Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/xNr5I0Wokl-j2aBAEkjZmpNRVng.roa
File: xNr5I0Wokl-j2aBAEkjZmpNRVng.roa (raw, json)
Hash identifier: epmYMuuR7FlxzNy/fvLKPn2AzgVlFDZhQf7tXXleECM=
Subject key identifier: C4:DA:F9:23:45:A8:92:5F:A3:D9:A0:40:12:48:D9:9A:93:51:56:78
Certificate issuer: /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial: 01941F8C6DE8D8B6C54B86FD0558F12D6A0D
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/xNr5I0Wokl-j2aBAEkjZmpNRVng.roa
Signing time: Wed 01 Jan 2025 01:48:04 +0000
ROA not before: Wed 01 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210851
IP address blocks: 2a0e:e704:46::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:6d:e8:d8:b6:c5:4b:86:fd:05:58:f1:2d:6a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4daf92345a8925fa3d9a0401248d99a93515678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c4:ea:78:15:73:ae:32:6e:af:a2:c0:8b:f3:
3d:48:82:64:a7:a5:81:ce:e0:ed:7d:b8:e5:ba:15:
0a:61:4a:d5:7e:c0:d0:02:36:f5:47:29:cb:0c:e1:
5a:15:9f:6d:65:76:d9:cc:f6:49:61:90:ef:7f:bc:
31:90:cc:d0:f1:d0:53:11:ef:46:70:e4:b5:ef:72:
e4:f5:3f:76:64:f2:69:85:09:9b:db:21:64:90:56:
43:25:72:ce:c6:a1:e6:ba:e3:b8:c6:48:13:c2:d5:
b4:14:13:d6:5d:f5:8f:7f:7f:88:f3:18:e9:8a:8d:
6b:86:a1:c8:1a:0f:f9:12:8e:15:e5:9f:85:b8:1f:
51:73:7f:47:d0:ba:54:e3:c2:96:77:af:6d:7a:ac:
af:20:63:99:5f:7a:e3:20:7a:fa:1a:5f:96:46:dc:
ce:14:c8:d9:a0:d8:97:ea:47:21:fb:70:40:7d:7c:
e9:81:42:1e:45:82:3b:71:b1:97:aa:56:7a:ec:b8:
b0:bc:61:95:b3:3d:31:98:0a:c1:be:d1:48:37:26:
a6:59:ac:e2:bb:d5:0f:d5:cb:a7:28:c2:b5:9d:bd:
ff:6e:84:3e:5d:d5:f9:8c:90:cc:3c:af:89:8e:f7:
e8:5c:8e:76:37:69:bd:a1:49:ae:93:2a:6e:9d:9c:
aa:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:DA:F9:23:45:A8:92:5F:A3:D9:A0:40:12:48:D9:9A:93:51:56:78
X509v3 Authority Key Identifier:
keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/xNr5I0Wokl-j2aBAEkjZmpNRVng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e704:46::/48
Signature Algorithm: sha256WithRSAEncryption
91:ab:9e:64:15:f8:44:b5:24:8f:ae:44:3a:1f:b6:f3:ec:98:
e9:32:55:a5:db:d3:53:1c:dc:dd:ae:19:aa:92:61:3f:42:87:
9e:0e:cb:2b:be:38:90:93:d8:18:40:29:45:78:8f:f6:db:04:
46:2d:8a:19:1f:e3:21:27:e7:be:fd:8a:fc:af:6a:3b:d5:62:
15:b8:15:1e:f6:fd:51:9c:e3:de:0e:31:e4:91:b3:96:e8:a4:
69:e1:d9:b2:ec:5d:1e:45:29:ca:20:97:8d:25:82:bf:d5:4c:
90:79:ca:b5:ea:6b:26:11:a2:b9:b7:80:84:00:79:f0:c0:3e:
f3:63:e5:85:97:11:65:8a:dc:6d:92:72:29:9f:88:5f:e2:88:
da:46:0c:d9:18:33:7a:fb:40:7e:a0:7d:bb:66:36:9c:a5:c5:
06:7b:ce:40:73:d7:00:6b:0b:5d:64:ed:c0:84:10:76:a7:b7:
27:40:31:24:69:ab:02:f6:a3:6e:93:bc:ff:cb:d5:c9:77:c0:
44:73:5f:7b:95:50:b3:15:75:c1:7b:84:da:42:45:63:13:85:
55:ed:7d:57:b5:de:9d:04:f9:5e:0e:94:9c:8b:cc:42:db:a1:
0c:3d:71:fb:35:61:b3:22:dc:9c:23:ac:fa:3e:78:2f:2f:a8:
4b:c3:38:f0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjG3o2LbFS4b9BVjxLWoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGY0NWY3Y2M0YjY5MWZkNGEzMWMxZjFjMGI0ZjYwNWQ3
N2E2ZWYwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGRhZjkyMzQ1YTg5MjVmYTNkOWEwNDAxMjQ4ZDk5YTkzNTE1Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsTqeBVzrjJur6LAi/M9SIJkp6WB
zuDtfbjluhUKYUrVfsDQAjb1RynLDOFaFZ9tZXbZzPZJYZDvf7wxkMzQ8dBTEe9G
cOS173Lk9T92ZPJphQmb2yFkkFZDJXLOxqHmuuO4xkgTwtW0FBPWXfWPf3+I8xjp
io1rhqHIGg/5Eo4V5Z+FuB9Rc39H0LpU48KWd69teqyvIGOZX3rjIHr6Gl+WRtzO
FMjZoNiX6kch+3BAfXzpgUIeRYI7cbGXqlZ67LiwvGGVsz0xmArBvtFINyamWazi
u9UP1cunKMK1nb3/boQ+XdX5jJDMPK+JjvfoXI52N2m9oUmukypunZyqhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMTa+SNFqJJfo9mgQBJI2ZqTUVZ4MB8GA1UdIwQY
MBaAFNYPRffMS2kf1KMcHxwLT2Bdd6bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzkt
YTk1NGQwNTM5OTRhLzEveE5yNUkwV29rbC1qMmFCQUVralptcE5SVm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzktYTk1NGQwNTM5OTRh
LzEvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg7nBABG
MA0GCSqGSIb3DQEBCwUAA4IBAQCRq55kFfhEtSSPrkQ6H7bz7JjpMlWl29NTHNzd
rhmqkmE/QoeeDssrvjiQk9gYQClFeI/22wRGLYoZH+MhJ+e+/Yr8r2o71WIVuBUe
9v1RnOPeDjHkkbOW6KRp4dmy7F0eRSnKIJeNJYK/1UyQecq16msmEaK5t4CEAHnw
wD7zY+WFlxFlitxtknIpn4hf4ojaRgzZGDN6+0B+oH27ZjacpcUGe85Ac9cAawtd
ZO3AhBB2p7cnQDEkaasC9qNuk7z/y9XJd8BEc197lVCzFXXBe4TaQkVjE4VV7X1X
td6dBPleDpSci8xC26EMPXH7NWGzItycI6z6PngvL6hLwzjw
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:05:27 2025 by rpki-client