Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/230ac7-ec0c-44de-85a8-b2b7962c2d81/1/sxWEI_lS1aXV-AY65QedUYFWKCk.roa
File: sxWEI_lS1aXV-AY65QedUYFWKCk.roa (raw, json)
Hash identifier: ms1QHqqgoXo/meqTZa2TJKA2xu/idnTrM5+e1jr1amY=
Subject key identifier: B3:15:84:23:F9:52:D5:A5:D5:F8:06:3A:E5:07:9D:51:81:56:28:29
Certificate issuer: /CN=2f78e0066bb27c5f52e7025d61190daa90b97348
Certificate serial: 019427B5CD46795430903F825A7D359ED655
Authority key identifier: 2F:78:E0:06:6B:B2:7C:5F:52:E7:02:5D:61:19:0D:AA:90:B9:73:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3jgBmuyfF9S5wJdYRkNqpC5c0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/230ac7-ec0c-44de-85a8-b2b7962c2d81/1/sxWEI_lS1aXV-AY65QedUYFWKCk.roa
Signing time: Thu 02 Jan 2025 15:50:13 +0000
ROA not before: Thu 02 Jan 2025 15:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215568
IP address blocks: 2a01:f1c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:cd:46:79:54:30:90:3f:82:5a:7d:35:9e:d6:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f78e0066bb27c5f52e7025d61190daa90b97348
Validity
Not Before: Jan 2 15:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3158423f952d5a5d5f8063ae5079d5181562829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:64:05:d2:d0:3e:30:26:13:99:76:7a:1e:ac:
49:3b:4c:dc:b7:58:8e:99:d5:73:4c:83:28:7b:f6:
c6:8b:67:14:20:52:66:d8:65:a7:0b:90:06:92:53:
49:60:4e:ca:69:df:ec:8d:e6:e7:5b:36:3a:bc:28:
a1:64:c3:3b:26:82:04:6e:41:7c:38:ba:ce:f7:6d:
d6:8e:f9:1d:89:ae:95:71:39:b8:c1:90:39:b7:6e:
ed:f5:80:13:74:f7:98:5a:90:30:59:e6:94:82:2d:
82:e6:bd:2f:5f:c2:0b:a0:b2:f0:d0:07:3c:d0:d0:
87:1b:07:25:7b:d3:67:f1:24:08:3e:d8:9b:ed:93:
67:8e:2d:e5:2d:ac:04:1a:73:17:99:20:15:4e:90:
cc:2c:f7:dd:df:2f:91:c6:ed:4f:3c:09:95:78:d4:
a4:5c:e9:70:8c:59:ca:cf:0d:dd:55:c8:c9:bd:9d:
08:fc:15:65:ca:aa:0f:f5:b3:9e:40:da:f4:16:f5:
ff:93:29:57:44:16:6b:cb:ab:db:2d:40:a5:f4:17:
57:a7:26:23:90:c7:5c:3d:e9:f8:13:6f:64:b0:a3:
1f:ac:1a:6b:dc:46:b7:11:33:a1:06:66:dc:9b:df:
e1:88:cf:15:ec:a9:67:34:79:d2:de:03:b6:d3:de:
dc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:15:84:23:F9:52:D5:A5:D5:F8:06:3A:E5:07:9D:51:81:56:28:29
X509v3 Authority Key Identifier:
keyid:2F:78:E0:06:6B:B2:7C:5F:52:E7:02:5D:61:19:0D:AA:90:B9:73:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3jgBmuyfF9S5wJdYRkNqpC5c0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/230ac7-ec0c-44de-85a8-b2b7962c2d81/1/sxWEI_lS1aXV-AY65QedUYFWKCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/230ac7-ec0c-44de-85a8-b2b7962c2d81/1/L3jgBmuyfF9S5wJdYRkNqpC5c0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
33:14:7a:32:48:fb:4e:44:36:6f:0f:e0:91:23:23:60:54:37:
fd:0c:90:81:05:59:af:c8:16:fb:09:a1:e3:f3:ed:6f:ff:1d:
7b:14:83:0d:58:88:fe:65:30:2c:1d:77:ff:62:86:52:ba:3f:
16:85:ee:a0:c2:a9:6d:69:54:67:c9:03:7b:cc:4f:48:46:18:
15:66:59:66:f1:5a:c6:5d:bf:60:18:18:31:6a:74:4f:0b:0f:
fe:82:5b:8d:9c:a9:3e:06:81:89:2a:cd:98:6d:d0:17:cc:dd:
09:1c:c4:3a:f3:67:96:a4:f8:5e:b9:4c:d1:5d:71:f6:b1:94:
bc:e3:1d:dd:09:4f:60:4c:c7:4f:35:23:6e:e5:23:09:ac:e9:
38:c2:cf:a9:17:d6:78:1a:0c:22:c4:36:05:a5:b7:fe:a0:a7:
83:e1:e4:8c:64:da:36:00:80:00:d5:e1:0a:bd:6e:cc:78:be:
84:46:a0:94:1a:ac:94:cc:57:c9:ea:a4:14:0c:8a:b6:0d:e6:
e2:7e:82:22:93:07:72:0d:4b:dd:35:c6:24:94:37:ec:16:a7:
f5:15:b0:c7:63:90:26:b4:98:81:19:2b:e1:a3:9a:52:10:02:
23:79:f7:f4:96:08:3e:d0:62:5f:b4:01:44:50:66:27:d3:7b:
f9:0c:0b:dc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntc1GeVQwkD+CWn01ntZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNzhlMDA2NmJiMjdjNWY1MmU3MDI1ZDYxMTkwZGFhOTBi
OTczNDgwHhcNMjUwMTAyMTU1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzE1ODQyM2Y5NTJkNWE1ZDVmODA2M2FlNTA3OWQ1MTgxNTYyODI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWQF0tA+MCYTmXZ6HqxJO0zct1iO
mdVzTIMoe/bGi2cUIFJm2GWnC5AGklNJYE7Kad/sjebnWzY6vCihZMM7JoIEbkF8
OLrO923Wjvkdia6VcTm4wZA5t27t9YATdPeYWpAwWeaUgi2C5r0vX8ILoLLw0Ac8
0NCHGwcle9Nn8SQIPtib7ZNnji3lLawEGnMXmSAVTpDMLPfd3y+Rxu1PPAmVeNSk
XOlwjFnKzw3dVcjJvZ0I/BVlyqoP9bOeQNr0FvX/kylXRBZry6vbLUCl9BdXpyYj
kMdcPen4E29ksKMfrBpr3Ea3ETOhBmbcm9/hiM8V7KlnNHnS3gO2097ckwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLMVhCP5UtWl1fgGOuUHnVGBVigpMB8GA1UdIwQY
MBaAFC944AZrsnxfUucCXWEZDaqQuXNIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNqZ0JtdXlmRjlTNXdKZFlSa05xcEM1YzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMzBhYzctZWMwYy00NGRlLTg1YTgt
YjJiNzk2MmMyZDgxLzEvc3hXRUlfbFMxYVhWLUFZNjVRZWRVWUZXS0NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMzBhYzctZWMwYy00NGRlLTg1YTgtYjJiNzk2MmMyZDgx
LzEvTDNqZ0JtdXlmRjlTNXdKZFlSa05xcEM1YzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHxwDAN
BgkqhkiG9w0BAQsFAAOCAQEAMxR6Mkj7TkQ2bw/gkSMjYFQ3/QyQgQVZr8gW+wmh
4/Ptb/8dexSDDViI/mUwLB13/2KGUro/FoXuoMKpbWlUZ8kDe8xPSEYYFWZZZvFa
xl2/YBgYMWp0TwsP/oJbjZypPgaBiSrNmG3QF8zdCRzEOvNnlqT4XrlM0V1x9rGU
vOMd3QlPYEzHTzUjbuUjCazpOMLPqRfWeBoMIsQ2BaW3/qCng+HkjGTaNgCAANXh
Cr1uzHi+hEaglBqslMxXyeqkFAyKtg3m4n6CIpMHcg1L3TXGJJQ37Ban9RWwx2OQ
JrSYgRkr4aOaUhACI3n39JYIPtBiX7QBRFBmJ9N7+QwL3A==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:26 2025 by rpki-client