Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/sXpjAF10yFnKIr4QcLJYvBmJdoY.roa
File: sXpjAF10yFnKIr4QcLJYvBmJdoY.roa (raw, json)
Hash identifier: APdgDAmA0VEbqfM6xaUZ783M1XIEd3juXocVjfK3nIA=
Subject key identifier: B1:7A:63:00:5D:74:C8:59:CA:22:BE:10:70:B2:58:BC:19:89:76:86
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01942521DBCDFB5276E7F36FB523D4C3BBF0
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/sXpjAF10yFnKIr4QcLJYvBmJdoY.roa
Signing time: Thu 02 Jan 2025 03:49:23 +0000
ROA not before: Thu 02 Jan 2025 03:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199376
IP address blocks: 2a0a:280:1200::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:db:cd:fb:52:76:e7:f3:6f:b5:23:d4:c3:bb:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 03:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b17a63005d74c859ca22be1070b258bc19897686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ac:49:58:39:92:07:ad:d8:88:24:9a:e1:9b:
8e:1d:f8:df:90:55:60:31:00:e5:e9:73:09:7e:c7:
88:ee:97:8b:4e:00:36:fa:f5:ce:f7:f2:62:58:cf:
4a:4b:bf:0f:e0:c6:55:d6:88:cf:5c:38:94:c3:cf:
ed:23:45:c8:c4:7f:eb:c2:c5:5d:27:e4:a5:63:42:
b1:71:71:fa:e0:a2:c5:e9:33:f1:10:2b:41:bf:5d:
ad:b0:2e:51:70:79:df:44:46:e3:12:97:20:73:dd:
de:5e:96:bc:45:e1:d0:d9:04:66:de:5b:55:f0:33:
be:e8:2d:e5:86:41:ad:b6:62:1b:83:25:9e:d2:d0:
26:2a:2c:8d:04:6e:91:72:cd:b5:0c:b5:1a:23:c5:
34:e7:18:87:5a:13:b6:e7:8f:3b:56:a9:0f:24:ea:
69:44:ed:54:82:77:e2:2f:5c:0d:cc:57:ec:c7:50:
80:e7:cc:cc:52:60:be:6c:ac:dd:0e:0f:69:09:5f:
0f:0e:b7:85:bf:c1:79:c2:cb:1f:1f:53:ec:38:1d:
ea:00:9f:8e:6e:dc:e9:d2:7b:95:90:74:0e:8f:d2:
20:f7:c1:ad:1e:95:a2:23:3a:30:25:24:d5:15:44:
2b:ef:da:71:6a:67:99:be:c4:9f:8e:f6:a4:cf:c5:
39:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:7A:63:00:5D:74:C8:59:CA:22:BE:10:70:B2:58:BC:19:89:76:86
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/sXpjAF10yFnKIr4QcLJYvBmJdoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:1200::/40
Signature Algorithm: sha256WithRSAEncryption
60:52:39:30:3c:a7:9e:1c:21:df:92:f8:70:62:ca:72:ab:62:
31:2c:0b:45:83:3f:c7:f6:99:4b:94:15:bf:db:f4:f8:a0:cd:
01:1e:54:e1:57:e7:da:9c:07:2f:52:e5:12:26:84:14:cf:4c:
4f:b6:b0:ec:13:f8:13:88:7d:1d:5b:f1:a5:63:ac:a4:a6:5d:
e9:6c:d0:9d:e7:50:41:33:50:79:f1:69:4e:53:54:62:da:5f:
3c:21:5d:3a:71:f7:49:8d:35:e8:f8:32:d7:5a:3c:37:b1:80:
8f:8f:42:ed:f8:ef:f4:a5:e1:97:1e:08:cb:6b:fb:57:22:3b:
37:3f:e3:c3:cc:6a:1b:01:90:66:34:f1:57:4c:3f:94:e6:fb:
3f:a0:31:73:a8:11:bb:3e:d3:70:60:00:d2:f1:51:24:1b:af:
8a:ec:d0:be:eb:4b:76:ea:39:2d:70:1d:a7:9b:69:47:5a:66:
f4:14:50:f3:a1:63:de:4d:3f:42:86:8b:2e:55:6e:09:0d:80:
f6:ff:72:6a:06:32:ae:52:00:b8:f2:a8:69:16:06:e3:dd:91:
77:38:72:5b:a9:bd:e3:05:e5:61:19:db:9f:18:8e:bc:80:b7:
e2:9c:ee:de:24:99:ab:a2:c6:1e:98:16:53:ba:ca:d5:6a:ed:
81:ae:ed:29
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlIdvN+1J25/NvtSPUw7vwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjUwMTAyMDM0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTdhNjMwMDVkNzRjODU5Y2EyMmJlMTA3MGIyNThiYzE5ODk3Njg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKxJWDmSB63YiCSa4ZuOHfjfkFVg
MQDl6XMJfseI7peLTgA2+vXO9/JiWM9KS78P4MZV1ojPXDiUw8/tI0XIxH/rwsVd
J+SlY0KxcXH64KLF6TPxECtBv12tsC5RcHnfREbjEpcgc93eXpa8ReHQ2QRm3ltV
8DO+6C3lhkGttmIbgyWe0tAmKiyNBG6Rcs21DLUaI8U05xiHWhO25487VqkPJOpp
RO1UgnfiL1wNzFfsx1CA58zMUmC+bKzdDg9pCV8PDreFv8F5wssfH1PsOB3qAJ+O
btzp0nuVkHQOj9Ig98GtHpWiIzowJSTVFUQr79pxameZvsSfjvakz8U5NQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLF6YwBddMhZyiK+EHCyWLwZiXaGMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvc1hwakFGMTB5Rm5LSXI0UWNMSll2Qm1KZG9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgBIw
DQYJKoZIhvcNAQELBQADggEBAGBSOTA8p54cId+S+HBiynKrYjEsC0WDP8f2mUuU
Fb/b9PigzQEeVOFX59qcBy9S5RImhBTPTE+2sOwT+BOIfR1b8aVjrKSmXels0J3n
UEEzUHnxaU5TVGLaXzwhXTpx90mNNej4MtdaPDexgI+PQu347/Sl4ZceCMtr+1ci
Ozc/48PMahsBkGY08VdMP5Tm+z+gMXOoEbs+03BgANLxUSQbr4rs0L7rS3bqOS1w
HaebaUdaZvQUUPOhY95NP0KGiy5VbgkNgPb/cmoGMq5SALjyqGkWBuPdkXc4clup
veMF5WEZ258YjryAt+Kc7t4kmauixh6YFlO6ytVq7YGu7Sk=
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:25:22 2025 by rpki-client