Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/ndW8EjXpJ0lfS2c4JPkLdXH-LYM.roa
File: ndW8EjXpJ0lfS2c4JPkLdXH-LYM.roa (raw, json)
Hash identifier: XydlZBjmcEwfzGM622J9b4nyREwCOq8bbxbkQQpo298=
Subject key identifier: 9D:D5:BC:12:35:E9:27:49:5F:4B:67:38:24:F9:0B:75:71:FE:2D:83
Certificate issuer: /CN=3b11583aca1e8059fd31e267e8302d0c2fe008d6
Certificate serial: 01856D01856F771AB8BEF367426D18DD27C3
Authority key identifier: 3B:11:58:3A:CA:1E:80:59:FD:31:E2:67:E8:30:2D:0C:2F:E0:08:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OxFYOsoegFn9MeJn6DAtDC_gCNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/ndW8EjXpJ0lfS2c4JPkLdXH-LYM.roa
Signing time: Sun 01 Jan 2023 11:04:54 +0000
ROA not before: Sun 01 Jan 2023 11:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59771
IP address blocks: 2a00:1560:d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:85:6f:77:1a:b8:be:f3:67:42:6d:18:dd:27:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b11583aca1e8059fd31e267e8302d0c2fe008d6
Validity
Not Before: Jan 1 11:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dd5bc1235e927495f4b673824f90b7571fe2d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f8:7e:d1:33:9a:7b:cf:1b:60:32:d2:db:62:
cf:80:8e:85:18:3a:b7:04:7a:28:87:34:3b:82:c5:
f3:50:50:da:59:99:b6:ac:11:f8:4f:ed:20:13:f9:
9e:99:2e:e6:f1:a1:a3:30:cd:1e:63:13:71:cb:f7:
f0:4a:5d:fd:1a:a6:a2:9a:79:fe:aa:97:d6:4b:5b:
a4:03:14:3d:b5:36:45:22:0f:bb:89:53:c0:e5:b1:
97:df:7a:47:0d:5f:86:28:23:d2:58:e3:6e:a7:40:
2c:55:97:24:bb:36:ef:2a:bd:70:f5:20:c1:fb:49:
00:58:95:a0:7f:c6:7d:f9:4d:38:d4:83:5b:7d:f1:
3d:e5:cb:65:26:5a:7d:5a:e1:44:f2:76:35:fc:02:
e5:a1:26:b9:87:9d:ae:26:27:1c:35:4a:85:55:05:
fd:d7:70:c7:5b:e7:c5:0f:0c:f6:70:6d:27:30:38:
6a:78:98:36:65:44:9a:e7:12:3c:7a:fa:b5:f8:18:
37:10:40:0f:05:1f:41:a8:32:49:f5:ad:7b:7b:a5:
a1:db:b6:9a:6a:ae:e3:f6:d5:26:6b:11:cd:45:6d:
04:dc:89:c3:ab:7c:ed:41:f2:fe:67:a2:5d:a0:ec:
18:a0:96:48:e3:54:d4:39:86:ec:09:73:4d:b6:8e:
11:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D5:BC:12:35:E9:27:49:5F:4B:67:38:24:F9:0B:75:71:FE:2D:83
X509v3 Authority Key Identifier:
keyid:3B:11:58:3A:CA:1E:80:59:FD:31:E2:67:E8:30:2D:0C:2F:E0:08:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OxFYOsoegFn9MeJn6DAtDC_gCNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/ndW8EjXpJ0lfS2c4JPkLdXH-LYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/OxFYOsoegFn9MeJn6DAtDC_gCNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1560:d::/48
Signature Algorithm: sha256WithRSAEncryption
56:59:f1:9d:90:87:db:fb:ac:4e:ac:bc:68:83:d8:1a:b9:77:
3e:93:ae:86:d6:40:40:d3:f5:58:3d:41:5f:ec:20:0b:d7:1c:
d5:30:08:de:aa:2a:d4:7a:f0:5f:62:5c:d0:73:87:81:18:ba:
86:a9:d3:ba:c0:38:90:37:4a:ec:79:c9:b8:7b:73:15:85:02:
59:fb:ed:71:9b:ca:95:c7:9a:96:2b:2d:a4:4e:b8:0b:d9:55:
90:e0:7d:77:16:8d:bd:fa:1f:e3:b6:ed:70:39:13:d5:b6:64:
de:00:36:9a:28:39:20:dc:2b:7f:9b:71:69:15:1e:3b:60:c3:
ec:77:f4:4f:25:c8:b5:33:d2:b6:1a:32:dd:f8:2e:ea:61:ed:
25:fb:82:ce:86:e2:d8:07:3e:16:d7:09:c8:94:5b:d2:44:cb:
4c:5b:97:75:51:a3:01:9a:6a:66:84:80:be:09:2f:8a:21:cc:
81:ec:8c:e1:9d:0e:67:ea:d8:45:eb:ed:0f:54:a5:c2:1a:95:
95:71:ae:c6:3a:98:35:21:60:d6:c1:4f:80:ae:a2:5a:c8:74:
af:1f:96:80:66:85:2f:da:5d:c1:47:66:40:cb:ad:8f:61:99:
b6:bb:1c:6e:af:d6:26:cf:4f:19:73:f6:6a:bb:49:b5:a0:ea:
3a:1b:91:a1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtAYVvdxq4vvNnQm0Y3SfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMTE1ODNhY2ExZTgwNTlmZDMxZTI2N2U4MzAyZDBjMmZl
MDA4ZDYwHhcNMjMwMTAxMTEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQ1YmMxMjM1ZTkyNzQ5NWY0YjY3MzgyNGY5MGI3NTcxZmUyZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfh+0TOae88bYDLS22LPgI6FGDq3
BHoohzQ7gsXzUFDaWZm2rBH4T+0gE/memS7m8aGjMM0eYxNxy/fwSl39Gqaimnn+
qpfWS1ukAxQ9tTZFIg+7iVPA5bGX33pHDV+GKCPSWONup0AsVZckuzbvKr1w9SDB
+0kAWJWgf8Z9+U041INbffE95ctlJlp9WuFE8nY1/ALloSa5h52uJiccNUqFVQX9
13DHW+fFDwz2cG0nMDhqeJg2ZUSa5xI8evq1+Bg3EEAPBR9BqDJJ9a17e6Wh27aa
aq7j9tUmaxHNRW0E3InDq3ztQfL+Z6JdoOwYoJZI41TUOYbsCXNNto4RgwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ3VvBI16SdJX0tnOCT5C3Vx/i2DMB8GA1UdIwQY
MBaAFDsRWDrKHoBZ/THiZ+gwLQwv4AjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3hGWU9zb2VnRm45TWVKbjZEQXREQ19nQ05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mM2ViY2UtOTYwOC00MTgwLWE4OTEt
ZGNlMGQwYWU2NzAzLzEvbmRXOEVqWHBKMGxmUzJjNEpQa0xkWEgtTFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mM2ViY2UtOTYwOC00MTgwLWE4OTEtZGNlMGQwYWU2NzAz
LzEvT3hGWU9zb2VnRm45TWVKbjZEQXREQ19nQ05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAVYAAN
MA0GCSqGSIb3DQEBCwUAA4IBAQBWWfGdkIfb+6xOrLxog9gauXc+k66G1kBA0/VY
PUFf7CAL1xzVMAjeqirUevBfYlzQc4eBGLqGqdO6wDiQN0rsecm4e3MVhQJZ++1x
m8qVx5qWKy2kTrgL2VWQ4H13Fo29+h/jtu1wORPVtmTeADaaKDkg3Ct/m3FpFR47
YMPsd/RPJci1M9K2GjLd+C7qYe0l+4LOhuLYBz4W1wnIlFvSRMtMW5d1UaMBmmpm
hIC+CS+KIcyB7IzhnQ5n6thF6+0PVKXCGpWVca7GOpg1IWDWwU+ArqJayHSvH5aA
ZoUv2l3BR2ZAy62PYZm2uxxur9Ymz08Zc/Zqu0m1oOo6G5Gh
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:01:13 2025 by rpki-client