Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XYXnXkjuSTDAqyJLqvxS1Jvgj54.roa
File: XYXnXkjuSTDAqyJLqvxS1Jvgj54.roa (raw, json)
Hash identifier: AKalRQVVVh5Gejcw5+2//pzAsE8yEOz14PaavTFqtgY=
Subject key identifier: 5D:85:E7:5E:48:EE:49:30:C0:AB:22:4B:AA:FC:52:D4:9B:E0:8F:9E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01911E28A065821C3A77148CEDB97EDC882F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XYXnXkjuSTDAqyJLqvxS1Jvgj54.roa
Signing time: Sun 04 Aug 2024 16:11:04 +0000
ROA not before: Sun 04 Aug 2024 16:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1e:28:a0:65:82:1c:3a:77:14:8c:ed:b9:7e:dc:88:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 4 16:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d85e75e48ee4930c0ab224baafc52d49be08f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8a:f2:aa:73:79:8a:55:69:55:c7:f1:45:8f:
69:bb:a0:e4:75:46:e4:35:d7:a5:85:54:1e:58:55:
3f:f6:c0:5f:7b:49:1e:bc:34:a9:38:52:96:00:36:
10:7b:99:77:b4:33:ca:63:1f:51:89:af:74:8f:57:
04:68:e9:34:4b:a4:92:78:ff:e1:ba:9a:b7:80:b6:
57:07:33:1f:55:a9:b4:30:98:32:f1:32:ea:d8:9d:
2b:47:b3:f1:d4:d2:b8:5b:b6:c3:b0:95:82:49:04:
d7:4c:7b:80:bf:64:39:e4:e5:56:53:08:05:0f:77:
c5:c1:1d:6a:ee:17:44:f1:5b:42:60:6c:82:6d:54:
fd:2d:a8:9d:a3:85:2d:be:ef:78:58:da:61:8b:2e:
61:9e:6f:bf:44:bf:d8:82:3c:2b:1d:dc:85:e1:14:
3f:4f:85:4d:28:c5:47:5b:08:43:f2:64:8a:9c:41:
89:8c:37:43:ee:79:aa:b5:6e:5b:ed:8b:28:4a:6e:
5d:d3:9d:08:a2:fa:e6:27:64:c6:24:4d:e0:18:d9:
a5:c1:83:e4:c9:5f:a8:16:37:87:f9:32:e4:96:db:
eb:a9:b9:22:dc:75:56:4d:fe:04:7c:d0:f6:a8:a2:
03:88:f6:17:6f:19:18:6f:8c:a6:78:77:97:8e:65:
22:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:85:E7:5E:48:EE:49:30:C0:AB:22:4B:AA:FC:52:D4:9B:E0:8F:9E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XYXnXkjuSTDAqyJLqvxS1Jvgj54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
6f:be:05:47:d9:41:6d:ba:74:69:31:b9:c2:45:68:74:46:90:
c1:7f:6b:52:28:5b:64:18:89:e6:5c:c1:47:9a:83:fd:76:18:
73:bd:04:72:9b:a9:77:b8:3c:2e:8d:96:b9:97:dd:0a:05:31:
c5:d2:ff:48:42:47:b4:7b:5d:58:99:91:3b:77:08:4a:84:77:
de:ca:39:18:d8:16:da:af:bb:ea:37:f7:24:78:d6:aa:7c:89:
73:ba:dd:82:eb:f8:91:c9:d4:ea:2b:b6:3d:c4:f6:c7:71:dd:
59:1f:1b:d5:25:6c:35:6d:e6:15:c7:d7:cd:99:ad:78:62:6b:
9f:ae:02:ec:23:c2:a9:9c:02:78:fc:20:f7:d0:9f:bf:8c:13:
03:14:0c:22:41:03:73:84:93:63:38:f9:35:bd:c0:cf:f3:bb:
5a:0e:57:45:ab:fe:32:98:ae:cc:44:c2:5d:d1:97:0b:42:8e:
ba:d0:73:a1:85:bc:ec:c8:4d:ce:02:22:c8:9c:23:a4:0e:75:
1c:82:96:11:5d:c1:8d:2c:69:69:28:36:99:fb:4a:01:d7:8e:
38:10:20:ae:e3:a5:23:6c:33:44:a6:38:9a:a8:f6:f0:08:4c:
15:81:90:9a:68:b5:71:54:bf:86:3c:65:21:96:a3:3b:45:70:
21:0b:5c:d2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEeKKBlghw6dxSM7bl+3IgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA0MTYxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDg1ZTc1ZTQ4ZWU0OTMwYzBhYjIyNGJhYWZjNTJkNDliZTA4ZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIryqnN5ilVpVcfxRY9pu6DkdUbk
NdelhVQeWFU/9sBfe0kevDSpOFKWADYQe5l3tDPKYx9Ria90j1cEaOk0S6SSeP/h
upq3gLZXBzMfVam0MJgy8TLq2J0rR7Px1NK4W7bDsJWCSQTXTHuAv2Q55OVWUwgF
D3fFwR1q7hdE8VtCYGyCbVT9Laido4Utvu94WNphiy5hnm+/RL/YgjwrHdyF4RQ/
T4VNKMVHWwhD8mSKnEGJjDdD7nmqtW5b7YsoSm5d050IovrmJ2TGJE3gGNmlwYPk
yV+oFjeH+TLkltvrqbki3HVWTf4EfND2qKIDiPYXbxkYb4ymeHeXjmUiZwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFF2F515I7kkwwKsiS6r8UtSb4I+eMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWFlYblhranVTVERBcXlKTHF2eFMxSnZnajU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAb74FR9lBbbp0aTG5wkVodEaQ
wX9rUihbZBiJ5lzBR5qD/XYYc70Ecpupd7g8Lo2WuZfdCgUxxdL/SEJHtHtdWJmR
O3cISoR33so5GNgW2q+76jf3JHjWqnyJc7rdguv4kcnU6iu2PcT2x3HdWR8b1SVs
NW3mFcfXzZmteGJrn64C7CPCqZwCePwg99Cfv4wTAxQMIkEDc4STYzj5Nb3Az/O7
Wg5XRav+MpiuzETCXdGXC0KOutBzoYW87MhNzgIiyJwjpA51HIKWEV3BjSxpaSg2
mftKAdeOOBAgruOlI2wzRKY4mqj28AhMFYGQmmi1cVS/hjxlIZajO0VwIQtc0g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:31 2025 by rpki-client