Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ddf54f-d42c-45c6-8157-0fee9e064615/1/xTJeQKWpeLUKxeloqWVqyWnYf2k.roa
File: xTJeQKWpeLUKxeloqWVqyWnYf2k.roa (raw, json)
Hash identifier: xSmgQMBkBrfOVg0RYanNkdjzHWLi3JEKP8m8nA7dnTQ=
Subject key identifier: C5:32:5E:40:A5:A9:78:B5:0A:C5:E9:68:A9:65:6A:C9:69:D8:7F:69
Certificate issuer: /CN=67cc74ddcc584773d4f9d50e3e5b27bb601b8a8b
Certificate serial: 01856CA5DD7C9FDFACC005A3D59372FEFBC1
Authority key identifier: 67:CC:74:DD:CC:58:47:73:D4:F9:D5:0E:3E:5B:27:BB:60:1B:8A:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8x03cxYR3PU-dUOPlsnu2Abios.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ddf54f-d42c-45c6-8157-0fee9e064615/1/xTJeQKWpeLUKxeloqWVqyWnYf2k.roa
Signing time: Sun 01 Jan 2023 09:24:47 +0000
ROA not before: Sun 01 Jan 2023 09:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205684
IP address blocks: 2001:678:d04::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:dd:7c:9f:df:ac:c0:05:a3:d5:93:72:fe:fb:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67cc74ddcc584773d4f9d50e3e5b27bb601b8a8b
Validity
Not Before: Jan 1 09:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5325e40a5a978b50ac5e968a9656ac969d87f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2b:5a:32:d4:2a:73:33:dc:fe:54:a2:dd:1d:
07:8c:d3:73:80:0a:d1:08:62:a0:78:06:db:d3:11:
3a:58:db:96:0e:10:2b:3a:dc:c2:db:9d:79:12:3f:
7d:2e:7c:b8:bf:af:38:fa:e4:90:38:ee:8f:3f:2b:
b8:bc:51:36:d8:4f:60:79:11:b9:07:27:df:c9:64:
ef:74:38:bd:b5:3b:6c:d0:e2:0d:25:e2:95:0f:aa:
95:41:41:8b:aa:40:01:48:91:f1:61:16:af:67:bc:
ac:05:3b:ac:ac:15:78:3d:f1:f7:05:81:86:45:d3:
16:a1:95:cf:92:66:9d:76:b2:2a:f1:2d:fb:6a:9f:
0f:4b:42:fd:2b:72:9b:a8:aa:87:4c:be:d5:ce:e3:
bf:c2:d6:4f:c8:10:c4:c5:13:aa:03:69:b9:cf:27:
51:01:97:97:c8:01:ce:78:43:9f:64:82:7c:b1:f5:
cf:8b:bf:9a:60:ed:3e:9e:01:67:cd:89:ae:e0:f1:
d8:2b:e7:55:84:76:1a:a4:63:b0:a7:76:f9:9f:b7:
e1:8e:78:b6:f5:32:22:56:f6:c2:a1:79:77:78:3e:
c2:ac:49:40:9c:a6:3d:d8:63:bb:12:3d:07:b8:24:
71:58:3a:07:76:e6:4d:14:c5:16:44:74:b0:81:c2:
45:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:32:5E:40:A5:A9:78:B5:0A:C5:E9:68:A9:65:6A:C9:69:D8:7F:69
X509v3 Authority Key Identifier:
keyid:67:CC:74:DD:CC:58:47:73:D4:F9:D5:0E:3E:5B:27:BB:60:1B:8A:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8x03cxYR3PU-dUOPlsnu2Abios.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ddf54f-d42c-45c6-8157-0fee9e064615/1/xTJeQKWpeLUKxeloqWVqyWnYf2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ddf54f-d42c-45c6-8157-0fee9e064615/1/Z8x03cxYR3PU-dUOPlsnu2Abios.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:d04::/48
Signature Algorithm: sha256WithRSAEncryption
6b:5c:77:dc:92:7f:08:b9:07:d1:db:be:8f:cc:f1:b6:c4:bd:
d4:4c:5e:c0:a9:cc:fe:80:97:fe:e1:a3:c6:32:91:6b:12:61:
fa:fc:c2:39:75:ec:ea:6b:b4:36:c5:5c:49:fc:da:90:d5:cf:
4c:9a:85:51:fd:d4:21:af:54:f3:39:5d:5d:d5:0f:f5:3e:18:
10:64:f4:87:d9:f7:a1:b2:20:0f:20:fc:d5:fd:69:b7:c9:78:
ca:a2:40:3c:07:86:ca:f3:df:19:72:4d:0f:c1:4b:40:17:db:
bb:98:f0:be:6b:d1:1e:1e:24:53:3e:a8:14:22:5f:01:c5:f3:
79:52:cc:2d:73:d1:49:e0:26:f2:65:f0:ad:93:db:e5:fc:e9:
6b:07:81:c8:53:95:64:1b:38:8a:01:cc:40:b3:47:1c:c6:6a:
2b:8b:5a:ad:17:e8:98:3c:a9:54:68:b0:25:c7:cc:da:a7:c8:
63:4d:ec:bd:fd:b9:a8:5b:e2:54:50:c8:b8:e9:eb:c6:c1:40:
20:4d:3f:76:4b:db:a3:50:e6:34:0f:1c:31:1d:a4:ec:97:c4:
f5:49:8d:93:28:95:2a:5c:14:8a:19:43:c8:46:8d:72:e3:9f:
23:d7:ff:bc:d0:a1:b9:87:4a:e2:ab:87:af:f3:ff:75:8c:0e:
69:80:9d:7a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVspd18n9+swAWj1ZNy/vvBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2M3NGRkY2M1ODQ3NzNkNGY5ZDUwZTNlNWIyN2JiNjAx
YjhhOGIwHhcNMjMwMTAxMDkyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTMyNWU0MGE1YTk3OGI1MGFjNWU5NjhhOTY1NmFjOTY5ZDg3ZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnytaMtQqczPc/lSi3R0HjNNzgArR
CGKgeAbb0xE6WNuWDhArOtzC2515Ej99Lny4v684+uSQOO6PPyu4vFE22E9geRG5
ByffyWTvdDi9tTts0OINJeKVD6qVQUGLqkABSJHxYRavZ7ysBTusrBV4PfH3BYGG
RdMWoZXPkmaddrIq8S37ap8PS0L9K3KbqKqHTL7VzuO/wtZPyBDExROqA2m5zydR
AZeXyAHOeEOfZIJ8sfXPi7+aYO0+ngFnzYmu4PHYK+dVhHYapGOwp3b5n7fhjni2
9TIiVvbCoXl3eD7CrElAnKY92GO7Ej0HuCRxWDoHduZNFMUWRHSwgcJFewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMUyXkClqXi1CsXpaKllaslp2H9pMB8GA1UdIwQY
MBaAFGfMdN3MWEdz1PnVDj5bJ7tgG4qLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjh4MDNjeFlSM1BVLWRVT1Bsc251MkFiaW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kZGY1NGYtZDQyYy00NWM2LTgxNTct
MGZlZTllMDY0NjE1LzEveFRKZVFLV3BlTFVLeGVsb3FXVnF5V25ZZjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9kZGY1NGYtZDQyYy00NWM2LTgxNTctMGZlZTllMDY0NjE1
LzEvWjh4MDNjeFlSM1BVLWRVT1Bsc251MkFiaW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA0E
MA0GCSqGSIb3DQEBCwUAA4IBAQBrXHfckn8IuQfR276PzPG2xL3UTF7Aqcz+gJf+
4aPGMpFrEmH6/MI5dezqa7Q2xVxJ/NqQ1c9MmoVR/dQhr1TzOV1d1Q/1PhgQZPSH
2fehsiAPIPzV/Wm3yXjKokA8B4bK898Zck0PwUtAF9u7mPC+a9EeHiRTPqgUIl8B
xfN5Uswtc9FJ4CbyZfCtk9vl/OlrB4HIU5VkGziKAcxAs0ccxmori1qtF+iYPKlU
aLAlx8zap8hjTey9/bmoW+JUUMi46evGwUAgTT92S9ujUOY0DxwxHaTsl8T1SY2T
KJUqXBSKGUPIRo1y458j1/+80KG5h0riq4ev8/91jA5pgJ16
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:35 2024 by rpki-client on console-ams.rpki-client.org