Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xw2pZMDWcPHVrT-3I43EtD2gt0A.roa
File: xw2pZMDWcPHVrT-3I43EtD2gt0A.roa (raw, json)
Hash identifier: CMk21nl5npxpxmzluITeipVp/R747FDLoytZ+dgiY8E=
Subject key identifier: C7:0D:A9:64:C0:D6:70:F1:D5:AD:3F:B7:23:8D:C4:B4:3D:A0:B7:40
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0194282485205505D0CECC86C6B0A5F395EA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xw2pZMDWcPHVrT-3I43EtD2gt0A.roa
Signing time: Thu 02 Jan 2025 17:51:09 +0000
ROA not before: Thu 02 Jan 2025 17:51:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49421
IP address blocks: 2a00:1728:2a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:85:20:55:05:d0:ce:cc:86:c6:b0:a5:f3:95:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c70da964c0d670f1d5ad3fb7238dc4b43da0b740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5a:1e:3e:19:09:a1:b8:43:26:ec:c9:6e:06:
68:77:f4:4a:21:40:71:19:a3:de:90:5e:e4:9b:77:
43:79:ce:1d:3c:70:98:61:30:6f:f9:cf:15:d7:d2:
96:67:1c:05:cf:eb:92:85:c7:3a:cf:e4:62:1c:65:
04:3f:67:d7:cf:c0:63:01:c3:cd:3d:76:1a:58:07:
45:54:94:b1:69:66:a7:01:20:78:54:95:35:4a:9f:
86:9b:8c:98:55:2b:f4:c4:56:a3:aa:bd:5f:4a:40:
aa:1f:44:70:f6:c1:cf:b1:e8:96:93:b5:ff:b6:3c:
65:b3:7c:1a:90:0a:4b:01:c7:de:54:8b:6f:d5:89:
9c:a0:24:94:6e:a0:c5:bf:81:4d:d5:78:db:34:9b:
11:72:25:14:cc:ff:52:18:08:99:32:08:1a:d2:e3:
99:f5:d2:d1:4f:26:15:89:53:26:0f:96:6e:4e:74:
30:d8:5e:4a:21:4f:61:03:73:67:50:c8:2e:c8:54:
c1:14:b2:e9:2a:f3:56:75:44:05:73:47:7b:37:ca:
f2:c5:d3:26:c0:d9:7d:72:5e:68:79:57:91:5d:54:
ad:0e:1d:57:e5:da:c4:5d:51:8a:58:9c:c4:b8:52:
12:1f:d3:4c:03:c3:34:70:22:e4:69:64:1e:1a:c9:
91:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:0D:A9:64:C0:D6:70:F1:D5:AD:3F:B7:23:8D:C4:B4:3D:A0:B7:40
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xw2pZMDWcPHVrT-3I43EtD2gt0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1728:2a::/48
Signature Algorithm: sha256WithRSAEncryption
82:9e:9f:e0:96:d0:4b:cc:1d:b4:77:50:61:5d:5b:33:e6:b0:
2b:32:1c:3d:81:ce:5c:1c:d0:c7:fa:fb:be:92:9a:e9:d1:bb:
8f:54:f5:01:9b:f9:a3:41:d2:39:b8:dc:d5:bc:72:f6:1b:6e:
4a:15:9b:5d:e6:98:70:b4:32:76:39:51:ed:cc:a1:44:8f:3c:
c2:e9:9b:83:74:b1:e6:75:cb:51:83:82:96:53:44:08:a4:3f:
0e:df:1f:a5:1c:e7:b3:b3:c5:73:cb:a5:d6:08:26:e6:15:04:
92:13:be:93:76:d4:ae:b9:7b:61:3a:84:a3:17:5a:2f:cc:4a:
2f:7a:c9:15:bb:23:54:00:93:0c:4e:17:16:ff:a3:a8:de:da:
8d:aa:95:ae:6d:c1:0b:83:58:c8:e2:3a:5c:8e:a8:6e:bf:f1:
7a:fb:1d:0e:2a:28:79:e8:7d:0a:01:41:0a:4a:3e:5d:d5:24:
65:b2:c9:cf:0b:8b:d1:49:f1:38:ed:97:08:c7:27:3f:e1:04:
8a:17:51:bd:ca:17:de:bd:9a:a4:8a:b4:f7:29:65:24:4d:e5:
33:88:5d:b5:00:11:09:91:b3:4f:ad:e1:b9:4a:43:24:4b:3b:
bb:a4:ea:94:93:11:14:7d:5a:28:da:bc:6c:5b:d6:78:e0:4c:
d1:2f:40:f6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoJIUgVQXQzsyGxrCl85XqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzBkYTk2NGMwZDY3MGYxZDVhZDNmYjcyMzhkYzRiNDNkYTBiNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFoePhkJobhDJuzJbgZod/RKIUBx
GaPekF7km3dDec4dPHCYYTBv+c8V19KWZxwFz+uShcc6z+RiHGUEP2fXz8BjAcPN
PXYaWAdFVJSxaWanASB4VJU1Sp+Gm4yYVSv0xFajqr1fSkCqH0Rw9sHPseiWk7X/
tjxls3wakApLAcfeVItv1YmcoCSUbqDFv4FN1XjbNJsRciUUzP9SGAiZMgga0uOZ
9dLRTyYViVMmD5ZuTnQw2F5KIU9hA3NnUMguyFTBFLLpKvNWdUQFc0d7N8ryxdMm
wNl9cl5oeVeRXVStDh1X5drEXVGKWJzEuFISH9NMA8M0cCLkaWQeGsmRpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMcNqWTA1nDx1a0/tyONxLQ9oLdAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveHcycFpNRFdjUEhWclQtM0k0M0V0RDJndDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAXKAAq
MA0GCSqGSIb3DQEBCwUAA4IBAQCCnp/gltBLzB20d1BhXVsz5rArMhw9gc5cHNDH
+vu+kprp0buPVPUBm/mjQdI5uNzVvHL2G25KFZtd5phwtDJ2OVHtzKFEjzzC6ZuD
dLHmdctRg4KWU0QIpD8O3x+lHOezs8Vzy6XWCCbmFQSSE76TdtSuuXthOoSjF1ov
zEoveskVuyNUAJMMThcW/6Oo3tqNqpWubcELg1jI4jpcjqhuv/F6+x0OKih56H0K
AUEKSj5d1SRlssnPC4vRSfE47ZcIxyc/4QSKF1G9yhfevZqkirT3KWUkTeUziF21
ABEJkbNPreG5SkMkSzu7pOqUkxEUfVoo2rxsW9Z44EzRL0D2
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:56:10 2025 by rpki-client