Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XAV64S_DK46BYjyCbDTUMRd8sd4.roa
File: XAV64S_DK46BYjyCbDTUMRd8sd4.roa (raw, json)
Hash identifier: mr/it0m9suD1ZdZrEVfVPnpD+szogQQhqYLEY3VnSew=
Subject key identifier: 5C:05:7A:E1:2F:C3:2B:8E:81:62:3C:82:6C:34:D4:31:17:7C:B1:DE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019574C989CB1A80D120EDEDF384C9C16D68
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XAV64S_DK46BYjyCbDTUMRd8sd4.roa
Signing time: Sat 08 Mar 2025 08:05:19 +0000
ROA not before: Sat 08 Mar 2025 08:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:74c8:a462/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:74:c9:89:cb:1a:80:d1:20:ed:ed:f3:84:c9:c1:6d:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 8 08:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c057ae12fc32b8e81623c826c34d431177cb1de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6a:ec:8c:5e:b7:fd:08:b1:7e:e1:f8:91:bc:
67:02:09:d0:6d:c4:eb:23:5d:27:ca:57:62:f7:d5:
a1:a2:0a:07:67:10:dd:c1:94:57:4f:12:54:73:dc:
9c:50:9c:a3:03:a8:a9:45:be:c7:24:3a:bd:59:66:
ee:e7:55:30:1d:78:eb:77:dd:d9:d5:c3:93:fe:51:
79:ef:a8:82:ba:ca:db:13:5d:c6:57:c8:bc:ef:a8:
ae:0b:83:19:72:69:dd:a5:b6:f6:f9:79:ce:d6:04:
78:c6:50:ba:db:fa:b7:05:28:d0:7f:4a:93:e7:0b:
a0:d6:1a:1e:3d:fb:4f:c0:61:ef:4f:c1:fb:31:9c:
66:87:f3:3a:40:30:9c:79:5a:bd:d7:0f:98:79:aa:
c4:e5:e5:9e:13:f5:93:01:1b:cf:76:a8:a8:52:53:
28:d4:5c:06:1c:0d:d9:2d:03:ee:e8:41:52:1b:38:
f1:af:80:7f:87:00:f5:37:10:1e:a8:1c:05:e9:ab:
3b:53:dc:2a:ad:cb:90:03:ec:1e:62:31:21:15:6c:
35:32:9d:fe:c8:1a:4b:a5:f2:46:78:6c:85:bc:c6:
c0:94:ec:b2:65:a0:30:fb:b6:7b:f7:b8:80:ce:10:
07:8e:de:90:d5:ca:f8:72:1e:81:ef:dc:e0:14:74:
4e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:05:7A:E1:2F:C3:2B:8E:81:62:3C:82:6C:34:D4:31:17:7C:B1:DE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XAV64S_DK46BYjyCbDTUMRd8sd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:74c8:a462/128
Signature Algorithm: sha256WithRSAEncryption
55:27:6e:b0:9c:1f:5a:dc:75:79:ac:f6:99:9b:85:14:8c:47:
8e:59:9a:56:16:eb:6b:7a:6f:49:e5:07:25:3e:db:29:c3:d8:
1d:60:60:c7:cb:89:d8:f6:24:8b:63:82:99:e2:fd:d1:ec:5a:
46:2a:ae:03:68:d3:e7:cc:e9:7e:a0:98:af:7c:3d:9b:02:2e:
4f:0b:6e:27:bc:e3:6e:52:c7:cf:09:cd:24:ca:1b:34:fd:3b:
b2:e4:85:a0:33:55:e7:57:81:49:a9:48:63:86:be:82:e1:74:
43:12:6a:12:a7:d2:0a:92:a5:cb:a9:5e:ab:ce:15:7a:ef:2f:
8f:87:47:10:6a:24:3d:9d:82:26:b0:64:6e:0a:b8:50:7e:b5:
d8:8f:81:1f:53:ea:e4:ed:58:04:d7:1b:d5:5a:eb:e9:1d:84:
aa:3b:72:c0:eb:a9:9c:db:a3:1d:7b:9d:2f:a1:aa:22:bb:29:
b1:03:c6:f0:3e:d9:36:0f:ff:1d:0d:83:63:37:dd:f7:68:90:
1c:b2:f9:5f:08:88:7b:c2:82:03:6c:f9:d7:90:c7:05:f8:a8:
ba:b8:60:4e:a2:ec:ff:d5:96:2a:5c:52:a6:6a:d2:25:5f:e7:
9d:78:70:00:d2:08:9f:5f:ce:cd:bb:65:29:e8:62:a1:fe:66:
6d:d3:50:27
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZV0yYnLGoDRIO3t84TJwW1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzA4MDgwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzA1N2FlMTJmYzMyYjhlODE2MjNjODI2YzM0ZDQzMTE3N2NiMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mrsjF63/QixfuH4kbxnAgnQbcTr
I10nyldi99WhogoHZxDdwZRXTxJUc9ycUJyjA6ipRb7HJDq9WWbu51UwHXjrd93Z
1cOT/lF576iCusrbE13GV8i876iuC4MZcmndpbb2+XnO1gR4xlC62/q3BSjQf0qT
5wug1hoePftPwGHvT8H7MZxmh/M6QDCceVq91w+YearE5eWeE/WTARvPdqioUlMo
1FwGHA3ZLQPu6EFSGzjxr4B/hwD1NxAeqBwF6as7U9wqrcuQA+weYjEhFWw1Mp3+
yBpLpfJGeGyFvMbAlOyyZaAw+7Z797iAzhAHjt6Q1cr4ch6B79zgFHRONwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFwFeuEvwyuOgWI8gmw01DEXfLHeMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWEFWNjRTX0RLNDZCWWp5Q2JEVFVNUmQ4c2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVdMikYjANBgkqhkiG9w0BAQsFAAOCAQEAVSdusJwfWtx1eaz2mZuFFIxH
jlmaVhbra3pvSeUHJT7bKcPYHWBgx8uJ2PYki2OCmeL90exaRiquA2jT58zpfqCY
r3w9mwIuTwtuJ7zjblLHzwnNJMobNP07suSFoDNV51eBSalIY4a+guF0QxJqEqfS
CpKly6leq84Veu8vj4dHEGokPZ2CJrBkbgq4UH612I+BH1Pq5O1YBNcb1Vrr6R2E
qjtywOupnNujHXudL6GqIrspsQPG8D7ZNg//HQ2DYzfd92iQHLL5XwiIe8KCA2z5
15DHBfiourhgTqLs/9WWKlxSpmrSJV/nnXhwANIIn1/OzbtlKehiof5mbdNQJw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:48:00 2025 by rpki-client