Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/xli88av7B6kw_A3aRMP1ILsAyFQ.roa
File: xli88av7B6kw_A3aRMP1ILsAyFQ.roa (raw, json)
Hash identifier: Z3gErDqytP3YBgryDBSj/BDdq4jReFxtEbdskVpyY9E=
Subject key identifier: C6:58:BC:F1:AB:FB:07:A9:30:FC:0D:DA:44:C3:F5:20:BB:00:C8:54
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 0194266BF342A5E331A65C048D14B8659372
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/xli88av7B6kw_A3aRMP1ILsAyFQ.roa
Signing time: Thu 02 Jan 2025 09:49:56 +0000
ROA not before: Thu 02 Jan 2025 09:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212000
IP address blocks: 2a0f:5707:20::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f3:42:a5:e3:31:a6:5c:04:8d:14:b8:65:93:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 09:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c658bcf1abfb07a930fc0dda44c3f520bb00c854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8c:9a:70:e3:f9:e0:f5:c0:a7:f4:9d:fe:da:
21:31:b1:7a:83:1e:77:fc:d4:b2:c1:ea:24:a8:9d:
c6:d0:b1:26:df:8d:61:e5:c2:68:9e:c5:d0:2e:90:
6a:57:ce:ea:5b:79:ed:d4:c4:64:ff:00:7e:6f:b3:
97:81:b0:06:6d:60:a1:59:ed:3e:62:e1:ca:2d:f5:
0e:36:2e:11:db:ec:93:59:b5:ea:8b:8d:73:b9:15:
40:c3:52:27:d8:e1:a7:b9:84:be:e9:ed:c8:a3:93:
75:3b:20:60:5c:27:d5:33:5f:ec:5e:e1:41:d8:fc:
10:f0:cf:9e:16:39:53:19:e8:ce:42:3a:30:46:30:
e3:2d:79:ff:6d:c8:2d:44:25:22:76:61:c9:f2:af:
98:35:e0:22:11:63:ce:fd:ee:7a:e5:bd:d8:f0:9f:
86:d4:fb:1c:78:c0:03:fa:4b:ec:38:25:55:e3:ff:
fa:b5:73:eb:51:47:d6:2f:8d:dd:b3:e8:91:da:28:
f5:93:87:5b:55:af:ec:d7:06:61:b0:73:77:76:71:
4b:e7:3b:99:a4:ba:b5:be:b1:31:88:be:16:43:6a:
3e:f4:48:c2:cd:6f:e5:7e:08:c7:01:09:a7:8c:c0:
ce:1f:1f:1b:00:55:52:cb:25:0c:89:92:a3:ae:e4:
ba:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:58:BC:F1:AB:FB:07:A9:30:FC:0D:DA:44:C3:F5:20:BB:00:C8:54
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/xli88av7B6kw_A3aRMP1ILsAyFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:20::/48
Signature Algorithm: sha256WithRSAEncryption
86:b5:bf:5e:a0:36:86:12:81:92:a5:28:25:46:57:9e:dd:f5:
dc:04:bb:ea:c5:d6:9c:5b:54:4c:fe:92:38:76:9a:6f:aa:bb:
10:16:45:57:de:5a:ac:e7:5b:e1:4b:9e:eb:15:e7:ee:9f:74:
5d:41:6c:52:ff:28:28:3b:a8:2d:7c:18:46:9c:19:1a:fb:4e:
f7:d1:70:ae:d4:24:e6:ad:95:e6:6c:d9:63:eb:0c:0d:eb:07:
eb:1d:91:d0:c6:9f:bb:2d:7a:e6:ce:f0:43:c0:15:59:2a:f6:
4d:f7:cc:eb:3e:53:40:31:5e:7e:99:ee:a4:51:32:30:33:7b:
76:8a:f9:25:90:d5:d9:9f:cc:62:70:ee:95:5c:34:d6:ab:96:
0a:02:4b:c6:0e:45:5d:34:1e:a4:29:d9:16:ae:07:5e:a5:6e:
e1:cb:f0:84:79:45:2e:78:30:4c:7c:14:13:50:17:1f:77:28:
96:98:b1:ca:40:1c:92:02:0b:4c:e4:a8:5a:99:0d:c3:07:9d:
7e:a6:2a:f1:d1:ce:a5:bd:b0:7a:da:1b:6c:63:66:03:f5:0d:
23:a5:0c:1d:e0:f6:67:97:91:a3:e6:a9:c4:27:78:a5:47:91:
42:d5:27:ab:8e:47:7a:ca:59:f3:4b:c4:eb:f9:82:49:d0:19:
a3:df:40:64
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQma/NCpeMxplwEjRS4ZZNyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjUwMTAyMDk0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjU4YmNmMWFiZmIwN2E5MzBmYzBkZGE0NGMzZjUyMGJiMDBjODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4yacOP54PXAp/Sd/tohMbF6gx53
/NSyweokqJ3G0LEm341h5cJonsXQLpBqV87qW3nt1MRk/wB+b7OXgbAGbWChWe0+
YuHKLfUONi4R2+yTWbXqi41zuRVAw1In2OGnuYS+6e3Io5N1OyBgXCfVM1/sXuFB
2PwQ8M+eFjlTGejOQjowRjDjLXn/bcgtRCUidmHJ8q+YNeAiEWPO/e565b3Y8J+G
1PsceMAD+kvsOCVV4//6tXPrUUfWL43ds+iR2ij1k4dbVa/s1wZhsHN3dnFL5zuZ
pLq1vrExiL4WQ2o+9EjCzW/lfgjHAQmnjMDOHx8bAFVSyyUMiZKjruS64QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMZYvPGr+wepMPwN2kTD9SC7AMhUMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEveGxpODhhdjdCNmt3X0EzYVJNUDFJTHNBeUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9XBwAg
MA0GCSqGSIb3DQEBCwUAA4IBAQCGtb9eoDaGEoGSpSglRlee3fXcBLvqxdacW1RM
/pI4dppvqrsQFkVX3lqs51vhS57rFefun3RdQWxS/ygoO6gtfBhGnBka+0730XCu
1CTmrZXmbNlj6wwN6wfrHZHQxp+7LXrmzvBDwBVZKvZN98zrPlNAMV5+me6kUTIw
M3t2ivklkNXZn8xicO6VXDTWq5YKAkvGDkVdNB6kKdkWrgdepW7hy/CEeUUueDBM
fBQTUBcfdyiWmLHKQBySAgtM5KhamQ3DB51+pirx0c6lvbB62htsY2YD9Q0jpQwd
4PZnl5Gj5qnEJ3ilR5FC1Serjkd6ylnzS8Tr+YJJ0Bmj30Bk
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:50:28 2025 by rpki-client