Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/26f44a-ae53-4727-9075-437a346b22f7/1/ag-XVm500Ink_y9Z543W0cYT2e4.roa
File: ag-XVm500Ink_y9Z543W0cYT2e4.roa (raw, json)
Hash identifier: LTklb1ptuKPn0530SuHC20oeHYTlb0YVhREmYDi0qn8=
Subject key identifier: 6A:0F:97:56:6E:74:D0:89:E4:FF:2F:59:E7:8D:D6:D1:C6:13:D9:EE
Certificate issuer: /CN=73ff4b1cbeaf9dd75d3b5ef3ee9a75d5799f7280
Certificate serial: 01942143F4CC83FDBEFF08C62506D59CDF69
Authority key identifier: 73:FF:4B:1C:BE:AF:9D:D7:5D:3B:5E:F3:EE:9A:75:D5:79:9F:72:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_9LHL6vndddO17z7pp11XmfcoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/26f44a-ae53-4727-9075-437a346b22f7/1/ag-XVm500Ink_y9Z543W0cYT2e4.roa
Signing time: Wed 01 Jan 2025 09:48:09 +0000
ROA not before: Wed 01 Jan 2025 09:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13030
IP address blocks: 185.242.62.0/23 maxlen: 23
2a09:a7c4::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f4:cc:83:fd:be:ff:08:c6:25:06:d5:9c:df:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73ff4b1cbeaf9dd75d3b5ef3ee9a75d5799f7280
Validity
Not Before: Jan 1 09:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a0f97566e74d089e4ff2f59e78dd6d1c613d9ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:6b:12:56:c4:0c:b0:37:01:09:4f:a5:ab:78:
33:2c:34:ae:2d:39:7d:af:4d:b0:3b:cc:a5:b4:d9:
8f:fb:f6:91:3f:98:b8:3f:4c:34:31:9c:1e:02:c3:
0c:b7:3b:86:c4:b8:78:91:f0:e1:fc:cd:54:02:61:
43:c7:33:a8:01:35:0b:ae:0c:99:6f:5c:5c:85:46:
60:10:13:2b:23:3b:e2:4b:9c:25:99:56:9c:a2:33:
50:85:21:b3:a5:65:5f:b8:1a:b3:b3:cc:dd:2a:b5:
05:8d:d3:e5:93:fc:05:73:8e:ff:eb:84:6f:6f:a4:
9c:71:03:e2:db:71:e9:36:86:54:23:22:cf:8c:2e:
57:16:b7:ae:2a:71:f2:6a:12:43:18:3b:bc:f0:f4:
38:94:be:3c:93:9e:c2:9f:a3:4d:81:42:2f:3e:5d:
31:a4:c0:40:23:1e:d8:52:38:24:97:39:c7:bb:27:
dc:4a:27:e6:b5:78:63:20:f3:34:41:09:79:79:62:
bd:7c:07:4a:a8:e9:26:1b:56:48:13:4e:35:fa:c9:
a6:9a:f4:80:57:9a:34:a7:9c:05:85:79:f7:34:76:
56:ef:61:c9:2d:7f:11:e6:21:0a:f8:b2:8f:bd:e3:
31:0b:b6:76:31:d7:73:52:48:2c:d9:8e:9f:ed:cc:
1a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:0F:97:56:6E:74:D0:89:E4:FF:2F:59:E7:8D:D6:D1:C6:13:D9:EE
X509v3 Authority Key Identifier:
keyid:73:FF:4B:1C:BE:AF:9D:D7:5D:3B:5E:F3:EE:9A:75:D5:79:9F:72:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_9LHL6vndddO17z7pp11XmfcoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/26f44a-ae53-4727-9075-437a346b22f7/1/ag-XVm500Ink_y9Z543W0cYT2e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/26f44a-ae53-4727-9075-437a346b22f7/1/c_9LHL6vndddO17z7pp11XmfcoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.62.0/23
IPv6:
2a09:a7c4::/30
Signature Algorithm: sha256WithRSAEncryption
00:a5:63:22:e2:e2:08:03:05:98:a4:7d:37:ca:b8:95:ca:2f:
7c:be:89:14:f6:59:d2:68:a2:c0:42:0d:3f:bb:f7:e0:d4:d8:
93:3c:13:af:24:f2:cf:a0:9c:7e:54:74:20:d6:e9:eb:f1:35:
97:63:3e:09:2b:62:9d:95:8d:9c:b4:ce:30:2b:17:c9:14:e3:
5b:d6:62:9c:e4:39:3a:f9:8e:20:28:56:98:9a:f7:10:ab:10:
fb:e0:b5:15:32:79:03:70:ac:9a:73:c4:3d:cf:7d:56:e3:84:
3c:00:95:4c:ab:bc:cc:4e:c1:d6:ca:e8:ba:7d:08:63:29:38:
00:5b:c4:ca:6d:cc:08:17:04:f9:9d:6e:fb:54:f7:59:69:da:
2d:f8:b1:83:88:db:2a:4c:8e:fb:0c:c2:fd:5c:da:ff:9c:d4:
ce:67:4b:32:e1:91:79:2f:f8:8e:cf:29:80:2a:88:e4:19:bc:
98:96:b0:b8:1c:58:88:55:bd:90:a7:1b:cc:38:5c:ca:f9:bc:
2a:d5:03:c5:bb:2e:97:dc:9a:11:a1:3c:a7:92:ac:df:4b:44:
29:e1:1f:ab:ed:0e:52:b1:4a:10:c0:04:eb:a5:fd:d0:d6:7c:
e3:7e:c7:5c:b2:ce:e5:ee:a4:69:5b:e8:10:33:52:92:a7:ca:
a5:85:51:52
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhQ/TMg/2+/wjGJQbVnN9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZmY0YjFjYmVhZjlkZDc1ZDNiNWVmM2VlOWE3NWQ1Nzk5
ZjcyODAwHhcNMjUwMTAxMDk0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTBmOTc1NjZlNzRkMDg5ZTRmZjJmNTllNzhkZDZkMWM2MTNkOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/GsSVsQMsDcBCU+lq3gzLDSuLTl9
r02wO8yltNmP+/aRP5i4P0w0MZweAsMMtzuGxLh4kfDh/M1UAmFDxzOoATULrgyZ
b1xchUZgEBMrIzviS5wlmVacojNQhSGzpWVfuBqzs8zdKrUFjdPlk/wFc47/64Rv
b6SccQPi23HpNoZUIyLPjC5XFreuKnHyahJDGDu88PQ4lL48k57Cn6NNgUIvPl0x
pMBAIx7YUjgklznHuyfcSifmtXhjIPM0QQl5eWK9fAdKqOkmG1ZIE041+smmmvSA
V5o0p5wFhXn3NHZW72HJLX8R5iEK+LKPveMxC7Z2MddzUkgs2Y6f7cwaWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGoPl1ZudNCJ5P8vWeeN1tHGE9nuMB8GA1UdIwQY
MBaAFHP/Sxy+r53XXTte8+6addV5n3KAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY185TEhMNnZuZGRkTzE3ejdwcDExWG1mY29BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yNmY0NGEtYWU1My00NzI3LTkwNzUt
NDM3YTM0NmIyMmY3LzEvYWctWFZtNTAwSW5rX3k5WjU0M1cwY1lUMmU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yNmY0NGEtYWU1My00NzI3LTkwNzUtNDM3YTM0NmIyMmY3
LzEvY185TEhMNnZuZGRkTzE3ejdwcDExWG1mY29BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBufI+MA0E
AgACMAcDBQIqCafEMA0GCSqGSIb3DQEBCwUAA4IBAQAApWMi4uIIAwWYpH03yriV
yi98vokU9lnSaKLAQg0/u/fg1NiTPBOvJPLPoJx+VHQg1unr8TWXYz4JK2KdlY2c
tM4wKxfJFONb1mKc5Dk6+Y4gKFaYmvcQqxD74LUVMnkDcKyac8Q9z31W44Q8AJVM
q7zMTsHWyui6fQhjKTgAW8TKbcwIFwT5nW77VPdZadot+LGDiNsqTI77DML9XNr/
nNTOZ0sy4ZF5L/iOzymAKojkGbyYlrC4HFiIVb2QpxvMOFzK+bwq1QPFuy6X3JoR
oTynkqzfS0Qp4R+r7Q5SsUoQwATrpf3Q1nzjfsdcss7l7qRpW+gQM1KSp8qlhVFS
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:08 2025 by rpki-client