Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/I711nHJk8DfkWtovZv-kdYUCGYQ.roa
File: I711nHJk8DfkWtovZv-kdYUCGYQ.roa (raw, json)
Hash identifier: HLx4a8jGs/Ghm1/TQxjlAJwcrsmJ2bvBQDk+VFj2Gtg=
Subject key identifier: 23:BD:75:9C:72:64:F0:37:E4:5A:DA:2F:66:FF:A4:75:85:02:19:84
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CC2DB5F9F89AAA153A7A7441549471AF5
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/I711nHJk8DfkWtovZv-kdYUCGYQ.roa
Signing time: Mon 01 Jan 2024 02:30:05 +0000
ROA not before: Mon 01 Jan 2024 02:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3175
IP address blocks: 2a13:3c80::/29 maxlen: 29
2a11:4b42::/32 maxlen: 32
2a11:4b41::/32 maxlen: 32
2a0e:c380::/29 maxlen: 29
2a11:4b43::/32 maxlen: 32
2a0e:d00::/29 maxlen: 29
2a04:a5c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:5f:9f:89:aa:a1:53:a7:a7:44:15:49:47:1a:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 02:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23bd759c7264f037e45ada2f66ffa47585021984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:70:6d:1e:2f:ca:42:17:90:c7:17:4d:9f:81:
4e:3e:30:d0:33:c5:39:1a:a2:9c:47:75:07:94:0f:
e5:ed:9f:b7:55:54:6a:73:66:a2:a9:2d:26:8a:b7:
1d:02:73:8f:b4:d9:cd:bb:36:e2:95:57:2b:d1:00:
5a:2d:e3:3c:19:11:ad:66:f3:77:33:03:3d:c8:1a:
f8:b2:fc:ab:42:7f:0e:f4:a2:d3:3f:bb:03:f9:30:
29:3d:34:32:bf:88:8b:b6:cd:ac:87:38:88:e6:b9:
cb:cb:65:6e:85:6d:2e:3b:f9:41:22:ee:1c:1c:70:
27:fc:d2:51:e3:c3:29:7f:69:6e:c2:f9:1b:0b:ac:
ba:a1:2b:ab:09:0b:73:95:da:2c:e7:c9:6f:57:f1:
2e:4d:f9:65:7b:e2:07:e7:40:ae:10:23:1e:50:9a:
a3:33:40:81:90:d8:6f:4f:1a:08:c2:34:67:a9:ed:
96:8c:2c:12:74:70:d1:56:63:bc:2c:f1:cb:6c:41:
68:7e:85:28:4f:6e:8c:0e:2c:6d:23:4d:b7:a0:20:
89:18:19:da:23:24:f0:9e:3a:5f:22:bd:35:20:0f:
e4:1d:43:69:00:fe:39:f4:40:15:91:f3:65:d7:d9:
9b:91:03:44:3a:b9:37:ea:45:95:bd:a2:05:4c:4c:
01:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:BD:75:9C:72:64:F0:37:E4:5A:DA:2F:66:FF:A4:75:85:02:19:84
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/I711nHJk8DfkWtovZv-kdYUCGYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a5c0::/29
2a0e:d00::/29
2a0e:c380::/29
2a11:4b41::-2a11:4b43:ffff:ffff:ffff:ffff:ffff:ffff
2a13:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
05:03:b4:06:4a:ac:20:36:d3:6b:01:fd:79:e1:bb:fb:79:9d:
1d:a2:c2:1b:02:e1:af:fa:91:35:ee:1c:b7:81:d1:96:b4:a1:
9b:48:3f:02:6f:4e:84:2d:eb:cf:c9:a6:68:c5:ed:b7:12:b6:
6b:85:d5:ff:2d:ed:d0:9c:4b:42:da:42:b9:4f:b5:05:c1:a4:
f9:ca:a3:af:d5:db:8c:44:f4:42:82:1b:1a:da:aa:b1:1d:f0:
f7:fd:36:4a:54:5c:3b:c4:d3:81:f1:94:5f:7b:e8:c4:f3:9b:
ef:37:53:b4:d2:75:4b:91:82:d3:dd:6c:25:d4:07:c2:d0:9e:
9a:ff:32:bd:5e:d7:09:7c:b7:8b:01:ac:a8:e9:50:68:91:21:
27:32:c3:dc:0a:6c:3a:7d:36:4e:d0:63:50:4f:32:c2:91:d6:
b1:14:c8:0e:8a:10:1d:f9:f2:2d:44:0c:21:ca:c6:fc:c2:7d:
c2:f3:62:25:a8:76:1d:8e:bd:ef:f0:57:83:cd:96:11:3a:8f:
5a:e7:c9:5c:d4:20:16:c5:a7:74:b4:9f:d7:e9:5c:19:28:e4:
19:33:6d:c1:f0:df:37:81:f4:6c:89:84:9e:d5:09:b3:01:12:
22:10:4b:ea:63:d1:6c:44:fe:15:5a:46:d1:01:db:92:b8:1e:
8b:5d:59:68
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzC21+fiaqhU6enRBVJRxr1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTAxMDIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2JkNzU5YzcyNjRmMDM3ZTQ1YWRhMmY2NmZmYTQ3NTg1MDIxOTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HBtHi/KQheQxxdNn4FOPjDQM8U5
GqKcR3UHlA/l7Z+3VVRqc2aiqS0mircdAnOPtNnNuzbilVcr0QBaLeM8GRGtZvN3
MwM9yBr4svyrQn8O9KLTP7sD+TApPTQyv4iLts2shziI5rnLy2VuhW0uO/lBIu4c
HHAn/NJR48Mpf2luwvkbC6y6oSurCQtzldos58lvV/EuTflle+IH50CuECMeUJqj
M0CBkNhvTxoIwjRnqe2WjCwSdHDRVmO8LPHLbEFofoUoT26MDixtI023oCCJGBna
IyTwnjpfIr01IA/kHUNpAP459EAVkfNl19mbkQNEOrk36kWVvaIFTEwBpwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCO9dZxyZPA35FraL2b/pHWFAhmEMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvSTcxMW5ISms4RGZrV3Rvdlp2LWtkWVVDR1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsAwUDKgSlwAMF
AyoODQADBQMqDsOAMA4DBQAqEUtBAwUCKhFLQAMFAyoTPIAwDQYJKoZIhvcNAQEL
BQADggEBAAUDtAZKrCA202sB/Xnhu/t5nR2iwhsC4a/6kTXuHLeB0Za0oZtIPwJv
ToQt68/JpmjF7bcStmuF1f8t7dCcS0LaQrlPtQXBpPnKo6/V24xE9EKCGxraqrEd
8Pf9NkpUXDvE04HxlF976MTzm+83U7TSdUuRgtPdbCXUB8LQnpr/Mr1e1wl8t4sB
rKjpUGiRIScyw9wKbDp9Nk7QY1BPMsKR1rEUyA6KEB358i1EDCHKxvzCfcLzYiWo
dh2Ove/wV4PNlhE6j1rnyVzUIBbFp3S0n9fpXBko5BkzbcHw3zeB9GyJhJ7VCbMB
EiIQS+pj0WxE/hVaRtEB25K4HotdWWg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:22:44 2025 by rpki-client