Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/30343a-7228-42d5-8ef1-03873f3073a7/1/ZGdNamtl8HZslKc6XXVn5u1mwnw.roa
File: ZGdNamtl8HZslKc6XXVn5u1mwnw.roa (raw, json)
Hash identifier: 0ENFqZx7nZvnpVuNAiCrFqGjJRco0AEOr7K0j9JigrE=
Subject key identifier: 64:67:4D:6A:6B:65:F0:76:6C:94:A7:3A:5D:75:67:E6:ED:66:C2:7C
Certificate issuer: /CN=6fe13471225912b9788789b05d5699a41f2a4e69
Certificate serial: 01856C0114139E9F5D193A027C7495D61EC3
Authority key identifier: 6F:E1:34:71:22:59:12:B9:78:87:89:B0:5D:56:99:A4:1F:2A:4E:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b-E0cSJZErl4h4mwXVaZpB8qTmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/30343a-7228-42d5-8ef1-03873f3073a7/1/ZGdNamtl8HZslKc6XXVn5u1mwnw.roa
Signing time: Sun 01 Jan 2023 06:24:48 +0000
ROA not before: Sun 01 Jan 2023 06:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a11:53c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:14:13:9e:9f:5d:19:3a:02:7c:74:95:d6:1e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fe13471225912b9788789b05d5699a41f2a4e69
Validity
Not Before: Jan 1 06:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64674d6a6b65f0766c94a73a5d7567e6ed66c27c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:78:52:bf:f9:a6:79:de:42:c8:b2:44:50:78:
ab:ef:1f:d6:52:bf:91:02:a3:ea:3c:9d:f8:dd:95:
69:5f:ca:c1:42:52:12:ff:39:a5:8b:91:23:17:7f:
5c:90:19:aa:1c:27:7e:f0:6b:23:d0:54:68:06:f3:
52:71:a9:04:d3:7c:f4:8c:a6:f5:ca:28:9f:44:5d:
6c:4b:c5:4b:fa:03:83:6d:32:3c:ac:ea:37:28:07:
43:d7:7e:9a:f1:df:70:e7:bb:8d:72:b8:1e:0f:7a:
83:83:47:35:94:33:e4:9c:d5:13:e8:bc:a4:34:2c:
5e:7e:f8:5e:91:d0:9a:ce:d3:aa:64:a9:f4:2c:d7:
61:09:dc:42:bf:8f:58:18:17:74:82:bb:99:ea:0a:
38:87:14:ae:b8:95:86:7c:c8:05:12:86:76:c4:81:
78:d4:e8:d8:c7:d8:22:ff:e6:ed:5e:da:01:4b:c7:
20:73:ba:bc:66:d3:3f:2f:cc:7d:7b:5d:3e:15:8a:
86:0e:c1:3a:95:39:25:4d:d6:51:95:2a:28:d7:44:
9b:02:de:10:99:3f:af:b9:a4:4e:45:95:46:8b:04:
9c:c4:32:0f:13:25:08:21:26:7f:54:40:ed:86:c1:
06:a2:27:0c:67:d5:c3:73:69:6f:63:d3:4d:63:2a:
c9:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:67:4D:6A:6B:65:F0:76:6C:94:A7:3A:5D:75:67:E6:ED:66:C2:7C
X509v3 Authority Key Identifier:
keyid:6F:E1:34:71:22:59:12:B9:78:87:89:B0:5D:56:99:A4:1F:2A:4E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b-E0cSJZErl4h4mwXVaZpB8qTmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/30343a-7228-42d5-8ef1-03873f3073a7/1/ZGdNamtl8HZslKc6XXVn5u1mwnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/30343a-7228-42d5-8ef1-03873f3073a7/1/b-E0cSJZErl4h4mwXVaZpB8qTmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:53c0::/29
Signature Algorithm: sha256WithRSAEncryption
b5:e9:12:55:d4:d5:94:a6:81:28:92:3d:3a:43:3d:38:83:52:
4a:0e:08:15:ab:5b:86:34:6e:a7:50:be:74:2f:2c:db:c8:96:
76:0e:d4:9f:a3:bb:d9:06:a2:e4:9e:17:63:d1:5f:b7:85:52:
11:6a:ca:50:02:07:9c:23:d3:1e:01:40:ee:64:14:72:31:bb:
da:e6:30:fb:fb:10:8a:d6:7f:02:15:a6:96:58:8f:1e:41:c7:
e7:ef:f1:8b:de:34:db:6d:c0:5c:0a:a9:89:d4:c9:8c:ef:07:
42:30:9e:87:00:23:71:2b:13:30:ce:82:16:85:89:18:ee:fe:
c1:ae:e5:8e:aa:3d:21:a4:fd:59:cf:2f:41:78:15:f3:58:ff:
c0:26:5d:77:1d:17:98:9c:f5:65:61:8c:0d:f7:a1:e4:cc:e1:
8f:fe:a4:84:f2:a1:45:0b:7f:25:43:84:c4:a0:d9:cd:da:82:
8c:24:60:fa:2c:d7:7a:f5:e5:d6:78:94:f8:42:29:4f:a4:b4:
1a:26:46:4b:b1:68:25:18:bd:12:bd:0a:5d:e8:fe:8f:2a:66:
d2:8f:6a:04:fe:1e:4d:28:0b:d9:ea:7d:e6:66:b5:cf:35:65:
cd:ff:ed:d9:2e:c1:c9:53:bb:7a:2f:bb:f8:68:3b:75:78:20:
04:fb:ef:b7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsARQTnp9dGToCfHSV1h7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZTEzNDcxMjI1OTEyYjk3ODg3ODliMDVkNTY5OWE0MWYy
YTRlNjkwHhcNMjMwMTAxMDYyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDY3NGQ2YTZiNjVmMDc2NmM5NGE3M2E1ZDc1NjdlNmVkNjZjMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknhSv/mmed5CyLJEUHir7x/WUr+R
AqPqPJ343ZVpX8rBQlIS/zmli5EjF39ckBmqHCd+8Gsj0FRoBvNScakE03z0jKb1
yiifRF1sS8VL+gODbTI8rOo3KAdD136a8d9w57uNcrgeD3qDg0c1lDPknNUT6Lyk
NCxefvhekdCaztOqZKn0LNdhCdxCv49YGBd0gruZ6go4hxSuuJWGfMgFEoZ2xIF4
1OjYx9gi/+btXtoBS8cgc7q8ZtM/L8x9e10+FYqGDsE6lTklTdZRlSoo10SbAt4Q
mT+vuaRORZVGiwScxDIPEyUIISZ/VEDthsEGoicMZ9XDc2lvY9NNYyrJ2QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGRnTWprZfB2bJSnOl11Z+btZsJ8MB8GA1UdIwQY
MBaAFG/hNHEiWRK5eIeJsF1WmaQfKk5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYi1FMGNTSlpFcmw0aDRtd1hWYVpwQjhxVG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8zMDM0M2EtNzIyOC00MmQ1LThlZjEt
MDM4NzNmMzA3M2E3LzEvWkdkTmFtdGw4SFpzbEtjNlhYVm41dTFtd253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8zMDM0M2EtNzIyOC00MmQ1LThlZjEtMDM4NzNmMzA3M2E3
LzEvYi1FMGNTSlpFcmw0aDRtd1hWYVpwQjhxVG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFTwDAN
BgkqhkiG9w0BAQsFAAOCAQEAtekSVdTVlKaBKJI9OkM9OINSSg4IFatbhjRup1C+
dC8s28iWdg7Un6O72Qai5J4XY9Fft4VSEWrKUAIHnCPTHgFA7mQUcjG72uYw+/sQ
itZ/AhWmlliPHkHH5+/xi940223AXAqpidTJjO8HQjCehwAjcSsTMM6CFoWJGO7+
wa7ljqo9IaT9Wc8vQXgV81j/wCZddx0XmJz1ZWGMDfeh5Mzhj/6khPKhRQt/JUOE
xKDZzdqCjCRg+izXevXl1niU+EIpT6S0GiZGS7FoJRi9Er0KXej+jypm0o9qBP4e
TSgL2ep95ma1zzVlzf/t2S7ByVO7ei+7+Gg7dXggBPvvtw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:30 2024 by rpki-client on console-fra.rpki-client.org