Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7e8ed6-ae72-4d3f-999d-67c3affbd1aa/1/xmm2JL7TcI6ebRwScNNxmj8JWuo.roa
File: xmm2JL7TcI6ebRwScNNxmj8JWuo.roa (raw, json)
Hash identifier: fkFUQl1m0mbIlDS4H4YUitr8IcfvKPdCtORJm2ZIyMA=
Subject key identifier: C6:69:B6:24:BE:D3:70:8E:9E:6D:1C:12:70:D3:71:9A:3F:09:5A:EA
Certificate issuer: /CN=f2023e76a68ea6c9f70d3ea72df84e53dc21724f
Certificate serial: 01942745D3C86D793F23101E5CDFB79C1ABB
Authority key identifier: F2:02:3E:76:A6:8E:A6:C9:F7:0D:3E:A7:2D:F8:4E:53:DC:21:72:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8gI-dqaOpsn3DT6nLfhOU9whck8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7e8ed6-ae72-4d3f-999d-67c3affbd1aa/1/xmm2JL7TcI6ebRwScNNxmj8JWuo.roa
Signing time: Thu 02 Jan 2025 13:47:55 +0000
ROA not before: Thu 02 Jan 2025 13:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204711
IP address blocks: 2001:67c:24a4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:45:d3:c8:6d:79:3f:23:10:1e:5c:df:b7:9c:1a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2023e76a68ea6c9f70d3ea72df84e53dc21724f
Validity
Not Before: Jan 2 13:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c669b624bed3708e9e6d1c1270d3719a3f095aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:99:5d:a4:cb:a8:d2:7c:4f:0f:3d:24:72:d2:
09:c3:d2:9e:96:fd:ca:88:56:42:c3:3d:c4:fc:16:
4a:26:ae:35:94:89:3e:66:4c:00:fa:4e:d9:9a:1b:
ef:14:02:05:22:ba:9d:04:ad:6f:70:17:15:28:e2:
9c:55:30:fd:49:2d:9d:bb:2d:46:79:72:69:f2:d9:
b8:a1:fd:cd:24:e0:ff:20:3b:ac:5c:da:8d:92:77:
b4:5e:7c:b7:8f:27:7f:09:e8:8f:72:0a:d2:21:5c:
eb:ca:f1:ab:f5:d4:cf:46:96:b6:41:6f:29:54:35:
82:88:7c:84:16:4a:f5:87:c1:91:bf:7e:19:ab:72:
64:6b:7e:b3:a9:a3:63:fe:3e:92:6a:44:93:1a:c8:
97:9b:55:86:92:3a:1c:60:06:73:0b:1f:b1:67:ed:
5d:83:4b:70:8f:1d:f3:94:0e:2a:53:f7:8c:51:aa:
de:e3:0a:fb:a5:ce:4f:b7:82:a7:a4:92:24:b7:de:
f2:37:42:2d:29:85:04:68:d6:29:c3:23:95:a7:01:
45:b0:8a:a1:6b:b3:e6:9f:bf:31:e6:1f:99:83:ef:
f2:e0:21:66:eb:e2:c6:79:75:bd:9f:3c:a5:6b:a9:
6c:25:2e:30:fb:82:9d:90:42:a3:00:46:42:82:4c:
4b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:69:B6:24:BE:D3:70:8E:9E:6D:1C:12:70:D3:71:9A:3F:09:5A:EA
X509v3 Authority Key Identifier:
keyid:F2:02:3E:76:A6:8E:A6:C9:F7:0D:3E:A7:2D:F8:4E:53:DC:21:72:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8gI-dqaOpsn3DT6nLfhOU9whck8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7e8ed6-ae72-4d3f-999d-67c3affbd1aa/1/xmm2JL7TcI6ebRwScNNxmj8JWuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7e8ed6-ae72-4d3f-999d-67c3affbd1aa/1/8gI-dqaOpsn3DT6nLfhOU9whck8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:24a4::/48
Signature Algorithm: sha256WithRSAEncryption
77:c9:72:63:1e:ee:55:f9:2c:31:ac:41:0d:0f:20:11:85:2a:
11:52:ce:3d:d4:fc:20:89:a3:4b:ed:19:6d:fa:64:a4:49:62:
fe:61:6e:31:32:0f:3b:94:8b:d3:3d:e6:c4:f4:45:f0:d5:42:
76:76:94:43:d7:cf:75:9d:6f:61:c8:09:07:fd:6d:99:a3:27:
ec:15:f2:e4:b3:42:6c:0f:b3:08:a1:0c:15:72:7b:0d:26:9f:
f4:9f:fb:25:53:3a:15:80:2d:07:4a:0c:81:11:4b:88:c6:f3:
bc:2f:c5:6f:22:3d:ca:eb:e0:e9:26:09:f0:9e:ef:0f:cb:a7:
3d:01:10:08:58:15:6c:8a:21:94:a2:74:65:a4:58:4c:05:1d:
50:59:b8:da:ed:04:3d:dc:ea:f8:3b:ff:fd:1f:6a:f8:10:96:
94:ce:b1:5c:c9:31:82:83:b9:62:50:e5:39:c2:a7:be:c5:4b:
b7:bc:a5:98:84:80:37:97:ba:be:db:3f:c6:a6:57:6a:d8:05:
20:6f:f7:6a:ca:fe:84:db:b1:cc:16:f6:cf:38:c1:c9:50:dd:
c6:30:31:a2:4f:88:81:01:4f:fa:6e:76:42:59:cf:b1:25:d7:
33:a2:7f:dc:ae:67:49:23:8a:c1:c8:01:dc:30:00:a5:5d:1c:
57:e0:19:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnRdPIbXk/IxAeXN+3nBq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMDIzZTc2YTY4ZWE2YzlmNzBkM2VhNzJkZjg0ZTUzZGMy
MTcyNGYwHhcNMjUwMTAyMTM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjY5YjYyNGJlZDM3MDhlOWU2ZDFjMTI3MGQzNzE5YTNmMDk1YWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5ldpMuo0nxPDz0kctIJw9Kelv3K
iFZCwz3E/BZKJq41lIk+ZkwA+k7ZmhvvFAIFIrqdBK1vcBcVKOKcVTD9SS2duy1G
eXJp8tm4of3NJOD/IDusXNqNkne0Xny3jyd/CeiPcgrSIVzryvGr9dTPRpa2QW8p
VDWCiHyEFkr1h8GRv34Zq3Jka36zqaNj/j6SakSTGsiXm1WGkjocYAZzCx+xZ+1d
g0twjx3zlA4qU/eMUare4wr7pc5Pt4KnpJIkt97yN0ItKYUEaNYpwyOVpwFFsIqh
a7Pmn78x5h+Zg+/y4CFm6+LGeXW9nzyla6lsJS4w+4KdkEKjAEZCgkxL4QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMZptiS+03COnm0cEnDTcZo/CVrqMB8GA1UdIwQY
MBaAFPICPnamjqbJ9w0+py34TlPcIXJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGdJLWRxYU9wc24zRFQ2bkxmaE9VOXdoY2s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83ZThlZDYtYWU3Mi00ZDNmLTk5OWQt
NjdjM2FmZmJkMWFhLzEveG1tMkpMN1RjSTZlYlJ3U2NOTnhtajhKV3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83ZThlZDYtYWU3Mi00ZDNmLTk5OWQtNjdjM2FmZmJkMWFh
LzEvOGdJLWRxYU9wc24zRFQ2bkxmaE9VOXdoY2s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCSk
MA0GCSqGSIb3DQEBCwUAA4IBAQB3yXJjHu5V+SwxrEENDyARhSoRUs491PwgiaNL
7Rlt+mSkSWL+YW4xMg87lIvTPebE9EXw1UJ2dpRD1891nW9hyAkH/W2ZoyfsFfLk
s0JsD7MIoQwVcnsNJp/0n/slUzoVgC0HSgyBEUuIxvO8L8VvIj3K6+DpJgnwnu8P
y6c9ARAIWBVsiiGUonRlpFhMBR1QWbja7QQ93Or4O//9H2r4EJaUzrFcyTGCg7li
UOU5wqe+xUu3vKWYhIA3l7q+2z/Gpldq2AUgb/dqyv6E27HMFvbPOMHJUN3GMDGi
T4iBAU/6bnZCWc+xJdczon/crmdJI4rByAHcMAClXRxX4Bm/
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:52 2025 by rpki-client