Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/aeea10-7208-4d5c-85b9-9e35089fa78f/1/xT13ElzXF22FD0YZ22jywBmzhjE.roa
File: xT13ElzXF22FD0YZ22jywBmzhjE.roa (raw, json)
Hash identifier: JNKrIgk3C3Gq8Ocajq7q0Qaotn05JctdYs/85UD31dw=
Subject key identifier: C5:3D:77:12:5C:D7:17:6D:85:0F:46:19:DB:68:F2:C0:19:B3:86:31
Certificate issuer: /CN=727b4876a2d11058c2e6a779fceac5f04083b4c2
Certificate serial: 01856E38A8DD97AA582C29F1D53F1BFA202B
Authority key identifier: 72:7B:48:76:A2:D1:10:58:C2:E6:A7:79:FC:EA:C5:F0:40:83:B4:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cntIdqLREFjC5qd5_OrF8ECDtMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/aeea10-7208-4d5c-85b9-9e35089fa78f/1/xT13ElzXF22FD0YZ22jywBmzhjE.roa
Signing time: Sun 01 Jan 2023 16:44:45 +0000
ROA not before: Sun 01 Jan 2023 16:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49718
IP address blocks: 2a06:1301:4003::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:a8:dd:97:aa:58:2c:29:f1:d5:3f:1b:fa:20:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=727b4876a2d11058c2e6a779fceac5f04083b4c2
Validity
Not Before: Jan 1 16:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c53d77125cd7176d850f4619db68f2c019b38631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:07:67:e3:0b:7a:7a:d8:53:92:4a:ac:74:be:
4b:76:39:8a:c6:64:34:05:35:e5:c1:7e:c1:65:27:
79:32:f7:4f:50:cd:34:ba:48:f5:8f:58:ba:b7:e6:
fc:8d:75:5b:39:29:ec:73:0b:af:a2:c9:2e:9d:18:
98:51:8f:65:8c:52:b0:68:de:d1:ba:45:30:87:fc:
af:da:b0:11:55:75:f7:83:e7:f5:3f:e7:8e:e1:40:
0a:fd:89:bf:67:07:4c:13:24:31:dd:4f:8e:02:a5:
8f:c3:dc:03:15:f2:db:03:9b:fc:1d:de:bc:11:37:
12:2b:13:97:57:3e:32:67:50:90:8d:63:65:20:a3:
98:89:81:20:6c:56:5a:79:f6:52:91:6b:db:d5:7a:
4d:e0:1d:1c:a4:49:66:d1:e6:bc:c2:1e:bb:ca:94:
15:31:38:38:ad:0c:da:fe:a9:a3:d7:90:03:2d:0a:
69:96:be:33:33:60:95:67:af:88:6b:2a:3f:ab:34:
6c:4b:2c:94:b5:91:45:9f:01:c8:d2:6c:0a:b7:7a:
fa:2b:17:94:de:e2:1b:10:6d:79:24:22:cb:83:2f:
96:ea:82:6e:49:e0:55:28:bf:96:a5:26:6d:49:1a:
97:01:0f:df:f3:6f:dc:f2:20:4b:17:f8:25:d6:a6:
7c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:3D:77:12:5C:D7:17:6D:85:0F:46:19:DB:68:F2:C0:19:B3:86:31
X509v3 Authority Key Identifier:
keyid:72:7B:48:76:A2:D1:10:58:C2:E6:A7:79:FC:EA:C5:F0:40:83:B4:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cntIdqLREFjC5qd5_OrF8ECDtMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/aeea10-7208-4d5c-85b9-9e35089fa78f/1/xT13ElzXF22FD0YZ22jywBmzhjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/aeea10-7208-4d5c-85b9-9e35089fa78f/1/cntIdqLREFjC5qd5_OrF8ECDtMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1301:4003::/48
Signature Algorithm: sha256WithRSAEncryption
a3:62:16:aa:a1:ce:dc:1d:cb:f5:ee:2f:5d:b6:fe:a2:01:48:
ae:a9:ce:e5:03:4a:b2:c8:08:62:e1:af:4c:09:01:ab:fd:22:
b8:fd:4b:92:5e:25:63:06:ab:da:0d:e3:2e:eb:5c:86:d0:2b:
90:5a:02:17:5f:65:fb:24:5a:6e:1c:6e:37:42:ba:46:17:9d:
54:3f:82:0b:e0:89:06:eb:6f:65:43:b0:cb:de:de:04:a6:69:
65:ce:a0:16:2a:1a:b2:7d:80:33:cb:a0:18:0d:0a:37:eb:93:
8c:00:45:b4:cb:b2:4b:e8:35:98:62:54:3b:3b:28:08:a8:1c:
44:ae:13:3b:30:35:ac:11:1d:96:70:36:d1:aa:05:b9:4e:f0:
33:12:d6:94:ae:5a:0c:34:89:69:cd:b9:5b:f4:5e:54:13:34:
9b:ba:6b:83:77:19:21:66:ac:df:e4:95:56:78:83:d1:1a:e7:
be:7e:e5:00:cf:11:69:87:89:00:0e:8d:d5:22:4a:ff:0c:de:
f3:18:77:3c:21:15:a9:45:f4:fc:99:18:5c:44:fd:39:d0:d5:
a0:84:03:f2:be:ea:b1:c7:5f:ec:57:76:43:86:5b:96:e1:19:
9b:7e:15:da:56:99:81:8f:45:de:f1:6b:11:f6:2f:8f:28:ad:
fa:6e:fb:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuOKjdl6pYLCnx1T8b+iArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyN2I0ODc2YTJkMTEwNThjMmU2YTc3OWZjZWFjNWYwNDA4
M2I0YzIwHhcNMjMwMTAxMTY0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTNkNzcxMjVjZDcxNzZkODUwZjQ2MTlkYjY4ZjJjMDE5YjM4NjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgdn4wt6ethTkkqsdL5LdjmKxmQ0
BTXlwX7BZSd5MvdPUM00ukj1j1i6t+b8jXVbOSnscwuvoskunRiYUY9ljFKwaN7R
ukUwh/yv2rARVXX3g+f1P+eO4UAK/Ym/ZwdMEyQx3U+OAqWPw9wDFfLbA5v8Hd68
ETcSKxOXVz4yZ1CQjWNlIKOYiYEgbFZaefZSkWvb1XpN4B0cpElm0ea8wh67ypQV
MTg4rQza/qmj15ADLQpplr4zM2CVZ6+Iayo/qzRsSyyUtZFFnwHI0mwKt3r6KxeU
3uIbEG15JCLLgy+W6oJuSeBVKL+WpSZtSRqXAQ/f82/c8iBLF/gl1qZ8mQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMU9dxJc1xdthQ9GGdto8sAZs4YxMB8GA1UdIwQY
MBaAFHJ7SHai0RBYwuanefzqxfBAg7TCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY250SWRxTFJFRmpDNXFkNV9PckY4RUNEdE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9hZWVhMTAtNzIwOC00ZDVjLTg1Yjkt
OWUzNTA4OWZhNzhmLzEveFQxM0VselhGMjJGRDBZWjIyanl3Qm16aGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9hZWVhMTAtNzIwOC00ZDVjLTg1YjktOWUzNTA4OWZhNzhm
LzEvY250SWRxTFJFRmpDNXFkNV9PckY4RUNEdE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgYTAUAD
MA0GCSqGSIb3DQEBCwUAA4IBAQCjYhaqoc7cHcv17i9dtv6iAUiuqc7lA0qyyAhi
4a9MCQGr/SK4/UuSXiVjBqvaDeMu61yG0CuQWgIXX2X7JFpuHG43QrpGF51UP4IL
4IkG629lQ7DL3t4EpmllzqAWKhqyfYAzy6AYDQo365OMAEW0y7JL6DWYYlQ7OygI
qBxErhM7MDWsER2WcDbRqgW5TvAzEtaUrloMNIlpzblb9F5UEzSbumuDdxkhZqzf
5JVWeIPRGue+fuUAzxFph4kADo3VIkr/DN7zGHc8IRWpRfT8mRhcRP050NWghAPy
vuqxx1/sV3ZDhluW4RmbfhXaVpmBj0Xe8WsR9i+PKK36bvvA
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:27:46 2025 by rpki-client