Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7e281f-405d-4437-8220-42c0b7561d29/1/PQ3-L8hX0R0Wud6FYzfeMlfU24A.roa
File: PQ3-L8hX0R0Wud6FYzfeMlfU24A.roa (raw, json)
Hash identifier: XvbtMqbqBUAe/gvB31Z6AiFS5MbZY3NwpEh0/D9rjZM=
Subject key identifier: 3D:0D:FE:2F:C8:57:D1:1D:16:B9:DE:85:63:37:DE:32:57:D4:DB:80
Certificate issuer: /CN=781684136124a5cacbe7bf7d9f69fa421eccfd37
Certificate serial: 01167848
Authority key identifier: 78:16:84:13:61:24:A5:CA:CB:E7:BF:7D:9F:69:FA:42:1E:CC:FD:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eBaEE2EkpcrL5799n2n6Qh7M_Tc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7e281f-405d-4437-8220-42c0b7561d29/1/PQ3-L8hX0R0Wud6FYzfeMlfU24A.roa
Signing time: Fri 14 Jan 2022 23:12:06 +0000
ROA not before: Fri 14 Jan 2022 23:12:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212149
IP address blocks: 2a11:29c4:b00b::/48 maxlen: 48
2a11:29c2:b00b::/48 maxlen: 48
2a11:29c0:b00b::/48 maxlen: 48
2a11:29c6:b00b::/48 maxlen: 48
2a11:29c5:b00b::/48 maxlen: 48
2a11:29c3:b00b::/48 maxlen: 48
2a11:29c7:b00b::/48 maxlen: 48
2a11:29c1:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18249800 (0x1167848)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=781684136124a5cacbe7bf7d9f69fa421eccfd37
Validity
Not Before: Jan 14 23:12:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d0dfe2fc857d11d16b9de856337de3257d4db80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:89:21:0b:d6:b6:8d:b4:2f:f3:28:0c:f6:22:
96:35:93:a3:35:36:92:fe:b6:95:e0:9f:e1:a7:57:
32:57:ad:26:f6:55:3c:87:42:b6:43:d6:26:89:0c:
d6:bc:25:b7:97:4b:ee:ba:d1:ff:ff:a1:c6:3b:d9:
cc:eb:e0:55:1d:5f:96:19:7d:43:fa:6d:51:7e:20:
53:58:58:3b:8c:82:3b:3a:ac:8a:12:2b:e9:46:84:
10:ba:e7:9c:e2:e9:2e:ca:43:ee:e9:27:85:0d:a8:
80:97:e0:78:c8:2e:40:df:ab:84:d3:e7:95:5e:25:
31:99:ea:1d:c3:3e:c3:c6:a8:48:b1:65:8a:dc:99:
c9:95:be:ef:56:44:4d:c1:a9:51:96:b8:be:c1:b3:
97:8b:3e:42:09:88:c8:d7:89:60:27:db:18:58:63:
cf:df:6d:72:a9:c6:bd:57:f0:34:63:0c:4c:61:56:
2c:6a:ac:26:5c:cb:40:0e:38:e8:36:d5:cb:d5:25:
6e:52:27:ff:fc:55:a8:7b:b2:b4:05:58:30:f8:d2:
ec:f1:53:98:60:48:3a:78:be:a5:fe:5b:a3:bc:42:
0a:18:00:5e:70:03:9d:05:b3:21:f9:5f:f6:c8:89:
cd:7e:31:ab:8b:c1:a7:2f:3b:ad:6b:3c:74:6a:95:
fd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0D:FE:2F:C8:57:D1:1D:16:B9:DE:85:63:37:DE:32:57:D4:DB:80
X509v3 Authority Key Identifier:
keyid:78:16:84:13:61:24:A5:CA:CB:E7:BF:7D:9F:69:FA:42:1E:CC:FD:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eBaEE2EkpcrL5799n2n6Qh7M_Tc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7e281f-405d-4437-8220-42c0b7561d29/1/PQ3-L8hX0R0Wud6FYzfeMlfU24A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7e281f-405d-4437-8220-42c0b7561d29/1/eBaEE2EkpcrL5799n2n6Qh7M_Tc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:b00b::/48
2a11:29c1:b00b::/48
2a11:29c2:b00b::/48
2a11:29c3:b00b::/48
2a11:29c4:b00b::/48
2a11:29c5:b00b::/48
2a11:29c6:b00b::/48
2a11:29c7:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
95:8a:a6:c9:0c:d2:36:ab:ef:87:b3:5c:69:94:33:67:4f:25:
c5:09:5f:ff:df:78:34:47:80:00:85:f4:2b:f3:ac:62:e7:f3:
9f:9c:63:17:b3:b7:21:40:11:99:90:55:bc:07:91:8e:b0:79:
68:29:55:f9:48:48:dc:d7:4d:6b:37:66:e2:d8:7a:2a:5c:b2:
0f:09:b9:42:8c:02:fc:45:22:17:72:f3:eb:74:9f:da:a3:c2:
38:32:a3:bc:a1:a3:2e:15:b8:85:e1:21:56:a0:c2:a3:5e:05:
c6:91:92:20:c8:5d:7d:86:64:71:53:f8:32:1a:d5:03:db:24:
5e:d2:77:f9:8f:05:be:14:ff:8c:fb:93:cf:38:7f:1f:95:18:
53:44:60:27:9e:6f:4f:f8:5c:48:f0:68:dc:8b:10:02:12:55:
cd:33:b1:a7:ab:19:88:12:26:18:ed:8c:ec:8c:64:eb:00:60:
99:dd:b1:ce:02:79:44:a9:b2:05:8b:ca:29:12:c9:a0:45:26:
9e:fc:31:ed:5f:05:71:f7:ba:98:41:e2:3e:82:ef:94:6e:bd:
ba:6e:77:69:dc:be:b8:36:24:13:6f:0b:67:70:b7:c9:b2:fc:
bc:73:fa:b8:f1:bb:23:e1:13:93:81:10:53:e2:22:7c:e9:fd:
24:66:d5:3e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEARZ4SDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ODE2ODQxMzYxMjRhNWNhY2JlN2JmN2Q5ZjY5ZmE0MjFlY2NmZDM3MB4XDTIyMDEx
NDIzMTIwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QwZGZlMmZjODU3
ZDExZDE2YjlkZTg1NjMzN2RlMzI1N2Q0ZGI4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOiJIQvWto20L/MoDPYiljWTozU2kv62leCf4adXMletJvZV
PIdCtkPWJokM1rwlt5dL7rrR//+hxjvZzOvgVR1flhl9Q/ptUX4gU1hYO4yCOzqs
ihIr6UaEELrnnOLpLspD7uknhQ2ogJfgeMguQN+rhNPnlV4lMZnqHcM+w8aoSLFl
ityZyZW+71ZETcGpUZa4vsGzl4s+QgmIyNeJYCfbGFhjz99tcqnGvVfwNGMMTGFW
LGqsJlzLQA446DbVy9UlblIn//xVqHuytAVYMPjS7PFTmGBIOni+pf5bo7xCChgA
XnADnQWzIflf9siJzX4xq4vBpy87rWs8dGqV/a8CAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBQ9Df4vyFfRHRa53oVjN94yV9TbgDAfBgNVHSMEGDAWgBR4FoQTYSSlysvn
v32fafpCHsz9NzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VCYUVFMkVrcGNyTDU3OTluMm42UWg3TV9UYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvN2UyODFmLTQwNWQtNDQzNy04MjIwLTQyYzBiNzU2MWQyOS8x
L1BRMy1MOGhYMFIwV3VkNkZZemZlTWxmVTI0QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
N2UyODFmLTQwNWQtNDQzNy04MjIwLTQyYzBiNzU2MWQyOS8xL2VCYUVFMkVrcGNy
TDU3OTluMm42UWg3TV9UYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAIwSAMHACoRKcCwCwMHACoRKcGwCwMHACoR
KcKwCwMHACoRKcOwCwMHACoRKcSwCwMHACoRKcWwCwMHACoRKcawCwMHACoRKcew
CzANBgkqhkiG9w0BAQsFAAOCAQEAlYqmyQzSNqvvh7NcaZQzZ08lxQlf/994NEeA
AIX0K/OsYufzn5xjF7O3IUARmZBVvAeRjrB5aClV+UhI3NdNazdm4th6KlyyDwm5
QowC/EUiF3Lz63Sf2qPCODKjvKGjLhW4heEhVqDCo14FxpGSIMhdfYZkcVP4MhrV
A9skXtJ3+Y8FvhT/jPuTzzh/H5UYU0RgJ55vT/hcSPBo3IsQAhJVzTOxp6sZiBIm
GO2M7Ixk6wBgmd2xzgJ5RKmyBYvKKRLJoEUmnvwx7V8Fcfe6mEHiPoLvlG69um53
ady+uDYkE28LZ3C3ybL8vHP6uPG7I+ETk4EQU+IifOn9JGbVPg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:38 2023 by rpki-client on console.sobornost.net