Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/xX5hP5dyXaRRP0j4wd3WK2HuKs8.roa
File: xX5hP5dyXaRRP0j4wd3WK2HuKs8.roa (raw, json)
Hash identifier: LUqqIedij3MsZ4xdDrj2P77W4YSkhRHXS4bSs5DH+Z0=
Subject key identifier: C5:7E:61:3F:97:72:5D:A4:51:3F:48:F8:C1:DD:D6:2B:61:EE:2A:CF
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 01942747C9F065C3CB8413001B248DB86B75
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/xX5hP5dyXaRRP0j4wd3WK2HuKs8.roa
Signing time: Thu 02 Jan 2025 13:50:03 +0000
ROA not before: Thu 02 Jan 2025 13:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400818
IP address blocks: 2a05:b0c7:1800::/39 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:c9:f0:65:c3:cb:84:13:00:1b:24:8d:b8:6b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 2 13:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c57e613f97725da4513f48f8c1ddd62b61ee2acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:57:2b:84:21:81:1f:b9:5b:1e:2c:18:92:80:
17:dd:a0:56:4e:83:c2:cc:74:da:ff:97:74:b0:8e:
2e:28:f3:2a:b6:25:14:51:73:cd:c0:94:d1:19:75:
d9:30:f1:cc:9b:86:26:13:0f:02:b5:a4:65:0a:9c:
78:0b:3b:24:a3:b3:63:03:86:34:cb:8a:0c:aa:87:
7c:29:e3:f4:aa:c0:68:b5:a5:a4:ba:64:84:83:8d:
49:49:cd:27:08:a8:9b:48:a5:1b:68:3f:75:a4:99:
28:69:09:7c:82:a8:db:cc:0a:f5:60:e0:ce:4c:1e:
c8:00:67:bb:5d:7f:cb:1e:48:1e:44:00:51:eb:c0:
3d:66:61:15:7c:a6:42:9a:69:e0:8a:c5:be:84:2a:
f4:55:10:5f:b0:99:2d:62:c7:75:a2:a4:0c:b5:19:
f4:c4:96:2c:0d:4e:ea:3e:aa:d5:99:ca:da:54:d4:
79:24:85:97:01:dd:fd:d3:64:77:be:d5:c4:0f:00:
5e:3c:dd:39:28:fb:e0:27:58:dc:ce:6f:e6:93:76:
ce:a8:d8:0b:71:d8:87:6f:96:24:b8:c1:3b:c4:9f:
50:93:f6:8c:8e:7e:78:10:c0:c1:60:ab:de:ac:c8:
09:97:31:92:b1:e6:9e:0d:41:0e:91:0f:0b:3b:e1:
50:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:7E:61:3F:97:72:5D:A4:51:3F:48:F8:C1:DD:D6:2B:61:EE:2A:CF
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/xX5hP5dyXaRRP0j4wd3WK2HuKs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c7:1800::/39
Signature Algorithm: sha256WithRSAEncryption
73:cd:16:dd:c8:81:d3:58:36:85:da:a9:ba:ae:af:bc:67:e0:
65:b3:7c:71:e4:5e:16:9b:22:4b:09:75:58:ca:a8:a0:03:59:
40:af:ea:b9:50:9d:b2:e2:85:37:84:7c:6a:29:e4:85:f5:8b:
f9:2c:a5:d4:09:e3:0f:bc:98:78:06:56:95:e0:b1:87:4c:34:
b2:8d:aa:13:08:bf:34:98:8e:17:bc:da:4c:90:70:33:c0:57:
48:2a:f0:27:fe:5d:d5:b4:dc:59:21:00:90:a7:4b:84:34:d5:
21:2b:39:46:ce:55:8c:f1:e3:17:f4:79:22:cc:d0:b2:db:11:
3a:b2:00:67:f3:c8:fb:2c:23:8f:9e:11:4b:78:b3:21:49:4d:
a0:52:20:5b:ab:ce:c8:53:30:42:66:1f:58:32:fd:18:84:4c:
02:4a:79:08:e7:ee:85:e7:cf:9d:f1:20:59:10:a1:e6:89:52:
9d:0a:2c:36:f0:b7:f1:d0:09:9a:a0:9d:1a:7e:e3:6b:8b:6e:
b8:f6:b8:3a:f8:db:c9:06:93:0d:57:5c:16:2e:32:bd:c4:a6:
21:61:9e:07:12:a3:70:1b:1f:9a:8b:50:00:a5:0e:02:90:04:
e7:eb:74:34:45:e7:29:42:f0:d9:f8:e9:c6:ba:9b:2b:78:dd:
e5:fb:b9:50
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQnR8nwZcPLhBMAGySNuGt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjUwMTAyMTM1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTdlNjEzZjk3NzI1ZGE0NTEzZjQ4ZjhjMWRkZDYyYjYxZWUyYWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVcrhCGBH7lbHiwYkoAX3aBWToPC
zHTa/5d0sI4uKPMqtiUUUXPNwJTRGXXZMPHMm4YmEw8CtaRlCpx4Czsko7NjA4Y0
y4oMqod8KeP0qsBotaWkumSEg41JSc0nCKibSKUbaD91pJkoaQl8gqjbzAr1YODO
TB7IAGe7XX/LHkgeRABR68A9ZmEVfKZCmmngisW+hCr0VRBfsJktYsd1oqQMtRn0
xJYsDU7qPqrVmcraVNR5JIWXAd3902R3vtXEDwBePN05KPvgJ1jczm/mk3bOqNgL
cdiHb5YkuME7xJ9Qk/aMjn54EMDBYKverMgJlzGSseaeDUEOkQ8LO+FQNwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMV+YT+Xcl2kUT9I+MHd1ith7irPMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEveFg1aFA1ZHlYYVJSUDBqNHdkM1dLMkh1S3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYBKgWwxxgw
DQYJKoZIhvcNAQELBQADggEBAHPNFt3IgdNYNoXaqbqur7xn4GWzfHHkXhabIksJ
dVjKqKADWUCv6rlQnbLihTeEfGop5IX1i/kspdQJ4w+8mHgGVpXgsYdMNLKNqhMI
vzSYjhe82kyQcDPAV0gq8Cf+XdW03FkhAJCnS4Q01SErOUbOVYzx4xf0eSLM0LLb
ETqyAGfzyPssI4+eEUt4syFJTaBSIFurzshTMEJmH1gy/RiETAJKeQjn7oXnz53x
IFkQoeaJUp0KLDbwt/HQCZqgnRp+42uLbrj2uDr428kGkw1XXBYuMr3EpiFhngcS
o3AbH5qLUAClDgKQBOfrdDRF5ylC8Nn46ca6myt43eX7uVA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:47:01 2025 by rpki-client