Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/7b4ecd-10d3-46a7-a298-a93ee85cb782/1/Kv1sarX86OoE39ioWAGvCruily8.roa
File: Kv1sarX86OoE39ioWAGvCruily8.roa (raw, json)
Hash identifier: 5l8hgpo3Z+PSyg2Et0fwrFXN9jo/ZUo3n1YQqOXamzA=
Subject key identifier: 2A:FD:6C:6A:B5:FC:E8:EA:04:DF:D8:A8:58:01:AF:0A:BB:A2:97:2F
Certificate issuer: /CN=532c801f4c8502937218368b4e65d0e463d7c9b9
Certificate serial: 018432C793B5EE6FEE460735C6DA77F2DAFB
Authority key identifier: 53:2C:80:1F:4C:85:02:93:72:18:36:8B:4E:65:D0:E4:63:D7:C9:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyyAH0yFApNyGDaLTmXQ5GPXybk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/7b4ecd-10d3-46a7-a298-a93ee85cb782/1/Kv1sarX86OoE39ioWAGvCruily8.roa
Signing time: Tue 01 Nov 2022 10:40:50 +0000
ROA not before: Tue 01 Nov 2022 10:40:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a11:80::/29 maxlen: 29
2a11:86::/32 maxlen: 32
2a11:84::/32 maxlen: 32
2a11:82::/32 maxlen: 32
2a11:80::/32 maxlen: 32
2a11:83::/32 maxlen: 32
2a11:87::/32 maxlen: 32
2a11:85::/32 maxlen: 32
2a11:81::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:c7:93:b5:ee:6f:ee:46:07:35:c6:da:77:f2:da:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=532c801f4c8502937218368b4e65d0e463d7c9b9
Validity
Not Before: Nov 1 10:40:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2afd6c6ab5fce8ea04dfd8a85801af0abba2972f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b6:4e:70:c0:e7:bb:19:7e:c3:5e:ea:92:d3:
53:20:5a:e2:7f:7c:59:72:55:46:9b:6c:08:fd:c9:
20:61:ad:36:3a:45:fd:dd:a9:aa:87:6e:56:20:74:
cf:5f:e7:9f:57:24:ed:0b:14:78:c1:a0:be:9e:b5:
20:41:88:dc:4a:c7:87:b2:52:b2:cc:bf:9b:16:6a:
31:68:df:19:02:b1:01:a5:4a:f3:30:84:4c:e2:bd:
32:4b:68:1d:c4:94:2c:f0:39:20:11:e0:78:f3:72:
cd:cc:bc:74:1b:2f:f0:9a:7f:78:59:ed:ee:0a:6a:
c9:b3:42:82:9b:4f:85:47:a8:c2:df:92:25:b4:ea:
52:29:f2:0e:e6:2f:a6:d2:de:c3:1c:15:ec:f5:25:
80:37:59:97:2d:1c:06:67:bc:6b:20:61:a2:fc:cb:
9b:78:35:8e:2e:ef:dc:43:93:91:27:84:9e:2c:40:
6f:44:b0:1b:ed:d5:57:da:13:b1:6b:6f:63:04:ac:
03:d1:6d:bb:b9:59:29:ca:c0:05:a0:3e:5f:6b:69:
3a:73:54:5a:79:a9:02:85:04:c2:74:e8:63:e5:88:
6e:e1:a0:c7:ac:34:42:35:b0:ba:18:21:b6:59:5f:
30:99:b9:5c:a7:03:09:cf:8e:39:74:51:da:f4:0c:
35:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FD:6C:6A:B5:FC:E8:EA:04:DF:D8:A8:58:01:AF:0A:BB:A2:97:2F
X509v3 Authority Key Identifier:
keyid:53:2C:80:1F:4C:85:02:93:72:18:36:8B:4E:65:D0:E4:63:D7:C9:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyyAH0yFApNyGDaLTmXQ5GPXybk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/7b4ecd-10d3-46a7-a298-a93ee85cb782/1/Kv1sarX86OoE39ioWAGvCruily8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/7b4ecd-10d3-46a7-a298-a93ee85cb782/1/UyyAH0yFApNyGDaLTmXQ5GPXybk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:80::/29
Signature Algorithm: sha256WithRSAEncryption
af:8d:cf:34:a6:01:38:c9:00:59:5d:e6:89:f3:4d:b7:a8:d9:
57:ea:dc:21:6a:72:90:37:f3:1d:cf:19:b3:b8:b1:79:e8:ea:
9e:67:c5:9f:86:02:a1:cf:ba:98:04:97:ca:f6:e2:93:19:1d:
63:d3:80:ff:62:fd:5b:41:b8:3a:27:18:6e:59:c6:69:e5:b7:
d9:22:99:f8:ca:51:dc:f4:3e:7d:36:f7:5b:f6:09:5a:b7:d4:
99:29:2c:fa:05:85:a5:8d:9f:80:3e:56:f3:aa:82:cd:20:ba:
18:ce:c4:49:66:d2:89:95:d5:ef:56:23:9c:7c:a3:e6:e9:39:
e7:d3:3d:41:9d:bc:83:b5:6a:d7:58:21:08:4b:0a:85:61:c2:
12:cd:a5:d9:fa:ce:ee:4e:22:99:d3:98:64:df:a9:19:39:3e:
f9:36:5d:46:43:fb:fb:19:80:a0:3c:e4:bc:c7:b1:2d:4d:60:
59:ed:88:46:9b:d4:92:5e:33:16:29:70:8f:ff:7b:ce:a2:31:
8d:b7:89:17:4e:b8:2a:e8:dd:21:f3:11:5f:0c:5c:67:bf:a6:
dd:08:94:ce:c9:ef:b6:4d:36:bf:47:aa:14:c7:81:fa:e7:9c:
48:8c:60:70:6d:20:0c:92:09:74:f9:9b:d7:6b:cf:7c:e2:b1:
5f:d5:7a:cc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYQyx5O17m/uRgc1xtp38tr7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMmM4MDFmNGM4NTAyOTM3MjE4MzY4YjRlNjVkMGU0NjNk
N2M5YjkwHhcNMjIxMTAxMTA0MDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWZkNmM2YWI1ZmNlOGVhMDRkZmQ4YTg1ODAxYWYwYWJiYTI5NzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbZOcMDnuxl+w17qktNTIFrif3xZ
clVGm2wI/ckgYa02OkX93amqh25WIHTPX+efVyTtCxR4waC+nrUgQYjcSseHslKy
zL+bFmoxaN8ZArEBpUrzMIRM4r0yS2gdxJQs8DkgEeB483LNzLx0Gy/wmn94We3u
CmrJs0KCm0+FR6jC35IltOpSKfIO5i+m0t7DHBXs9SWAN1mXLRwGZ7xrIGGi/Mub
eDWOLu/cQ5ORJ4SeLEBvRLAb7dVX2hOxa29jBKwD0W27uVkpysAFoD5fa2k6c1Ra
eakChQTCdOhj5Yhu4aDHrDRCNbC6GCG2WV8wmblcpwMJz445dFHa9Aw18wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCr9bGq1/OjqBN/YqFgBrwq7opcvMB8GA1UdIwQY
MBaAFFMsgB9MhQKTchg2i05l0ORj18m5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXl5QUgweUZBcE55R0RhTFRtWFE1R1BYeWJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC83YjRlY2QtMTBkMy00NmE3LWEyOTgt
YTkzZWU4NWNiNzgyLzEvS3Yxc2FyWDg2T29FMzlpb1dBR3ZDcnVpbHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC83YjRlY2QtMTBkMy00NmE3LWEyOTgtYTkzZWU4NWNiNzgy
LzEvVXl5QUgweUZBcE55R0RhTFRtWFE1R1BYeWJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhEAgDAN
BgkqhkiG9w0BAQsFAAOCAQEAr43PNKYBOMkAWV3mifNNt6jZV+rcIWpykDfzHc8Z
s7ixeejqnmfFn4YCoc+6mASXyvbikxkdY9OA/2L9W0G4OicYblnGaeW32SKZ+MpR
3PQ+fTb3W/YJWrfUmSks+gWFpY2fgD5W86qCzSC6GM7ESWbSiZXV71YjnHyj5uk5
59M9QZ28g7Vq11ghCEsKhWHCEs2l2frO7k4imdOYZN+pGTk++TZdRkP7+xmAoDzk
vMexLU1gWe2IRpvUkl4zFilwj/97zqIxjbeJF064KujdIfMRXwxcZ7+m3QiUzsnv
tk02v0eqFMeB+uecSIxgcG0gDJIJdPmb12vPfOKxX9V6zA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:11 2025 by rpki-client