Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/645fb6-8edf-4a75-bbc1-ae13eef4f12e/1/MnxrFNK_9doXL9knG3LNoSIQjvI.roa
File: MnxrFNK_9doXL9knG3LNoSIQjvI.roa (raw, json)
Hash identifier: hvR8gwpCFuEhOoWFad9QzsTJa8opC10OiEtDX5vypik=
Subject key identifier: 32:7C:6B:14:D2:BF:F5:DA:17:2F:D9:27:1B:72:CD:A1:22:10:8E:F2
Certificate issuer: /CN=0881c26efd7671f272dc4fe7d43ecc998a5c0cf2
Certificate serial: 01888BD54E0E8848BDCE72A81274051A7A47
Authority key identifier: 08:81:C2:6E:FD:76:71:F2:72:DC:4F:E7:D4:3E:CC:99:8A:5C:0C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIHCbv12cfJy3E_n1D7MmYpcDPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/645fb6-8edf-4a75-bbc1-ae13eef4f12e/1/MnxrFNK_9doXL9knG3LNoSIQjvI.roa
Signing time: Mon 05 Jun 2023 13:53:12 +0000
ROA not before: Mon 05 Jun 2023 13:53:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53358
IP address blocks: 2a13:c800::/29 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8b:d5:4e:0e:88:48:bd:ce:72:a8:12:74:05:1a:7a:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0881c26efd7671f272dc4fe7d43ecc998a5c0cf2
Validity
Not Before: Jun 5 13:53:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=327c6b14d2bff5da172fd9271b72cda122108ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:76:4d:47:84:f0:a6:0e:65:18:9c:5e:d7:7b:
84:00:ad:15:3e:3b:2d:79:b1:11:9f:d6:8e:5b:a1:
66:fc:3c:15:ec:f4:fe:41:c7:78:4d:8f:32:14:10:
f7:04:cb:4b:6c:b3:d2:3f:ac:82:5f:4f:ae:8a:9d:
3d:a0:bd:f8:a9:ba:10:63:a5:39:ac:94:17:cc:97:
22:5b:ba:52:31:ab:67:67:af:aa:a1:7f:54:a5:cd:
02:00:e7:48:6e:e3:02:23:5d:1a:19:13:d0:e0:7a:
5e:72:e5:e1:28:ab:c5:f9:4b:56:97:63:29:e1:93:
49:a3:29:04:f8:10:7d:e6:c8:03:13:0d:7d:8d:1a:
af:8a:b3:cc:bd:5c:75:3c:17:39:71:7a:5b:de:04:
bb:ce:7f:82:bb:83:c1:6e:a6:dd:b3:67:38:e8:d9:
f4:b6:80:53:db:cd:9c:37:bf:7e:4e:17:d5:11:70:
6f:b7:84:0e:5e:11:07:cd:a7:c9:4a:76:90:5c:5f:
87:50:e5:6a:e8:1b:9d:71:b0:a7:bf:5d:e0:f6:98:
83:1e:43:13:fa:99:4a:a8:f6:0f:7f:28:a4:83:46:
a8:55:e6:9d:c7:02:d4:3a:d1:23:97:57:95:86:1c:
7a:1f:8a:42:72:d3:33:de:bf:e7:eb:51:bb:d8:cc:
bb:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:7C:6B:14:D2:BF:F5:DA:17:2F:D9:27:1B:72:CD:A1:22:10:8E:F2
X509v3 Authority Key Identifier:
keyid:08:81:C2:6E:FD:76:71:F2:72:DC:4F:E7:D4:3E:CC:99:8A:5C:0C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIHCbv12cfJy3E_n1D7MmYpcDPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/645fb6-8edf-4a75-bbc1-ae13eef4f12e/1/MnxrFNK_9doXL9knG3LNoSIQjvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/645fb6-8edf-4a75-bbc1-ae13eef4f12e/1/CIHCbv12cfJy3E_n1D7MmYpcDPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c800::/29
Signature Algorithm: sha256WithRSAEncryption
13:9b:c5:aa:97:5e:87:75:77:40:3e:fa:49:95:84:f6:f4:d6:
e8:9f:72:dc:9f:fc:95:73:18:ce:54:9a:2d:42:7f:aa:1d:d7:
cb:11:74:af:02:4a:c7:a6:aa:e4:83:4c:47:22:8c:e5:b9:d9:
d0:8c:8e:23:de:c0:2f:0c:ed:49:6e:10:d1:c7:ec:c4:f3:19:
d1:49:cb:cf:42:d3:12:a7:fa:c7:59:d0:5c:1a:ec:dc:98:df:
ad:86:06:c5:56:7c:e4:f9:60:ff:a6:c6:d8:65:ec:30:4b:b9:
89:1c:d5:11:dd:68:40:80:bd:64:2f:13:9c:3f:6c:a6:bf:66:
12:8a:8a:f2:8d:2c:8a:d9:5f:84:21:9f:a1:b7:2f:06:5b:1d:
3e:33:64:6c:c0:42:d0:8f:6a:b6:51:b4:f2:8e:bb:17:d1:d5:
31:9f:2b:00:38:f8:90:09:a2:02:5d:b9:0a:1a:3b:27:73:78:
b8:f6:a0:82:90:14:87:94:dd:4e:71:bd:80:9a:9f:9e:85:9e:
6b:a5:01:41:f1:4e:c0:f9:30:3b:e2:24:ce:a2:f0:fb:84:ff:
9e:7c:33:3f:ca:c6:14:bb:19:ce:99:21:a0:7f:c1:c9:ba:6f:
a4:1c:86:d0:2d:9e:51:80:35:45:5c:49:1b:05:85:f4:38:91:
bc:ee:b4:d7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYiL1U4OiEi9znKoEnQFGnpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODFjMjZlZmQ3NjcxZjI3MmRjNGZlN2Q0M2VjYzk5OGE1
YzBjZjIwHhcNMjMwNjA1MTM1MzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjdjNmIxNGQyYmZmNWRhMTcyZmQ5MjcxYjcyY2RhMTIyMTA4ZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXZNR4Twpg5lGJxe13uEAK0VPjst
ebERn9aOW6Fm/DwV7PT+Qcd4TY8yFBD3BMtLbLPSP6yCX0+uip09oL34qboQY6U5
rJQXzJciW7pSMatnZ6+qoX9Upc0CAOdIbuMCI10aGRPQ4HpecuXhKKvF+UtWl2Mp
4ZNJoykE+BB95sgDEw19jRqvirPMvVx1PBc5cXpb3gS7zn+Cu4PBbqbds2c46Nn0
toBT282cN79+ThfVEXBvt4QOXhEHzafJSnaQXF+HUOVq6BudcbCnv13g9piDHkMT
+plKqPYPfyikg0aoVeadxwLUOtEjl1eVhhx6H4pCctMz3r/n61G72My7gQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDJ8axTSv/XaFy/ZJxtyzaEiEI7yMB8GA1UdIwQY
MBaAFAiBwm79dnHyctxP59Q+zJmKXAzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lIQ2J2MTJjZkp5M0VfbjFEN01tWXBjRFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy82NDVmYjYtOGVkZi00YTc1LWJiYzEt
YWUxM2VlZjRmMTJlLzEvTW54ckZOS185ZG9YTDlrbkczTE5vU0lRanZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy82NDVmYjYtOGVkZi00YTc1LWJiYzEtYWUxM2VlZjRmMTJl
LzEvQ0lIQ2J2MTJjZkp5M0VfbjFEN01tWXBjRFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPIADAN
BgkqhkiG9w0BAQsFAAOCAQEAE5vFqpdeh3V3QD76SZWE9vTW6J9y3J/8lXMYzlSa
LUJ/qh3XyxF0rwJKx6aq5INMRyKM5bnZ0IyOI97ALwztSW4Q0cfsxPMZ0UnLz0LT
Eqf6x1nQXBrs3JjfrYYGxVZ85Plg/6bG2GXsMEu5iRzVEd1oQIC9ZC8TnD9spr9m
EoqK8o0sitlfhCGfobcvBlsdPjNkbMBC0I9qtlG08o67F9HVMZ8rADj4kAmiAl25
Cho7J3N4uPaggpAUh5TdTnG9gJqfnoWea6UBQfFOwPkwO+IkzqLw+4T/nnwzP8rG
FLsZzpkhoH/BybpvpByG0C2eUYA1RVxJGwWF9DiRvO601w==
-----END CERTIFICATE-----
Generated at Thu Aug 17 07:39:11 2023 by rpki-client on console-ams.rpki-client.org