Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/xs5nNiXiN-Q9iCvVqQVukes_HwM.roa
File: xs5nNiXiN-Q9iCvVqQVukes_HwM.roa (raw, json)
Hash identifier: 3lcsclPHvHTIzukT1Oj9ZPqzOwPs/rBBRH65AWixuBc=
Subject key identifier: C6:CE:67:36:25:E2:37:E4:3D:88:2B:D5:A9:05:6E:91:EB:3F:1F:03
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 0845E2BE
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/xs5nNiXiN-Q9iCvVqQVukes_HwM.roa
Signing time: Fri 04 Feb 2022 16:20:52 +0000
ROA not before: Fri 04 Feb 2022 16:20:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 2a10:f46::/32 maxlen: 32
2a10:f40::/29 maxlen: 29
2a10:f44::/32 maxlen: 32
2a10:f42::/32 maxlen: 32
2a10:f40::/32 maxlen: 32
2a10:f43::/32 maxlen: 32
2a10:f47::/32 maxlen: 32
2a10:f45::/32 maxlen: 32
2a10:f41::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138797758 (0x845e2be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Feb 4 16:20:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6ce673625e237e43d882bd5a9056e91eb3f1f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:71:8d:5a:21:b9:60:e7:8b:06:b2:71:5d:63:
82:4d:e9:d8:9c:81:ef:97:fc:19:05:5e:ce:96:a2:
84:14:13:09:c8:ee:dd:20:0b:1c:45:9c:be:b1:e2:
3b:d9:00:28:48:23:7b:8e:7f:1c:96:4f:f1:f9:cb:
bf:38:f7:cb:67:9f:52:34:61:7d:40:d5:ba:86:44:
65:11:b4:b1:e8:81:a1:c7:d9:1b:1c:1d:c6:69:6f:
17:91:03:73:67:c3:83:34:f0:60:77:8f:c0:5e:1c:
95:92:92:2d:98:9b:7a:09:e5:f4:6f:6a:be:16:59:
84:f9:cd:26:00:19:68:e2:6a:04:83:45:bc:67:e4:
d0:a3:23:ef:30:0e:2a:81:dd:ff:96:dd:42:4e:49:
5d:46:44:f2:63:18:19:53:51:9f:8f:3c:ba:fb:28:
0c:45:05:38:32:a9:3b:a2:b3:16:05:a1:b9:65:59:
fa:65:a8:0d:6a:03:c3:51:b0:63:62:c6:e9:e0:fa:
c8:dd:58:6e:69:38:cb:63:95:ae:af:92:ce:41:44:
c3:a5:d7:f1:4d:82:b9:25:3f:c1:a4:73:b5:15:c4:
80:3a:2a:db:a0:83:22:31:dd:65:3c:69:2e:de:38:
78:67:30:1f:bf:d6:65:c6:00:ab:14:88:89:45:a1:
7a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:CE:67:36:25:E2:37:E4:3D:88:2B:D5:A9:05:6E:91:EB:3F:1F:03
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/xs5nNiXiN-Q9iCvVqQVukes_HwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:f40::/29
Signature Algorithm: sha256WithRSAEncryption
37:07:d1:bf:3b:ef:17:4f:c4:ce:5d:1c:5d:f7:2d:b2:fc:9e:
eb:73:13:81:4f:0b:7b:1e:f6:66:d0:df:e5:fb:9b:8a:e8:6c:
3e:ea:62:cd:35:1b:0a:98:78:aa:09:03:48:22:97:9f:7d:60:
35:00:a4:c5:f6:d3:5b:51:33:03:be:eb:a5:f2:2f:3f:a0:11:
da:73:33:15:82:22:9d:80:3e:c2:b3:f2:10:7d:be:2a:e5:e6:
b4:76:58:a0:c7:c3:6d:ad:aa:f2:79:d8:10:49:89:c0:f3:5d:
ff:21:a9:08:14:9e:1a:51:78:10:7c:f2:4f:20:2b:17:d8:ef:
d8:9c:93:27:91:3c:06:90:53:f9:64:b3:43:06:a3:1b:00:99:
da:38:cf:51:f8:94:fd:74:96:0d:7e:f0:3a:94:37:cf:1a:0d:
d1:07:14:35:b2:ad:4e:64:e5:a5:0c:e4:09:0f:ac:51:0d:7e:
ed:36:e5:9b:ad:21:5f:0d:aa:3f:87:3d:51:ec:10:5f:48:a9:
02:d9:ae:b0:68:e6:8a:e7:42:10:da:b3:aa:ba:81:b2:94:3b:
b7:ce:bd:f3:fd:0b:17:aa:57:8c:7b:a8:59:3d:6c:60:62:06:
2c:31:d4:5e:df:f1:fd:7b:46:48:9a:96:59:b8:64:74:6f:ad:
7b:ce:43:38
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECEXivjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDIw
NDE2MjA1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZjZTY3MzYyNWUy
MzdlNDNkODgyYmQ1YTkwNTZlOTFlYjNmMWYwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOJxjVohuWDniwaycV1jgk3p2JyB75f8GQVezpaihBQTCcju
3SALHEWcvrHiO9kAKEgje45/HJZP8fnLvzj3y2efUjRhfUDVuoZEZRG0seiBocfZ
GxwdxmlvF5EDc2fDgzTwYHePwF4clZKSLZibegnl9G9qvhZZhPnNJgAZaOJqBINF
vGfk0KMj7zAOKoHd/5bdQk5JXUZE8mMYGVNRn488uvsoDEUFODKpO6KzFgWhuWVZ
+mWoDWoDw1GwY2LG6eD6yN1Ybmk4y2OVrq+SzkFEw6XX8U2CuSU/waRztRXEgDoq
26CDIjHdZTxpLt44eGcwH7/WZcYAqxSIiUWhepsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTGzmc2JeI35D2IK9WpBW6R6z8fAzAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
L3hzNW5OaVhpTi1ROWlDdlZxUVZ1a2VzX0h3TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoQD0AwDQYJKoZIhvcNAQELBQAD
ggEBADcH0b877xdPxM5dHF33LbL8nutzE4FPC3se9mbQ3+X7m4robD7qYs01GwqY
eKoJA0gil599YDUApMX201tRMwO+66XyLz+gEdpzMxWCIp2APsKz8hB9virl5rR2
WKDHw22tqvJ52BBJicDzXf8hqQgUnhpReBB88k8gKxfY79ickyeRPAaQU/lks0MG
oxsAmdo4z1H4lP10lg1+8DqUN88aDdEHFDWyrU5k5aUM5AkPrFENfu025ZutIV8N
qj+HPVHsEF9IqQLZrrBo5ornQhDas6q6gbKUO7fOvfP9CxeqV4x7qFk9bGBiBiwx
1F7f8f17Rkiallm4ZHRvrXvOQzg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:51 2025 by rpki-client