Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/X9M4DuX4eOTfsNgkxWxtQz1-PPY.roa
File: X9M4DuX4eOTfsNgkxWxtQz1-PPY.roa (raw, json)
Hash identifier: TXrRyv1I5TM577WlB0flRYkaOsYkOJpPZs8PoBxpFlk=
Subject key identifier: 5F:D3:38:0E:E5:F8:78:E4:DF:B0:D8:24:C5:6C:6D:43:3D:7E:3C:F6
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 019422203C1FC0C00907F799DD3364DE79C0
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/X9M4DuX4eOTfsNgkxWxtQz1-PPY.roa
Signing time: Wed 01 Jan 2025 13:48:45 +0000
ROA not before: Wed 01 Jan 2025 13:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211581
IP address blocks: 2a0e:8f02:f020::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:3c:1f:c0:c0:09:07:f7:99:dd:33:64:de:79:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fd3380ee5f878e4dfb0d824c56c6d433d7e3cf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:bd:e7:7a:f2:3a:6d:1d:29:f1:ec:1f:2f:d0:
a2:7d:16:1d:4c:3b:b5:ef:95:09:d6:35:87:5d:f4:
6b:0a:14:30:0b:5a:60:6e:bd:dd:9c:2d:5e:12:3a:
7b:c6:79:ac:8c:de:fe:0b:05:4e:4a:6f:c0:21:0b:
8a:75:8b:59:ae:d2:8a:73:92:e7:e3:c7:fc:85:fb:
fc:75:d6:d8:79:64:55:f3:de:b1:6c:e9:b4:34:cd:
a8:b9:00:fa:9f:4d:fd:34:13:32:71:9a:5d:f6:23:
1c:52:8f:8b:0e:44:c1:4a:9f:67:9c:63:78:81:4a:
ba:8c:58:a6:94:78:3d:c6:1c:e0:cf:3f:14:0c:e9:
91:69:6e:a9:46:e7:8f:e2:7d:4d:c6:41:f6:1b:80:
e1:4a:25:44:03:9d:5d:92:ae:7c:f4:0d:f1:90:82:
65:2e:bf:22:e3:05:3d:3b:f9:06:eb:76:78:9b:b3:
2a:3b:fa:57:1e:f6:44:46:25:8c:32:dc:34:c3:3d:
3b:63:eb:e4:9b:2c:a8:81:41:49:4c:3b:1c:68:4a:
c0:e6:4a:f5:6e:30:50:6a:cc:ac:97:16:0e:06:97:
5a:3d:2f:55:61:42:7e:24:eb:e7:9a:f6:db:ec:31:
b8:77:3a:31:3d:88:d1:4a:0d:cd:38:7c:46:71:7a:
bd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D3:38:0E:E5:F8:78:E4:DF:B0:D8:24:C5:6C:6D:43:3D:7E:3C:F6
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/X9M4DuX4eOTfsNgkxWxtQz1-PPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f020::/48
Signature Algorithm: sha256WithRSAEncryption
9f:6a:c4:58:03:0a:3c:95:fd:5a:e9:9e:5e:5d:78:cf:a8:49:
3a:90:0c:08:da:ee:37:84:f2:60:30:37:a7:d8:c5:ed:21:af:
06:67:e5:2f:5f:08:d7:25:4d:f3:9d:5c:d9:57:5d:d2:f2:39:
30:aa:2b:5a:4a:37:c9:cf:ac:7e:77:25:4f:f8:48:b6:7f:7e:
df:f4:54:3c:78:fa:3c:6f:42:25:a0:62:9b:0d:34:32:1f:dd:
d0:3c:d0:ab:24:8c:78:75:69:04:44:01:33:ce:7a:a3:b0:7f:
ab:33:8b:bc:e2:38:cc:51:a3:f4:2f:87:b4:dc:22:fb:c5:c7:
4f:7d:40:f6:b9:59:a1:02:99:8b:a0:c5:eb:72:fe:8c:23:e1:
ae:4d:ef:bd:17:19:b3:37:40:32:aa:b4:2b:56:3d:aa:ad:a8:
b0:4c:1b:1b:2c:63:87:ad:5a:b4:30:76:d4:53:43:f2:e3:f9:
d8:05:d4:17:ba:79:79:09:8c:95:48:7f:01:db:09:45:38:ad:
c1:49:c5:8d:b1:d1:cf:34:20:15:3e:b0:3c:88:bf:1d:71:57:
c0:a2:04:dc:bf:22:6c:a6:36:f0:6f:f9:72:0d:dc:f3:54:c7:
88:01:25:de:45:c3:87:62:c4:e9:55:2b:f6:3e:8f:ee:c9:94:
3a:ab:f2:2e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIDwfwMAJB/eZ3TNk3nnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmQzMzgwZWU1Zjg3OGU0ZGZiMGQ4MjRjNTZjNmQ0MzNkN2UzY2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA673nevI6bR0p8ewfL9CifRYdTDu1
75UJ1jWHXfRrChQwC1pgbr3dnC1eEjp7xnmsjN7+CwVOSm/AIQuKdYtZrtKKc5Ln
48f8hfv8ddbYeWRV896xbOm0NM2ouQD6n039NBMycZpd9iMcUo+LDkTBSp9nnGN4
gUq6jFimlHg9xhzgzz8UDOmRaW6pRueP4n1NxkH2G4DhSiVEA51dkq589A3xkIJl
Lr8i4wU9O/kG63Z4m7MqO/pXHvZERiWMMtw0wz07Y+vkmyyogUFJTDscaErA5kr1
bjBQasyslxYOBpdaPS9VYUJ+JOvnmvbb7DG4dzoxPYjRSg3NOHxGcXq9vQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF/TOA7l+Hjk37DYJMVsbUM9fjz2MB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvWDlNNER1WDRlT1Rmc05na3hXeHRRejEtUFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAg
MA0GCSqGSIb3DQEBCwUAA4IBAQCfasRYAwo8lf1a6Z5eXXjPqEk6kAwI2u43hPJg
MDen2MXtIa8GZ+UvXwjXJU3znVzZV13S8jkwqitaSjfJz6x+dyVP+Ei2f37f9FQ8
ePo8b0IloGKbDTQyH93QPNCrJIx4dWkERAEzznqjsH+rM4u84jjMUaP0L4e03CL7
xcdPfUD2uVmhApmLoMXrcv6MI+GuTe+9FxmzN0AyqrQrVj2qraiwTBsbLGOHrVq0
MHbUU0Py4/nYBdQXunl5CYyVSH8B2wlFOK3BScWNsdHPNCAVPrA8iL8dcVfAogTc
vyJspjbwb/lyDdzzVMeIASXeRcOHYsTpVSv2Po/uyZQ6q/Iu
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:45:46 2025 by rpki-client