Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/c37502-510b-4015-a718-38e8ea0c4d37/1/Xc6VW3bBDibyIuW0MUFPcM88TxA.roa
File: Xc6VW3bBDibyIuW0MUFPcM88TxA.roa (raw, json)
Hash identifier: FB303iZDirqPdR774KwbEi75pvLvDhjuvY3LP5DrBPA=
Subject key identifier: 5D:CE:95:5B:76:C1:0E:26:F2:22:E5:B4:31:41:4F:70:CF:3C:4F:10
Certificate issuer: /CN=2935dfd0bb8ac02f221cdcb092ef0525d0d6988f
Certificate serial: 018AB1A27ADDDA9C0DF62DA38965EAA9777C
Authority key identifier: 29:35:DF:D0:BB:8A:C0:2F:22:1C:DC:B0:92:EF:05:25:D0:D6:98:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KTXf0LuKwC8iHNywku8FJdDWmI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/c37502-510b-4015-a718-38e8ea0c4d37/1/Xc6VW3bBDibyIuW0MUFPcM88TxA.roa
Signing time: Wed 20 Sep 2023 08:08:50 +0000
ROA not before: Wed 20 Sep 2023 08:08:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197995
IP address blocks: 2a09:e280::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:a2:7a:dd:da:9c:0d:f6:2d:a3:89:65:ea:a9:77:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2935dfd0bb8ac02f221cdcb092ef0525d0d6988f
Validity
Not Before: Sep 20 08:08:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dce955b76c10e26f222e5b431414f70cf3c4f10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:05:29:e8:8c:4a:78:6c:4a:ed:d5:b5:14:c5:
06:8f:e4:7c:1b:9f:96:c5:0e:fb:11:c9:ae:49:94:
c4:c9:91:26:bd:ee:f8:c2:87:f8:b6:1e:50:94:01:
45:92:25:33:c5:f7:60:9b:57:b0:8a:51:aa:7b:55:
d1:13:70:f2:62:d6:0e:0f:4a:6f:6c:09:55:49:49:
6c:06:7e:ca:e0:c7:83:a4:44:5a:e0:24:60:a2:d0:
33:d7:8a:23:fb:79:04:20:56:91:aa:44:2b:b7:a6:
29:51:c3:a7:32:31:c7:f4:73:b1:24:33:48:84:70:
e7:1b:0e:ce:67:26:18:3e:e0:b4:4a:e1:1e:93:72:
96:d7:f8:91:9c:81:86:af:a6:08:4d:31:fc:99:bc:
db:b2:8b:ce:9a:7f:1d:22:2e:ca:0f:84:18:00:60:
c3:25:7a:ca:59:49:c5:2e:87:f8:0e:22:e4:93:c0:
2b:3d:ed:cd:73:4a:7b:a1:d7:39:b9:80:d5:20:57:
ea:b2:6c:94:5e:f7:a7:70:6e:c2:1f:91:97:37:7a:
e1:14:12:e7:7c:f1:03:ab:c7:ac:dd:f5:ca:30:bb:
3c:1b:02:4f:7b:01:e5:41:ef:78:19:79:92:e6:2e:
37:7f:c5:4f:4c:81:c3:ea:d8:19:3c:c7:31:0d:e9:
89:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CE:95:5B:76:C1:0E:26:F2:22:E5:B4:31:41:4F:70:CF:3C:4F:10
X509v3 Authority Key Identifier:
keyid:29:35:DF:D0:BB:8A:C0:2F:22:1C:DC:B0:92:EF:05:25:D0:D6:98:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KTXf0LuKwC8iHNywku8FJdDWmI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/c37502-510b-4015-a718-38e8ea0c4d37/1/Xc6VW3bBDibyIuW0MUFPcM88TxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/c37502-510b-4015-a718-38e8ea0c4d37/1/KTXf0LuKwC8iHNywku8FJdDWmI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e280::/29
Signature Algorithm: sha256WithRSAEncryption
92:6a:19:a2:62:93:d8:f1:77:16:3c:91:94:4a:4a:f7:c2:ad:
34:d9:e6:3e:5e:0a:78:0d:95:92:bf:25:41:a4:93:9f:87:28:
57:90:2a:ad:4c:c1:a1:e5:66:7a:24:c9:bc:97:af:b3:37:b6:
31:4f:52:c5:28:a3:73:5b:6a:4e:ba:a4:71:41:b4:5d:68:0b:
ee:ad:59:79:7f:9f:03:c1:ad:ec:52:00:c8:d7:42:b9:cd:cc:
06:27:c5:15:cf:8b:da:d5:34:53:0b:73:ef:16:d0:c9:ae:2c:
73:74:b9:78:90:20:e1:08:ea:9b:74:67:22:9b:5b:b5:28:96:
e5:3f:97:ee:a2:1a:d0:3a:e3:60:60:df:36:93:42:2a:21:7c:
da:17:88:c3:e3:9b:52:63:1a:9c:15:3d:6c:9d:c1:21:bd:d0:
1b:17:a0:bb:51:9e:88:49:a4:79:60:99:7d:4b:e8:c1:5f:ee:
25:91:72:5d:37:0a:df:6c:c5:fc:7e:eb:9c:84:3a:2b:0f:70:
42:df:14:ae:09:5d:7f:5c:69:9d:47:d3:12:86:a3:18:5a:c2:
83:63:9f:5c:01:1b:f4:81:e8:57:c8:f7:87:7f:3b:8b:45:de:
b2:e7:11:9a:40:56:66:78:6e:5c:ff:e7:aa:ba:2b:5a:6c:4f:
a5:d3:7f:91
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYqxonrd2pwN9i2jiWXqqXd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MzVkZmQwYmI4YWMwMmYyMjFjZGNiMDkyZWYwNTI1ZDBk
Njk4OGYwHhcNMjMwOTIwMDgwODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGNlOTU1Yjc2YzEwZTI2ZjIyMmU1YjQzMTQxNGY3MGNmM2M0ZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAUp6IxKeGxK7dW1FMUGj+R8G5+W
xQ77EcmuSZTEyZEmve74wof4th5QlAFFkiUzxfdgm1ewilGqe1XRE3DyYtYOD0pv
bAlVSUlsBn7K4MeDpERa4CRgotAz14oj+3kEIFaRqkQrt6YpUcOnMjHH9HOxJDNI
hHDnGw7OZyYYPuC0SuEek3KW1/iRnIGGr6YITTH8mbzbsovOmn8dIi7KD4QYAGDD
JXrKWUnFLof4DiLkk8ArPe3Nc0p7odc5uYDVIFfqsmyUXvencG7CH5GXN3rhFBLn
fPEDq8es3fXKMLs8GwJPewHlQe94GXmS5i43f8VPTIHD6tgZPMcxDemJ7QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF3OlVt2wQ4m8iLltDFBT3DPPE8QMB8GA1UdIwQY
MBaAFCk139C7isAvIhzcsJLvBSXQ1piPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1RYZjBMdUt3QzhpSE55d2t1OEZKZERXbUk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9jMzc1MDItNTEwYi00MDE1LWE3MTgt
MzhlOGVhMGM0ZDM3LzEvWGM2VlczYkJEaWJ5SXVXME1VRlBjTTg4VHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9jMzc1MDItNTEwYi00MDE1LWE3MTgtMzhlOGVhMGM0ZDM3
LzEvS1RYZjBMdUt3QzhpSE55d2t1OEZKZERXbUk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgnigDAN
BgkqhkiG9w0BAQsFAAOCAQEAkmoZomKT2PF3FjyRlEpK98KtNNnmPl4KeA2Vkr8l
QaSTn4coV5AqrUzBoeVmeiTJvJevsze2MU9SxSijc1tqTrqkcUG0XWgL7q1ZeX+f
A8Gt7FIAyNdCuc3MBifFFc+L2tU0Uwtz7xbQya4sc3S5eJAg4Qjqm3RnIptbtSiW
5T+X7qIa0DrjYGDfNpNCKiF82heIw+ObUmManBU9bJ3BIb3QGxegu1GeiEmkeWCZ
fUvowV/uJZFyXTcK32zF/H7rnIQ6Kw9wQt8Urgldf1xpnUfTEoajGFrCg2OfXAEb
9IHoV8j3h387i0XesucRmkBWZnhuXP/nqrorWmxPpdN/kQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:09 2025 by rpki-client