Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/XkP13qdKiUI4ksMyPnhV_Dq7ZH8.roa
File: XkP13qdKiUI4ksMyPnhV_Dq7ZH8.roa (raw, json)
Hash identifier: YloS2aXtag5qQ1JTIqYqkyKRVfkw4jImfuhbP08yNwU=
Subject key identifier: 5E:43:F5:DE:A7:4A:89:42:38:92:C3:32:3E:78:55:FC:3A:BB:64:7F
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 0194258ED8971D283A81B485CB9DDBFD941F
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/XkP13qdKiUI4ksMyPnhV_Dq7ZH8.roa
Signing time: Thu 02 Jan 2025 05:48:25 +0000
ROA not before: Thu 02 Jan 2025 05:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206058
IP address blocks: 2a12:7a40:990d::/48 maxlen: 48
2a12:7a40:991d::/48 maxlen: 48
2a12:7a40:992d::/48 maxlen: 48
2a12:7a40:993d::/48 maxlen: 48
2a12:7a40:994d::/48 maxlen: 48
2a12:7a40:995d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:d8:97:1d:28:3a:81:b4:85:cb:9d:db:fd:94:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Jan 2 05:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e43f5dea74a89423892c3323e7855fc3abb647f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:38:b8:8f:e8:fb:a0:2d:8d:81:3f:fd:ec:47:
ac:a5:0c:11:3b:ff:a3:b7:83:7e:7e:d6:0f:8f:80:
e1:df:71:d5:ec:22:a5:03:73:be:74:4b:0a:b9:cf:
58:7d:cb:9f:4a:5d:c7:b1:c7:6c:b1:8a:14:d3:57:
ee:1a:9c:74:e8:22:e4:45:04:78:98:af:4b:40:1b:
fd:16:63:e1:bb:09:c7:10:bf:40:77:ba:c9:b5:26:
f8:9f:ee:52:ba:43:38:cb:c7:d4:a1:75:4d:71:cc:
f1:cc:14:6b:5e:2f:cc:dd:8c:20:ef:44:dc:a6:c1:
f4:61:85:e8:30:93:22:88:e1:e6:08:81:90:1c:7b:
55:fb:4d:2c:23:8c:d4:2d:46:c7:51:17:dd:a0:34:
68:98:85:65:a8:ef:f1:25:13:49:bb:d8:f0:75:65:
0b:f5:2d:96:07:a6:ee:61:50:85:62:bf:59:51:2a:
1e:7d:38:f1:7e:88:6d:b6:64:2b:ba:8b:13:c8:fb:
00:b3:89:3c:b6:8f:d3:2f:5a:2b:59:0f:30:6f:2c:
ae:4f:bf:be:d8:9a:76:dc:16:1b:47:8b:d5:e4:f9:
90:04:78:2f:26:df:3a:6e:8e:2c:b4:98:8f:08:cb:
62:37:b0:a6:12:55:b8:27:ca:92:dd:9c:83:4f:ba:
63:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:43:F5:DE:A7:4A:89:42:38:92:C3:32:3E:78:55:FC:3A:BB:64:7F
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/XkP13qdKiUI4ksMyPnhV_Dq7ZH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:990d::/48
2a12:7a40:991d::/48
2a12:7a40:992d::/48
2a12:7a40:993d::/48
2a12:7a40:994d::/48
2a12:7a40:995d::/48
Signature Algorithm: sha256WithRSAEncryption
71:31:f7:0b:4f:90:a7:e8:7b:6f:c6:01:11:60:88:a3:8c:dd:
6c:f7:cd:99:50:45:67:c0:57:32:54:22:c4:0a:53:29:40:51:
5f:26:cb:9a:e7:ee:60:78:57:04:b2:24:d9:74:d1:cf:aa:39:
2b:69:85:75:cd:9d:2d:35:59:15:fd:cb:c0:c1:a8:a6:1e:48:
cd:78:67:9e:1e:55:34:38:6f:d3:06:b6:14:10:34:01:53:0f:
d9:fb:d1:f7:e0:3a:7d:cb:8e:d5:08:c7:a3:ed:6a:b3:68:ef:
df:b4:72:69:51:9a:86:a2:1d:03:fd:9e:ce:8c:cc:49:22:b9:
cb:da:d2:a2:32:77:96:ed:e2:ac:41:16:21:af:fa:09:b2:2d:
3f:c7:34:f7:7b:51:0a:2d:63:45:de:7f:74:74:a8:43:cb:d8:
80:b9:28:88:07:00:d4:fc:36:df:cc:73:5f:36:4f:5f:10:b3:
4f:dc:47:bc:5c:1d:7e:75:b1:2e:43:c1:58:45:1e:0d:7b:e0:
18:44:6b:df:0a:d0:a2:23:c6:da:89:30:58:6a:fb:a8:54:7e:
27:81:fd:93:ac:bb:a5:66:f8:70:18:36:35:e8:df:80:fd:37:
c1:87:de:5e:5b:01:a2:b3:12:dc:93:69:b4:c2:49:cd:28:5c:
e9:b5:26:53
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQljtiXHSg6gbSFy53b/ZQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjUwMTAyMDU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTQzZjVkZWE3NGE4OTQyMzg5MmMzMzIzZTc4NTVmYzNhYmI2NDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTi4j+j7oC2NgT/97EespQwRO/+j
t4N+ftYPj4Dh33HV7CKlA3O+dEsKuc9YfcufSl3HscdssYoU01fuGpx06CLkRQR4
mK9LQBv9FmPhuwnHEL9Ad7rJtSb4n+5SukM4y8fUoXVNcczxzBRrXi/M3Ywg70Tc
psH0YYXoMJMiiOHmCIGQHHtV+00sI4zULUbHURfdoDRomIVlqO/xJRNJu9jwdWUL
9S2WB6buYVCFYr9ZUSoefTjxfohttmQruosTyPsAs4k8to/TL1orWQ8wbyyuT7++
2Jp23BYbR4vV5PmQBHgvJt86bo4stJiPCMtiN7CmElW4J8qS3ZyDT7pjgQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFF5D9d6nSolCOJLDMj54Vfw6u2R/MB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvWGtQMTNxZEtpVUk0a3NNeVBuaFZfRHE3Wkg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkN
AwcAKhJ6QJkdAwcAKhJ6QJktAwcAKhJ6QJk9AwcAKhJ6QJlNAwcAKhJ6QJldMA0G
CSqGSIb3DQEBCwUAA4IBAQBxMfcLT5Cn6HtvxgERYIijjN1s982ZUEVnwFcyVCLE
ClMpQFFfJsua5+5geFcEsiTZdNHPqjkraYV1zZ0tNVkV/cvAwaimHkjNeGeeHlU0
OG/TBrYUEDQBUw/Z+9H34Dp9y47VCMej7WqzaO/ftHJpUZqGoh0D/Z7OjMxJIrnL
2tKiMneW7eKsQRYhr/oJsi0/xzT3e1EKLWNF3n90dKhDy9iAuSiIBwDU/DbfzHNf
Nk9fELNP3Ee8XB1+dbEuQ8FYRR4Ne+AYRGvfCtCiI8baiTBYavuoVH4ngf2TrLul
ZvhwGDY16N+A/TfBh95eWwGisxLck2m0wknNKFzptSZT
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:16:51 2025 by rpki-client