Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/1TLD3AsNk7KNLoRERBRvPQxtZ5w.roa
File: 1TLD3AsNk7KNLoRERBRvPQxtZ5w.roa (raw, json)
Hash identifier: 0xWqVHJ0PWB4BIUmqTEQq8GOCNv+bYE2VkVcrTWRTmI=
Subject key identifier: D5:32:C3:DC:0B:0D:93:B2:8D:2E:84:44:44:14:6F:3D:0C:6D:67:9C
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01884861BBE413FDBF0B7F03D841B97A5999
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/1TLD3AsNk7KNLoRERBRvPQxtZ5w.roa
Signing time: Tue 23 May 2023 11:32:24 +0000
ROA not before: Tue 23 May 2023 11:32:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59538
IP address blocks: 2a0f:7800::/31 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:48:61:bb:e4:13:fd:bf:0b:7f:03:d8:41:b9:7a:59:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: May 23 11:32:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d532c3dc0b0d93b28d2e844444146f3d0c6d679c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6e:36:86:41:8e:ab:cd:3a:7b:e2:45:e8:8c:
f0:d1:0f:11:8b:22:df:7a:8e:a0:10:72:fe:41:de:
3f:dd:29:3e:ab:71:a9:95:3e:e3:2a:a3:57:de:7d:
0e:98:45:07:68:f9:92:47:d6:6f:78:8e:c2:23:41:
1c:08:7d:d4:ad:a1:e9:36:ff:f1:6b:bb:be:e2:63:
0c:81:eb:0e:3a:7d:07:fd:fe:f9:1d:7a:e5:4c:eb:
33:43:ca:dd:34:b8:61:56:45:87:b6:ab:29:a9:68:
6e:fe:f7:24:65:c7:44:b3:ef:f6:b6:cc:09:07:2b:
37:9b:81:13:64:37:2b:d7:f2:88:9e:1f:00:a7:5d:
b9:c1:c8:08:cf:32:6c:86:83:fd:fb:16:5f:9c:0b:
6e:65:27:cd:aa:b3:f6:69:18:98:e7:42:51:12:61:
4c:ab:e5:d4:64:91:8c:74:2c:c8:ee:80:e6:98:06:
80:b6:e9:9b:4d:42:d8:3d:e0:6d:e0:56:6c:a6:c1:
ed:24:4c:9d:20:af:7c:b9:49:29:29:05:bd:c6:e5:
e9:f3:32:95:1b:df:90:86:ad:6e:0f:04:06:11:2d:
b0:b1:01:84:ce:b3:50:35:cd:34:6c:46:aa:9f:62:
54:8f:23:ec:c2:06:ed:ee:6d:73:72:52:cb:e3:fb:
de:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:32:C3:DC:0B:0D:93:B2:8D:2E:84:44:44:14:6F:3D:0C:6D:67:9C
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/1TLD3AsNk7KNLoRERBRvPQxtZ5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7800::/31
Signature Algorithm: sha256WithRSAEncryption
6e:71:b3:de:8f:d9:65:c1:3c:60:56:98:fe:6a:e9:66:b9:a3:
11:0e:01:86:cb:70:11:78:a2:b6:4a:f8:3b:a9:34:f7:1b:1d:
67:42:bf:66:c3:07:b2:57:13:4c:95:4c:5e:85:91:8b:64:30:
34:75:77:8b:8a:86:cf:e9:1e:5a:da:a4:9b:95:e6:2f:13:48:
13:56:03:80:63:b1:8c:ef:39:27:14:38:5a:eb:6e:15:77:4b:
40:a3:a7:90:5e:c0:98:6b:bf:62:79:f7:76:94:75:dd:8c:1c:
25:d7:ab:2f:e1:79:63:f3:f1:9b:89:3f:2f:7a:00:16:11:11:
49:5b:33:8d:48:c8:6c:ab:a3:17:db:de:c2:14:e4:bc:46:e0:
61:87:5e:cf:08:47:d3:48:b5:3c:9b:fd:65:7f:e9:66:bf:64:
b2:92:ed:09:28:3e:f4:2a:eb:2b:e7:cf:7e:3d:ad:d4:61:d4:
0b:76:eb:9d:d9:c2:41:f1:0f:5d:e9:12:d9:88:48:ea:2a:bc:
6b:e1:88:c8:3b:08:57:b3:e2:6e:cf:40:34:05:23:3b:9e:d1:
ba:ce:1f:48:fe:7e:61:64:68:27:42:43:c0:1a:82:72:48:4b:
6e:e0:cb:a6:06:3b:9e:09:6d:96:7a:91:01:57:d3:51:77:27:
f0:12:33:c6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYhIYbvkE/2/C38D2EG5elmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjMwNTIzMTEzMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTMyYzNkYzBiMGQ5M2IyOGQyZTg0NDQ0NDE0NmYzZDBjNmQ2NzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG42hkGOq806e+JF6Izw0Q8RiyLf
eo6gEHL+Qd4/3Sk+q3GplT7jKqNX3n0OmEUHaPmSR9ZveI7CI0EcCH3UraHpNv/x
a7u+4mMMgesOOn0H/f75HXrlTOszQ8rdNLhhVkWHtqspqWhu/vckZcdEs+/2tswJ
Bys3m4ETZDcr1/KInh8Ap125wcgIzzJshoP9+xZfnAtuZSfNqrP2aRiY50JREmFM
q+XUZJGMdCzI7oDmmAaAtumbTULYPeBt4FZspsHtJEydIK98uUkpKQW9xuXp8zKV
G9+Qhq1uDwQGES2wsQGEzrNQNc00bEaqn2JUjyPswgbt7m1zclLL4/veNwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNUyw9wLDZOyjS6EREQUbz0MbWecMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvMVRMRDNBc05rN0tOTG9SRVJCUnZQUXh0WjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKg94ADAN
BgkqhkiG9w0BAQsFAAOCAQEAbnGz3o/ZZcE8YFaY/mrpZrmjEQ4BhstwEXiitkr4
O6k09xsdZ0K/ZsMHslcTTJVMXoWRi2QwNHV3i4qGz+keWtqkm5XmLxNIE1YDgGOx
jO85JxQ4WutuFXdLQKOnkF7AmGu/Ynn3dpR13YwcJderL+F5Y/Pxm4k/L3oAFhER
SVszjUjIbKujF9vewhTkvEbgYYdezwhH00i1PJv9ZX/pZr9kspLtCSg+9CrrK+fP
fj2t1GHUC3brndnCQfEPXekS2YhI6iq8a+GIyDsIV7Pibs9ANAUjO57Rus4fSP5+
YWRoJ0JDwBqCckhLbuDLpgY7ngltlnqRAVfTUXcn8BIzxg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:10 2025 by rpki-client