Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/XSI-Z3sxC2MvxPG4GMpF-oGP6N4.roa
File: XSI-Z3sxC2MvxPG4GMpF-oGP6N4.roa (raw, json)
Hash identifier: 0PggDg6sAbSQ+x8mdqKRdmh/0V9nEdI3VW8yE7LWoS0=
Subject key identifier: 5D:22:3E:67:7B:31:0B:63:2F:C4:F1:B8:18:CA:45:FA:81:8F:E8:DE
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 0194228DEA047F83F132DEC695C84EA814CA
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/XSI-Z3sxC2MvxPG4GMpF-oGP6N4.roa
Signing time: Wed 01 Jan 2025 15:48:33 +0000
ROA not before: Wed 01 Jan 2025 15:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329386
IP address blocks: 2a12:8fc6:1386::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ea:04:7f:83:f1:32:de:c6:95:c8:4e:a8:14:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Jan 1 15:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d223e677b310b632fc4f1b818ca45fa818fe8de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0f:78:1b:ba:f1:6e:19:f8:e2:d4:f2:5f:dd:
c5:e0:b3:c7:f9:57:9c:5f:0a:67:5f:40:d5:c4:4e:
5a:9c:e4:06:58:c9:56:5a:42:42:e3:d4:94:03:28:
6e:70:c6:0f:59:d1:77:27:1c:19:97:cf:77:23:4d:
0c:8e:ce:70:1b:de:5d:44:6a:c0:95:7e:0f:32:18:
9f:61:dd:33:de:be:5f:72:d3:9b:91:79:a5:31:14:
8c:cb:2a:46:4f:c5:46:5a:10:1f:4b:c0:e8:2e:18:
b8:95:21:a6:8b:b4:7f:2a:7e:42:ae:62:5a:23:f0:
57:28:2c:a2:e9:d4:4f:13:06:26:24:e1:a1:56:b1:
ed:ac:91:1c:c1:88:bf:75:de:b1:af:be:ba:ae:f6:
44:d4:6a:31:e3:f8:98:49:35:9d:15:7d:39:68:84:
3f:6f:40:a0:00:68:94:c2:59:f2:ac:76:35:39:ff:
e0:46:01:e2:03:15:f6:d5:bd:4d:21:6a:f1:aa:e6:
8f:57:42:e0:02:eb:57:cb:f6:97:71:50:ad:04:4d:
4a:92:3e:40:bb:fe:e7:b5:9c:30:98:5e:1f:ce:33:
96:33:23:40:a1:95:da:6f:4f:70:ff:40:73:a1:9b:
72:80:b6:b1:24:0f:10:82:ed:a2:c4:59:ff:44:c5:
60:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:22:3E:67:7B:31:0B:63:2F:C4:F1:B8:18:CA:45:FA:81:8F:E8:DE
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/XSI-Z3sxC2MvxPG4GMpF-oGP6N4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8fc6:1386::/48
Signature Algorithm: sha256WithRSAEncryption
01:43:a9:39:27:80:72:ad:d9:be:90:ed:fa:73:fc:db:e1:f1:
16:0d:eb:fa:8f:88:36:a5:60:63:99:86:4f:62:e4:a5:80:d1:
b3:d8:60:e6:71:8a:bc:13:96:72:4f:d3:b0:f7:bd:a4:08:f3:
8b:1e:4d:d9:4d:35:e6:66:7e:f3:84:6b:1f:00:0b:85:e3:87:
f3:e8:18:50:11:ac:af:f1:e5:4a:b5:f9:7d:b9:8b:41:c2:4b:
44:5b:f3:c1:c6:69:f8:6d:24:8b:70:18:a7:c8:43:55:f6:eb:
45:57:91:01:83:27:78:c3:ea:71:86:ca:e3:8b:eb:48:73:eb:
b0:09:79:58:1f:b7:f9:c2:9e:67:44:83:fb:b4:ea:fc:ca:84:
66:fc:02:28:91:bd:d7:f2:81:30:e2:fa:d4:fc:70:1b:e1:ad:
72:f6:c1:f6:3f:cc:af:94:fe:d2:1d:8c:85:c3:98:25:b8:5a:
0e:28:a4:96:b7:a5:39:f2:aa:59:c2:81:6d:7c:c8:0a:cf:71:
6b:8a:0d:19:db:b4:a2:c5:73:ce:fb:cd:30:d4:e1:36:b9:0a:
7e:36:e3:04:9e:4b:bf:fa:2e:15:cd:27:04:c2:fa:b4:f2:f9:
7c:8b:be:d9:cb:a7:70:8d:55:e4:62:3d:af:1a:4a:09:3c:50:
ba:74:6b:d3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQijeoEf4PxMt7GlchOqBTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjUwMTAxMTU0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDIyM2U2NzdiMzEwYjYzMmZjNGYxYjgxOGNhNDVmYTgxOGZlOGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw94G7rxbhn44tTyX93F4LPH+Vec
XwpnX0DVxE5anOQGWMlWWkJC49SUAyhucMYPWdF3JxwZl893I00Mjs5wG95dRGrA
lX4PMhifYd0z3r5fctObkXmlMRSMyypGT8VGWhAfS8DoLhi4lSGmi7R/Kn5CrmJa
I/BXKCyi6dRPEwYmJOGhVrHtrJEcwYi/dd6xr766rvZE1Gox4/iYSTWdFX05aIQ/
b0CgAGiUwlnyrHY1Of/gRgHiAxX21b1NIWrxquaPV0LgAutXy/aXcVCtBE1Kkj5A
u/7ntZwwmF4fzjOWMyNAoZXab09w/0BzoZtygLaxJA8Qgu2ixFn/RMVgIwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF0iPmd7MQtjL8TxuBjKRfqBj+jeMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvWFNJLVozc3hDMk12eFBHNEdNcEYtb0dQNk40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKPxhOG
MA0GCSqGSIb3DQEBCwUAA4IBAQABQ6k5J4Byrdm+kO36c/zb4fEWDev6j4g2pWBj
mYZPYuSlgNGz2GDmcYq8E5ZyT9Ow972kCPOLHk3ZTTXmZn7zhGsfAAuF44fz6BhQ
Eayv8eVKtfl9uYtBwktEW/PBxmn4bSSLcBinyENV9utFV5EBgyd4w+pxhsrji+tI
c+uwCXlYH7f5wp5nRIP7tOr8yoRm/AIokb3X8oEw4vrU/HAb4a1y9sH2P8yvlP7S
HYyFw5gluFoOKKSWt6U58qpZwoFtfMgKz3Frig0Z27SixXPO+80w1OE2uQp+NuME
nku/+i4VzScEwvq08vl8i77Zy6dwjVXkYj2vGkoJPFC6dGvT
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:37:52 2025 by rpki-client