Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/XlksBlzf5JtgpXoBsjtKq7r22H4.roa
File: XlksBlzf5JtgpXoBsjtKq7r22H4.roa (raw, json)
Hash identifier: YuC1lS4saUiK+ops1Jpnj2UuzAgFcK9Un5lKU2MiWoo=
Subject key identifier: 5E:59:2C:06:5C:DF:E4:9B:60:A5:7A:01:B2:3B:4A:AB:BA:F6:D8:7E
Certificate issuer: /CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Certificate serial: 0187875E113D5363944E133B04AF8D623E21
Authority key identifier: DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/XlksBlzf5JtgpXoBsjtKq7r22H4.roa
Signing time: Sun 16 Apr 2023 00:01:41 +0000
ROA not before: Sun 16 Apr 2023 00:01:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61292
IP address blocks: 2a0e:1c80:1a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:87:5e:11:3d:53:63:94:4e:13:3b:04:af:8d:62:3e:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Validity
Not Before: Apr 16 00:01:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e592c065cdfe49b60a57a01b23b4aabbaf6d87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6a:e4:7e:69:7c:c3:f7:8e:78:16:e8:07:e0:
65:34:3c:82:c1:53:a8:45:22:60:bb:d0:31:0d:2e:
74:99:f7:b7:ee:ac:5b:98:ad:74:01:e6:b1:54:5d:
e5:a0:f5:99:7b:9c:df:f9:9d:e6:69:3f:f1:bc:4b:
72:cf:ac:cf:02:e1:38:da:17:d7:6d:c7:bc:e8:1b:
7d:ad:84:db:e2:12:db:04:73:c6:f2:4e:f3:42:de:
ce:60:de:14:c6:a3:30:b5:a2:80:e6:16:93:23:3c:
6a:67:79:4e:de:38:ef:37:c9:94:99:aa:03:7e:e0:
07:13:84:ef:70:13:b6:4e:07:25:89:e3:6a:bb:cf:
73:07:91:9c:d3:61:e6:aa:41:82:2f:a2:25:cb:24:
31:52:66:c3:af:3e:66:42:b4:01:a1:87:9d:32:8d:
c7:46:0d:a3:6c:d3:7b:e1:a5:cd:d9:c5:16:b3:05:
f2:14:26:2e:39:1f:23:17:45:67:df:87:ac:b2:eb:
88:1b:88:05:d3:b1:18:ae:bf:e9:8c:8f:4f:62:8c:
18:6a:d8:c2:85:e4:88:56:7b:e5:67:3a:ea:13:bb:
84:bd:20:3d:56:34:fe:e9:91:df:54:67:ba:36:bd:
8c:57:77:f8:f2:66:7e:26:2c:49:9c:03:ee:7c:45:
5c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:59:2C:06:5C:DF:E4:9B:60:A5:7A:01:B2:3B:4A:AB:BA:F6:D8:7E
X509v3 Authority Key Identifier:
keyid:DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/XlksBlzf5JtgpXoBsjtKq7r22H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/39cDtgrGhzJW5rSCa6J6ne7KLwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1c80:1a::/48
Signature Algorithm: sha256WithRSAEncryption
46:cd:ab:44:91:7a:ce:1a:00:a0:f9:8b:6d:98:fa:b2:d3:3a:
3a:b1:ea:db:f5:85:72:f7:da:f4:66:6d:71:22:46:03:1f:f5:
ac:c8:5e:27:d7:ab:8a:3b:db:67:9e:2b:8f:fc:ea:1e:2a:a9:
81:1f:ba:31:ba:ca:35:51:b4:f0:1a:bd:b5:ea:8a:8e:08:c6:
8d:f7:32:d3:67:53:d9:89:65:68:85:20:92:c3:36:8c:5f:20:
55:10:70:a1:aa:2d:de:b5:7a:34:a6:6a:9f:66:26:5c:5e:a6:
15:f4:2d:e7:fb:a4:09:13:df:8c:b4:ae:63:15:7d:36:99:c6:
53:75:ec:f2:f9:4a:12:a9:62:95:be:71:d3:2e:27:8b:e7:a7:
14:67:cf:90:f0:f4:82:3f:8f:0e:b5:17:ae:f4:b9:b6:c6:2b:
72:47:d4:57:f9:f4:23:1c:12:92:5d:32:a5:a7:de:91:c0:b8:
da:03:a6:1e:bf:07:aa:ef:27:8c:d6:fc:40:e2:a4:5d:89:bf:
13:be:ec:d1:b6:a7:72:c4:c1:58:eb:7b:96:76:6d:67:1b:1f:
42:d0:77:6b:df:f2:1a:91:19:74:f9:eb:91:1c:12:d5:68:95:
de:2c:34:93:11:e1:d9:cf:8b:24:9a:51:f1:5e:ef:6a:45:d0:
c7:6c:af:74
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYeHXhE9U2OUThM7BK+NYj4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDcwM2I2MGFjNjg3MzI1NmU2YjQ4MjZiYTI3YTlkZWVj
YTJmMGEwHhcNMjMwNDE2MDAwMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTU5MmMwNjVjZGZlNDliNjBhNTdhMDFiMjNiNGFhYmJhZjZkODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWrkfml8w/eOeBboB+BlNDyCwVOo
RSJgu9AxDS50mfe37qxbmK10AeaxVF3loPWZe5zf+Z3maT/xvEtyz6zPAuE42hfX
bce86Bt9rYTb4hLbBHPG8k7zQt7OYN4UxqMwtaKA5haTIzxqZ3lO3jjvN8mUmaoD
fuAHE4TvcBO2TgclieNqu89zB5Gc02HmqkGCL6IlyyQxUmbDrz5mQrQBoYedMo3H
Rg2jbNN74aXN2cUWswXyFCYuOR8jF0Vn34essuuIG4gF07EYrr/pjI9PYowYatjC
heSIVnvlZzrqE7uEvSA9VjT+6ZHfVGe6Nr2MV3f48mZ+JixJnAPufEVcEwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF5ZLAZc3+SbYKV6AbI7Squ69th+MB8GA1UdIwQY
MBaAFN/XA7YKxocyVua0gmuiep3uyi8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDct
NTNmMDc4OGUxYTFiLzEvWGxrc0JsemY1SnRncFhvQnNqdEtxN3IyMkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDctNTNmMDc4OGUxYTFi
LzEvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4cgAAa
MA0GCSqGSIb3DQEBCwUAA4IBAQBGzatEkXrOGgCg+YttmPqy0zo6serb9YVy99r0
Zm1xIkYDH/WsyF4n16uKO9tnniuP/OoeKqmBH7oxuso1UbTwGr216oqOCMaN9zLT
Z1PZiWVohSCSwzaMXyBVEHChqi3etXo0pmqfZiZcXqYV9C3n+6QJE9+MtK5jFX02
mcZTdezy+UoSqWKVvnHTLieL56cUZ8+Q8PSCP48OtReu9Lm2xityR9RX+fQjHBKS
XTKlp96RwLjaA6Yevweq7yeM1vxA4qRdib8TvuzRtqdyxMFY63uWdm1nGx9C0Hdr
3/IakRl0+euRHBLVaJXeLDSTEeHZz4skmlHxXu9qRdDHbK90
-----END CERTIFICATE-----
Generated at Mon May 12 03:51:43 2025 by rpki-client