Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e882-0350-46e7-8c69-ff37c9a84110/1/tXPdZBE8uTFx4681tSuF8IW2heQ.roa
File: tXPdZBE8uTFx4681tSuF8IW2heQ.roa (raw, json)
Hash identifier: bLuG2N9VSGytDMx0PLcSwmY9Lp2sxpLpw+4Ok5p9+Ys=
Subject key identifier: B5:73:DD:64:11:3C:B9:31:71:E3:AF:35:B5:2B:85:F0:85:B6:85:E4
Certificate issuer: /CN=922fbdff15c9bec0fee7309be592e5d86dd9408a
Certificate serial: 04C39F61
Authority key identifier: 92:2F:BD:FF:15:C9:BE:C0:FE:E7:30:9B:E5:92:E5:D8:6D:D9:40:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ki-9_xXJvsD-5zCb5ZLl2G3ZQIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/46e882-0350-46e7-8c69-ff37c9a84110/1/tXPdZBE8uTFx4681tSuF8IW2heQ.roa
Signing time: Sat 01 Jan 2022 11:57:22 +0000
ROA not before: Sat 01 Jan 2022 11:57:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47753
IP address blocks: 2001:678:dd0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79929185 (0x4c39f61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922fbdff15c9bec0fee7309be592e5d86dd9408a
Validity
Not Before: Jan 1 11:57:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b573dd64113cb93171e3af35b52b85f085b685e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c1:35:39:ee:af:95:c0:7a:91:1c:d1:fe:f1:
ae:58:e1:c6:95:18:f6:9d:54:c3:38:91:c1:98:53:
db:fa:60:48:e7:1b:61:3a:82:42:65:74:dc:27:ec:
09:cd:a9:c6:17:48:e2:fe:46:0c:95:74:c1:52:53:
2b:c7:82:08:5a:99:f7:87:76:57:e9:e4:2e:3a:0f:
47:62:64:5c:c0:fb:b7:0b:43:9e:ea:97:e2:a3:fd:
48:d5:57:84:49:bd:9c:6e:ea:36:c3:02:c3:a5:34:
6e:2f:72:b3:fa:a1:02:40:45:aa:07:d3:fe:b6:27:
05:86:ef:c3:7e:d2:a1:c6:f3:65:fb:df:49:66:ca:
0d:cf:3a:2c:dc:e9:76:b7:43:be:2a:f4:a3:66:d8:
c1:e9:cb:31:41:74:1a:a7:10:00:c8:5e:14:3d:b2:
be:3f:76:99:78:cc:4b:eb:3d:bf:bb:c3:3b:6e:6d:
b9:87:d6:44:9b:9c:68:71:8f:49:25:b8:46:02:3b:
34:f7:a8:3a:d1:e1:eb:d7:22:62:f6:14:c7:64:63:
68:26:44:1a:8c:44:5e:9f:39:f2:62:57:09:64:2d:
7d:4d:4d:e2:fb:d0:62:56:da:1e:38:c2:0d:f1:1d:
b4:0c:de:28:e3:7c:94:da:4d:04:ab:5e:2f:b3:31:
e8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:73:DD:64:11:3C:B9:31:71:E3:AF:35:B5:2B:85:F0:85:B6:85:E4
X509v3 Authority Key Identifier:
keyid:92:2F:BD:FF:15:C9:BE:C0:FE:E7:30:9B:E5:92:E5:D8:6D:D9:40:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ki-9_xXJvsD-5zCb5ZLl2G3ZQIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e882-0350-46e7-8c69-ff37c9a84110/1/tXPdZBE8uTFx4681tSuF8IW2heQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e882-0350-46e7-8c69-ff37c9a84110/1/ki-9_xXJvsD-5zCb5ZLl2G3ZQIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:dd0::/48
Signature Algorithm: sha256WithRSAEncryption
06:d9:65:c1:e7:4b:15:ca:9a:8f:d5:a6:f9:ad:e3:b5:5f:4d:
f1:9d:4e:0f:ba:4b:1d:66:82:aa:73:85:91:dd:b4:42:e4:a9:
f4:20:ca:d3:0a:f7:8e:6d:c7:5c:2e:90:2e:9e:6d:18:03:90:
a9:30:7d:77:83:64:db:ed:e8:a1:16:05:de:d2:e5:29:40:15:
cb:78:5b:55:c3:51:dc:b1:ae:30:65:3f:2c:07:69:05:4a:d4:
ef:c1:f7:06:9e:e9:35:9e:b4:5b:8d:52:9f:81:53:ff:6f:4e:
2e:48:81:77:2a:94:8d:06:76:22:ac:d0:e6:63:52:f4:06:76:
0f:f4:5c:7f:f5:6a:6d:cc:81:f8:f3:a8:01:50:de:b5:56:ca:
df:88:87:a2:89:aa:27:62:19:cb:bf:23:b6:7d:ed:21:4c:30:
a6:65:4b:3d:46:55:0e:90:2e:34:aa:cd:ff:e6:9a:90:fc:10:
db:92:4f:3e:14:a7:f0:71:77:38:8a:0e:6a:49:3c:0e:9f:5d:
ce:6f:4a:ef:c0:92:d6:b3:aa:ca:76:cb:90:4a:b6:f5:c3:44:
f3:0e:d8:76:fa:8b:4e:84:18:4c:c7:d8:9d:d2:48:78:3c:5b:
e0:9e:ba:c4:b6:cd:0c:e6:d0:c5:54:e6:83:03:2d:e3:3e:8b:
7a:df:d2:e3
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBMOfYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjJmYmRmZjE1YzliZWMwZmVlNzMwOWJlNTkyZTVkODZkZDk0MDhhMB4XDTIyMDEw
MTExNTcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjU3M2RkNjQxMTNj
YjkzMTcxZTNhZjM1YjUyYjg1ZjA4NWI2ODVlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3BNTnur5XAepEc0f7xrljhxpUY9p1UwziRwZhT2/pgSOcb
YTqCQmV03CfsCc2pxhdI4v5GDJV0wVJTK8eCCFqZ94d2V+nkLjoPR2JkXMD7twtD
nuqX4qP9SNVXhEm9nG7qNsMCw6U0bi9ys/qhAkBFqgfT/rYnBYbvw37SocbzZfvf
SWbKDc86LNzpdrdDvir0o2bYwenLMUF0GqcQAMheFD2yvj92mXjMS+s9v7vDO25t
uYfWRJucaHGPSSW4RgI7NPeoOtHh69ciYvYUx2RjaCZEGoxEXp858mJXCWQtfU1N
4vvQYlbaHjjCDfEdtAzeKON8lNpNBKteL7Mx6NMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS1c91kETy5MXHjrzW1K4XwhbaF5DAfBgNVHSMEGDAWgBSSL73/Fcm+wP7n
MJvlkuXYbdlAijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tpLTlfeFhKdnNELTV6Q2I1WkxsMkczWlFJby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNDZlODgyLTAzNTAtNDZlNy04YzY5LWZmMzdjOWE4NDExMC8x
L3RYUGRaQkU4dVRGeDQ2ODF0U3VGOElXMmhlUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NDZlODgyLTAzNTAtNDZlNy04YzY5LWZmMzdjOWE4NDExMC8xL2tpLTlfeFhKdnNE
LTV6Q2I1WkxsMkczWlFJby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngN0DANBgkqhkiG9w0BAQsF
AAOCAQEABtllwedLFcqaj9Wm+a3jtV9N8Z1OD7pLHWaCqnOFkd20QuSp9CDK0wr3
jm3HXC6QLp5tGAOQqTB9d4Nk2+3ooRYF3tLlKUAVy3hbVcNR3LGuMGU/LAdpBUrU
78H3Bp7pNZ60W41Sn4FT/29OLkiBdyqUjQZ2IqzQ5mNS9AZ2D/Rcf/VqbcyB+POo
AVDetVbK34iHoomqJ2IZy78jtn3tIUwwpmVLPUZVDpAuNKrN/+aakPwQ25JPPhSn
8HF3OIoOakk8Dp9dzm9K78CS1rOqynbLkEq29cNE8w7YdvqLToQYTMfYndJIeDxb
4J66xLbNDObQxVTmgwMt4z6Let/S4w==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:44:04 2025 by rpki-client