Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7fbb64-ff75-4082-9d1c-50f597043655/1/XovRK9lM2f6s3RstsO30Y8KEzig.roa
File: XovRK9lM2f6s3RstsO30Y8KEzig.roa (raw, json)
Hash identifier: P20xj0v4Ov4Y58q+zNWskOBdTh7iRGeJjF5Urd3cvLM=
Subject key identifier: 5E:8B:D1:2B:D9:4C:D9:FE:AC:DD:1B:2D:B0:ED:F4:63:C2:84:CE:28
Certificate issuer: /CN=ec68368c5d294160f4d2d0ceaf7531e4475fa533
Certificate serial: 08F0356B
Authority key identifier: EC:68:36:8C:5D:29:41:60:F4:D2:D0:CE:AF:75:31:E4:47:5F:A5:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Gg2jF0pQWD00tDOr3Ux5EdfpTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/7fbb64-ff75-4082-9d1c-50f597043655/1/XovRK9lM2f6s3RstsO30Y8KEzig.roa
Signing time: Sat 01 Jan 2022 14:06:20 +0000
ROA not before: Sat 01 Jan 2022 14:06:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210819
IP address blocks: 2a0e:4006::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149960043 (0x8f0356b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec68368c5d294160f4d2d0ceaf7531e4475fa533
Validity
Not Before: Jan 1 14:06:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e8bd12bd94cd9feacdd1b2db0edf463c284ce28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5c:2d:43:8c:21:e9:fa:62:dc:9e:46:57:a7:
6f:50:b7:55:98:7d:a7:78:ff:7d:d7:6f:31:32:ce:
4c:e5:15:6d:8b:38:8d:56:ee:d6:d3:75:18:8e:2a:
df:9b:94:93:c4:42:c3:b0:53:fd:d9:19:46:e4:db:
b6:ef:2e:d5:27:15:ee:3b:97:ff:36:9d:a5:d2:f3:
bd:99:ed:62:f8:61:c1:43:45:8f:39:75:55:e8:24:
ed:63:c2:b1:d6:a6:c5:cf:42:a2:ab:6d:37:6d:82:
a5:a5:86:09:77:ba:7e:cd:2f:ec:e5:b0:35:1e:97:
3f:65:73:61:1e:18:95:e2:cf:43:0f:7b:a6:fc:76:
a5:d7:d9:dd:0d:cc:82:9d:97:0e:fc:41:61:ed:8d:
c1:f1:ec:d8:f9:57:e7:44:51:dc:e1:e3:30:ac:72:
b2:5e:6b:bf:8f:cd:75:0d:df:25:d0:b9:79:4f:86:
23:30:18:1e:96:9f:a3:90:31:ae:e9:c6:40:dd:50:
82:e8:34:04:75:38:5c:94:07:f4:b9:07:e9:87:59:
c1:51:36:b7:e9:ff:a2:4b:ad:57:b8:15:f3:a0:f7:
c0:48:fe:96:37:1a:7c:66:da:d0:4b:7c:aa:89:f7:
ba:88:b5:ac:91:a0:e2:8b:ba:56:93:fc:a3:38:2f:
42:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:8B:D1:2B:D9:4C:D9:FE:AC:DD:1B:2D:B0:ED:F4:63:C2:84:CE:28
X509v3 Authority Key Identifier:
keyid:EC:68:36:8C:5D:29:41:60:F4:D2:D0:CE:AF:75:31:E4:47:5F:A5:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Gg2jF0pQWD00tDOr3Ux5EdfpTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7fbb64-ff75-4082-9d1c-50f597043655/1/XovRK9lM2f6s3RstsO30Y8KEzig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7fbb64-ff75-4082-9d1c-50f597043655/1/7Gg2jF0pQWD00tDOr3Ux5EdfpTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4006::/32
Signature Algorithm: sha256WithRSAEncryption
5a:2c:13:88:5f:b6:7e:ac:a5:74:92:25:63:40:20:cd:a7:76:
d3:ce:09:18:91:3e:81:cf:6f:76:c5:17:21:e8:59:a5:56:c4:
b5:87:0f:75:d4:50:ef:96:9c:6e:dc:6b:1d:a0:46:d7:85:31:
b7:bd:12:35:31:89:07:24:ca:72:ad:30:2e:af:16:07:ae:27:
3b:e5:72:dd:b1:4e:99:ce:74:aa:f9:01:10:1c:b3:40:5f:60:
df:eb:ff:73:25:84:a2:62:57:4d:41:6e:d2:5b:7e:18:7c:50:
3b:b5:72:d3:43:eb:a1:0e:90:86:e4:0f:d7:86:f7:23:e3:23:
61:f9:75:3e:a4:0e:36:61:cf:94:9e:55:87:88:10:38:29:0a:
4d:73:fd:56:24:86:b7:8d:1c:99:30:2c:3c:f2:d8:47:5c:15:
c3:47:b1:60:df:8a:6e:ad:89:b3:1a:09:7e:5d:9a:7a:ee:43:
43:ba:6b:c8:2b:93:10:e1:dd:05:cc:c8:0f:63:25:0b:c1:52:
14:40:2d:65:b8:32:7f:7f:94:64:bb:52:10:78:31:85:6c:1f:
76:02:85:79:86:64:11:84:66:8e:18:ce:02:cb:6e:3f:df:31:
d8:66:3a:12:66:42:c1:16:f7:d4:e2:61:85:07:1a:4c:b2:da:
23:a0:64:5b
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECPA1azANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzY4MzY4YzVkMjk0MTYwZjRkMmQwY2VhZjc1MzFlNDQ3NWZhNTMzMB4XDTIyMDEw
MTE0MDYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWU4YmQxMmJkOTRj
ZDlmZWFjZGQxYjJkYjBlZGY0NjNjMjg0Y2UyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVcLUOMIen6YtyeRlenb1C3VZh9p3j/fddvMTLOTOUVbYs4
jVbu1tN1GI4q35uUk8RCw7BT/dkZRuTbtu8u1ScV7juX/zadpdLzvZntYvhhwUNF
jzl1Vegk7WPCsdamxc9CoqttN22CpaWGCXe6fs0v7OWwNR6XP2VzYR4YleLPQw97
pvx2pdfZ3Q3Mgp2XDvxBYe2NwfHs2PlX50RR3OHjMKxysl5rv4/NdQ3fJdC5eU+G
IzAYHpafo5AxrunGQN1Qgug0BHU4XJQH9LkH6YdZwVE2t+n/okutV7gV86D3wEj+
ljcafGba0Et8qon3uoi1rJGg4ou6VpP8ozgvQuECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRei9Er2UzZ/qzdGy2w7fRjwoTOKDAfBgNVHSMEGDAWgBTsaDaMXSlBYPTS
0M6vdTHkR1+lMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdHZzJqRjBwUVdEMDB0RE9yM1V4NUVkZnBUTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvN2ZiYjY0LWZmNzUtNDA4Mi05ZDFjLTUwZjU5NzA0MzY1NS8x
L1hvdlJLOWxNMmY2czNSc3RzTzMwWThLRXppZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
N2ZiYjY0LWZmNzUtNDA4Mi05ZDFjLTUwZjU5NzA0MzY1NS8xLzdHZzJqRjBwUVdE
MDB0RE9yM1V4NUVkZnBUTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoOQAYwDQYJKoZIhvcNAQELBQAD
ggEBAFosE4hftn6spXSSJWNAIM2ndtPOCRiRPoHPb3bFFyHoWaVWxLWHD3XUUO+W
nG7cax2gRteFMbe9EjUxiQckynKtMC6vFgeuJzvlct2xTpnOdKr5ARAcs0BfYN/r
/3MlhKJiV01BbtJbfhh8UDu1ctND66EOkIbkD9eG9yPjI2H5dT6kDjZhz5SeVYeI
EDgpCk1z/VYkhreNHJkwLDzy2EdcFcNHsWDfim6tibMaCX5dmnruQ0O6a8grkxDh
3QXMyA9jJQvBUhRALWW4Mn9/lGS7UhB4MYVsH3YChXmGZBGEZo4YzgLLbj/fMdhm
OhJmQsEW99TiYYUHGkyy2iOgZFs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:40 2025 by rpki-client