Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/PoOOtUJXWSIrEDf1Xj5Z3VDMHSE.roa
File: PoOOtUJXWSIrEDf1Xj5Z3VDMHSE.roa (raw, json)
Hash identifier: xLcUbAcJyMHzQNbU8ncdTmCAmnGI9JLzaYaEQOKQswQ=
Subject key identifier: 3E:83:8E:B5:42:57:59:22:2B:10:37:F5:5E:3E:59:DD:50:CC:1D:21
Certificate issuer: /CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Certificate serial: 01942143B55B1D6B89DD1BFB3A148A5A81F7
Authority key identifier: 66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/PoOOtUJXWSIrEDf1Xj5Z3VDMHSE.roa
Signing time: Wed 01 Jan 2025 09:47:52 +0000
ROA not before: Wed 01 Jan 2025 09:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12857
IP address blocks: 2a00:b400::/29 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:b5:5b:1d:6b:89:dd:1b:fb:3a:14:8a:5a:81:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Validity
Not Before: Jan 1 09:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e838eb5425759222b1037f55e3e59dd50cc1d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:33:23:4d:d3:29:94:e4:92:07:67:87:7e:14:
c7:00:a6:65:02:15:76:f2:94:09:22:93:21:34:f9:
eb:3c:04:83:a5:2b:ab:eb:2f:9f:ca:d8:2d:09:9b:
83:7a:b2:22:f0:ef:0d:e5:a2:0f:83:4c:cd:74:01:
07:f4:87:e5:ac:ed:f0:d8:5b:70:4c:25:a8:09:24:
a3:0d:ce:d7:71:8d:1b:06:2f:40:34:d0:eb:8d:81:
ba:7c:5c:e4:cf:b3:3f:0d:bf:67:2b:be:c5:49:a0:
21:07:05:53:d6:7a:d2:9e:aa:b0:cd:67:47:23:88:
52:b6:0d:2c:6b:ab:68:65:d6:4a:45:1d:ee:dc:f3:
8c:85:94:d2:72:84:49:3c:67:26:6b:18:33:62:58:
87:97:a5:8f:33:e0:cf:39:34:f7:b7:e4:92:05:37:
c8:6e:a0:93:7d:1d:e5:ff:8b:10:ea:72:49:72:49:
cf:f3:51:b3:35:91:00:b2:55:96:61:6c:74:ba:1c:
46:ea:43:3a:a0:f9:72:41:92:06:c3:1f:32:c2:af:
0e:cd:69:c2:d4:a5:cc:4a:4f:67:05:40:42:a2:46:
38:fd:86:a4:3e:61:fe:17:3f:12:49:01:3f:78:39:
e2:16:3e:d5:9d:02:f8:b6:97:11:c0:38:b2:9e:a2:
54:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:83:8E:B5:42:57:59:22:2B:10:37:F5:5E:3E:59:DD:50:CC:1D:21
X509v3 Authority Key Identifier:
keyid:66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/PoOOtUJXWSIrEDf1Xj5Z3VDMHSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:b400::/29
Signature Algorithm: sha256WithRSAEncryption
53:69:e3:c1:d1:b1:7f:9b:68:b0:e9:4f:ad:2a:ed:8d:85:11:
7f:eb:2f:ce:65:2b:d1:ce:58:14:bf:ce:86:2d:41:c0:3c:fe:
d5:3f:da:c5:b2:f1:0d:e9:52:ee:36:e2:80:70:51:77:0c:7b:
30:88:21:38:08:e5:0f:2f:b5:6e:d0:c1:2c:84:e8:8a:50:39:
a3:c0:f4:2a:2c:f0:88:d5:ce:7e:00:33:e5:33:6f:26:6d:07:
53:3d:04:fb:8c:8a:d9:11:ba:7d:84:a4:44:a2:cc:0f:a1:fa:
ce:f2:68:a0:99:26:18:f5:8c:ae:12:02:d4:69:9f:fe:c1:3c:
d3:98:5f:61:58:e1:c8:2e:53:ce:40:a2:b2:11:1d:67:e6:6d:
b8:45:55:82:d8:52:73:c3:98:7c:ce:bd:8a:f1:96:03:e6:e0:
bb:88:9d:01:d5:b2:22:03:5d:ef:70:b4:57:3d:d4:0b:d9:68:
67:fe:78:ee:16:0a:4b:50:92:c3:fd:95:2f:5b:80:e2:22:35:
a6:c4:4d:46:e7:c6:22:79:9f:f3:98:98:4c:d5:6f:d9:3c:06:
f7:35:16:90:71:fc:33:87:7e:22:9c:dc:dd:8a:11:44:3e:5c:
fb:dd:f9:8f:ac:5f:3a:15:df:9b:6b:32:1f:94:4e:47:28:7c:
68:c0:9e:7d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhQ7VbHWuJ3Rv7OhSKWoH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGQyZjY0YzMzNzQ2NWVkMzhkYTVmN2NjNDU4NGRmODdk
NGE3NDQwHhcNMjUwMTAxMDk0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTgzOGViNTQyNTc1OTIyMmIxMDM3ZjU1ZTNlNTlkZDUwY2MxZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTMjTdMplOSSB2eHfhTHAKZlAhV2
8pQJIpMhNPnrPASDpSur6y+fytgtCZuDerIi8O8N5aIPg0zNdAEH9IflrO3w2Ftw
TCWoCSSjDc7XcY0bBi9ANNDrjYG6fFzkz7M/Db9nK77FSaAhBwVT1nrSnqqwzWdH
I4hStg0sa6toZdZKRR3u3POMhZTScoRJPGcmaxgzYliHl6WPM+DPOTT3t+SSBTfI
bqCTfR3l/4sQ6nJJcknP81GzNZEAslWWYWx0uhxG6kM6oPlyQZIGwx8ywq8OzWnC
1KXMSk9nBUBCokY4/YakPmH+Fz8SSQE/eDniFj7VnQL4tpcRwDiynqJUkwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFD6DjrVCV1kiKxA39V4+Wd1QzB0hMB8GA1UdIwQY
MBaAFGaNL2TDN0Ze042l98xFhN+H1KdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQt
MzhiYmNmYWVlNmNlLzEvUG9PT3RVSlhXU0lyRURmMVhqNVozVkRNSFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQtMzhiYmNmYWVlNmNl
LzEvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgC0ADAN
BgkqhkiG9w0BAQsFAAOCAQEAU2njwdGxf5tosOlPrSrtjYURf+svzmUr0c5YFL/O
hi1BwDz+1T/axbLxDelS7jbigHBRdwx7MIghOAjlDy+1btDBLIToilA5o8D0Kizw
iNXOfgAz5TNvJm0HUz0E+4yK2RG6fYSkRKLMD6H6zvJooJkmGPWMrhIC1Gmf/sE8
05hfYVjhyC5TzkCishEdZ+ZtuEVVgthSc8OYfM69ivGWA+bgu4idAdWyIgNd73C0
Vz3UC9loZ/547hYKS1CSw/2VL1uA4iI1psRNRufGInmf85iYTNVv2TwG9zUWkHH8
M4d+Ipzc3YoRRD5c+935j6xfOhXfm2syH5RORyh8aMCefQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:49 2025 by rpki-client