Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/XafqmHZCzR3HojvTMfkWhmsdwO0.roa
File: XafqmHZCzR3HojvTMfkWhmsdwO0.roa (raw, json)
Hash identifier: xkmKnL3OQ50IOAkMhvUtdNjETHtw3JJCY2h6aSX7uj4=
Subject key identifier: 5D:A7:EA:98:76:42:CD:1D:C7:A2:3B:D3:31:F9:16:86:6B:1D:C0:ED
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 019457848BDB91CCF3EC6C689EE6882CFFB5
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/XafqmHZCzR3HojvTMfkWhmsdwO0.roa
Signing time: Sat 11 Jan 2025 22:38:11 +0000
ROA not before: Sat 11 Jan 2025 22:38:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214940
IP address blocks: 2a13:da00::/29 maxlen: 29
2a13:e400::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:57:84:8b:db:91:cc:f3:ec:6c:68:9e:e6:88:2c:ff:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Jan 11 22:38:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5da7ea987642cd1dc7a23bd331f916866b1dc0ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:62:fe:2f:52:8c:c8:f8:d0:93:b9:2b:46:9f:
0f:01:f9:be:cf:b3:89:21:45:de:78:2b:5b:de:e2:
cb:0e:9e:bf:5e:50:57:7c:be:3d:5c:98:06:bc:82:
28:c7:06:de:09:b8:dd:c4:a2:8e:a7:b7:81:19:f3:
d8:e0:ef:6b:c2:29:27:28:14:73:dc:81:93:fc:0e:
7a:c9:a7:16:4f:c7:e7:dc:3f:51:32:8d:f4:20:60:
cc:18:8b:5c:ec:4b:78:eb:db:a2:71:06:0d:44:4c:
ce:c3:e8:67:83:bb:17:20:d4:1d:58:b7:51:a2:bc:
20:95:ae:8e:7b:55:57:59:d6:e7:2f:0a:41:1c:72:
7d:25:3c:94:f3:b5:c9:8a:3d:2e:fe:1e:6e:b1:53:
1a:a7:28:06:18:df:c0:02:17:b7:4a:c9:84:de:84:
2d:37:cd:7d:9c:a1:81:76:8c:cb:f8:aa:f8:60:51:
15:42:3c:05:59:ed:1a:c5:32:62:21:d2:2e:71:fd:
6e:e7:17:4b:f9:75:c0:6a:1b:1f:b7:64:03:2c:0c:
0c:b2:e8:46:7a:6c:fa:4c:7e:e5:60:57:d8:9b:35:
bf:68:79:09:ea:68:c4:20:f6:08:af:54:23:69:18:
b7:52:ab:d1:21:92:13:92:9e:74:0c:76:6a:c7:51:
ce:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A7:EA:98:76:42:CD:1D:C7:A2:3B:D3:31:F9:16:86:6B:1D:C0:ED
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/XafqmHZCzR3HojvTMfkWhmsdwO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:da00::/29
2a13:e400::/29
Signature Algorithm: sha256WithRSAEncryption
2d:c7:c3:54:ae:48:cb:72:25:48:38:bc:f5:9e:bd:76:08:c4:
cf:ce:a3:26:29:58:fc:54:92:09:ba:f4:a1:38:5c:a8:49:3d:
13:dc:66:2e:f7:23:88:c6:65:02:87:8a:f3:ba:22:c2:dc:27:
73:be:13:c4:ed:6a:fb:a2:9d:37:91:72:15:0e:b7:0d:77:b3:
6e:04:b9:de:d2:bb:69:fe:e5:33:ff:c5:ad:c6:08:e9:d5:25:
ec:98:34:ab:c8:60:1a:6c:1a:87:9d:30:b2:c9:7f:84:f3:4c:
f3:9a:c6:ba:42:b2:84:1c:0a:74:ea:e0:2f:13:03:5c:4a:40:
03:62:87:0b:4e:b5:16:26:1d:41:c7:50:0c:68:9e:f6:8a:bc:
76:2c:85:90:30:6a:e7:42:5d:da:91:f2:3a:6f:a6:fe:4d:11:
fc:70:72:0d:be:dd:8b:86:5e:d2:9c:1c:f1:d3:03:93:e8:0a:
cc:aa:1d:10:40:d2:65:df:8b:b4:6b:11:62:ab:91:64:e0:73:
e4:e6:02:08:ca:10:9e:df:c8:d9:bf:d5:55:af:b5:c0:0b:df:
6a:dc:97:50:79:2f:4d:25:5d:0a:87:d1:08:73:77:70:8d:5c:
47:7b:09:c5:f8:39:da:6e:2a:2f:b3:96:08:51:46:c6:21:68:
81:5c:e5:bf
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZRXhIvbkczz7GxonuaILP+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjUwMTExMjIzODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGE3ZWE5ODc2NDJjZDFkYzdhMjNiZDMzMWY5MTY4NjZiMWRjMGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA72L+L1KMyPjQk7krRp8PAfm+z7OJ
IUXeeCtb3uLLDp6/XlBXfL49XJgGvIIoxwbeCbjdxKKOp7eBGfPY4O9rwiknKBRz
3IGT/A56yacWT8fn3D9RMo30IGDMGItc7Et469uicQYNREzOw+hng7sXINQdWLdR
orwgla6Oe1VXWdbnLwpBHHJ9JTyU87XJij0u/h5usVMapygGGN/AAhe3SsmE3oQt
N819nKGBdozL+Kr4YFEVQjwFWe0axTJiIdIucf1u5xdL+XXAahsft2QDLAwMsuhG
emz6TH7lYFfYmzW/aHkJ6mjEIPYIr1QjaRi3UqvRIZITkp50DHZqx1HOAQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFF2n6ph2Qs0dx6I70zH5FoZrHcDtMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvWGFmcW1IWkN6UjNIb2p2VE1ma1dobXNkd08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhPaAAMF
AyoT5AAwDQYJKoZIhvcNAQELBQADggEBAC3Hw1SuSMtyJUg4vPWevXYIxM/OoyYp
WPxUkgm69KE4XKhJPRPcZi73I4jGZQKHivO6IsLcJ3O+E8TtavuinTeRchUOtw13
s24Eud7Su2n+5TP/xa3GCOnVJeyYNKvIYBpsGoedMLLJf4TzTPOaxrpCsoQcCnTq
4C8TA1xKQANihwtOtRYmHUHHUAxonvaKvHYshZAwaudCXdqR8jpvpv5NEfxwcg2+
3YuGXtKcHPHTA5PoCsyqHRBA0mXfi7RrEWKrkWTgc+TmAgjKEJ7fyNm/1VWvtcAL
32rcl1B5L00lXQqH0Qhzd3CNXEd7CcX4OdpuKi+zlghRRsYhaIFc5b8=
-----END CERTIFICATE-----
Generated at Tue Jan 21 15:02:32 2025 by rpki-client on console.sobornost.net