Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/XWprndht8HmgcFbXbQNH0MwMGcI.roa
File: XWprndht8HmgcFbXbQNH0MwMGcI.roa (raw, json)
Hash identifier: LvcCmuwIj7Etbvvo/C1mJXEeAGMsYtuxQE3L+Z/2XhQ=
Subject key identifier: 5D:6A:6B:9D:D8:6D:F0:79:A0:70:56:D7:6D:03:47:D0:CC:0C:19:C2
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019384009187E14CEC12F75633E604298655
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/XWprndht8HmgcFbXbQNH0MwMGcI.roa
Signing time: Sun 01 Dec 2024 20:54:09 +0000
ROA not before: Sun 01 Dec 2024 20:54:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53667
IP address blocks: 2a0f:e000::/29 maxlen: 36
2a11:3b40::/29 maxlen: 29
2a12:6b80::/29 maxlen: 36
2a12:f0c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:84:00:91:87:e1:4c:ec:12:f7:56:33:e6:04:29:86:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Dec 1 20:54:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d6a6b9dd86df079a07056d76d0347d0cc0c19c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:95:fa:4c:eb:98:6a:fa:07:f9:46:35:c0:c4:
38:34:e6:29:05:84:71:26:cd:40:17:dd:77:24:f3:
8d:bb:6e:e3:6b:36:cb:83:04:9b:4b:af:b0:56:1c:
51:fd:a4:42:5e:82:e0:40:83:cc:7b:11:a6:a3:0d:
fe:8b:c4:a2:c7:73:de:18:3e:ac:8a:61:ab:8f:3a:
84:50:1d:a6:c0:52:ee:dc:b6:be:a7:b7:a6:3a:8b:
04:cf:b6:ab:df:93:b9:39:f5:eb:b4:91:05:da:3f:
b0:e6:a9:e0:22:80:c9:65:d7:f9:ed:be:a4:d0:92:
1e:59:68:a5:79:09:ef:a5:ac:c8:ee:ce:46:68:66:
05:e1:0a:b2:0d:40:e5:77:e7:6e:30:63:0b:45:40:
1a:bd:50:8a:75:a5:d4:3b:75:da:86:ac:61:c2:f7:
d5:7b:6f:61:77:6e:97:93:34:1a:93:94:09:e3:9e:
1b:05:b1:5d:53:f2:3e:69:e9:d2:c2:6c:33:bb:d0:
5a:83:9a:d1:a0:b9:c0:01:88:e5:1b:1a:4e:9d:6f:
82:66:5f:19:29:31:2e:9e:42:01:eb:e0:57:98:ee:
a3:b4:9d:3f:e7:08:d1:12:82:4a:42:e0:5c:96:3a:
aa:49:e2:8c:f8:59:0d:78:68:89:24:db:03:26:bc:
16:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6A:6B:9D:D8:6D:F0:79:A0:70:56:D7:6D:03:47:D0:CC:0C:19:C2
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/XWprndht8HmgcFbXbQNH0MwMGcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e000::/29
2a11:3b40::/29
2a12:6b80::/29
2a12:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:83:7a:80:e2:cf:52:41:01:57:ed:07:8f:13:9d:6b:5e:85:
97:6a:fe:80:18:04:f8:19:fa:e0:54:61:cc:4f:57:55:da:98:
65:dd:b0:d7:7d:c6:17:1e:33:b9:12:80:5a:d7:83:46:28:0e:
53:be:8e:f4:4e:91:35:29:52:a8:ec:6c:44:14:2b:de:f5:e2:
ae:db:a6:45:c2:c3:b4:42:9a:fc:02:bd:98:1e:77:e6:1d:0e:
27:62:cf:9d:fd:f0:e3:8c:51:57:ed:ad:46:5b:56:8d:e1:e4:
68:0e:77:a0:01:4e:c0:02:61:51:be:fa:1f:70:c6:9d:bf:cb:
5f:ee:03:eb:47:da:f5:61:ec:51:cc:1a:76:92:3d:e6:d9:fc:
e4:f2:9f:36:fb:43:87:a1:50:60:60:83:2e:1d:7b:22:df:80:
04:47:73:b6:c8:18:ee:73:77:c6:d2:47:6c:2e:2b:8a:89:48:
c2:3b:73:3e:52:81:f4:46:d2:99:b0:1f:d6:e0:13:bd:10:a1:
6c:37:14:13:cf:d0:96:44:4a:3e:06:0e:9b:66:8e:1f:04:c4:
f6:ea:af:90:4e:b4:8e:3c:67:34:0c:51:83:7b:e4:0d:02:f5:
bf:89:98:f0:f1:9f:60:7a:bf:cf:8f:8d:11:1d:9e:43:5e:85:
4b:73:bc:eb
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZOEAJGH4UzsEvdWM+YEKYZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQxMjAxMjA1NDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDZhNmI5ZGQ4NmRmMDc5YTA3MDU2ZDc2ZDAzNDdkMGNjMGMxOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9ZX6TOuYavoH+UY1wMQ4NOYpBYRx
Js1AF913JPONu27jazbLgwSbS6+wVhxR/aRCXoLgQIPMexGmow3+i8Six3PeGD6s
imGrjzqEUB2mwFLu3La+p7emOosEz7ar35O5OfXrtJEF2j+w5qngIoDJZdf57b6k
0JIeWWileQnvpazI7s5GaGYF4QqyDUDld+duMGMLRUAavVCKdaXUO3XahqxhwvfV
e29hd26XkzQak5QJ454bBbFdU/I+aenSwmwzu9Bag5rRoLnAAYjlGxpOnW+CZl8Z
KTEunkIB6+BXmO6jtJ0/5wjREoJKQuBcljqqSeKM+FkNeGiJJNsDJrwW6QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFF1qa53YbfB5oHBW120DR9DMDBnCMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvWFdwcm5kaHQ4SG1nY0ZiWGJRTkgwTXdNR2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg/gAAMF
AyoRO0ADBQMqEmuAAwUDKhLwwDANBgkqhkiG9w0BAQsFAAOCAQEALYN6gOLPUkEB
V+0HjxOda16Fl2r+gBgE+Bn64FRhzE9XVdqYZd2w133GFx4zuRKAWteDRigOU76O
9E6RNSlSqOxsRBQr3vXirtumRcLDtEKa/AK9mB535h0OJ2LPnf3w44xRV+2tRltW
jeHkaA53oAFOwAJhUb76H3DGnb/LX+4D60fa9WHsUcwadpI95tn85PKfNvtDh6FQ
YGCDLh17It+ABEdztsgY7nN3xtJHbC4riolIwjtzPlKB9EbSmbAf1uATvRChbDcU
E8/QlkRKPgYOm2aOHwTE9uqvkE60jjxnNAxRg3vkDQL1v4mY8PGfYHq/z4+NER2e
Q16FS3O86w==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:34 2024 by rpki-client on console.sobornost.net