Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/531da9-2d79-4a45-9d5c-10dccefce93a/1/n7FEWZ_pFb0r-Z5Lcp9rfVkUIW0.roa
File: n7FEWZ_pFb0r-Z5Lcp9rfVkUIW0.roa (raw, json)
Hash identifier: 0ktEk8oxVC3pXHoopJwTJgUyDfqegiXerh6Wf+2rAW4=
Subject key identifier: 9F:B1:44:59:9F:E9:15:BD:2B:F9:9E:4B:72:9F:6B:7D:59:14:21:6D
Certificate issuer: /CN=4207baedb4063082b245dd82623c981bae56f9ac
Certificate serial: 018B5CADCD60863E70B7B8C52A04E8C2B95C
Authority key identifier: 42:07:BA:ED:B4:06:30:82:B2:45:DD:82:62:3C:98:1B:AE:56:F9:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qge67bQGMIKyRd2CYjyYG65W-aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/531da9-2d79-4a45-9d5c-10dccefce93a/1/n7FEWZ_pFb0r-Z5Lcp9rfVkUIW0.roa
Signing time: Mon 23 Oct 2023 13:16:16 +0000
ROA not before: Mon 23 Oct 2023 13:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198231
IP address blocks: 2a11:e101::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5c:ad:cd:60:86:3e:70:b7:b8:c5:2a:04:e8:c2:b9:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4207baedb4063082b245dd82623c981bae56f9ac
Validity
Not Before: Oct 23 13:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fb144599fe915bd2bf99e4b729f6b7d5914216d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a6:c7:b0:f9:20:23:00:5a:fb:32:ad:96:63:
c3:41:b5:48:22:13:c0:62:f4:9a:cd:8a:64:0a:f2:
d7:47:63:e5:9c:ce:ed:8a:cf:20:2e:2b:ba:99:ba:
e4:c5:6c:fb:45:3b:d1:42:87:f2:0c:6e:7e:49:33:
26:1e:41:e3:b1:4e:e1:55:39:6e:9f:00:ef:f5:da:
2c:ea:8f:57:a7:df:1e:87:60:ba:67:30:79:fa:7c:
5e:a2:4f:b0:fe:11:74:a7:37:64:f6:6d:7e:dc:72:
d4:3d:6a:e6:da:b8:99:04:4d:ef:02:7c:fc:f6:ed:
94:2e:71:49:02:bb:84:59:ef:3f:5b:60:db:2a:59:
b8:3a:a6:b0:4c:b4:5e:45:e1:f0:a1:2f:3f:4b:5a:
fe:3e:5e:03:48:06:47:0e:6c:57:e4:57:29:b8:f4:
fc:4e:3c:9a:db:d2:8f:30:a9:c7:29:5b:7a:b6:c3:
cd:24:04:fc:88:16:aa:80:62:98:ac:e5:e7:39:6a:
e0:a6:da:d3:16:a6:05:2a:f4:5b:9d:d6:3c:4f:d8:
a9:26:7a:c0:77:a7:55:7b:fa:3b:0a:7f:ff:26:5b:
e9:53:ed:5d:e0:0b:80:81:78:f1:0a:49:55:01:66:
98:f8:62:d5:9d:78:a3:62:2a:34:fd:90:dc:dd:a6:
1d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B1:44:59:9F:E9:15:BD:2B:F9:9E:4B:72:9F:6B:7D:59:14:21:6D
X509v3 Authority Key Identifier:
keyid:42:07:BA:ED:B4:06:30:82:B2:45:DD:82:62:3C:98:1B:AE:56:F9:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qge67bQGMIKyRd2CYjyYG65W-aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/531da9-2d79-4a45-9d5c-10dccefce93a/1/n7FEWZ_pFb0r-Z5Lcp9rfVkUIW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/531da9-2d79-4a45-9d5c-10dccefce93a/1/Qge67bQGMIKyRd2CYjyYG65W-aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e101::/32
Signature Algorithm: sha256WithRSAEncryption
33:a7:76:69:7a:7c:c7:27:86:4d:60:b5:27:c7:25:3c:07:1a:
0d:58:7f:73:c4:4b:2e:74:99:56:d7:78:79:74:de:89:b6:60:
b7:f7:30:44:21:a4:64:56:e6:5f:a2:b1:7c:38:40:5a:29:39:
ea:73:98:5e:f4:2d:e0:b9:d9:38:67:22:d9:39:79:d9:49:15:
ed:cd:20:b1:43:24:a1:52:56:dd:f1:28:d6:86:4e:a5:90:0c:
dc:ad:0a:28:ce:fe:40:f4:82:97:90:d6:66:61:a4:0f:fa:38:
ac:ac:ec:20:a2:0e:16:c7:a7:f5:82:17:7d:2d:97:ed:dd:f8:
03:fa:a5:88:5e:d3:6e:29:38:f1:b7:74:aa:91:0b:0a:b0:a6:
2d:49:3b:07:cb:06:fd:00:ef:54:c3:d8:7f:a2:85:65:6e:96:
b9:2a:5d:a0:24:ac:18:a3:d9:b7:5a:03:f6:85:d8:3f:a9:3a:
9e:19:1f:3b:16:c4:45:79:92:6f:a8:62:2b:43:66:12:48:73:
7c:ff:3d:19:9c:9d:12:e0:7b:5d:cf:05:93:cd:3c:56:8d:d0:
d2:46:01:8b:73:22:ce:f2:6d:51:ed:dc:63:6a:8c:32:10:ea:
84:09:1d:5d:1d:f2:d0:c4:b6:78:45:27:e6:ec:17:48:26:92:
80:3c:7f:02
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYtcrc1ghj5wt7jFKgTowrlcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDdiYWVkYjQwNjMwODJiMjQ1ZGQ4MjYyM2M5ODFiYWU1
NmY5YWMwHhcNMjMxMDIzMTMxNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmIxNDQ1OTlmZTkxNWJkMmJmOTllNGI3MjlmNmI3ZDU5MTQyMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApabHsPkgIwBa+zKtlmPDQbVIIhPA
YvSazYpkCvLXR2PlnM7tis8gLiu6mbrkxWz7RTvRQofyDG5+STMmHkHjsU7hVTlu
nwDv9dos6o9Xp98eh2C6ZzB5+nxeok+w/hF0pzdk9m1+3HLUPWrm2riZBE3vAnz8
9u2ULnFJAruEWe8/W2DbKlm4OqawTLReReHwoS8/S1r+Pl4DSAZHDmxX5FcpuPT8
Tjya29KPMKnHKVt6tsPNJAT8iBaqgGKYrOXnOWrgptrTFqYFKvRbndY8T9ipJnrA
d6dVe/o7Cn//JlvpU+1d4AuAgXjxCklVAWaY+GLVnXijYio0/ZDc3aYdZwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ+xRFmf6RW9K/meS3Kfa31ZFCFtMB8GA1UdIwQY
MBaAFEIHuu20BjCCskXdgmI8mBuuVvmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdlNjdiUUdNSUt5UmQyQ1lqeVlHNjVXLWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81MzFkYTktMmQ3OS00YTQ1LTlkNWMt
MTBkY2NlZmNlOTNhLzEvbjdGRVdaX3BGYjByLVo1TGNwOXJmVmtVSVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi81MzFkYTktMmQ3OS00YTQ1LTlkNWMtMTBkY2NlZmNlOTNh
LzEvUWdlNjdiUUdNSUt5UmQyQ1lqeVlHNjVXLWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhHhATAN
BgkqhkiG9w0BAQsFAAOCAQEAM6d2aXp8xyeGTWC1J8clPAcaDVh/c8RLLnSZVtd4
eXTeibZgt/cwRCGkZFbmX6KxfDhAWik56nOYXvQt4LnZOGci2Tl52UkV7c0gsUMk
oVJW3fEo1oZOpZAM3K0KKM7+QPSCl5DWZmGkD/o4rKzsIKIOFsen9YIXfS2X7d34
A/qliF7Tbik48bd0qpELCrCmLUk7B8sG/QDvVMPYf6KFZW6WuSpdoCSsGKPZt1oD
9oXYP6k6nhkfOxbERXmSb6hiK0NmEkhzfP89GZydEuB7Xc8Fk808Vo3Q0kYBi3Mi
zvJtUe3cY2qMMhDqhAkdXR3y0MS2eEUn5uwXSCaSgDx/Ag==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:38 2023 by rpki-client on console.sobornost.net