Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/xjlO0ixYAxcCR3HkZ1yycSY0d3o.roa
File: xjlO0ixYAxcCR3HkZ1yycSY0d3o.roa (raw, json)
Hash identifier: hxwkadkr/pJKfg0jOB++x2d1OTlDTK3W5Hyid/YN8r4=
Subject key identifier: C6:39:4E:D2:2C:58:03:17:02:47:71:E4:67:5C:B2:71:26:34:77:7A
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018AF49C803E4B07EA8DD6AB5B98F3543B85
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/xjlO0ixYAxcCR3HkZ1yycSY0d3o.roa
Signing time: Tue 03 Oct 2023 08:16:51 +0000
ROA not before: Tue 03 Oct 2023 08:16:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33915
IP address blocks: 2a07:3502:1060::/48 maxlen: 48
2a07:3500:12f8::/48 maxlen: 48
2a07:3500:15c0::/48 maxlen: 48
2a07:3500:1240::/46 maxlen: 46
2a07:3501:1340::/48 maxlen: 48
2a07:3502:11a0::/46 maxlen: 46
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:9c:80:3e:4b:07:ea:8d:d6:ab:5b:98:f3:54:3b:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Oct 3 08:16:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6394ed22c580317024771e4675cb2712634777a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:95:aa:f1:c1:68:e4:8f:1d:b0:ed:dd:95:f5:
15:4a:da:2d:33:d4:57:3a:20:35:6c:22:9d:df:ce:
aa:39:29:14:5f:5f:3b:67:11:10:f2:aa:8a:3d:ed:
04:bd:c8:d6:3c:c1:8b:8d:8d:f9:e5:80:c9:3a:39:
17:61:28:c1:0f:27:f9:56:bf:e9:8d:8c:83:11:fa:
e6:6a:29:28:6e:34:be:ae:14:ad:39:1a:82:f0:2a:
dc:36:8b:de:d1:f6:88:5d:2b:b6:73:98:ca:bc:76:
bf:b1:4f:69:79:70:74:41:e7:b3:25:b8:f9:3d:45:
5f:32:55:cc:83:ce:51:4b:fe:06:4d:84:28:21:dc:
58:7f:56:a7:19:24:34:77:06:b9:4e:ea:1c:b6:66:
3c:57:79:4f:01:e5:4b:39:09:e5:10:83:4d:31:a0:
82:2b:dd:f8:81:ec:fb:93:c8:1d:e6:b2:21:3d:60:
cb:bc:3e:39:e0:aa:33:7a:ef:4e:a0:db:55:b9:a1:
b1:95:d1:72:b8:92:18:4c:79:7b:10:03:1a:38:46:
cd:04:2a:6b:b8:bc:1d:a0:17:95:db:20:ba:b1:44:
85:0e:58:33:eb:a6:c4:65:6a:42:61:8f:46:44:06:
59:ac:6f:3c:ab:01:1f:4f:58:df:42:df:8f:e3:62:
9a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:39:4E:D2:2C:58:03:17:02:47:71:E4:67:5C:B2:71:26:34:77:7A
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/xjlO0ixYAxcCR3HkZ1yycSY0d3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1240::/46
2a07:3500:12f8::/48
2a07:3500:15c0::/48
2a07:3501:1340::/48
2a07:3502:1060::/48
2a07:3502:11a0::/46
Signature Algorithm: sha256WithRSAEncryption
3e:e4:af:51:35:d1:a9:84:09:c4:62:28:63:74:46:cb:db:7b:
3c:2b:90:89:3e:12:45:3c:ab:91:55:cc:55:77:b7:95:d4:64:
da:85:38:26:a9:15:f5:a8:ce:2e:a9:16:c8:dd:4b:86:55:47:
5b:4e:21:c7:e8:93:35:55:89:93:4b:24:9a:ef:f3:48:0d:77:
b2:39:e9:cf:84:4e:d4:cd:2d:e8:80:f3:f5:b5:59:da:a2:6e:
12:d4:e5:08:ee:6b:51:6b:ba:8a:e0:04:65:92:5b:6c:50:21:
b9:5a:dc:36:35:98:42:27:6f:b3:be:2e:d5:74:62:51:11:18:
9d:09:33:50:fd:c7:04:a4:81:2b:38:ac:30:2c:47:79:84:4e:
b9:7a:f9:13:7b:68:f2:e6:84:6c:12:38:24:7c:8d:40:50:0d:
48:a4:c9:49:82:81:6a:94:e9:05:15:94:69:ab:6c:fa:82:e8:
d5:e7:6a:a8:78:43:b7:83:7a:b2:e2:08:14:d3:3d:93:b6:b8:
8f:a5:fe:b9:fd:52:bc:aa:9b:71:c5:1f:8c:5b:b9:45:52:28:
02:b3:65:34:09:80:2d:57:58:55:ad:67:79:be:6a:be:de:30:
5e:60:3c:6f:d7:94:ef:c8:19:b5:01:7f:25:d3:33:59:87:b1:
1b:86:01:44
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYr0nIA+SwfqjdarW5jzVDuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMxMDAzMDgxNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjM5NGVkMjJjNTgwMzE3MDI0NzcxZTQ2NzVjYjI3MTI2MzQ3NzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpWq8cFo5I8dsO3dlfUVStotM9RX
OiA1bCKd386qOSkUX187ZxEQ8qqKPe0EvcjWPMGLjY355YDJOjkXYSjBDyf5Vr/p
jYyDEfrmaikobjS+rhStORqC8CrcNove0faIXSu2c5jKvHa/sU9peXB0QeezJbj5
PUVfMlXMg85RS/4GTYQoIdxYf1anGSQ0dwa5TuoctmY8V3lPAeVLOQnlEINNMaCC
K934gez7k8gd5rIhPWDLvD454Kozeu9OoNtVuaGxldFyuJIYTHl7EAMaOEbNBCpr
uLwdoBeV2yC6sUSFDlgz66bEZWpCYY9GRAZZrG88qwEfT1jfQt+P42KaIQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMY5TtIsWAMXAkdx5GdcsnEmNHd6MB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEveGpsTzBpeFlBeGNDUjNIa1oxeXljU1kwZDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcCKgc1ABJA
AwcAKgc1ABL4AwcAKgc1ABXAAwcAKgc1ARNAAwcAKgc1AhBgAwcCKgc1AhGgMA0G
CSqGSIb3DQEBCwUAA4IBAQA+5K9RNdGphAnEYihjdEbL23s8K5CJPhJFPKuRVcxV
d7eV1GTahTgmqRX1qM4uqRbI3UuGVUdbTiHH6JM1VYmTSySa7/NIDXeyOenPhE7U
zS3ogPP1tVnaom4S1OUI7mtRa7qK4ARlkltsUCG5Wtw2NZhCJ2+zvi7VdGJRERid
CTNQ/ccEpIErOKwwLEd5hE65evkTe2jy5oRsEjgkfI1AUA1IpMlJgoFqlOkFFZRp
q2z6gujV52qoeEO3g3qy4ggU0z2TtriPpf65/VK8qptxxR+MW7lFUigCs2U0CYAt
V1hVrWd5vmq+3jBeYDxv15TvyBm1AX8l0zNZh7EbhgFE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:33 2025 by rpki-client