Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/da7825-2abb-4640-a782-b483e8ec1734/1/xGQm_rWbULrg6Lu-WeIfjLipx3M.roa
File: xGQm_rWbULrg6Lu-WeIfjLipx3M.roa (raw, json)
Hash identifier: ia6vrp8m7vBtd7LcnnChYKW4lXaqyNtXsWnAjkuIHz4=
Subject key identifier: C4:64:26:FE:B5:9B:50:BA:E0:E8:BB:BE:59:E2:1F:8C:B8:A9:C7:73
Certificate issuer: /CN=db98b99d15e505c345b5ed5f68eb8c5bbfe27f9a
Certificate serial: 0B058A7C
Authority key identifier: DB:98:B9:9D:15:E5:05:C3:45:B5:ED:5F:68:EB:8C:5B:BF:E2:7F:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25i5nRXlBcNFte1faOuMW7_if5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/da7825-2abb-4640-a782-b483e8ec1734/1/xGQm_rWbULrg6Lu-WeIfjLipx3M.roa
Signing time: Sat 01 Jan 2022 12:01:03 +0000
ROA not before: Sat 01 Jan 2022 12:01:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205705
IP address blocks: 2a07:301::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 184912508 (0xb058a7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db98b99d15e505c345b5ed5f68eb8c5bbfe27f9a
Validity
Not Before: Jan 1 12:01:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c46426feb59b50bae0e8bbbe59e21f8cb8a9c773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:67:df:a9:6f:c6:81:1c:dd:82:51:d1:29:12:
30:6d:24:27:e9:3e:ac:e8:f3:19:25:42:d9:11:9b:
2f:9c:58:28:ac:db:b5:ad:33:da:87:4a:fe:ae:40:
8a:ec:d9:49:7f:d8:88:0b:f2:0c:2d:08:9d:b6:66:
c8:f9:37:87:a4:30:51:c2:91:60:f1:6d:56:b8:26:
69:4e:f3:88:59:73:5c:a9:f3:0a:09:e6:6f:ed:de:
31:14:f5:d8:85:77:21:91:6e:54:16:e9:ee:d1:f9:
67:34:ca:53:e2:48:b5:76:8f:44:ce:bb:e3:a5:65:
c6:39:4c:80:ce:fe:8a:2b:a9:33:0a:20:8a:2f:21:
12:8d:28:3e:cc:79:93:9a:2f:0e:43:bb:6b:5a:d0:
4f:05:18:19:2d:77:ae:84:2a:43:e1:8f:f2:1d:c7:
4b:4a:7b:81:1a:06:cc:4f:8b:2d:82:2e:4f:41:ea:
aa:70:b3:5c:19:5d:df:7f:4f:8f:77:50:e1:16:c3:
4c:e8:d5:7b:2e:5a:e2:c9:24:a7:5b:eb:54:99:c3:
38:f9:79:60:2e:b1:44:df:61:08:3e:fd:8b:63:fc:
87:72:32:eb:99:c8:4f:c0:3a:06:8a:aa:08:0a:e3:
4c:81:29:f3:87:72:c7:3e:dd:35:e4:a1:57:4b:98:
32:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:64:26:FE:B5:9B:50:BA:E0:E8:BB:BE:59:E2:1F:8C:B8:A9:C7:73
X509v3 Authority Key Identifier:
keyid:DB:98:B9:9D:15:E5:05:C3:45:B5:ED:5F:68:EB:8C:5B:BF:E2:7F:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25i5nRXlBcNFte1faOuMW7_if5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/da7825-2abb-4640-a782-b483e8ec1734/1/xGQm_rWbULrg6Lu-WeIfjLipx3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/da7825-2abb-4640-a782-b483e8ec1734/1/25i5nRXlBcNFte1faOuMW7_if5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:301::/33
Signature Algorithm: sha256WithRSAEncryption
72:c7:2a:7b:43:ae:0e:f2:28:ce:ff:a4:95:d6:3e:5a:e2:eb:
d4:85:bb:45:75:f6:87:c3:aa:5b:79:80:8b:4c:de:a2:67:b9:
a9:66:0b:12:db:5c:ea:75:98:70:fc:0f:5d:96:72:07:dc:6d:
d6:45:40:0f:76:db:84:9c:4b:0b:e2:34:10:05:25:2d:ff:09:
1c:91:dd:b5:eb:d2:ae:31:18:74:a2:5c:e7:90:d4:4f:cc:14:
ad:34:02:d5:d9:93:0c:30:7a:30:63:c3:d9:e6:c6:cf:9f:90:
4e:bf:8d:85:10:4a:4c:ba:c5:f9:30:7f:00:bb:20:cd:ee:2b:
c5:ce:2a:df:8c:91:83:77:eb:83:bd:24:7e:f2:23:38:9d:54:
a6:a4:62:27:e7:a9:3e:ec:85:d5:89:0a:12:a8:ce:85:f1:b5:
32:1a:0a:bb:6b:96:e6:36:ce:73:4c:94:1c:b3:ac:40:47:a4:
68:ca:d3:e8:1a:b4:d1:ff:9d:63:0e:87:a9:8e:60:31:5b:19:
45:65:51:b7:35:bf:bf:6b:bd:82:6f:d1:c3:d9:82:81:69:5a:
f0:20:82:0b:2f:06:52:55:f8:b9:27:7e:d7:21:e5:da:05:3c:
36:56:b2:66:52:eb:45:ce:6b:96:73:90:8c:81:68:d1:ac:06:
bf:17:59:ab
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECwWKfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Yjk4Yjk5ZDE1ZTUwNWMzNDViNWVkNWY2OGViOGM1YmJmZTI3ZjlhMB4XDTIyMDEw
MTEyMDEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQ2NDI2ZmViNTli
NTBiYWUwZThiYmJlNTllMjFmOGNiOGE5Yzc3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5n36lvxoEc3YJR0SkSMG0kJ+k+rOjzGSVC2RGbL5xYKKzb
ta0z2odK/q5AiuzZSX/YiAvyDC0InbZmyPk3h6QwUcKRYPFtVrgmaU7ziFlzXKnz
Cgnmb+3eMRT12IV3IZFuVBbp7tH5ZzTKU+JItXaPRM6746VlxjlMgM7+iiupMwog
ii8hEo0oPsx5k5ovDkO7a1rQTwUYGS13roQqQ+GP8h3HS0p7gRoGzE+LLYIuT0Hq
qnCzXBld339Pj3dQ4RbDTOjVey5a4skkp1vrVJnDOPl5YC6xRN9hCD79i2P8h3Iy
65nIT8A6BoqqCArjTIEp84dyxz7dNeShV0uYMo8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBTEZCb+tZtQuuDou75Z4h+MuKnHczAfBgNVHSMEGDAWgBTbmLmdFeUFw0W1
7V9o64xbv+J/mjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzI1aTVuUlhsQmNORnRlMWZhT3VNVzdfaWY1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvZGE3ODI1LTJhYmItNDY0MC1hNzgyLWI0ODNlOGVjMTczNC8x
L3hHUW1fcldiVUxyZzZMdS1XZUlmakxpcHgzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
ZGE3ODI1LTJhYmItNDY0MC1hNzgyLWI0ODNlOGVjMTczNC8xLzI1aTVuUlhsQmNO
RnRlMWZhT3VNVzdfaWY1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGByoHAwEAMA0GCSqGSIb3DQEBCwUA
A4IBAQByxyp7Q64O8ijO/6SV1j5a4uvUhbtFdfaHw6pbeYCLTN6iZ7mpZgsS21zq
dZhw/A9dlnIH3G3WRUAPdtuEnEsL4jQQBSUt/wkckd2169KuMRh0olznkNRPzBSt
NALV2ZMMMHowY8PZ5sbPn5BOv42FEEpMusX5MH8AuyDN7ivFzirfjJGDd+uDvSR+
8iM4nVSmpGIn56k+7IXViQoSqM6F8bUyGgq7a5bmNs5zTJQcs6xAR6RoytPoGrTR
/51jDoepjmAxWxlFZVG3Nb+/a72Cb9HD2YKBaVrwIIILLwZSVfi5J37XIeXaBTw2
VrJmUutFzmuWc5CMgWjRrAa/F1mr
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:04:15 2025 by rpki-client