Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/x-sFc0XuZWyC8mb5YkUAH-GfdII.roa
File: x-sFc0XuZWyC8mb5YkUAH-GfdII.roa (raw, json)
Hash identifier: SLT0QNLc8vBCO5UeVhbutYzbWFamBQrhqoa9wxuI2Us=
Subject key identifier: C7:EB:05:73:45:EE:65:6C:82:F2:66:F9:62:45:00:1F:E1:9F:74:82
Certificate issuer: /CN=093509e7ec68fe2d943407d5dd126a0f596f2ab5
Certificate serial: 019423D6CA9A0043C73A69601905691B05A2
Authority key identifier: 09:35:09:E7:EC:68:FE:2D:94:34:07:D5:DD:12:6A:0F:59:6F:2A:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/x-sFc0XuZWyC8mb5YkUAH-GfdII.roa
Signing time: Wed 01 Jan 2025 21:47:46 +0000
ROA not before: Wed 01 Jan 2025 21:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47959
IP address blocks: 2a00:1b80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ca:9a:00:43:c7:3a:69:60:19:05:69:1b:05:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093509e7ec68fe2d943407d5dd126a0f596f2ab5
Validity
Not Before: Jan 1 21:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7eb057345ee656c82f266f96245001fe19f7482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:79:db:48:2d:c9:e9:8f:73:34:32:84:2d:77:
d2:30:49:6c:21:6a:fe:77:19:f9:f0:95:a6:d5:4a:
97:2e:6a:0b:64:1a:f0:57:e3:fe:49:3d:5a:b4:fc:
ba:6c:67:36:ec:3e:ac:db:73:62:03:84:83:f3:e0:
23:63:3b:4f:e0:a0:f9:43:27:60:25:a0:ca:d6:0c:
9f:65:e6:d6:83:7a:f3:79:43:c1:a2:6a:c8:e9:d5:
6d:43:3f:41:80:be:75:81:c5:b1:4a:a2:51:84:81:
cb:ac:9c:58:4f:32:49:70:b9:24:a3:a2:c1:ec:48:
16:22:ad:d2:5b:4a:aa:bb:01:74:53:ca:3a:70:4d:
3f:1b:c7:15:cc:44:b1:b9:e9:65:93:ed:73:f5:82:
9d:06:f1:ec:46:5b:5c:08:95:a2:e4:a2:bb:70:dd:
df:b5:05:6f:dc:26:9b:35:fb:29:4d:68:a4:a9:73:
2b:9f:7f:ce:1c:e2:8e:e7:b7:41:e4:8b:bd:07:23:
ce:72:4d:af:2c:5d:47:59:c4:3e:b9:8f:c4:b8:6b:
07:46:78:ea:f9:e0:1b:a5:40:ac:eb:ee:ff:6c:65:
02:95:a0:3e:3f:53:a7:7a:01:fe:0a:06:f0:df:a8:
31:50:c5:cc:1f:7f:69:51:b3:08:d6:2a:38:2a:b6:
cf:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:EB:05:73:45:EE:65:6C:82:F2:66:F9:62:45:00:1F:E1:9F:74:82
X509v3 Authority Key Identifier:
keyid:09:35:09:E7:EC:68:FE:2D:94:34:07:D5:DD:12:6A:0F:59:6F:2A:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/x-sFc0XuZWyC8mb5YkUAH-GfdII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
3e:02:8e:9c:fe:06:87:2c:d2:ba:41:d2:f4:d3:b5:8c:85:e2:
0f:10:21:46:ea:13:38:0d:ec:b5:6b:9d:ee:2b:39:89:71:cb:
bc:88:12:9d:b9:03:9b:92:6d:3b:79:08:e8:86:0a:d2:74:8d:
64:25:b4:10:9b:21:29:39:c3:f9:b7:6b:0e:e7:fc:80:73:5f:
dc:e7:22:d4:1e:7f:aa:0d:ae:ac:df:aa:33:1e:a3:54:38:cd:
f2:f9:db:2d:7d:b8:d5:1a:e1:9c:c1:64:c3:a3:ab:39:4a:ac:
70:de:f5:3a:77:25:2c:81:24:14:1a:64:ee:46:49:2d:d2:0c:
d0:91:b3:88:88:a7:66:44:04:78:a8:db:06:62:9a:be:89:35:
72:c2:46:2e:65:5b:cd:56:5d:95:91:86:15:7a:65:0e:ef:58:
c1:c0:d5:a1:1d:80:f8:51:9c:b9:09:db:e4:b3:bc:b2:8d:95:
82:7b:ce:d9:aa:61:20:d4:d5:a1:2d:dd:b5:c3:45:0f:78:01:
e1:32:86:bd:7b:49:12:71:6d:e6:34:45:1b:d2:d0:c9:8d:67:
b1:59:02:bf:6e:9f:82:df:6e:78:31:57:3b:4b:00:34:39:80:
a2:81:16:b1:59:cf:5d:e2:07:20:38:d8:95:fb:99:ae:21:39:
f8:01:18:b0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQj1sqaAEPHOmlgGQVpGwWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzUwOWU3ZWM2OGZlMmQ5NDM0MDdkNWRkMTI2YTBmNTk2
ZjJhYjUwHhcNMjUwMTAxMjE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2ViMDU3MzQ1ZWU2NTZjODJmMjY2Zjk2MjQ1MDAxZmUxOWY3NDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3nbSC3J6Y9zNDKELXfSMElsIWr+
dxn58JWm1UqXLmoLZBrwV+P+ST1atPy6bGc27D6s23NiA4SD8+AjYztP4KD5Qydg
JaDK1gyfZebWg3rzeUPBomrI6dVtQz9BgL51gcWxSqJRhIHLrJxYTzJJcLkko6LB
7EgWIq3SW0qquwF0U8o6cE0/G8cVzESxuellk+1z9YKdBvHsRltcCJWi5KK7cN3f
tQVv3CabNfspTWikqXMrn3/OHOKO57dB5Iu9ByPOck2vLF1HWcQ+uY/EuGsHRnjq
+eAbpUCs6+7/bGUClaA+P1OnegH+Cgbw36gxUMXMH39pUbMI1io4KrbP1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMfrBXNF7mVsgvJm+WJFAB/hn3SCMB8GA1UdIwQY
MBaAFAk1CefsaP4tlDQH1d0Sag9Zbyq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1RVSjUteG9faTJVTkFmVjNSSnFEMWx2S3JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9kZmI5NGMtZmRmNC00OTcyLTlhZDgt
N2Q2OTczMzcxMzdiLzEveC1zRmMwWHVaV3lDOG1iNVlrVUFILUdmZElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9kZmI5NGMtZmRmNC00OTcyLTlhZDgtN2Q2OTczMzcxMzdi
LzEvQ1RVSjUteG9faTJVTkFmVjNSSnFEMWx2S3JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgAbgDAN
BgkqhkiG9w0BAQsFAAOCAQEAPgKOnP4GhyzSukHS9NO1jIXiDxAhRuoTOA3stWud
7is5iXHLvIgSnbkDm5JtO3kI6IYK0nSNZCW0EJshKTnD+bdrDuf8gHNf3Oci1B5/
qg2urN+qMx6jVDjN8vnbLX241RrhnMFkw6OrOUqscN71OnclLIEkFBpk7kZJLdIM
0JGziIinZkQEeKjbBmKavok1csJGLmVbzVZdlZGGFXplDu9YwcDVoR2A+FGcuQnb
5LO8so2VgnvO2aphINTVoS3dtcNFD3gB4TKGvXtJEnFt5jRFG9LQyY1nsVkCv26f
gt9ueDFXO0sANDmAooEWsVnPXeIHIDjYlfuZriE5+AEYsA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:28:46 2025 by rpki-client