Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/6KKkM5yoV3Wr0WPbXDor0pn2Bv8.roa
File: 6KKkM5yoV3Wr0WPbXDor0pn2Bv8.roa (raw, json)
Hash identifier: u2tqzR2e7fgUcJGdFADqRlQTa3rJDSToOtnCCTzqzRo=
Subject key identifier: E8:A2:A4:33:9C:A8:57:75:AB:D1:63:DB:5C:3A:2B:D2:99:F6:06:FF
Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Certificate serial: 0194274815C67506418AFC1D6548776D99C1
Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/6KKkM5yoV3Wr0WPbXDor0pn2Bv8.roa
Signing time: Thu 02 Jan 2025 13:50:23 +0000
ROA not before: Thu 02 Jan 2025 13:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 2a0d:5100::/29 maxlen: 29
2a0d:ab00::/29 maxlen: 29
2a0d:af00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:15:c6:75:06:41:8a:fc:1d:65:48:77:6d:99:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Validity
Not Before: Jan 2 13:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8a2a4339ca85775abd163db5c3a2bd299f606ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:66:27:49:19:23:02:ee:c3:59:11:12:7e:9e:
82:7b:77:81:8d:a6:18:1f:56:ca:13:e3:35:60:d7:
3d:f3:8e:d7:99:b8:9c:4e:da:77:e1:4f:a6:73:9b:
fe:f7:e9:98:24:7a:43:09:3d:75:8c:80:f1:46:5d:
57:53:04:7c:26:cd:2a:39:7e:31:e0:31:41:07:30:
73:43:ce:71:19:5c:74:87:d6:e6:54:fd:62:dc:bd:
36:33:43:50:c4:df:1f:c6:79:80:7c:f8:1d:7a:7d:
65:e5:65:eb:78:1f:47:3f:1f:de:10:b3:bf:ea:0b:
fb:16:9e:ea:03:f5:22:14:7c:5d:83:5e:00:81:49:
31:1b:d3:c6:68:61:95:88:2d:64:ba:d5:60:94:cb:
5e:08:c0:69:fa:e0:90:f7:4f:78:ee:21:e7:d8:13:
00:b5:0a:61:d2:87:ed:71:93:af:a4:b9:72:a9:e8:
fe:63:ac:68:34:f2:52:ec:a9:ba:6b:8d:5a:22:3e:
c2:7f:69:ed:47:9f:c6:c1:3b:f7:1d:a2:ff:f8:05:
ee:fe:04:16:16:73:3f:18:d4:3d:58:a9:d0:6d:be:
a2:d5:46:c2:cd:13:ad:e4:d8:96:b5:9a:a4:2b:d2:
e5:4a:54:36:80:da:e3:f4:85:b1:81:96:94:e9:e4:
1a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A2:A4:33:9C:A8:57:75:AB:D1:63:DB:5C:3A:2B:D2:99:F6:06:FF
X509v3 Authority Key Identifier:
keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/6KKkM5yoV3Wr0WPbXDor0pn2Bv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:5100::/29
2a0d:ab00::/29
2a0d:af00::/29
Signature Algorithm: sha256WithRSAEncryption
21:90:b3:f8:1a:a9:f6:36:c0:7c:d2:8f:28:95:6a:54:46:bd:
81:08:cb:6a:75:cd:5c:61:83:e6:2c:58:e3:41:bb:97:c5:01:
cb:7e:92:91:c3:0e:be:cc:e4:31:11:8e:7d:0a:b6:59:de:51:
4b:19:8f:a7:7c:46:7a:45:97:ed:84:e5:5a:15:d1:36:0c:7d:
ac:e2:aa:ce:7c:7a:df:6b:75:18:61:cd:b3:ea:a8:ea:0c:3f:
a0:d7:41:3a:b5:5e:ee:92:14:1f:95:d5:fb:70:2e:87:a1:aa:
05:fa:4a:3a:ae:c5:48:6e:1c:04:90:71:45:c3:35:3a:a9:33:
64:06:58:d8:b4:be:40:f5:87:ab:d8:e2:36:9a:21:b9:0f:e7:
9a:b0:0e:73:7c:07:7f:b0:81:6b:d7:55:bc:87:ce:2a:ed:4e:
9d:4c:1f:c6:1b:cd:34:ef:ff:2b:60:73:b4:3e:40:98:85:82:
43:98:97:5b:fd:06:30:74:38:9e:4b:b0:cc:d1:e8:c5:9d:9e:
36:36:61:05:92:b4:e5:ac:c6:26:e1:eb:c3:39:a8:b4:bf:10:
9c:fa:a2:03:be:37:f3:e3:39:56:ce:b9:61:37:b5:b5:9b:b7:
11:a0:d6:f7:82:b4:4c:55:61:17:1d:06:69:f9:8e:6f:5f:03:
f8:60:7e:97
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSBXGdQZBivwdZUh3bZnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy
MjcxYmEwHhcNMjUwMTAyMTM1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGEyYTQzMzljYTg1Nzc1YWJkMTYzZGI1YzNhMmJkMjk5ZjYwNmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGYnSRkjAu7DWRESfp6Ce3eBjaYY
H1bKE+M1YNc9847XmbicTtp34U+mc5v+9+mYJHpDCT11jIDxRl1XUwR8Js0qOX4x
4DFBBzBzQ85xGVx0h9bmVP1i3L02M0NQxN8fxnmAfPgden1l5WXreB9HPx/eELO/
6gv7Fp7qA/UiFHxdg14AgUkxG9PGaGGViC1kutVglMteCMBp+uCQ90947iHn2BMA
tQph0oftcZOvpLlyqej+Y6xoNPJS7Km6a41aIj7Cf2ntR5/GwTv3HaL/+AXu/gQW
FnM/GNQ9WKnQbb6i1UbCzROt5NiWtZqkK9LlSlQ2gNrj9IWxgZaU6eQa+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOiipDOcqFd1q9Fj21w6K9KZ9gb/MB8GA1UdIwQY
MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt
NzM2ZDEyODg4Y2E4LzEvNktLa001eW9WM1dyMFdQYlhEb3IwcG4yQnY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4
LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg1RAAMF
AyoNqwADBQMqDa8AMA0GCSqGSIb3DQEBCwUAA4IBAQAhkLP4Gqn2NsB80o8olWpU
Rr2BCMtqdc1cYYPmLFjjQbuXxQHLfpKRww6+zOQxEY59CrZZ3lFLGY+nfEZ6RZft
hOVaFdE2DH2s4qrOfHrfa3UYYc2z6qjqDD+g10E6tV7ukhQfldX7cC6HoaoF+ko6
rsVIbhwEkHFFwzU6qTNkBljYtL5A9Yer2OI2miG5D+easA5zfAd/sIFr11W8h84q
7U6dTB/GG8007/8rYHO0PkCYhYJDmJdb/QYwdDieS7DM0ejFnZ42NmEFkrTlrMYm
4evDOai0vxCc+qIDvjfz4zlWzrlhN7W1m7cRoNb3grRMVWEXHQZp+Y5vXwP4YH6X
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:24 2025 by rpki-client