Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/02c0cf-489d-4fda-9e39-10133232e759/1/xYYSmipaVsbSrBMTtmqUNwnNh_c.roa
File: xYYSmipaVsbSrBMTtmqUNwnNh_c.roa (raw, json)
Hash identifier: jlJDnkfsaPdyUaXC48t8oNiAKVwhsZfv2RkXwGTL6Ec=
Subject key identifier: C5:86:12:9A:2A:5A:56:C6:D2:AC:13:13:B6:6A:94:37:09:CD:87:F7
Certificate issuer: /CN=3b3fff71e59f35063f809fc5eb3af4c419f7bf33
Certificate serial: 018570428A5AF07FE598366839211CB6D188
Authority key identifier: 3B:3F:FF:71:E5:9F:35:06:3F:80:9F:C5:EB:3A:F4:C4:19:F7:BF:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oz__ceWfNQY_gJ_F6zr0xBn3vzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/02c0cf-489d-4fda-9e39-10133232e759/1/xYYSmipaVsbSrBMTtmqUNwnNh_c.roa
Signing time: Mon 02 Jan 2023 02:14:47 +0000
ROA not before: Mon 02 Jan 2023 02:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a10:1d80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:8a:5a:f0:7f:e5:98:36:68:39:21:1c:b6:d1:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3fff71e59f35063f809fc5eb3af4c419f7bf33
Validity
Not Before: Jan 2 02:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c586129a2a5a56c6d2ac1313b66a943709cd87f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fa:bb:52:35:f0:af:98:3f:1b:5f:da:e3:80:
67:0e:22:ee:a6:59:be:0d:7b:64:73:93:4d:58:25:
72:2c:f9:e6:ae:95:aa:49:e7:cf:45:01:14:80:9b:
49:e0:64:01:c2:55:82:c4:d2:b4:3f:93:07:80:1a:
6b:68:fe:81:a7:e8:06:cc:6c:f0:1d:1f:52:37:39:
73:0c:00:59:a7:12:d7:d7:78:af:32:5c:83:fa:fc:
2c:ea:41:a3:90:26:e1:ec:bb:e3:f3:1f:2c:c5:f6:
a5:57:a7:19:61:c2:c0:b0:36:c0:be:0c:e3:a9:ca:
07:eb:d1:8f:7c:35:c7:97:4b:0e:3b:91:63:d3:20:
6b:d2:1a:be:71:6a:89:9d:cd:8a:2b:8f:a6:92:85:
30:3b:1e:d4:e1:93:ac:4d:e9:e1:94:8c:98:18:4d:
61:eb:f6:a0:2b:fa:20:6d:d0:e7:71:19:30:35:b2:
79:0e:a0:37:72:04:53:64:4f:01:99:87:bd:17:5a:
ea:0a:d3:f2:6e:98:24:91:a2:e6:fc:d0:63:72:8d:
f5:af:63:c8:ec:f4:dc:1e:9b:00:5b:a5:b3:c8:c5:
88:b3:3d:81:70:bb:e6:e4:1c:fa:f9:e9:85:13:23:
71:b2:2a:8e:ac:4f:6a:35:27:15:ae:cb:66:58:59:
88:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:86:12:9A:2A:5A:56:C6:D2:AC:13:13:B6:6A:94:37:09:CD:87:F7
X509v3 Authority Key Identifier:
keyid:3B:3F:FF:71:E5:9F:35:06:3F:80:9F:C5:EB:3A:F4:C4:19:F7:BF:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oz__ceWfNQY_gJ_F6zr0xBn3vzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/02c0cf-489d-4fda-9e39-10133232e759/1/xYYSmipaVsbSrBMTtmqUNwnNh_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/02c0cf-489d-4fda-9e39-10133232e759/1/Oz__ceWfNQY_gJ_F6zr0xBn3vzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:1d80::/29
Signature Algorithm: sha256WithRSAEncryption
b6:e8:16:57:ea:af:f8:c1:d5:e3:f3:32:be:9b:8f:1f:45:b6:
3a:6a:38:e0:f2:8b:54:82:d6:0c:03:2a:df:2b:fa:cf:54:03:
35:23:3a:8b:49:33:22:26:c8:06:99:36:35:6a:35:35:71:db:
54:4a:32:cb:31:b9:6d:76:ef:b3:db:00:28:7d:a1:01:df:b2:
08:98:e0:ea:9e:ab:35:8b:fa:a2:e9:8e:86:db:7f:bd:21:8a:
1d:76:b8:7c:20:02:44:48:74:5b:7b:a0:fb:3d:71:5e:77:3d:
b1:de:d6:06:b8:fe:6d:ef:f6:63:60:58:9c:5a:0c:4d:bd:be:
5c:0e:84:80:e6:2c:a7:33:92:fa:da:d0:02:1c:95:9c:5a:23:
b9:a6:11:28:3f:67:fe:16:3c:65:b1:52:88:5a:a8:9a:83:9c:
c4:02:60:b3:f9:1b:15:f0:e4:ad:e3:1d:b8:19:ec:bb:7f:91:
e5:f7:e7:08:15:45:61:48:bd:fb:1a:48:b5:8f:34:4c:0f:2c:
86:e9:e5:63:c4:8e:a2:01:1d:d9:3d:03:c7:4d:8b:e8:46:47:
9f:b3:9a:88:6e:79:e6:87:82:71:4b:64:15:b2:b8:b3:02:da:
76:49:0d:95:fe:5a:93:87:ac:79:52:72:7a:e7:92:d3:01:18:
45:a6:3c:75
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwQopa8H/lmDZoOSEcttGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiM2ZmZjcxZTU5ZjM1MDYzZjgwOWZjNWViM2FmNGM0MTlm
N2JmMzMwHhcNMjMwMTAyMDIxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTg2MTI5YTJhNWE1NmM2ZDJhYzEzMTNiNjZhOTQzNzA5Y2Q4N2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/q7UjXwr5g/G1/a44BnDiLuplm+
DXtkc5NNWCVyLPnmrpWqSefPRQEUgJtJ4GQBwlWCxNK0P5MHgBpraP6Bp+gGzGzw
HR9SNzlzDABZpxLX13ivMlyD+vws6kGjkCbh7Lvj8x8sxfalV6cZYcLAsDbAvgzj
qcoH69GPfDXHl0sOO5Fj0yBr0hq+cWqJnc2KK4+mkoUwOx7U4ZOsTenhlIyYGE1h
6/agK/ogbdDncRkwNbJ5DqA3cgRTZE8BmYe9F1rqCtPybpgkkaLm/NBjco31r2PI
7PTcHpsAW6WzyMWIsz2BcLvm5Bz6+emFEyNxsiqOrE9qNScVrstmWFmItQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMWGEpoqWlbG0qwTE7ZqlDcJzYf3MB8GA1UdIwQY
MBaAFDs//3HlnzUGP4Cfxes69MQZ978zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pfX2NlV2ZOUVlfZ0pfRjZ6cjB4Qm4zdnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wMmMwY2YtNDg5ZC00ZmRhLTllMzkt
MTAxMzMyMzJlNzU5LzEveFlZU21pcGFWc2JTckJNVHRtcVVOd25OaF9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wMmMwY2YtNDg5ZC00ZmRhLTllMzktMTAxMzMyMzJlNzU5
LzEvT3pfX2NlV2ZOUVlfZ0pfRjZ6cjB4Qm4zdnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhAdgDAN
BgkqhkiG9w0BAQsFAAOCAQEAtugWV+qv+MHV4/MyvpuPH0W2Omo44PKLVILWDAMq
3yv6z1QDNSM6i0kzIibIBpk2NWo1NXHbVEoyyzG5bXbvs9sAKH2hAd+yCJjg6p6r
NYv6oumOhtt/vSGKHXa4fCACREh0W3ug+z1xXnc9sd7WBrj+be/2Y2BYnFoMTb2+
XA6EgOYspzOS+trQAhyVnFojuaYRKD9n/hY8ZbFSiFqomoOcxAJgs/kbFfDkreMd
uBnsu3+R5ffnCBVFYUi9+xpItY80TA8shunlY8SOogEd2T0Dx02L6EZHn7OaiG55
5oeCcUtkFbK4swLadkkNlf5ak4eseVJyeueS0wEYRaY8dQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:16 2023 by rpki-client on console.sobornost.net