Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/1XXrB12LRdMGqs-GeS3cAximpqI.roa
File: 1XXrB12LRdMGqs-GeS3cAximpqI.roa (raw, json)
Hash identifier: QvMP+g9vxMZ3cjLKa1foWvZXJz5KMsBVO3RZBZhceVg=
Subject key identifier: D5:75:EB:07:5D:8B:45:D3:06:AA:CF:86:79:2D:DC:03:18:A6:A6:A2
Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Certificate serial: 0194930E29DAC936EDFEDC5B50CE33C9BD67
Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/1XXrB12LRdMGqs-GeS3cAximpqI.roa
Signing time: Thu 23 Jan 2025 12:06:06 +0000
ROA not before: Thu 23 Jan 2025 12:06:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a01:ecc0:2c0::/64 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:0e:29:da:c9:36:ed:fe:dc:5b:50:ce:33:c9:bd:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Validity
Not Before: Jan 23 12:06:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d575eb075d8b45d306aacf86792ddc0318a6a6a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:62:9f:c1:40:78:7d:c2:54:a3:aa:f2:39:f9:
2f:d2:92:e4:f1:cf:c0:8a:cc:af:3e:ab:27:ce:62:
90:63:6f:17:58:8e:5d:17:73:96:cd:4a:af:fa:09:
a3:aa:5d:1d:da:d3:8c:3e:8f:0b:15:9a:d1:a3:ba:
44:11:2a:1e:a6:17:ec:54:71:ce:6e:79:cb:fb:71:
92:5b:58:5b:d5:48:37:85:e9:89:46:0c:b3:bc:66:
aa:2d:4c:ad:e2:77:6d:88:59:7a:c1:3b:ed:d8:50:
e2:1e:d5:22:c7:bb:05:32:4d:13:ce:a0:43:23:af:
be:d6:b4:04:84:c3:77:c0:ed:27:33:dc:6e:0b:f9:
a7:bb:7e:a1:f7:66:44:e4:7e:e5:d4:99:24:f7:73:
d0:c2:c3:11:3f:04:72:bb:d2:d2:8d:e7:83:c0:bc:
a8:7a:44:3e:f6:21:26:12:93:21:24:bb:7b:a9:1f:
4d:98:f5:c0:39:60:38:10:0f:1e:fe:0f:37:f5:6a:
9a:47:61:61:f4:91:ed:1e:8a:3f:57:c9:37:ec:cf:
66:03:a5:a5:aa:4f:b9:7f:95:b3:93:42:af:f7:2a:
47:67:c2:37:1e:ed:b6:3b:a7:cc:49:f4:fd:90:7f:
d4:02:55:f0:22:70:79:29:04:aa:86:25:b1:94:5f:
c7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:75:EB:07:5D:8B:45:D3:06:AA:CF:86:79:2D:DC:03:18:A6:A6:A2
X509v3 Authority Key Identifier:
keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/1XXrB12LRdMGqs-GeS3cAximpqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ecc0:2c0::/64
Signature Algorithm: sha256WithRSAEncryption
5b:50:2e:44:c0:f2:43:7e:ae:59:f4:8f:9d:d6:b4:c3:18:b6:
ef:7d:f0:fc:17:aa:ed:d9:09:fe:e5:c8:56:a4:35:8d:c2:6f:
a9:da:7b:ab:dc:97:f9:06:7a:d1:58:1b:9f:21:ad:a2:02:fa:
c9:b1:d3:e9:bb:1c:60:38:98:0a:b2:fb:d6:88:ab:4a:16:7b:
52:fd:7d:e9:23:a6:0c:51:24:56:ca:be:8f:0e:a0:67:df:43:
72:39:cd:24:4c:08:bd:fc:99:57:2f:a1:92:62:40:fb:2d:84:
4c:bc:95:0c:47:d9:77:32:47:50:f6:a4:6f:94:31:28:97:65:
1f:b3:dd:f4:ad:f9:1a:20:8f:b5:63:93:c4:aa:cd:da:5d:49:
1d:8d:a6:78:49:aa:67:f3:a6:c5:92:19:8e:9d:f5:eb:88:7c:
bb:ec:1c:f9:79:c0:9a:41:85:da:83:e3:fd:41:fa:69:7a:6a:
20:6e:bc:ac:5d:ce:c1:0f:49:5b:10:f5:71:2b:0c:8e:1a:93:
5c:31:8c:9b:41:5d:96:38:05:54:4b:f0:f0:24:c2:a8:9f:54:
6e:96:ba:32:74:d4:ba:2d:a1:24:e4:76:33:07:90:67:c0:37:
78:7c:94:6f:a2:19:c2:bb:65:42:7b:6f:f9:77:09:4b:28:21:
6e:ae:e6:5b
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZSTDinayTbt/txbUM4zyb1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0
ZWU1YmUwHhcNMjUwMTIzMTIwNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTc1ZWIwNzVkOGI0NWQzMDZhYWNmODY3OTJkZGMwMzE4YTZhNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmKfwUB4fcJUo6ryOfkv0pLk8c/A
isyvPqsnzmKQY28XWI5dF3OWzUqv+gmjql0d2tOMPo8LFZrRo7pEESoephfsVHHO
bnnL+3GSW1hb1Ug3hemJRgyzvGaqLUyt4ndtiFl6wTvt2FDiHtUix7sFMk0TzqBD
I6++1rQEhMN3wO0nM9xuC/mnu36h92ZE5H7l1Jkk93PQwsMRPwRyu9LSjeeDwLyo
ekQ+9iEmEpMhJLt7qR9NmPXAOWA4EA8e/g839WqaR2Fh9JHtHoo/V8k37M9mA6Wl
qk+5f5Wzk0Kv9ypHZ8I3Hu22O6fMSfT9kH/UAlXwInB5KQSqhiWxlF/H4wIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFNV16wddi0XTBqrPhnkt3AMYpqaiMB8GA1UdIwQY
MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt
NjM0NTE1NDg5NzlkLzEvMVhYckIxMkxSZE1HcXMtR2VTM2NBeGltcHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk
LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAAjALAwkAKgHswALA
AAAwDQYJKoZIhvcNAQELBQADggEBAFtQLkTA8kN+rln0j53WtMMYtu998PwXqu3Z
Cf7lyFakNY3Cb6nae6vcl/kGetFYG58hraIC+smx0+m7HGA4mAqy+9aIq0oWe1L9
fekjpgxRJFbKvo8OoGffQ3I5zSRMCL38mVcvoZJiQPsthEy8lQxH2XcyR1D2pG+U
MSiXZR+z3fSt+Rogj7Vjk8SqzdpdSR2NpnhJqmfzpsWSGY6d9euIfLvsHPl5wJpB
hdqD4/1B+ml6aiBuvKxdzsEPSVsQ9XErDI4ak1wxjJtBXZY4BVRL8PAkwqifVG6W
ujJ01LotoSTkdjMHkGfAN3h8lG+iGcK7ZUJ7b/l3CUsoIW6u5ls=
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:42:47 2025 by rpki-client