Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1dc3d9-1981-40a8-8ceb-38565981b446/1/XRK6NUfW2V25c3PdUmfNMT0sJgI.roa
File: XRK6NUfW2V25c3PdUmfNMT0sJgI.roa (raw, json)
Hash identifier: TIdn1KBgrz4Xq/MX5vlZ0dGlUERDb0SyhMGOxIl7WYk=
Subject key identifier: 5D:12:BA:35:47:D6:D9:5D:B9:73:73:DD:52:67:CD:31:3D:2C:26:02
Certificate issuer: /CN=4cb52d4a23e5e2821fa1915ec137d384fae1fd2e
Certificate serial: 0181DACF9191FD117D25F6559D5A294D61AC
Authority key identifier: 4C:B5:2D:4A:23:E5:E2:82:1F:A1:91:5E:C1:37:D3:84:FA:E1:FD:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TLUtSiPl4oIfoZFewTfThPrh_S4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/1dc3d9-1981-40a8-8ceb-38565981b446/1/XRK6NUfW2V25c3PdUmfNMT0sJgI.roa
Signing time: Thu 07 Jul 2022 22:37:25 +0000
ROA not before: Thu 07 Jul 2022 22:37:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 701
IP address blocks: 2a11:d7c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:da:cf:91:91:fd:11:7d:25:f6:55:9d:5a:29:4d:61:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cb52d4a23e5e2821fa1915ec137d384fae1fd2e
Validity
Not Before: Jul 7 22:37:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d12ba3547d6d95db97373dd5267cd313d2c2602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:22:dd:e1:a1:29:8d:1a:e2:ff:b2:bc:4a:d7:
c6:a5:e2:38:f7:29:64:d5:93:38:77:94:50:cb:69:
b2:95:02:43:ca:55:7a:06:80:bf:5a:2c:cb:47:1a:
c9:a6:15:7f:cf:0f:82:e1:ff:cd:3c:0d:2c:17:a3:
fe:c0:ca:d7:7a:b2:12:64:78:90:3b:f3:8f:e6:d6:
a6:70:25:4d:bd:4a:86:c8:d0:7a:fe:e6:34:23:fe:
2c:e1:63:51:91:f4:aa:6b:4e:4e:eb:85:c3:4b:bd:
5b:35:06:2d:47:e4:69:f1:85:8f:a9:44:e9:61:0a:
f3:0c:1c:b4:22:12:cf:2f:c6:c7:f9:a5:9c:95:68:
f1:3f:d9:e3:1e:6a:d5:78:cb:59:c9:3f:ca:d2:05:
45:1e:44:f0:1e:c9:d7:1a:6c:26:53:17:74:3b:7e:
a8:9d:6b:d4:c4:ed:24:7e:c6:4f:e4:97:66:71:c7:
06:d5:4f:14:5e:74:a8:78:1b:22:b1:1a:5b:12:c0:
8c:f3:d7:9a:4c:bd:78:1c:06:85:b5:c6:e3:bf:c8:
d8:0a:f2:12:af:86:cd:a5:6f:29:24:c3:44:b0:2b:
04:04:da:31:13:7e:ff:4a:9e:68:4a:24:e1:e1:d1:
54:a3:25:37:89:f0:05:7a:3e:bf:c5:8e:88:d3:f5:
df:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:12:BA:35:47:D6:D9:5D:B9:73:73:DD:52:67:CD:31:3D:2C:26:02
X509v3 Authority Key Identifier:
keyid:4C:B5:2D:4A:23:E5:E2:82:1F:A1:91:5E:C1:37:D3:84:FA:E1:FD:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TLUtSiPl4oIfoZFewTfThPrh_S4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1dc3d9-1981-40a8-8ceb-38565981b446/1/XRK6NUfW2V25c3PdUmfNMT0sJgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1dc3d9-1981-40a8-8ceb-38565981b446/1/TLUtSiPl4oIfoZFewTfThPrh_S4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:d7c0::/29
Signature Algorithm: sha256WithRSAEncryption
4e:08:58:b8:aa:76:e7:33:cb:22:29:f5:7b:76:0d:81:44:af:
ea:92:f7:46:6d:a1:b1:3b:78:2d:6e:34:e9:06:ca:3d:fa:72:
7d:af:6d:81:d8:5f:b7:fc:ea:1e:a9:31:69:8b:39:93:e4:4c:
04:23:5a:2b:e9:0e:ed:b0:c9:99:83:c2:8a:80:6b:86:09:2c:
83:66:0a:be:a2:bf:d0:d3:a8:73:4b:6a:f5:f0:0f:88:b5:fa:
fd:9c:26:78:bf:31:e0:6a:5d:99:8e:70:1b:c1:3d:d8:71:dc:
e9:bc:e4:06:b3:06:1f:e0:0b:e2:fc:c9:44:f5:63:cd:c5:be:
51:e5:19:aa:7e:dc:8f:d6:0d:a5:7e:e8:d7:df:74:46:7c:2f:
74:93:fd:aa:6e:9c:14:8c:be:f4:f6:13:60:b1:5f:fb:2e:05:
96:20:87:79:a7:5f:9b:89:4e:be:63:2f:dc:02:f7:aa:81:c4:
f0:a4:2b:d9:e2:1b:49:c7:d7:19:be:c3:2f:1d:cf:a8:85:14:
80:c6:f4:4b:14:63:f6:20:7f:24:f4:13:ad:b0:5f:60:45:8c:
c4:97:89:06:cf:00:17:f6:63:b8:23:a9:06:81:e6:4e:3b:64:
66:53:02:db:f7:5f:63:7b:e1:96:b6:68:f4:b1:47:22:40:05:
85:ef:b7:4f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYHaz5GR/RF9JfZVnVopTWGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYjUyZDRhMjNlNWUyODIxZmExOTE1ZWMxMzdkMzg0ZmFl
MWZkMmUwHhcNMjIwNzA3MjIzNzI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDEyYmEzNTQ3ZDZkOTVkYjk3MzczZGQ1MjY3Y2QzMTNkMmMyNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliLd4aEpjRri/7K8StfGpeI49ylk
1ZM4d5RQy2mylQJDylV6BoC/WizLRxrJphV/zw+C4f/NPA0sF6P+wMrXerISZHiQ
O/OP5tamcCVNvUqGyNB6/uY0I/4s4WNRkfSqa05O64XDS71bNQYtR+Rp8YWPqUTp
YQrzDBy0IhLPL8bH+aWclWjxP9njHmrVeMtZyT/K0gVFHkTwHsnXGmwmUxd0O36o
nWvUxO0kfsZP5JdmcccG1U8UXnSoeBsisRpbEsCM89eaTL14HAaFtcbjv8jYCvIS
r4bNpW8pJMNEsCsEBNoxE37/Sp5oSiTh4dFUoyU3ifAFej6/xY6I0/Xf9QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF0SujVH1tlduXNz3VJnzTE9LCYCMB8GA1UdIwQY
MBaAFEy1LUoj5eKCH6GRXsE304T64f0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVExVdFNpUGw0b0lmb1pGZXdUZlRoUHJoX1M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZGMzZDktMTk4MS00MGE4LThjZWIt
Mzg1NjU5ODFiNDQ2LzEvWFJLNk5VZlcyVjI1YzNQZFVtZk5NVDBzSmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZGMzZDktMTk4MS00MGE4LThjZWItMzg1NjU5ODFiNDQ2
LzEvVExVdFNpUGw0b0lmb1pGZXdUZlRoUHJoX1M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhHXwDAN
BgkqhkiG9w0BAQsFAAOCAQEATghYuKp25zPLIin1e3YNgUSv6pL3Rm2hsTt4LW40
6QbKPfpyfa9tgdhft/zqHqkxaYs5k+RMBCNaK+kO7bDJmYPCioBrhgksg2YKvqK/
0NOoc0tq9fAPiLX6/ZwmeL8x4GpdmY5wG8E92HHc6bzkBrMGH+AL4vzJRPVjzcW+
UeUZqn7cj9YNpX7o1990RnwvdJP9qm6cFIy+9PYTYLFf+y4FliCHeadfm4lOvmMv
3AL3qoHE8KQr2eIbScfXGb7DLx3PqIUUgMb0SxRj9iB/JPQTrbBfYEWMxJeJBs8A
F/ZjuCOpBoHmTjtkZlMC2/dfY3vhlrZo9LFHIkAFhe+3Tw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:07 2025 by rpki-client