 1 17:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddc28795e5d7b7a37c378f9ea5eb06f84547e6a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6e:81:e4:28:79:52:20:6f:da:a7:13:99:5d:
c8:a6:28:4e:57:37:b0:8c:12:86:e5:d7:98:af:17:
b5:40:18:c3:42:89:be:ea:e5:be:0b:04:97:75:7e:
6d:3c:2f:47:00:32:36:0b:4c:c3:bd:76:99:68:a2:
61:0d:8b:f6:b9:ba:d3:4c:4e:c5:cf:f9:d5:b1:ff:
60:50:50:3d:9b:b8:29:dd:f1:27:89:78:31:09:09:
75:7d:4f:cf:d0:ec:a5:b1:9f:e2:fc:0e:e1:84:4c:
38:93:e2:c6:b3:e9:58:5f:b2:c2:f3:c4:17:c2:77:
87:bc:a5:7f:4d:13:f7:83:2f:ae:56:f1:52:cb:55:
60:09:7e:69:c1:a0:ae:34:83:63:61:25:a9:0c:43:
57:d6:e6:8c:5c:3f:32:38:58:af:cb:6e:11:8d:41:
20:92:a1:71:e1:4f:4b:e9:6f:c6:49:ac:e1:f4:74:
5d:a1:42:2c:47:09:1a:3f:db:d1:fa:72:14:ea:f1:
75:90:8a:8d:c0:85:07:22:e9:63:68:19:f4:34:cc:
f8:cd:00:02:d5:a8:31:f2:1b:4b:47:8f:cc:7e:a7:
82:88:7d:01:bb:b2:a6:1f:09:9d:b3:4f:0e:f6:38:
f7:ee:ca:df:cb:b2:13:b3:3a:3e:38:a1:bb:d3:90:
23:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C2:87:95:E5:D7:B7:A3:7C:37:8F:9E:A5:EB:06:F8:45:47:E6:A5
X509v3 Authority Key Identifier:
keyid:3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/3cKHleXXt6N8N4-epesG-EVH5qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:6c80::/32
Signature Algorithm: sha256WithRSAEncryption
4d:d0:60:6f:3d:01:78:50:95:48:b7:3a:5a:7d:2d:47:a3:57:
c1:c0:0f:c0:4a:b9:e8:26:86:1e:1e:03:55:72:b3:52:3d:2b:
65:e3:bd:f9:6f:4e:5a:5d:fb:9e:05:a4:68:f2:5f:2f:b7:57:
aa:67:7a:92:90:70:50:e0:af:f6:76:ef:15:fe:7d:b2:b7:b4:
2b:3e:e3:94:25:98:ee:db:72:77:df:e8:57:3c:af:b6:b9:e5:
3e:02:23:a2:ee:fa:f3:2a:4c:94:03:e6:a1:2f:e8:01:21:85:
b0:40:da:dc:31:ad:51:06:75:95:8f:65:8e:98:1a:5a:11:7b:
f2:ef:e9:ec:da:de:b7:88:0d:2a:b5:ab:4c:b1:ba:fc:a0:f1:
b6:84:c9:ee:4c:33:fe:41:6f:b2:af:d3:a5:f6:9a:a2:e7:b3:
cd:ac:ed:06:11:ef:85:e0:d0:68:60:21:de:00:dd:2b:88:74:
10:f6:3e:6d:5d:15:6b:b0:bf:09:66:88:cd:79:ba:2c:9b:46:
4b:62:62:8f:4f:d8:c6:4c:0d:9f:69:54:76:37:5a:6c:a0:6a:
8c:76:ed:34:ea:db:7a:3d:c0:e8:f9:e9:6f:50:9b:cc:9f:ae:
00:90:27:11:d1:db:89:82:3c:9d:5d:41:75:da:0c:64:51:61:
ad:19:e2:32
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVub6E4pG0HVE88U9r3c6LbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzUwYmE4MmYzZmViNWFlZTI4OTM4ZmJmMWIwOWMxZTJm
ZDE5YjQwHhcNMjMwMTAxMTc0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGMyODc5NWU1ZDdiN2EzN2MzNzhmOWVhNWViMDZmODQ1NDdlNmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj26B5Ch5UiBv2qcTmV3IpihOVzew
jBKG5deYrxe1QBjDQom+6uW+CwSXdX5tPC9HADI2C0zDvXaZaKJhDYv2ubrTTE7F
z/nVsf9gUFA9m7gp3fEniXgxCQl1fU/P0OylsZ/i/A7hhEw4k+LGs+lYX7LC88QX
wneHvKV/TRP3gy+uVvFSy1VgCX5pwaCuNINjYSWpDENX1uaMXD8yOFivy24RjUEg
kqFx4U9L6W/GSazh9HRdoUIsRwkaP9vR+nIU6vF1kIqNwIUHIuljaBn0NMz4zQAC
1agx8htLR4/MfqeCiH0Bu7KmHwmds08O9jj37srfy7ITszo+OKG705Aj6wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN3Ch5Xl17ejfDePnqXrBvhFR+alMB8GA1UdIwQY
MBaAFDw1C6gvP+ta7iiTj78bCcHi/Rm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEt
NjFiNzkwMmVlMjA0LzEvM2NLSGxlWFh0Nk44TjQtZXBlc0ctRVZINXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEtNjFiNzkwMmVlMjA0
LzEvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgNsgDAN
BgkqhkiG9w0BAQsFAAOCAQEATdBgbz0BeFCVSLc6Wn0tR6NXwcAPwEq56CaGHh4D
VXKzUj0rZeO9+W9OWl37ngWkaPJfL7dXqmd6kpBwUOCv9nbvFf59sre0Kz7jlCWY
7ttyd9/oVzyvtrnlPgIjou768ypMlAPmoS/oASGFsEDa3DGtUQZ1lY9ljpgaWhF7
8u/p7Nret4gNKrWrTLG6/KDxtoTJ7kwz/kFvsq/TpfaaouezzaztBhHvheDQaGAh
3gDdK4h0EPY+bV0Va7C/CWaIzXm6LJtGS2Jij0/YxkwNn2lUdjdabKBqjHbtNOrb
ej3A6Pnpb1CbzJ+uAJAnEdHbiYI8nV1BddoMZFFhrRniMg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:35 2025 by rpki-client