Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/XhQy70S_UMvUlQqMS3Ri8w9Lzwg.roa
File: XhQy70S_UMvUlQqMS3Ri8w9Lzwg.roa (raw, json)
Hash identifier: pfzMfmapyb/YulZYQtRxTnmcCybmAdc60nKGcIcDJZA=
Subject key identifier: 5E:14:32:EF:44:BF:50:CB:D4:95:0A:8C:4B:74:62:F3:0F:4B:CF:08
Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Certificate serial: 019455AFCBCA9E60881AB4CBA17035112577
Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/XhQy70S_UMvUlQqMS3Ri8w9Lzwg.roa
Signing time: Sat 11 Jan 2025 14:06:11 +0000
ROA not before: Sat 11 Jan 2025 14:06:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214880
IP address blocks: 2a13:a5c7:1500::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:55:af:cb:ca:9e:60:88:1a:b4:cb:a1:70:35:11:25:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Validity
Not Before: Jan 11 14:06:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e1432ef44bf50cbd4950a8c4b7462f30f4bcf08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f1:74:db:12:65:78:b4:9c:18:50:6c:15:ff:
2a:bc:7e:b9:aa:4a:e1:ea:16:21:04:03:9a:89:59:
0e:89:f6:24:3b:e0:2e:b7:11:db:46:7b:5c:95:1c:
93:20:79:2f:00:03:b1:fb:00:d1:de:5c:b5:9d:8f:
9e:c7:05:1a:b6:4d:e3:0d:58:81:ca:3a:ce:0b:8c:
61:64:a1:58:7d:00:3b:3a:c1:91:f8:29:0d:e5:56:
e5:5f:c9:fa:74:88:2b:d3:f6:72:26:e2:a7:75:37:
e8:73:26:84:6f:47:36:87:12:a9:a1:af:e2:63:34:
08:cf:1b:c8:28:2f:2a:09:71:d5:0b:76:78:bb:b3:
85:38:ae:7e:02:61:4f:77:ab:43:b2:74:57:1b:94:
b1:61:ed:5a:97:27:60:11:9c:12:60:fb:14:50:e8:
b7:bb:7b:a8:99:8d:0c:47:39:94:13:d3:71:b8:50:
36:8e:75:97:4b:f5:b4:71:cc:56:0d:aa:3b:96:00:
04:04:a2:0b:f2:aa:ae:9e:d2:e5:05:81:b9:56:bf:
4d:ae:31:8a:1a:1d:61:4e:ac:53:c6:60:86:72:70:
12:78:1a:8e:22:ea:d7:02:ee:07:c9:f7:03:d9:c6:
f9:c3:31:14:16:cd:3e:27:aa:6d:07:6d:e4:30:6e:
d3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:14:32:EF:44:BF:50:CB:D4:95:0A:8C:4B:74:62:F3:0F:4B:CF:08
X509v3 Authority Key Identifier:
keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/XhQy70S_UMvUlQqMS3Ri8w9Lzwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a5c7:1500::/40
Signature Algorithm: sha256WithRSAEncryption
44:5e:86:88:03:3c:8a:df:fe:9f:3a:b1:76:b3:60:62:68:b4:
ff:f2:10:7f:9d:86:8f:80:c2:ba:c9:3e:a8:78:d2:96:f7:2f:
80:8e:5d:0d:60:52:6b:32:cc:16:26:b7:c7:42:cf:1b:d9:4a:
93:95:32:52:55:a9:dd:88:89:1f:80:bc:33:50:d7:2e:c6:72:
16:c3:25:90:b6:ef:66:3f:1c:18:9e:c8:89:2f:31:bb:ef:2f:
4c:b5:3d:78:6b:29:39:ba:ff:98:5b:1e:43:be:85:e1:ac:73:
7e:2e:c1:e3:52:37:b4:b8:ca:21:05:dd:d9:94:ac:df:b3:f9:
eb:0f:71:e3:52:24:0e:97:33:4b:0a:47:6c:9e:d1:5b:ba:94:
c1:fc:27:ba:ac:a9:ff:47:ff:4e:04:ac:fe:10:28:42:6f:3b:
9a:d3:e0:3a:25:17:61:33:72:c5:35:20:b1:ba:b7:0f:1a:15:
70:af:08:aa:be:cb:f1:62:67:71:42:b0:98:6e:8c:86:76:6e:
9f:a4:54:e9:b9:6f:c3:29:2b:14:3e:95:62:77:56:a9:c3:5f:
96:af:51:c7:27:01:09:23:e4:04:20:dd:4b:8c:d6:04:6f:bf:
bc:3d:56:7a:ea:1d:a5:f4:a0:de:63:d6:0d:86:15:6e:ee:43:
2c:40:e9:5a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZRVr8vKnmCIGrTLoXA1ESV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3
MWRkOWQwHhcNMjUwMTExMTQwNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTE0MzJlZjQ0YmY1MGNiZDQ5NTBhOGM0Yjc0NjJmMzBmNGJjZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vF02xJleLScGFBsFf8qvH65qkrh
6hYhBAOaiVkOifYkO+AutxHbRntclRyTIHkvAAOx+wDR3ly1nY+exwUatk3jDViB
yjrOC4xhZKFYfQA7OsGR+CkN5VblX8n6dIgr0/ZyJuKndTfocyaEb0c2hxKpoa/i
YzQIzxvIKC8qCXHVC3Z4u7OFOK5+AmFPd6tDsnRXG5SxYe1alydgEZwSYPsUUOi3
u3uomY0MRzmUE9NxuFA2jnWXS/W0ccxWDao7lgAEBKIL8qquntLlBYG5Vr9NrjGK
Gh1hTqxTxmCGcnASeBqOIurXAu4HyfcD2cb5wzEUFs0+J6ptB23kMG7TKQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF4UMu9Ev1DL1JUKjEt0YvMPS88IMB8GA1UdIwQY
MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct
NjNjNzIxY2YxZjU2LzEvWGhReTcwU19VTXZVbFFxTVMzUmk4dzlMendnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2
LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhOlxxUw
DQYJKoZIhvcNAQELBQADggEBAERehogDPIrf/p86sXazYGJotP/yEH+dho+AwrrJ
Pqh40pb3L4COXQ1gUmsyzBYmt8dCzxvZSpOVMlJVqd2IiR+AvDNQ1y7GchbDJZC2
72Y/HBieyIkvMbvvL0y1PXhrKTm6/5hbHkO+heGsc34uweNSN7S4yiEF3dmUrN+z
+esPceNSJA6XM0sKR2ye0Vu6lMH8J7qsqf9H/04ErP4QKEJvO5rT4DolF2EzcsU1
ILG6tw8aFXCvCKq+y/FiZ3FCsJhujIZ2bp+kVOm5b8MpKxQ+lWJ3VqnDX5avUccn
AQkj5AQg3UuM1gRvv7w9VnrqHaX0oN5j1g2GFW7uQyxA6Vo=
-----END CERTIFICATE-----
Generated at Sat Feb 22 04:41:57 2025 by rpki-client