Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/XjNH8KbmSTwcC7AKorSE02iwYbg.roa
File: XjNH8KbmSTwcC7AKorSE02iwYbg.roa (raw, json)
Hash identifier: SnxXpzKGynOPhHd7Hlqth3+Gj3YGJcypoMsnbeDJuM0=
Subject key identifier: 5E:33:47:F0:A6:E6:49:3C:1C:0B:B0:0A:A2:B4:84:D3:68:B0:61:B8
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 0194448475EB4F78264ADF020B4986D8F50E
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/XjNH8KbmSTwcC7AKorSE02iwYbg.roa
Signing time: Wed 08 Jan 2025 06:05:19 +0000
ROA not before: Wed 08 Jan 2025 06:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214976
IP address blocks: 2a0a:79c7:f500::/40 maxlen: 48
2a0a:79c7:f600::/40 maxlen: 40
2a0a:79c7:f7c0::/44 maxlen: 48
2a0a:79c7:f801::/48 maxlen: 48
2a0a:79c7:f802::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:44:84:75:eb:4f:78:26:4a:df:02:0b:49:86:d8:f5:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 8 06:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e3347f0a6e6493c1c0bb00aa2b484d368b061b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fb:36:de:38:aa:75:8a:17:05:27:4d:15:e3:
58:67:b7:10:c5:be:a3:49:9d:39:7e:b2:3f:db:0c:
05:01:1b:05:ec:a0:b7:9a:63:51:ed:08:55:7f:f9:
ed:d9:60:d1:4f:14:4f:52:75:49:2e:e1:72:33:9b:
b0:62:56:c8:a7:f3:1d:03:6b:89:8c:de:99:8a:8b:
c1:21:0f:67:96:d1:ed:d0:b5:28:2c:47:b9:80:6b:
f7:f0:8d:ce:38:54:bd:a3:ad:9d:a6:b8:91:18:4a:
50:e0:91:75:c6:79:2b:90:e7:22:19:56:33:07:e4:
50:86:17:2b:2a:d6:9c:1c:ff:a1:0f:5f:2a:3f:45:
ae:7d:cc:72:43:d9:26:8c:85:90:b5:34:67:49:db:
3a:e1:4a:34:f8:b3:a0:d0:02:94:33:c2:0e:8f:26:
a3:ca:17:31:40:38:a1:44:4b:20:c0:26:ef:fd:13:
48:89:de:c3:d9:3c:77:bf:e4:e1:c2:cf:a1:53:fa:
c8:b2:7e:12:85:e6:0b:ca:ce:99:e2:0b:64:cf:a1:
22:b1:47:78:fa:8b:27:10:89:5e:9f:b3:13:46:d1:
c9:28:07:62:38:c8:63:8e:15:d6:90:7a:ce:fe:ad:
b7:56:65:66:4c:5b:d2:61:4a:f3:f2:22:ab:98:c8:
fb:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:33:47:F0:A6:E6:49:3C:1C:0B:B0:0A:A2:B4:84:D3:68:B0:61:B8
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/XjNH8KbmSTwcC7AKorSE02iwYbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:79c7:f500::-2a0a:79c7:f6ff:ffff:ffff:ffff:ffff:ffff
2a0a:79c7:f7c0::/44
2a0a:79c7:f801::-2a0a:79c7:f802:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
81:5c:20:91:af:5a:1d:b8:e5:c0:f9:53:e2:ff:9f:46:a3:53:
c7:5d:36:d0:6d:89:ac:56:14:a2:4b:e2:3c:5b:d6:62:aa:57:
77:ee:9a:80:7a:b0:b4:e7:87:9c:4c:58:33:3f:f2:6f:fa:e1:
4e:30:1c:a5:af:ff:0c:81:1e:2e:84:82:d3:ec:e4:e1:cf:c5:
ba:c7:59:14:15:ab:96:26:a2:fe:33:23:c2:e3:51:ec:78:fe:
59:f1:cf:40:f1:ae:94:88:a8:43:f3:37:0a:09:67:fe:43:70:
cb:bc:a3:d2:6d:07:6e:a9:7e:e9:73:64:f8:94:ab:f4:01:a8:
0c:be:d0:ae:40:df:54:d6:f0:85:4e:37:34:f8:63:26:85:0f:
1c:93:ce:13:6f:a6:e2:73:a4:07:58:17:1b:c2:34:18:f3:7a:
94:cd:13:2d:79:98:8e:cb:32:e0:51:c0:7c:82:f8:0b:8a:39:
ce:65:07:90:c7:ae:48:41:81:38:8e:f6:2a:30:68:2b:86:4a:
e0:d7:41:46:26:6c:6d:93:9b:5c:f3:ed:45:23:f3:76:ec:29:
5b:65:cc:dc:b5:4d:5a:c1:60:ce:87:94:68:ff:53:e2:ac:bb:
ae:80:a0:8e:a7:d5:0b:5b:b4:54:a4:5a:57:99:7a:99:c1:bb:
45:a2:2f:f8
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZREhHXrT3gmSt8CC0mG2PUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjUwMTA4MDYwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTMzNDdmMGE2ZTY0OTNjMWMwYmIwMGFhMmI0ODRkMzY4YjA2MWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ps23jiqdYoXBSdNFeNYZ7cQxb6j
SZ05frI/2wwFARsF7KC3mmNR7QhVf/nt2WDRTxRPUnVJLuFyM5uwYlbIp/MdA2uJ
jN6ZiovBIQ9nltHt0LUoLEe5gGv38I3OOFS9o62dpriRGEpQ4JF1xnkrkOciGVYz
B+RQhhcrKtacHP+hD18qP0WufcxyQ9kmjIWQtTRnSds64Uo0+LOg0AKUM8IOjyaj
yhcxQDihREsgwCbv/RNIid7D2Tx3v+Thws+hU/rIsn4SheYLys6Z4gtkz6EisUd4
+osnEIlen7MTRtHJKAdiOMhjjhXWkHrO/q23VmVmTFvSYUrz8iKrmMj7UQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFF4zR/Cm5kk8HAuwCqK0hNNosGG4MB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvWGpOSDhLYm1TVHdjQzdBS29yU0UwMml3WWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvMBADBgAqCnnH
9QMGACoKecf2AwcEKgp5x/fAMBIDBwAqCnnH+AEDBwAqCnnH+AIwDQYJKoZIhvcN
AQELBQADggEBAIFcIJGvWh245cD5U+L/n0ajU8ddNtBtiaxWFKJL4jxb1mKqV3fu
moB6sLTnh5xMWDM/8m/64U4wHKWv/wyBHi6EgtPs5OHPxbrHWRQVq5Ymov4zI8Lj
Uex4/lnxz0DxrpSIqEPzNwoJZ/5DcMu8o9JtB26pfulzZPiUq/QBqAy+0K5A31TW
8IVONzT4YyaFDxyTzhNvpuJzpAdYFxvCNBjzepTNEy15mI7LMuBRwHyC+AuKOc5l
B5DHrkhBgTiO9iowaCuGSuDXQUYmbG2Tm1zz7UUj83bsKVtlzNy1TVrBYM6HlGj/
U+Ksu66AoI6n1QtbtFSkWleZepnBu0WiL/g=
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:15:22 2025 by rpki-client