Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/XaQNtoMomsP3S8kHXgRsVvdf-IE.roa
File: XaQNtoMomsP3S8kHXgRsVvdf-IE.roa (raw, json)
Hash identifier: ZWhedByOb1ZRomqjPJ7fDUcjH9Chcrm+xrJA1WVd9HM=
Subject key identifier: 5D:A4:0D:B6:83:28:9A:C3:F7:4B:C9:07:5E:04:6C:56:F7:5F:F8:81
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01942369EF37F916A8D5B1323F9CF9E31EC6
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/XaQNtoMomsP3S8kHXgRsVvdf-IE.roa
Signing time: Wed 01 Jan 2025 19:48:52 +0000
ROA not before: Wed 01 Jan 2025 19:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202888
IP address blocks: 2a0f:7800::/31 maxlen: 48
2a0f:7804::/31 maxlen: 48
2a0f:7806::/31 maxlen: 48
2a0f:7806:fffe::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:ef:37:f9:16:a8:d5:b1:32:3f:9c:f9:e3:1e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 19:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5da40db683289ac3f74bc9075e046c56f75ff881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:43:66:10:c3:ff:35:51:9d:d0:b2:cb:eb:85:
cf:39:ed:b4:27:4b:a8:05:34:76:77:09:3d:d6:3d:
e0:7e:86:dc:0b:1d:58:83:cb:b3:09:12:cd:de:76:
44:c8:d7:5b:3f:8e:93:45:b9:e1:09:95:47:56:e4:
72:64:86:e6:b9:0a:a6:e9:24:22:47:a1:2c:6f:bd:
b9:86:ef:11:36:f4:20:4b:ee:b3:bf:c1:f8:9b:8e:
44:f7:33:84:c7:4f:0e:6f:83:aa:fc:4c:e5:fa:9b:
2c:98:62:c5:fc:17:c9:2b:43:1e:12:28:bc:3e:ef:
c0:52:07:a5:57:d6:c3:15:65:9d:30:b9:8f:d5:af:
c7:ea:a3:02:8b:65:bf:d7:31:04:88:b5:95:df:dd:
03:df:b7:c4:56:6b:dc:3f:9b:c8:2b:aa:a3:35:6e:
f1:23:87:48:f4:75:7b:46:a8:75:df:c6:c5:59:7b:
e0:f8:13:70:3b:bf:61:8a:14:de:e9:4a:cd:1d:32:
88:04:9f:3d:8c:b2:72:f3:99:4b:3b:c4:2d:b7:4d:
6a:63:e5:b2:f6:6a:de:33:60:ca:35:88:39:f1:52:
06:a2:ed:0a:a8:6a:bc:75:0d:37:d2:49:4c:fd:1e:
19:51:5f:d7:7c:a2:de:13:c7:d8:0a:42:ef:f4:21:
0e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A4:0D:B6:83:28:9A:C3:F7:4B:C9:07:5E:04:6C:56:F7:5F:F8:81
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/XaQNtoMomsP3S8kHXgRsVvdf-IE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7800::/31
2a0f:7804::/30
Signature Algorithm: sha256WithRSAEncryption
73:6b:c7:22:c1:ef:2a:eb:05:bf:7b:dd:dc:e0:73:0f:76:84:
c6:b5:13:53:55:61:d2:0e:c4:f8:8d:bd:19:a3:79:dc:4c:5e:
b1:00:df:5e:fa:24:b2:fa:30:ba:71:b2:1e:b8:96:01:45:06:
06:b7:a0:2b:af:ce:70:19:29:b4:e4:9f:87:16:3b:e9:ff:7d:
25:38:1f:98:98:ac:8c:36:a7:7d:84:04:ab:b5:8c:e9:1d:da:
d7:c6:20:20:ab:12:1f:77:ea:8e:d1:42:93:fc:f3:59:c3:7d:
2a:9f:f3:4b:c8:96:33:69:f3:4b:fa:aa:3b:c6:70:b2:18:a1:
aa:08:81:ca:26:ae:3d:3e:d5:34:cc:76:0b:b6:d9:a5:b8:02:
36:cf:e7:40:80:98:0a:ec:17:1a:c1:01:ca:ba:8a:1a:e0:fb:
ff:2b:3d:3f:34:bc:68:5e:8a:a1:a8:ab:b4:f9:4f:aa:33:e4:
a3:f7:91:87:36:4d:c6:77:1c:82:f1:a4:87:d8:ad:e9:fb:b0:
6b:91:82:d2:26:60:cf:3c:29:68:f5:67:3e:6a:c8:e3:a3:db:
27:11:be:0c:bf:dc:6f:32:96:59:82:11:ae:2c:26:7e:cc:58:
6f:1b:6b:0c:30:14:29:b5:f7:5b:8b:1c:33:66:80:ee:79:65:
97:10:d5:a4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQjae83+Rao1bEyP5z54x7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwMTAxMTk0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGE0MGRiNjgzMjg5YWMzZjc0YmM5MDc1ZTA0NmM1NmY3NWZmODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0NmEMP/NVGd0LLL64XPOe20J0uo
BTR2dwk91j3gfobcCx1Yg8uzCRLN3nZEyNdbP46TRbnhCZVHVuRyZIbmuQqm6SQi
R6Esb725hu8RNvQgS+6zv8H4m45E9zOEx08Ob4Oq/Ezl+pssmGLF/BfJK0MeEii8
Pu/AUgelV9bDFWWdMLmP1a/H6qMCi2W/1zEEiLWV390D37fEVmvcP5vIK6qjNW7x
I4dI9HV7Rqh138bFWXvg+BNwO79hihTe6UrNHTKIBJ89jLJy85lLO8Qtt01qY+Wy
9mreM2DKNYg58VIGou0KqGq8dQ030klM/R4ZUV/XfKLeE8fYCkLv9CEOAwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFF2kDbaDKJrD90vJB14EbFb3X/iBMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvWGFRTnRvTW9tc1AzUzhrSFhnUnNWdmRmLUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUBKg94AAMF
AioPeAQwDQYJKoZIhvcNAQELBQADggEBAHNrxyLB7yrrBb973dzgcw92hMa1E1NV
YdIOxPiNvRmjedxMXrEA3176JLL6MLpxsh64lgFFBga3oCuvznAZKbTkn4cWO+n/
fSU4H5iYrIw2p32EBKu1jOkd2tfGICCrEh936o7RQpP881nDfSqf80vIljNp80v6
qjvGcLIYoaoIgcomrj0+1TTMdgu22aW4AjbP50CAmArsFxrBAcq6ihrg+/8rPT80
vGheiqGoq7T5T6oz5KP3kYc2TcZ3HILxpIfYren7sGuRgtImYM88KWj1Zz5qyOOj
2ycRvgy/3G8yllmCEa4sJn7MWG8bawwwFCm191uLHDNmgO55ZZcQ1aQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:58 2025 by rpki-client