Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/sgXmikHZdaCmSd1V08WpxfXo-T8.roa
File: sgXmikHZdaCmSd1V08WpxfXo-T8.roa (raw, json)
Hash identifier: KMsYSteYB1GHkuplXeSxd9o4LN0sSfty5BOhOvuqq1Q=
Subject key identifier: B2:05:E6:8A:41:D9:75:A0:A6:49:DD:55:D3:C5:A9:C5:F5:E8:F9:3F
Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Certificate serial: 019425219D0EC6EFEAC3F60CBA305BE7A9ED
Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/sgXmikHZdaCmSd1V08WpxfXo-T8.roa
Signing time: Thu 02 Jan 2025 03:49:07 +0000
ROA not before: Thu 02 Jan 2025 03:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198304
IP address blocks: 2a13:a5c5:f000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:9d:0e:c6:ef:ea:c3:f6:0c:ba:30:5b:e7:a9:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Validity
Not Before: Jan 2 03:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b205e68a41d975a0a649dd55d3c5a9c5f5e8f93f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9f:6e:c9:d1:44:18:5c:78:f4:b0:92:65:32:
ff:1d:48:f0:b9:56:64:f8:cf:33:18:6c:88:d2:da:
58:a1:0c:9f:88:a6:54:d5:4b:4c:1e:49:54:d8:37:
d2:71:59:fd:63:ff:d1:e9:b5:d6:7b:f1:fc:94:fa:
4f:bd:4c:42:af:9e:94:d3:0c:3f:ef:bc:cc:33:af:
52:ff:2b:eb:cd:bc:e9:4c:57:73:bb:86:e6:38:74:
1b:0b:98:7f:f3:e3:ac:cf:85:ff:4c:92:83:58:13:
1f:b4:7b:de:0f:e2:d2:c8:4c:28:56:42:41:5b:9b:
bf:62:67:51:64:8b:7f:a5:df:0b:3f:91:5a:9c:59:
ac:0e:d3:3e:af:e9:0e:06:bb:e4:ec:24:84:23:62:
df:65:d2:dd:8c:b5:da:35:d2:28:74:04:86:90:42:
49:99:b9:1a:70:8b:b7:53:d2:97:d7:0e:0a:f8:a6:
36:8d:7a:3c:15:21:06:60:50:71:b0:af:0d:ad:22:
fb:2b:c1:5d:35:84:fe:75:19:79:e6:5f:56:c8:35:
b7:cc:e7:77:ed:06:46:87:7d:c8:e1:3a:8f:88:e6:
b7:9e:cf:61:d7:b8:aa:4b:01:39:f8:7b:c9:2b:b8:
4b:ad:47:8a:32:39:21:48:52:0a:cf:02:6e:5d:3b:
d7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:05:E6:8A:41:D9:75:A0:A6:49:DD:55:D3:C5:A9:C5:F5:E8:F9:3F
X509v3 Authority Key Identifier:
keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/sgXmikHZdaCmSd1V08WpxfXo-T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a5c5:f000::/40
Signature Algorithm: sha256WithRSAEncryption
b0:7b:37:5e:59:fd:19:21:00:35:42:5a:64:f2:38:e9:65:61:
dc:d4:47:67:6f:20:a7:5e:bf:9a:cb:5f:b4:17:8d:8c:23:fc:
d4:db:4d:c8:79:91:ed:ed:56:d1:df:fe:fd:2d:fa:df:05:50:
19:50:77:cf:f3:6d:14:cf:88:54:58:73:85:c9:5c:8a:c4:37:
1a:a7:2d:cc:70:2f:ee:3e:21:e5:37:5d:1a:7c:f6:bb:d2:78:
2d:30:00:2a:ca:77:48:73:b7:af:56:78:a3:b4:e3:2b:e4:a0:
ea:f5:00:15:ad:35:8a:42:7b:1c:8d:f0:58:b2:9e:c7:60:c9:
a4:62:0d:6a:fb:32:c7:1f:25:1e:fa:8c:e9:96:d9:e7:0a:4a:
0a:b4:8d:c3:d8:33:b8:8f:44:c9:8e:35:30:64:c7:cf:cb:89:
f3:bb:b3:a6:8e:89:a9:c4:7d:1a:b0:ab:0e:70:5f:06:99:98:
01:5e:b4:8f:07:ae:4b:f3:1e:35:a4:9e:0d:5e:c7:49:73:e7:
7f:cd:77:45:3b:f2:ab:ee:13:21:88:87:7f:2a:9d:7b:55:0d:
11:aa:92:2c:28:30:0d:68:a2:93:aa:90:2f:f7:7d:05:7a:d1:
09:f5:45:04:24:9d:ba:47:61:f4:0f:45:13:2d:ea:e7:23:4c:
ae:58:73:28
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlIZ0Oxu/qw/YMujBb56ntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3
MWRkOWQwHhcNMjUwMTAyMDM0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjA1ZTY4YTQxZDk3NWEwYTY0OWRkNTVkM2M1YTljNWY1ZThmOTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0p9uydFEGFx49LCSZTL/HUjwuVZk
+M8zGGyI0tpYoQyfiKZU1UtMHklU2DfScVn9Y//R6bXWe/H8lPpPvUxCr56U0ww/
77zMM69S/yvrzbzpTFdzu4bmOHQbC5h/8+Osz4X/TJKDWBMftHveD+LSyEwoVkJB
W5u/YmdRZIt/pd8LP5FanFmsDtM+r+kOBrvk7CSEI2LfZdLdjLXaNdIodASGkEJJ
mbkacIu3U9KX1w4K+KY2jXo8FSEGYFBxsK8NrSL7K8FdNYT+dRl55l9WyDW3zOd3
7QZGh33I4TqPiOa3ns9h17iqSwE5+HvJK7hLrUeKMjkhSFIKzwJuXTvXjQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLIF5opB2XWgpkndVdPFqcX16Pk/MB8GA1UdIwQY
MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct
NjNjNzIxY2YxZjU2LzEvc2dYbWlrSFpkYUNtU2QxVjA4V3B4ZlhvLVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2
LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhOlxfAw
DQYJKoZIhvcNAQELBQADggEBALB7N15Z/RkhADVCWmTyOOllYdzUR2dvIKdev5rL
X7QXjYwj/NTbTch5ke3tVtHf/v0t+t8FUBlQd8/zbRTPiFRYc4XJXIrENxqnLcxw
L+4+IeU3XRp89rvSeC0wACrKd0hzt69WeKO04yvkoOr1ABWtNYpCexyN8Fiynsdg
yaRiDWr7MscfJR76jOmW2ecKSgq0jcPYM7iPRMmONTBkx8/LifO7s6aOianEfRqw
qw5wXwaZmAFetI8HrkvzHjWkng1ex0lz53/Nd0U78qvuEyGIh38qnXtVDRGqkiwo
MA1oopOqkC/3fQV60Qn1RQQknbpHYfQPRRMt6ucjTK5Ycyg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:13:06 2025 by rpki-client