Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/_aooLXKhlVDEHgiFXpqxBKEgwfM.roa
File: _aooLXKhlVDEHgiFXpqxBKEgwfM.roa (raw, json)
Hash identifier: WYi732kIoe3zh2dgIcNX0Tnx/fzHECfeiff5um417Aw=
Subject key identifier: FD:AA:28:2D:72:A1:95:50:C4:1E:08:85:5E:9A:B1:04:A1:20:C1:F3
Certificate issuer: /CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Certificate serial: 0191EB8A344D3F4C591F8782B7F029FCFF12
Authority key identifier: 76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/_aooLXKhlVDEHgiFXpqxBKEgwfM.roa
Signing time: Fri 13 Sep 2024 13:19:48 +0000
ROA not before: Fri 13 Sep 2024 13:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206873
IP address blocks: 2a11:7681::/32 maxlen: 32
2a11:7684::/32 maxlen: 32
2a11:8301::/32 maxlen: 32
2a11:cd07::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:eb:8a:34:4d:3f:4c:59:1f:87:82:b7:f0:29:fc:ff:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Validity
Not Before: Sep 13 13:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdaa282d72a19550c41e08855e9ab104a120c1f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:89:7d:ea:3e:16:84:24:e8:c4:09:d9:5a:9b:
0c:bf:c1:2c:15:e1:e1:30:64:74:29:0b:20:56:ad:
d9:6a:5c:57:d0:97:1f:b2:f3:80:64:23:91:c1:fa:
bb:e4:03:b6:ba:02:22:f9:6a:0f:cc:0d:f0:18:4f:
77:da:93:e4:78:fd:e1:02:c5:64:b7:81:aa:e4:47:
ad:13:6c:44:fc:cf:18:1a:e7:ec:3b:60:6d:b2:20:
4f:e5:a6:59:8e:22:8e:d7:2c:67:5a:b2:d5:fd:4a:
06:cb:4c:78:71:83:05:0a:16:89:9a:6b:a6:c8:da:
16:2f:5d:e8:63:9f:66:60:1e:63:f9:a6:96:9d:44:
c2:57:b8:4f:ea:22:47:00:6d:60:1d:6c:f0:1d:42:
cd:fb:40:99:f9:d6:76:48:08:a0:f7:63:5f:2f:27:
e8:84:c3:22:c0:4d:47:f8:8b:90:de:5a:df:05:3a:
1e:ad:3b:8c:ae:da:e8:06:cd:a9:39:16:51:45:b2:
ec:50:b8:4f:87:c2:00:19:d0:35:58:66:2d:a0:77:
cf:8b:60:f3:9c:59:d4:4a:ae:dc:84:48:18:b3:e1:
d6:87:15:52:c5:3b:ac:b0:a5:c5:3b:55:cb:ea:8a:
48:36:1c:45:4a:fd:80:94:48:e1:9e:4d:09:90:b7:
79:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:AA:28:2D:72:A1:95:50:C4:1E:08:85:5E:9A:B1:04:A1:20:C1:F3
X509v3 Authority Key Identifier:
keyid:76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/_aooLXKhlVDEHgiFXpqxBKEgwfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/dj1Ffl08wKzYp0-LEOJoa_vElss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7681::/32
2a11:7684::/32
2a11:8301::/32
2a11:cd07::/32
Signature Algorithm: sha256WithRSAEncryption
27:36:33:0b:26:64:1d:70:33:44:63:da:06:64:d3:24:67:27:
bb:7f:c8:4f:95:f3:16:18:cd:d1:4d:71:40:e3:15:a9:de:ff:
72:a1:35:e5:48:a2:40:11:0a:18:1c:3a:77:e4:2e:e5:71:56:
79:f4:6c:21:bf:41:a4:16:38:37:ee:e8:9f:14:ab:c3:c9:f8:
2a:c5:67:8c:1c:f0:c3:60:54:66:af:89:32:4f:f2:1c:cc:10:
d2:1d:fe:15:35:30:ae:ee:d7:62:65:91:59:ce:6e:73:7e:65:
fe:37:a2:7b:c0:74:ff:f4:f2:00:63:1b:c2:b6:71:7f:f8:c8:
14:95:f0:e8:af:16:33:55:19:56:ba:13:6b:63:68:1a:9e:e2:
24:a0:09:9d:59:be:8c:0b:8c:d6:d1:ce:67:e2:8f:4d:af:d2:
81:b1:de:6a:2a:83:61:a6:ec:44:d3:a3:8d:60:fd:4f:f6:17:
f8:c2:d9:0d:03:b7:03:23:c3:c8:4a:28:2b:b0:12:37:04:95:
fc:cf:1c:76:8a:ad:ef:b6:25:4b:2d:7e:ea:23:43:7b:d0:36:
49:59:3b:20:62:49:ce:39:45:6b:07:14:4c:9a:6f:e1:50:95:
c9:b8:f7:18:8b:a7:79:69:30:81:0a:2e:d8:bc:01:60:ed:63:
b1:1a:85:ce
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZHrijRNP0xZH4eCt/Ap/P8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2M2Q0NTdlNWQzY2MwYWNkOGE3NGY4YjEwZTI2ODZiZmJj
NDk2Y2IwHhcNMjQwOTEzMTMxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGFhMjgyZDcyYTE5NTUwYzQxZTA4ODU1ZTlhYjEwNGExMjBjMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIl96j4WhCToxAnZWpsMv8EsFeHh
MGR0KQsgVq3ZalxX0JcfsvOAZCORwfq75AO2ugIi+WoPzA3wGE932pPkeP3hAsVk
t4Gq5EetE2xE/M8YGufsO2BtsiBP5aZZjiKO1yxnWrLV/UoGy0x4cYMFChaJmmum
yNoWL13oY59mYB5j+aaWnUTCV7hP6iJHAG1gHWzwHULN+0CZ+dZ2SAig92NfLyfo
hMMiwE1H+IuQ3lrfBToerTuMrtroBs2pORZRRbLsULhPh8IAGdA1WGYtoHfPi2Dz
nFnUSq7chEgYs+HWhxVSxTussKXFO1XL6opINhxFSv2AlEjhnk0JkLd5LwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFP2qKC1yoZVQxB4IhV6asQShIMHzMB8GA1UdIwQY
MBaAFHY9RX5dPMCs2KdPixDiaGv7xJbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQt
N2U1OTRmMjQ5NGNjLzEvX2Fvb0xYS2hsVkRFSGdpRlhwcXhCS0Vnd2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQtN2U1OTRmMjQ5NGNj
LzEvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhF2gQMF
ACoRdoQDBQAqEYMBAwUAKhHNBzANBgkqhkiG9w0BAQsFAAOCAQEAJzYzCyZkHXAz
RGPaBmTTJGcnu3/IT5XzFhjN0U1xQOMVqd7/cqE15UiiQBEKGBw6d+Qu5XFWefRs
Ib9BpBY4N+7onxSrw8n4KsVnjBzww2BUZq+JMk/yHMwQ0h3+FTUwru7XYmWRWc5u
c35l/jeie8B0//TyAGMbwrZxf/jIFJXw6K8WM1UZVroTa2NoGp7iJKAJnVm+jAuM
1tHOZ+KPTa/SgbHeaiqDYabsRNOjjWD9T/YX+MLZDQO3AyPDyEooK7ASNwSV/M8c
doqt77YlSy1+6iNDe9A2SVk7IGJJzjlFawcUTJpv4VCVybj3GIuneWkwgQou2LwB
YO1jsRqFzg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:09:34 2025 by rpki-client