Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/XFCPjaaIP04nEp4Rlitk1zUJ8nA.roa
File: XFCPjaaIP04nEp4Rlitk1zUJ8nA.roa (raw, json)
Hash identifier: 9Hrw22EfwJiPVEvx9iOeq1/U32N9ujjXKgQDN7kPNnY=
Subject key identifier: 5C:50:8F:8D:A6:88:3F:4E:27:12:9E:11:96:2B:64:D7:35:09:F2:70
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 019427B5338798F15272A0A5A5FEFD098103
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/XFCPjaaIP04nEp4Rlitk1zUJ8nA.roa
Signing time: Thu 02 Jan 2025 15:49:34 +0000
ROA not before: Thu 02 Jan 2025 15:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41151
IP address blocks: 2a01:4700::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:33:87:98:f1:52:72:a0:a5:a5:fe:fd:09:81:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Jan 2 15:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c508f8da6883f4e27129e11962b64d73509f270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b9:77:17:a2:b4:5b:12:e2:04:de:61:fc:1f:
46:b4:3e:8a:8f:14:1d:a3:5e:d0:e2:bf:02:9c:84:
53:d9:a7:0a:60:51:98:79:9c:30:5a:29:94:1b:75:
c2:47:df:01:a3:ce:f5:ce:50:24:07:1c:7e:8a:c0:
7a:20:da:51:4f:a1:12:21:94:54:40:a9:27:27:0d:
f3:dc:de:c8:74:f2:af:9f:72:07:b6:f1:44:0a:0e:
97:39:cc:0a:81:65:93:2c:14:9e:72:6e:0c:b5:d2:
4e:df:96:cc:d5:0e:94:05:95:fa:ad:87:a2:d1:45:
01:e5:94:2f:7f:8b:1e:97:60:63:bb:ca:74:f6:d2:
3b:8a:3d:4a:d6:ac:ab:72:e6:61:18:19:c0:13:d2:
b4:9d:87:ec:01:96:2c:e2:08:96:f0:ab:e8:0c:8c:
e7:e0:60:56:40:ad:17:17:d0:2d:a7:b8:7a:99:09:
c7:20:73:29:d3:3b:0a:64:54:48:97:9e:80:0a:ad:
3d:1d:f9:06:e1:c6:7c:82:28:f5:25:65:ae:a9:ee:
a4:4b:54:19:5c:62:28:33:ad:6a:62:be:ca:8d:75:
2f:f8:6e:26:14:5d:07:57:a7:f9:90:b3:5d:9b:c4:
a1:05:21:9d:45:e3:01:c5:9b:59:cf:e9:57:9d:c3:
fe:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:50:8F:8D:A6:88:3F:4E:27:12:9E:11:96:2B:64:D7:35:09:F2:70
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/XFCPjaaIP04nEp4Rlitk1zUJ8nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:4700::/48
Signature Algorithm: sha256WithRSAEncryption
1e:98:ea:a2:c5:3a:8d:76:86:4d:63:d3:66:d1:9a:87:d9:2f:
8a:6b:9d:fd:78:f8:5c:2d:56:39:bd:f7:58:24:d5:d2:35:f0:
9d:35:9b:3a:cd:0b:fc:a7:bd:41:fc:30:17:27:4b:b0:51:48:
63:2b:7f:35:c0:0c:6b:be:7a:03:7f:aa:a5:2b:18:ae:1c:e7:
9a:2f:4e:50:11:46:6d:ce:54:2c:6f:b5:6f:f5:56:f4:b6:ad:
ff:32:2c:04:89:a4:d8:0d:e0:91:3b:76:91:a1:a7:9c:10:df:
c2:4b:4d:71:2b:36:a1:ac:2b:19:52:4e:b1:a1:df:ac:72:b6:
02:17:4c:68:fa:ea:1a:63:66:1b:d8:b9:e1:81:19:da:70:40:
71:e4:40:93:50:c8:a0:c2:9c:9c:99:15:19:50:51:f6:2c:e8:
fb:94:ce:e1:16:a9:c1:e9:e3:24:68:4a:91:c3:64:97:d2:f1:
50:ad:dc:26:b9:b4:59:6d:91:e6:d7:40:6f:88:af:5c:e5:76:
0d:d0:a0:a5:86:cc:a4:8b:f0:3a:6c:9d:75:4b:fb:6c:00:0b:
89:fb:40:1a:f8:36:f3:7e:5c:b9:19:3d:d9:99:a0:96:3b:9e:
70:7b:0c:c1:b7:77:ec:b4:a1:8d:51:2a:d5:4b:11:bf:4e:4b:
40:12:70:64
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntTOHmPFScqClpf79CYEDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjUwMTAyMTU0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzUwOGY4ZGE2ODgzZjRlMjcxMjllMTE5NjJiNjRkNzM1MDlmMjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ll3F6K0WxLiBN5h/B9GtD6KjxQd
o17Q4r8CnIRT2acKYFGYeZwwWimUG3XCR98Bo871zlAkBxx+isB6INpRT6ESIZRU
QKknJw3z3N7IdPKvn3IHtvFECg6XOcwKgWWTLBSecm4MtdJO35bM1Q6UBZX6rYei
0UUB5ZQvf4sel2Bju8p09tI7ij1K1qyrcuZhGBnAE9K0nYfsAZYs4giW8KvoDIzn
4GBWQK0XF9Atp7h6mQnHIHMp0zsKZFRIl56ACq09HfkG4cZ8gij1JWWuqe6kS1QZ
XGIoM61qYr7KjXUv+G4mFF0HV6f5kLNdm8ShBSGdReMBxZtZz+lXncP+DwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFxQj42miD9OJxKeEZYrZNc1CfJwMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvWEZDUGphYUlQMDRuRXA0UmxpdGsxelVKOG5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgFHAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAemOqixTqNdoZNY9Nm0ZqH2S+Ka539ePhcLVY5
vfdYJNXSNfCdNZs6zQv8p71B/DAXJ0uwUUhjK381wAxrvnoDf6qlKxiuHOeaL05Q
EUZtzlQsb7Vv9Vb0tq3/MiwEiaTYDeCRO3aRoaecEN/CS01xKzahrCsZUk6xod+s
crYCF0xo+uoaY2Yb2LnhgRnacEBx5ECTUMigwpycmRUZUFH2LOj7lM7hFqnB6eMk
aEqRw2SX0vFQrdwmubRZbZHm10BviK9c5XYN0KClhsyki/A6bJ11S/tsAAuJ+0Aa
+Dbzfly5GT3ZmaCWO55wewzBt3fstKGNUSrVSxG/TktAEnBk
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:21:29 2025 by rpki-client