Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/X3T4KMvuCFlcstKpa1Pxb7curP0.roa
File: X3T4KMvuCFlcstKpa1Pxb7curP0.roa (raw, json)
Hash identifier: LoC0jPPER3qkcRvKhWoTxxMuuQdxUgg0flbHYv5ApjA=
Subject key identifier: 5F:74:F8:28:CB:EE:08:59:5C:B2:D2:A9:6B:53:F1:6F:B7:2E:AC:FD
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 019420D625E725205E39CA8CE82005168181
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/X3T4KMvuCFlcstKpa1Pxb7curP0.roa
Signing time: Wed 01 Jan 2025 07:48:12 +0000
ROA not before: Wed 01 Jan 2025 07:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39126
IP address blocks: 2a0a:6500::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:25:e7:25:20:5e:39:ca:8c:e8:20:05:16:81:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 1 07:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f74f828cbee08595cb2d2a96b53f16fb72eacfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:83:d9:08:bd:47:0b:26:5f:a6:7e:c1:bc:b9:
a6:b3:fc:71:a5:3c:61:23:55:53:44:37:31:31:c9:
d5:16:2b:42:5c:6a:b2:ad:bf:f5:d5:f4:07:fa:85:
7a:f4:d1:bd:d7:19:b0:24:38:cd:85:73:5b:3b:8c:
46:75:3d:66:02:84:6a:ac:30:5b:c8:15:be:7e:3a:
5d:f0:be:79:84:8b:88:92:0a:69:51:89:b0:e3:28:
34:a2:43:f2:cf:f2:ff:45:38:d1:bb:fa:40:8e:a4:
72:03:a3:2d:11:f2:aa:3c:bc:3d:be:b9:cd:78:6f:
22:3d:76:b1:c4:24:10:22:9b:1d:32:07:29:6b:1f:
8d:49:cf:ec:ce:e6:3a:93:e7:8f:a3:e9:7a:d8:44:
6b:5b:43:e3:84:1a:5e:d5:bf:83:69:61:16:4f:dc:
85:4c:14:dc:5d:fd:a0:cb:1a:ee:60:43:15:98:7c:
86:40:68:11:17:c0:15:d5:78:5c:4d:4d:a9:7d:84:
a9:4c:cf:ed:6e:61:54:b7:49:7e:61:ac:05:f8:f5:
a5:93:c9:d5:f6:e5:ae:dc:6a:f1:ed:ee:6f:d1:5b:
7d:94:38:a3:07:52:17:ec:c7:5b:cc:9c:d7:02:c1:
45:ab:f4:a1:70:75:73:4d:34:21:c2:c6:47:f3:ce:
20:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:74:F8:28:CB:EE:08:59:5C:B2:D2:A9:6B:53:F1:6F:B7:2E:AC:FD
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/X3T4KMvuCFlcstKpa1Pxb7curP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6500::/48
Signature Algorithm: sha256WithRSAEncryption
3c:57:6b:38:27:13:3e:0e:00:3a:9c:be:ce:77:b7:13:c8:1f:
99:59:64:74:a0:a5:65:d2:07:5b:1e:5f:7e:da:e7:66:47:39:
dd:a2:0e:2e:fb:08:df:42:d3:00:02:14:51:e5:3e:c7:b5:76:
85:5a:e3:53:9c:9f:88:81:42:62:e5:f5:94:cf:12:ac:c7:72:
fd:5b:ea:19:0c:9b:7a:df:f0:d3:96:47:1b:50:11:32:27:d9:
08:da:32:2a:03:73:86:9a:89:34:81:6f:fe:40:82:ee:4b:a7:
a8:08:6b:24:80:cb:26:ed:74:93:d6:bb:45:ce:49:4c:40:12:
c3:49:6f:c1:68:91:5d:0c:b0:27:93:72:5c:06:5a:63:79:4b:
5c:56:4d:0c:e6:52:de:6a:f7:79:76:8a:8a:61:92:9f:93:f7:
bb:ae:25:ca:28:98:6c:53:e4:6c:c7:1b:42:11:16:b4:aa:2f:
3e:16:fa:79:07:bd:73:38:94:d2:3e:3c:a3:e1:a8:da:82:19:
f4:62:c4:ce:76:a6:a5:63:a8:ab:b1:c7:cf:1a:a2:9e:84:21:
ee:4c:8f:63:f3:92:69:84:d4:ee:35:19:f3:ed:0f:f2:23:7a:
d1:27:17:0f:b4:3b:6f:82:62:03:4c:12:8a:07:bc:eb:07:39:
a8:ce:c9:20
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQg1iXnJSBeOcqM6CAFFoGBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjUwMTAxMDc0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjc0ZjgyOGNiZWUwODU5NWNiMmQyYTk2YjUzZjE2ZmI3MmVhY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoPZCL1HCyZfpn7BvLmms/xxpTxh
I1VTRDcxMcnVFitCXGqyrb/11fQH+oV69NG91xmwJDjNhXNbO4xGdT1mAoRqrDBb
yBW+fjpd8L55hIuIkgppUYmw4yg0okPyz/L/RTjRu/pAjqRyA6MtEfKqPLw9vrnN
eG8iPXaxxCQQIpsdMgcpax+NSc/szuY6k+ePo+l62ERrW0PjhBpe1b+DaWEWT9yF
TBTcXf2gyxruYEMVmHyGQGgRF8AV1XhcTU2pfYSpTM/tbmFUt0l+YawF+PWlk8nV
9uWu3Grx7e5v0Vt9lDijB1IX7MdbzJzXAsFFq/ShcHVzTTQhwsZH884gvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF90+CjL7ghZXLLSqWtT8W+3Lqz9MB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvWDNUNEtNdnVDRmxjc3RLcGExUHhiN2N1clAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgplAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQA8V2s4JxM+DgA6nL7Od7cTyB+ZWWR0oKVl0gdb
Hl9+2udmRzndog4u+wjfQtMAAhRR5T7HtXaFWuNTnJ+IgUJi5fWUzxKsx3L9W+oZ
DJt63/DTlkcbUBEyJ9kI2jIqA3OGmok0gW/+QILuS6eoCGskgMsm7XST1rtFzklM
QBLDSW/BaJFdDLAnk3JcBlpjeUtcVk0M5lLeavd5doqKYZKfk/e7riXKKJhsU+Rs
xxtCERa0qi8+Fvp5B71zOJTSPjyj4ajaghn0YsTOdqalY6irscfPGqKehCHuTI9j
85JphNTuNRnz7Q/yI3rRJxcPtDtvgmIDTBKKB7zrBzmozskg
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:31:17 2025 by rpki-client