Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/xy00-4E9Mqq62hzn1xqDlknBsTc.roa
File: xy00-4E9Mqq62hzn1xqDlknBsTc.roa (raw, json)
Hash identifier: rokzKmpgrbDasipoU76trp9dI5gMiW8lAlIT8cg6ZKE=
Subject key identifier: C7:2D:34:FB:81:3D:32:AA:BA:DA:1C:E7:D7:1A:83:96:49:C1:B1:37
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 01958568658A854D605D7B90A98E7DF9241F
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/xy00-4E9Mqq62hzn1xqDlknBsTc.roa
Signing time: Tue 11 Mar 2025 13:32:46 +0000
ROA not before: Tue 11 Mar 2025 13:32:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 2a0b:4144:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:85:68:65:8a:85:4d:60:5d:7b:90:a9:8e:7d:f9:24:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: Mar 11 13:32:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c72d34fb813d32aabada1ce7d71a839649c1b137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9f:b7:f4:60:86:16:ec:32:22:ca:cf:8e:a9:
99:3f:ea:fe:81:03:2d:9e:d4:e9:63:2f:1e:0c:11:
8a:9d:f5:45:39:19:e0:0e:13:f4:1d:ee:fb:81:97:
17:27:77:97:67:d3:9f:27:a1:30:b3:06:c6:54:97:
c9:7a:69:8f:57:b5:96:60:4b:7a:be:a7:0c:ce:2d:
98:35:91:a2:f8:3f:82:20:4c:79:ec:c0:25:a3:05:
d1:98:e9:d2:91:47:28:de:95:e1:e6:d4:02:c7:2f:
00:39:3d:c0:f0:82:20:55:4c:bf:57:66:aa:0b:fc:
88:2e:35:29:24:3d:fd:1d:20:2d:7f:5f:a7:c9:14:
21:36:0e:a4:6e:d0:70:df:af:78:80:2a:56:6b:d0:
ba:75:0e:dc:6b:93:eb:64:b9:e0:28:46:66:21:88:
b9:85:b1:78:b3:d4:d6:fb:42:22:14:d4:46:b8:d1:
d6:8e:35:d2:eb:f5:8f:85:9a:60:53:45:78:e3:7e:
dd:54:cb:00:d8:dd:58:2f:99:81:7e:f0:31:b7:1a:
6b:7d:24:d8:c7:cc:af:25:e2:3d:3d:87:4f:76:e1:
4f:ef:6f:d3:eb:c8:c2:7b:56:65:42:5a:57:64:67:
0c:77:48:4a:fc:52:f9:db:03:8e:6c:84:e1:65:d7:
3b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:2D:34:FB:81:3D:32:AA:BA:DA:1C:E7:D7:1A:83:96:49:C1:B1:37
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/xy00-4E9Mqq62hzn1xqDlknBsTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4144:2::/48
Signature Algorithm: sha256WithRSAEncryption
7b:65:11:22:a8:ab:20:77:8d:c3:d2:10:30:a1:98:12:51:02:
57:fd:3e:f9:2f:07:3a:76:56:8e:02:0c:a6:48:5c:a9:96:c1:
ed:ad:01:2d:2b:af:ea:b5:22:47:7a:42:71:62:38:f5:b9:71:
c0:e2:5a:a7:30:5f:5d:cb:42:57:ed:f7:6a:ba:e1:18:b0:19:
c3:74:4d:b1:9b:b0:ac:25:63:9a:43:4e:c0:52:77:91:49:bd:
0c:71:fc:7f:50:26:6d:a8:c7:86:68:52:42:b3:34:33:0f:12:
e0:02:7d:3d:fc:13:60:8d:47:3a:7c:fe:7a:e7:87:4b:c3:60:
3b:35:d9:bc:be:6a:df:41:97:85:4e:07:05:7f:ea:3d:27:0a:
c9:24:72:95:5c:be:2f:e0:55:f0:37:a6:f4:f7:0d:9e:e2:1a:
b3:d5:4a:31:16:67:60:fa:05:6f:87:0a:6a:58:41:4e:b2:47:
61:ae:fb:4e:38:e6:f8:eb:20:64:dc:95:5c:f4:09:03:eb:a4:
fc:2b:85:56:63:31:41:6f:e8:ae:c7:a9:2b:28:3c:f4:88:1b:
c9:ce:56:6c:5e:e8:2a:7d:e4:5e:09:71:00:39:78:b2:58:0d:
a9:81:ef:57:b7:db:a2:12:84:dd:3f:65:2e:06:9d:41:29:14:
6b:1e:02:28
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZWFaGWKhU1gXXuQqY59+SQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjUwMzExMTMzMjQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzJkMzRmYjgxM2QzMmFhYmFkYTFjZTdkNzFhODM5NjQ5YzFiMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ+39GCGFuwyIsrPjqmZP+r+gQMt
ntTpYy8eDBGKnfVFORngDhP0He77gZcXJ3eXZ9OfJ6EwswbGVJfJemmPV7WWYEt6
vqcMzi2YNZGi+D+CIEx57MAlowXRmOnSkUco3pXh5tQCxy8AOT3A8IIgVUy/V2aq
C/yILjUpJD39HSAtf1+nyRQhNg6kbtBw3694gCpWa9C6dQ7ca5PrZLngKEZmIYi5
hbF4s9TW+0IiFNRGuNHWjjXS6/WPhZpgU0V4437dVMsA2N1YL5mBfvAxtxprfSTY
x8yvJeI9PYdPduFP72/T68jCe1ZlQlpXZGcMd0hK/FL52wOObIThZdc7lwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMctNPuBPTKqutoc59cag5ZJwbE3MB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEveHkwMC00RTlNcXE2Mmh6bjF4cURsa25Cc1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgtBRAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQB7ZREiqKsgd43D0hAwoZgSUQJX/T75Lwc6dlaO
AgymSFyplsHtrQEtK6/qtSJHekJxYjj1uXHA4lqnMF9dy0JX7fdquuEYsBnDdE2x
m7CsJWOaQ07AUneRSb0Mcfx/UCZtqMeGaFJCszQzDxLgAn09/BNgjUc6fP5654dL
w2A7Ndm8vmrfQZeFTgcFf+o9JwrJJHKVXL4v4FXwN6b09w2e4hqz1UoxFmdg+gVv
hwpqWEFOskdhrvtOOOb46yBk3JVc9AkD66T8K4VWYzFBb+iux6krKDz0iBvJzlZs
XugqfeReCXEAOXiyWA2pge9Xt9uiEoTdP2UuBp1BKRRrHgIo
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:55:58 2025 by rpki-client