Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/XsS9ykMO5HKJn-RKpj1DXkv__3Y.roa
File: XsS9ykMO5HKJn-RKpj1DXkv__3Y.roa (raw, json)
Hash identifier: cehlj5cBvvMvUJFAEH3SHJ8u0tkp/IbkouFhgyJNZEk=
Subject key identifier: 5E:C4:BD:CA:43:0E:E4:72:89:9F:E4:4A:A6:3D:43:5E:4B:FF:FF:76
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095428A14F26EBBB6BA081196935405
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/XsS9ykMO5HKJn-RKpj1DXkv__3Y.roa
Signing time: Mon 02 Jan 2023 03:45:08 +0000
ROA not before: Mon 02 Jan 2023 03:45:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49465
IP address blocks: 2a02:128:16::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:42:8a:14:f2:6e:bb:b6:ba:08:11:96:93:54:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ec4bdca430ee472899fe44aa63d435e4bffff76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:24:d8:c1:7f:d5:f3:dd:3c:15:e4:48:3d:82:
9d:90:c6:78:0a:27:52:70:fb:e3:38:6d:4e:6e:84:
37:39:8b:98:be:42:92:60:d5:29:75:b2:d8:ca:7d:
bd:9d:80:73:d4:34:ea:14:37:af:b7:eb:6b:26:ff:
35:e5:a0:a3:49:b1:3e:64:7e:19:00:d3:20:89:e2:
95:ae:18:55:ca:a7:63:8c:13:ca:6d:61:ce:e4:16:
10:e6:df:14:03:f9:c6:16:46:27:6f:83:e6:28:c3:
e9:ee:7b:bb:f0:54:f2:43:a4:d1:7e:72:0e:f0:f5:
19:85:b4:8c:e2:9b:d4:1e:37:d9:15:ca:ea:2c:bf:
d4:95:4e:98:7b:39:9e:32:d3:eb:92:21:46:fd:d8:
a5:08:0d:27:35:9d:c7:3d:4f:00:1c:33:ca:50:b5:
c9:be:49:b1:28:f2:47:ad:e5:97:b6:fa:00:ed:cc:
6a:12:52:30:66:f7:09:8f:a7:46:f7:fa:b0:91:69:
a1:47:eb:1c:ef:95:65:ef:ff:42:0b:68:5e:6f:12:
9f:9b:77:5a:08:f5:c6:95:6e:33:1b:f2:f4:dd:d5:
ed:1e:ff:1d:28:c9:a1:70:09:5b:24:71:d3:eb:cc:
eb:43:ba:77:26:4a:16:60:36:a6:95:cc:0f:fe:fa:
7b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C4:BD:CA:43:0E:E4:72:89:9F:E4:4A:A6:3D:43:5E:4B:FF:FF:76
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/XsS9ykMO5HKJn-RKpj1DXkv__3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:128:16::/48
Signature Algorithm: sha256WithRSAEncryption
5b:60:dc:6c:83:ef:df:87:41:64:22:5d:94:8d:da:a2:dc:d5:
57:a5:3e:1f:fb:49:5c:07:b6:d6:d6:2b:c6:07:1b:3a:7c:76:
57:63:17:a7:60:5c:2b:55:5f:3c:e5:28:64:6e:46:32:bb:0f:
29:02:6e:d1:d3:14:c9:04:f1:4d:3e:50:e7:5d:7b:1c:bc:21:
cd:4f:8a:f7:e7:15:e7:c0:84:6a:32:f8:45:67:c1:1f:b8:50:
2c:76:6d:d5:c6:8c:92:df:4f:63:c0:25:ff:a1:98:14:93:19:
b4:fa:67:d6:c8:c3:d0:88:7c:b1:79:21:ba:8e:06:9d:4c:79:
de:1a:51:0c:28:14:16:4e:8c:44:98:ca:ab:98:39:b6:4a:a9:
ed:40:ae:6c:e4:6f:bf:39:ba:8d:0e:b4:0a:80:a8:f8:7b:f0:
59:da:ef:53:a2:66:0e:ec:e6:64:cf:02:26:bc:eb:6e:64:9b:
e6:d4:fd:39:a6:5c:d3:e2:b7:e7:c8:42:96:d2:29:63:c7:3c:
a9:3d:1e:61:44:83:4f:ca:0e:e2:49:5c:f3:15:4f:db:46:53:
d8:ec:e3:04:b1:d0:4c:00:bd:cb:1a:70:da:57:f4:3c:40:42:
d2:4f:47:88:bb:58:0b:29:8d:a0:c5:3b:88:39:a5:94:6f:05:
12:dd:14:a2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwlUKKFPJuu7a6CBGWk1QFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWM0YmRjYTQzMGVlNDcyODk5ZmU0NGFhNjNkNDM1ZTRiZmZmZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCTYwX/V8908FeRIPYKdkMZ4CidS
cPvjOG1OboQ3OYuYvkKSYNUpdbLYyn29nYBz1DTqFDevt+trJv815aCjSbE+ZH4Z
ANMgieKVrhhVyqdjjBPKbWHO5BYQ5t8UA/nGFkYnb4PmKMPp7nu78FTyQ6TRfnIO
8PUZhbSM4pvUHjfZFcrqLL/UlU6YezmeMtPrkiFG/dilCA0nNZ3HPU8AHDPKULXJ
vkmxKPJHreWXtvoA7cxqElIwZvcJj6dG9/qwkWmhR+sc75Vl7/9CC2hebxKfm3da
CPXGlW4zG/L03dXtHv8dKMmhcAlbJHHT68zrQ7p3JkoWYDamlcwP/vp7+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF7EvcpDDuRyiZ/kSqY9Q15L//92MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvWHNTOXlrTU81SEtKbi1SS3BqMURYa3ZfXzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIBKAAW
MA0GCSqGSIb3DQEBCwUAA4IBAQBbYNxsg+/fh0FkIl2Ujdqi3NVXpT4f+0lcB7bW
1ivGBxs6fHZXYxenYFwrVV885ShkbkYyuw8pAm7R0xTJBPFNPlDnXXscvCHNT4r3
5xXnwIRqMvhFZ8EfuFAsdm3VxoyS309jwCX/oZgUkxm0+mfWyMPQiHyxeSG6jgad
THneGlEMKBQWToxEmMqrmDm2SqntQK5s5G+/ObqNDrQKgKj4e/BZ2u9TomYO7OZk
zwImvOtuZJvm1P05plzT4rfnyEKW0iljxzypPR5hRINPyg7iSVzzFU/bRlPY7OME
sdBMAL3LGnDaV/Q8QELST0eIu1gLKY2gxTuIOaWUbwUS3RSi
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:06:05 2025 by rpki-client