Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/8e88a7-0232-4055-a5cf-dd9443579ed5/1/XC8oYcpTiN7Sp5cFmMF21IOCs5E.roa
File: XC8oYcpTiN7Sp5cFmMF21IOCs5E.roa (raw, json)
Hash identifier: ELbj8X27A4edrX774m1HSzNCxhpcePnCe+oGBGFLxVk=
Subject key identifier: 5C:2F:28:61:CA:53:88:DE:D2:A7:97:05:98:C1:76:D4:83:82:B3:91
Certificate issuer: /CN=69d5d452a8ed535287feb36514bc87c022355a43
Certificate serial: 0194221F6EF75FB28F11E68199CE7087D916
Authority key identifier: 69:D5:D4:52:A8:ED:53:52:87:FE:B3:65:14:BC:87:C0:22:35:5A:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/adXUUqjtU1KH_rNlFLyHwCI1WkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/8e88a7-0232-4055-a5cf-dd9443579ed5/1/XC8oYcpTiN7Sp5cFmMF21IOCs5E.roa
Signing time: Wed 01 Jan 2025 13:47:52 +0000
ROA not before: Wed 01 Jan 2025 13:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35332
IP address blocks: 2001:678:880::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:6e:f7:5f:b2:8f:11:e6:81:99:ce:70:87:d9:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69d5d452a8ed535287feb36514bc87c022355a43
Validity
Not Before: Jan 1 13:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c2f2861ca5388ded2a7970598c176d48382b391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ce:78:43:13:ce:58:85:41:e1:d0:a5:e6:1d:
73:73:41:fd:ed:99:da:3a:9a:de:9f:0f:75:9b:be:
4f:ad:41:0d:ec:a6:a6:43:61:9b:a5:7e:a2:b9:6c:
ad:c1:a1:75:1d:17:82:7f:b9:41:83:24:03:5d:4f:
f8:f8:25:3f:bd:58:aa:9d:0c:a0:b5:fd:c4:a6:35:
75:2d:9e:99:59:bd:9b:b5:72:ca:f3:77:a0:f9:4a:
63:df:b2:e9:a8:6b:5f:02:16:ba:a3:2a:98:27:d8:
06:97:5e:18:8a:97:02:9e:d2:d0:e9:32:fc:e8:2d:
33:be:23:bd:7f:79:1e:76:73:e4:5b:4a:f5:53:ea:
66:05:f3:e4:76:4c:20:cf:a0:ac:aa:75:73:45:39:
52:1a:71:37:63:e0:ab:77:8d:5e:f0:00:1a:09:44:
62:a8:fe:6f:4b:b0:60:1b:cb:54:28:4e:1b:be:08:
ba:f1:a5:3b:9b:3a:83:83:f1:57:d3:51:d7:ec:1e:
8e:a9:d3:4a:12:12:4d:3a:c7:97:3a:f9:7f:84:81:
ee:45:82:a1:4c:41:33:2d:dc:e7:07:84:65:ee:48:
da:0a:4f:13:75:45:c6:83:b3:ef:fc:2f:7a:77:cc:
f9:54:c1:25:fd:57:d4:66:b0:4c:74:fe:ab:62:cc:
d8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:2F:28:61:CA:53:88:DE:D2:A7:97:05:98:C1:76:D4:83:82:B3:91
X509v3 Authority Key Identifier:
keyid:69:D5:D4:52:A8:ED:53:52:87:FE:B3:65:14:BC:87:C0:22:35:5A:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/adXUUqjtU1KH_rNlFLyHwCI1WkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/8e88a7-0232-4055-a5cf-dd9443579ed5/1/XC8oYcpTiN7Sp5cFmMF21IOCs5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/8e88a7-0232-4055-a5cf-dd9443579ed5/1/adXUUqjtU1KH_rNlFLyHwCI1WkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:880::/48
Signature Algorithm: sha256WithRSAEncryption
60:bf:bf:a5:d1:f5:0d:42:43:c1:3b:18:9b:1c:2d:47:c5:e6:
29:d1:b5:9c:ee:31:99:0d:e7:95:46:12:4c:11:0e:3f:9a:47:
40:82:ba:02:d7:cb:74:86:84:f7:24:ca:1c:f4:d0:d8:97:95:
01:aa:df:48:c2:fb:de:85:46:d2:f7:e8:62:d8:ba:9c:83:9b:
8b:ed:fa:ab:b8:1f:e0:7b:63:d1:9a:bb:61:cd:65:2a:9b:16:
ce:dc:ee:6b:96:1b:0c:ec:07:06:c5:57:f9:d4:92:f6:4e:30:
bd:d1:cd:bd:71:26:63:56:81:12:64:c5:44:93:62:be:51:0a:
e3:f1:51:f6:cc:04:a9:4d:2e:eb:cc:44:6f:37:d9:d4:03:26:
49:24:42:77:13:b1:78:7c:7d:31:9e:9d:ce:bb:b7:a6:85:62:
ee:38:63:00:86:e0:49:d9:f9:6e:68:98:4d:3a:3a:61:38:89:
07:c0:93:ac:e7:8d:95:7a:c1:91:b9:05:16:19:43:0a:f9:d4:
22:f3:43:32:1e:fb:9b:35:73:ea:26:15:36:6f:65:e4:03:c2:
54:25:0a:a5:95:c5:fc:60:53:98:79:c3:93:00:0b:11:c5:9b:
c9:ef:1b:f0:91:7f:ab:44:dc:a2:a0:4d:01:d6:34:49:5c:51:
66:c5:17:c2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiH273X7KPEeaBmc5wh9kWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZDVkNDUyYThlZDUzNTI4N2ZlYjM2NTE0YmM4N2MwMjIz
NTVhNDMwHhcNMjUwMTAxMTM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzJmMjg2MWNhNTM4OGRlZDJhNzk3MDU5OGMxNzZkNDgzODJiMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0854QxPOWIVB4dCl5h1zc0H97Zna
Oprenw91m75PrUEN7KamQ2GbpX6iuWytwaF1HReCf7lBgyQDXU/4+CU/vViqnQyg
tf3EpjV1LZ6ZWb2btXLK83eg+Upj37LpqGtfAha6oyqYJ9gGl14YipcCntLQ6TL8
6C0zviO9f3kednPkW0r1U+pmBfPkdkwgz6CsqnVzRTlSGnE3Y+Crd41e8AAaCURi
qP5vS7BgG8tUKE4bvgi68aU7mzqDg/FX01HX7B6OqdNKEhJNOseXOvl/hIHuRYKh
TEEzLdznB4Rl7kjaCk8TdUXGg7Pv/C96d8z5VMEl/VfUZrBMdP6rYszYvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFwvKGHKU4je0qeXBZjBdtSDgrORMB8GA1UdIwQY
MBaAFGnV1FKo7VNSh/6zZRS8h8AiNVpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWRYVVVxanRVMUtIX3JObEZMeUh3Q0kxV2tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS84ZTg4YTctMDIzMi00MDU1LWE1Y2Yt
ZGQ5NDQzNTc5ZWQ1LzEvWEM4b1ljcFRpTjdTcDVjRm1NRjIxSU9DczVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS84ZTg4YTctMDIzMi00MDU1LWE1Y2YtZGQ5NDQzNTc5ZWQ1
LzEvYWRYVVVxanRVMUtIX3JObEZMeUh3Q0kxV2tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAiA
MA0GCSqGSIb3DQEBCwUAA4IBAQBgv7+l0fUNQkPBOxibHC1HxeYp0bWc7jGZDeeV
RhJMEQ4/mkdAgroC18t0hoT3JMoc9NDYl5UBqt9IwvvehUbS9+hi2Lqcg5uL7fqr
uB/ge2PRmrthzWUqmxbO3O5rlhsM7AcGxVf51JL2TjC90c29cSZjVoESZMVEk2K+
UQrj8VH2zASpTS7rzERvN9nUAyZJJEJ3E7F4fH0xnp3Ou7emhWLuOGMAhuBJ2flu
aJhNOjphOIkHwJOs542VesGRuQUWGUMK+dQi80MyHvubNXPqJhU2b2XkA8JUJQql
lcX8YFOYecOTAAsRxZvJ7xvwkX+rRNyioE0B1jRJXFFmxRfC
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:52 2025 by rpki-client on console.sobornost.net