Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/xt63-bTnDGTwRBAIcih-bm3I-x4.roa
File: xt63-bTnDGTwRBAIcih-bm3I-x4.roa (raw, json)
Hash identifier: ZNIM0IHiooV1GbKlHHIP2PVO2rpmWUsl6VIryJ/sL7M=
Subject key identifier: C6:DE:B7:F9:B4:E7:0C:64:F0:44:10:08:72:28:7E:6E:6D:C8:FB:1E
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01942067EF8CDCF70E4CF4DEEE469A89607B
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/xt63-bTnDGTwRBAIcih-bm3I-x4.roa
Signing time: Wed 01 Jan 2025 05:47:49 +0000
ROA not before: Wed 01 Jan 2025 05:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208223
IP address blocks: 2a12:3fc2:df00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ef:8c:dc:f7:0e:4c:f4:de:ee:46:9a:89:60:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 05:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6deb7f9b4e70c64f044100872287e6e6dc8fb1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ec:02:22:95:c9:12:d0:3e:88:dc:8e:c3:71:
f4:98:1c:fa:8b:1b:df:52:53:fd:38:2a:4a:6b:6f:
d0:7f:b2:2c:56:c2:61:b5:06:56:d9:80:a9:da:cf:
36:d9:6a:2a:ee:ff:a3:24:38:c4:4f:25:88:7b:e0:
f5:26:5f:63:a2:fd:09:4d:f1:b6:0f:4d:54:d6:43:
cb:95:ae:b1:4f:75:19:c0:6b:89:03:32:d0:80:d8:
d0:78:6d:af:1d:2f:11:42:6a:d7:9b:e0:24:76:a7:
13:81:a8:df:85:fe:dc:2f:af:75:b8:44:67:38:af:
8f:c2:e1:e9:11:06:99:7f:8a:7f:4b:aa:6f:90:c4:
6a:65:11:05:16:f0:96:d8:1e:e5:9f:c7:a6:ee:9f:
15:43:a8:bf:0c:10:d1:b3:43:40:cb:62:c4:ce:7f:
5a:1e:b0:3c:2c:29:d6:2c:32:05:82:1a:76:62:79:
12:c4:cb:c2:e4:11:d9:d5:8f:85:dc:1c:fe:3f:c2:
fc:bb:fd:ae:18:df:29:95:9f:d8:93:1d:87:a7:84:
fd:79:a8:2c:8a:ef:ab:77:d6:fe:36:0c:e2:1b:56:
b9:19:22:3c:5b:7f:3c:05:d4:60:27:73:b7:a8:73:
1f:81:06:39:ef:43:f8:32:3e:66:fb:8d:34:97:04:
f8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DE:B7:F9:B4:E7:0C:64:F0:44:10:08:72:28:7E:6E:6D:C8:FB:1E
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/xt63-bTnDGTwRBAIcih-bm3I-x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:df00::/40
Signature Algorithm: sha256WithRSAEncryption
79:e9:69:df:80:19:2b:4c:96:8d:6f:91:30:d3:5a:0e:be:3d:
a6:13:3f:9a:75:1b:6b:d8:13:58:75:34:5d:ca:96:06:40:84:
57:f7:a2:7c:df:12:60:22:62:37:9d:45:75:ce:15:91:db:48:
b5:04:d5:b9:b3:88:b2:bd:07:7d:6c:7b:35:7f:7c:db:ce:d7:
45:fd:99:d8:b7:4f:b7:48:38:40:74:37:31:81:2c:fd:50:85:
7d:c5:db:8e:4a:dc:59:72:bb:31:5e:a0:6c:f7:cc:5f:b2:47:
eb:37:f7:7c:c3:d5:c5:75:c3:d8:d7:4e:c7:db:79:6e:70:8c:
fa:7a:37:3a:45:7e:ee:c4:3f:b7:49:60:ba:de:17:42:d4:3b:
d0:66:b8:15:b6:d2:f9:4f:07:da:06:0d:e5:e5:cc:c3:fd:cc:
04:c7:6b:a4:b4:ca:2d:1f:e4:11:cd:49:55:72:b2:1e:56:4a:
23:13:93:f6:a4:03:c7:e5:f7:84:e5:ca:5f:87:c5:41:67:a0:
a8:15:dc:f5:b5:24:13:a4:3d:0d:ed:24:5c:49:30:ba:1a:1e:
f1:02:81:dd:c6:a5:ac:d2:ab:66:f9:de:4f:72:80:7d:76:a7:
00:b7:62:10:54:1f:bc:21:11:7e:2f:be:b5:89:9e:2f:b1:83:
26:46:f4:cc
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQgZ++M3PcOTPTe7kaaiWB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjUwMTAxMDU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmRlYjdmOWI0ZTcwYzY0ZjA0NDEwMDg3MjI4N2U2ZTZkYzhmYjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuwCIpXJEtA+iNyOw3H0mBz6ixvf
UlP9OCpKa2/Qf7IsVsJhtQZW2YCp2s822Woq7v+jJDjETyWIe+D1Jl9jov0JTfG2
D01U1kPLla6xT3UZwGuJAzLQgNjQeG2vHS8RQmrXm+AkdqcTgajfhf7cL691uERn
OK+PwuHpEQaZf4p/S6pvkMRqZREFFvCW2B7ln8em7p8VQ6i/DBDRs0NAy2LEzn9a
HrA8LCnWLDIFghp2YnkSxMvC5BHZ1Y+F3Bz+P8L8u/2uGN8plZ/Ykx2Hp4T9eags
iu+rd9b+NgziG1a5GSI8W388BdRgJ3O3qHMfgQY570P4Mj5m+400lwT4sQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMbet/m05wxk8EQQCHIofm5tyPseMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEveHQ2My1iVG5ER1R3UkJBSWNpaC1ibTNJLXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI/wt8w
DQYJKoZIhvcNAQELBQADggEBAHnpad+AGStMlo1vkTDTWg6+PaYTP5p1G2vYE1h1
NF3KlgZAhFf3onzfEmAiYjedRXXOFZHbSLUE1bmziLK9B31sezV/fNvO10X9mdi3
T7dIOEB0NzGBLP1QhX3F245K3FlyuzFeoGz3zF+yR+s393zD1cV1w9jXTsfbeW5w
jPp6NzpFfu7EP7dJYLreF0LUO9BmuBW20vlPB9oGDeXlzMP9zATHa6S0yi0f5BHN
SVVysh5WSiMTk/akA8fl94Tlyl+HxUFnoKgV3PW1JBOkPQ3tJFxJMLoaHvECgd3G
pazSq2b53k9ygH12pwC3YhBUH7whEX4vvrWJni+xgyZG9Mw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:00 2025 by rpki-client