Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/xTbaXHCSP5R2cW6d3irj8uLGSfc.roa
File: xTbaXHCSP5R2cW6d3irj8uLGSfc.roa (raw, json)
Hash identifier: fPEA1ReVx5X+kyuPHVYvtfHb4wFnIRgWdWtUXwouvUE=
Subject key identifier: C5:36:DA:5C:70:92:3F:94:76:71:6E:9D:DE:2A:E3:F2:E2:C6:49:F7
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01856C1CA7FD6F0B607E3042EF90AB162D4C
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/xTbaXHCSP5R2cW6d3irj8uLGSfc.roa
Signing time: Sun 01 Jan 2023 06:54:55 +0000
ROA not before: Sun 01 Jan 2023 06:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202255
IP address blocks: 2a12:3fc2:2a00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a7:fd:6f:0b:60:7e:30:42:ef:90:ab:16:2d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 06:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c536da5c70923f9476716e9dde2ae3f2e2c649f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:49:d0:0e:30:e2:60:f8:ac:62:11:14:03:81:
e9:b6:2a:a2:09:75:26:39:2e:8b:c1:64:25:36:0a:
95:cd:ce:d8:55:2f:78:61:65:c6:a0:d8:1d:7f:99:
b2:b2:68:2d:54:65:61:a0:8d:a1:9c:f7:3a:27:9b:
18:20:0e:bf:05:55:76:46:88:cf:38:74:30:17:be:
b7:5a:36:8e:e1:9b:d9:4d:dc:51:fd:25:29:82:65:
58:ba:58:13:d7:16:91:3e:eb:94:f5:86:ee:e0:e1:
14:d4:83:7c:b2:0f:30:ca:c0:6b:08:45:df:9d:a4:
2e:57:0f:66:13:ae:7c:44:b5:0b:0a:4c:75:c2:28:
da:97:88:9c:44:24:f6:85:ff:c6:a7:82:da:c1:6a:
61:1a:44:9d:f1:9f:8a:c5:21:e3:7d:90:8a:c3:05:
c7:eb:d0:97:72:f8:6b:bd:65:1c:e6:dc:96:fd:0e:
58:30:13:ce:4f:98:7e:b3:d1:05:ff:b9:88:33:36:
2d:87:6b:98:0f:6b:62:d5:e7:fb:a1:4c:36:0f:0c:
4b:16:3e:fc:f8:91:62:31:5f:fc:55:00:84:06:9a:
9d:9b:a4:d5:67:00:0c:3a:0b:38:10:e1:93:df:8d:
8a:68:1d:a4:32:c0:74:90:6a:27:89:61:60:7d:9a:
c8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:36:DA:5C:70:92:3F:94:76:71:6E:9D:DE:2A:E3:F2:E2:C6:49:F7
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/xTbaXHCSP5R2cW6d3irj8uLGSfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:2a00::/40
Signature Algorithm: sha256WithRSAEncryption
41:79:ab:66:c7:82:83:ae:4f:50:dc:17:ec:a5:c8:8d:9e:68:
60:c2:50:ee:bc:4d:c0:99:ab:02:1b:00:77:19:a9:f8:68:24:
44:dd:a5:e5:da:84:8c:68:f2:c6:0a:25:1e:11:53:ee:89:f9:
03:a7:99:50:a1:a6:a4:df:db:45:80:bc:d0:34:21:f9:49:ec:
8b:f2:fa:a5:9a:af:f3:84:36:71:74:dd:b1:41:4b:48:bb:f8:
8f:1b:f5:91:25:5a:4c:14:64:fe:64:99:ce:36:57:56:ec:44:
92:8f:d8:3d:1b:b1:39:ed:9a:06:a6:d0:ea:ff:b7:45:01:07:
d5:6e:5e:3e:fa:7a:e5:e4:4f:c3:c2:dc:24:fb:ff:fa:fe:97:
6d:10:3a:7d:20:1a:12:48:67:2c:43:13:c8:f8:10:8b:f6:b6:
0d:89:8d:18:c7:76:d4:84:76:0a:b7:ea:83:aa:51:3e:ee:a5:
a2:00:a1:e4:e7:69:15:f6:7d:ed:6e:6d:d2:e4:7c:ed:3a:ad:
33:34:7c:80:1e:2b:fe:87:e1:9f:f8:09:e3:18:67:3f:c7:b1:
75:84:24:eb:d8:cb:a8:b5:e0:ce:9f:2a:bd:fc:c5:f1:ac:e3:
4d:b9:f0:ef:0f:f7:7c:59:a4:90:a7:a3:71:d2:0b:89:bf:73:
b6:26:61:95
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsHKf9bwtgfjBC75CrFi1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjMwMTAxMDY1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTM2ZGE1YzcwOTIzZjk0NzY3MTZlOWRkZTJhZTNmMmUyYzY0OWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlknQDjDiYPisYhEUA4HptiqiCXUm
OS6LwWQlNgqVzc7YVS94YWXGoNgdf5mysmgtVGVhoI2hnPc6J5sYIA6/BVV2RojP
OHQwF763WjaO4ZvZTdxR/SUpgmVYulgT1xaRPuuU9Ybu4OEU1IN8sg8wysBrCEXf
naQuVw9mE658RLULCkx1wijal4icRCT2hf/Gp4LawWphGkSd8Z+KxSHjfZCKwwXH
69CXcvhrvWUc5tyW/Q5YMBPOT5h+s9EF/7mIMzYth2uYD2ti1ef7oUw2DwxLFj78
+JFiMV/8VQCEBpqdm6TVZwAMOgs4EOGT342KaB2kMsB0kGoniWFgfZrIPQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMU22lxwkj+UdnFund4q4/Lixkn3MB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEveFRiYVhIQ1NQNVIyY1c2ZDNpcmo4dUxHU2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI/wiow
DQYJKoZIhvcNAQELBQADggEBAEF5q2bHgoOuT1DcF+ylyI2eaGDCUO68TcCZqwIb
AHcZqfhoJETdpeXahIxo8sYKJR4RU+6J+QOnmVChpqTf20WAvNA0IflJ7Ivy+qWa
r/OENnF03bFBS0i7+I8b9ZElWkwUZP5kmc42V1bsRJKP2D0bsTntmgam0Or/t0UB
B9VuXj76euXkT8PC3CT7//r+l20QOn0gGhJIZyxDE8j4EIv2tg2JjRjHdtSEdgq3
6oOqUT7upaIAoeTnaRX2fe1ubdLkfO06rTM0fIAeK/6H4Z/4CeMYZz/HsXWEJOvY
y6i14M6fKr38xfGs40258O8P93xZpJCno3HSC4m/c7YmYZU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:03 2025 by rpki-client