Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/rxk8aFkOeWjK91_TW-WX0ASv1Z4.roa
File: rxk8aFkOeWjK91_TW-WX0ASv1Z4.roa (raw, json)
Hash identifier: 13VThZFeUCr48FxuuPNHQvJ0Fk0X//zMlJyzyJOre9Y=
Subject key identifier: AF:19:3C:68:59:0E:79:68:CA:F7:5F:D3:5B:E5:97:D0:04:AF:D5:9E
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 019427B5565F7A7EC6186878F2A4BE339694
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/rxk8aFkOeWjK91_TW-WX0ASv1Z4.roa
Signing time: Thu 02 Jan 2025 15:49:42 +0000
ROA not before: Thu 02 Jan 2025 15:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42101
IP address blocks: 2a10:4646:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:56:5f:7a:7e:c6:18:68:78:f2:a4:be:33:96:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Jan 2 15:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af193c68590e7968caf75fd35be597d004afd59e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:94:4f:22:e6:66:19:1c:38:d5:8e:b7:ba:93:
ae:a2:21:20:7d:f1:91:5b:54:ca:4b:df:d3:c7:01:
87:67:95:f0:63:a6:2a:03:2d:af:e4:fc:e7:ff:d8:
d3:1b:e6:7d:b2:e4:cc:a5:61:9c:f4:5b:dd:61:c3:
8a:af:50:c3:8c:1f:c8:6a:a5:ec:ac:31:e2:89:29:
89:d1:50:db:33:0d:f6:e2:de:b3:06:2e:2f:50:7e:
79:d8:f2:9e:3d:b1:ff:f0:ba:d3:07:14:b0:c6:9d:
b2:bf:3a:e9:ed:52:1f:b6:01:4d:9a:e0:97:f2:74:
b9:6e:3d:0c:fa:16:35:ec:b2:ce:1f:61:26:ba:a9:
68:b7:af:c7:14:83:ca:09:bc:6d:32:41:fb:34:98:
4c:85:21:07:0f:a5:57:22:fd:f9:ba:6b:22:f9:2b:
b9:a3:fd:7e:f9:0e:a2:43:eb:1a:91:eb:61:5b:24:
f1:38:8d:81:7f:12:10:65:5f:cb:19:a7:f4:d3:d8:
ab:3b:fb:03:7c:57:1f:22:5b:33:50:b5:be:6a:c0:
05:ae:ff:98:c8:23:25:5a:92:59:f6:99:32:2c:ca:
ec:09:39:02:88:0f:0b:7a:24:1e:2e:d6:c3:44:cc:
18:b5:d3:07:90:b4:d7:ce:e4:d5:0e:90:e3:51:30:
f1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:19:3C:68:59:0E:79:68:CA:F7:5F:D3:5B:E5:97:D0:04:AF:D5:9E
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/rxk8aFkOeWjK91_TW-WX0ASv1Z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4646:3::/48
Signature Algorithm: sha256WithRSAEncryption
c6:78:8e:1c:58:5b:49:c4:b0:44:6b:7a:8e:76:b6:95:8b:27:
a3:31:5f:21:3e:a8:31:e0:c7:06:22:6e:01:63:dd:48:ea:a0:
7a:c5:e7:89:0c:d6:da:ad:e1:f7:fc:2f:af:64:47:f0:f4:4a:
af:b7:f7:c0:19:f8:59:b2:3e:df:0a:9a:4c:d1:ff:3a:5b:70:
77:5b:b5:e6:13:1a:95:f7:c6:01:d9:e3:fc:0e:a2:53:86:53:
bb:c1:27:f3:2b:a1:01:b3:65:e4:d2:d1:a0:70:4a:89:f0:2a:
1c:65:1f:0e:4b:99:33:85:bc:37:59:12:7d:ea:12:00:8a:01:
20:e2:16:59:20:f0:f9:2f:93:64:0a:9f:e7:0a:c1:0c:6a:e7:
b9:ae:76:2e:41:07:19:b4:5e:77:8b:ae:2d:97:b5:d2:98:e7:
47:04:87:69:18:02:5a:7d:cd:84:73:e6:b1:92:a7:ff:74:c7:
e2:7c:78:70:55:dc:22:f3:e8:96:6f:35:0e:12:3e:59:20:47:
01:22:0f:92:a1:d6:d4:c4:a2:e1:30:86:d9:d7:d6:bd:1c:6e:
d9:9c:16:9e:a2:b9:f2:51:08:8b:15:52:ef:e6:07:1e:3e:ac:
e0:39:9e:d1:af:84:c9:ee:4c:8c:64:37:e8:a8:80:22:fd:b5:
b1:9e:1a:2a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntVZfen7GGGh48qS+M5aUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjUwMTAyMTU0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjE5M2M2ODU5MGU3OTY4Y2FmNzVmZDM1YmU1OTdkMDA0YWZkNTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJRPIuZmGRw41Y63upOuoiEgffGR
W1TKS9/TxwGHZ5XwY6YqAy2v5Pzn/9jTG+Z9suTMpWGc9FvdYcOKr1DDjB/IaqXs
rDHiiSmJ0VDbMw324t6zBi4vUH552PKePbH/8LrTBxSwxp2yvzrp7VIftgFNmuCX
8nS5bj0M+hY17LLOH2Emuqlot6/HFIPKCbxtMkH7NJhMhSEHD6VXIv35umsi+Su5
o/1++Q6iQ+sakethWyTxOI2BfxIQZV/LGaf009irO/sDfFcfIlszULW+asAFrv+Y
yCMlWpJZ9pkyLMrsCTkCiA8LeiQeLtbDRMwYtdMHkLTXzuTVDpDjUTDxhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK8ZPGhZDnloyvdf01vll9AEr9WeMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvcnhrOGFGa09lV2pLOTFfVFctV1gwQVN2MVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhBGRgAD
MA0GCSqGSIb3DQEBCwUAA4IBAQDGeI4cWFtJxLBEa3qOdraViyejMV8hPqgx4McG
Im4BY91I6qB6xeeJDNbareH3/C+vZEfw9Eqvt/fAGfhZsj7fCppM0f86W3B3W7Xm
ExqV98YB2eP8DqJThlO7wSfzK6EBs2Xk0tGgcEqJ8CocZR8OS5kzhbw3WRJ96hIA
igEg4hZZIPD5L5NkCp/nCsEMaue5rnYuQQcZtF53i64tl7XSmOdHBIdpGAJafc2E
c+axkqf/dMfifHhwVdwi8+iWbzUOEj5ZIEcBIg+SodbUxKLhMIbZ19a9HG7ZnBae
ornyUQiLFVLv5gcePqzgOZ7Rr4TJ7kyMZDfoqIAi/bWxnhoq
-----END CERTIFICATE-----
Generated at Wed Apr 9 15:54:42 2025 by rpki-client