Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/XT0-w6dqifmy2ffwrG4-p0z6yak.roa
File: XT0-w6dqifmy2ffwrG4-p0z6yak.roa (raw, json)
Hash identifier: qA90Am+RQnnMQJCKqDmSo8CLarebFr+1kMjhOvQOjTU=
Subject key identifier: 5D:3D:3E:C3:A7:6A:89:F9:B2:D9:F7:F0:AC:6E:3E:A7:4C:FA:C9:A9
Certificate issuer: /CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Certificate serial: 019422FC4E5164C32CCE2456D6BA8B58B4BD
Authority key identifier: F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/XT0-w6dqifmy2ffwrG4-p0z6yak.roa
Signing time: Wed 01 Jan 2025 17:49:08 +0000
ROA not before: Wed 01 Jan 2025 17:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212804
IP address blocks: 2a0a:2785::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:4e:51:64:c3:2c:ce:24:56:d6:ba:8b:58:b4:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Validity
Not Before: Jan 1 17:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d3d3ec3a76a89f9b2d9f7f0ac6e3ea74cfac9a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:74:bf:43:65:fa:d0:7f:b0:7d:7d:4d:af:4e:
f6:a8:73:84:52:ab:f1:7b:b8:35:6f:6e:f2:25:2a:
68:63:76:ff:3c:99:3d:a0:2f:d6:df:be:d1:e5:e9:
2a:22:a3:b7:74:01:61:95:a3:57:69:00:ac:32:07:
3d:4a:c6:9e:23:70:29:26:0e:23:55:ab:d8:7a:ee:
f0:87:77:e4:5e:10:2f:ae:fe:5f:b7:70:e0:9b:ec:
56:83:88:e5:8b:5b:c3:fa:17:23:47:46:ed:46:67:
2f:83:eb:68:44:ea:d6:7f:65:f5:23:50:97:61:a3:
b8:b8:85:18:20:21:ba:93:04:f7:75:87:94:f2:bc:
d7:a6:47:2f:f7:70:69:df:98:d3:2e:17:71:8d:c9:
6f:ac:91:f4:ad:b9:34:d8:7a:b5:5d:7b:0e:e2:e6:
13:0a:a0:6c:55:10:a5:44:ab:5e:f0:56:5c:d5:64:
d8:80:c2:81:3c:2c:32:37:e8:31:27:89:57:61:93:
ab:dd:ae:06:3e:a4:be:a7:5a:57:a1:d3:c0:2e:f2:
41:32:29:18:bc:f3:cf:7b:f9:7b:88:ca:2d:ce:0f:
b9:18:7a:34:16:88:08:1b:1a:29:70:32:e0:63:f8:
2d:e5:25:31:04:1a:25:b6:d3:83:61:e9:2d:c0:88:
ce:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3D:3E:C3:A7:6A:89:F9:B2:D9:F7:F0:AC:6E:3E:A7:4C:FA:C9:A9
X509v3 Authority Key Identifier:
keyid:F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/XT0-w6dqifmy2ffwrG4-p0z6yak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2785::/32
Signature Algorithm: sha256WithRSAEncryption
44:8d:fb:d9:77:91:45:5b:4d:63:e9:73:51:15:af:b3:90:c2:
8b:90:d0:e5:70:2d:f7:56:f2:15:4a:0d:4e:03:31:4a:0d:35:
45:b3:7c:37:16:ff:7d:c0:29:c2:18:dd:5f:99:4e:f5:a1:39:
68:6b:71:f1:76:15:91:cf:63:13:fb:8b:d8:ba:49:f7:f7:b1:
13:dd:a8:c1:c2:0a:86:55:af:a7:16:01:da:2d:8a:56:60:97:
24:4c:3d:ec:46:69:4a:08:ff:6e:11:b0:49:b9:30:7d:62:43:
e2:03:2e:85:d6:32:b6:a1:78:ea:07:c5:a5:64:2e:99:3c:82:
be:53:26:cc:8a:60:66:d3:1c:d0:94:1d:c3:81:ab:41:03:4d:
f0:52:56:3d:a0:41:ed:9d:b4:80:ee:54:6a:fb:e4:fd:e2:4e:
f3:b9:53:e6:a8:13:4c:7c:12:de:d0:37:59:93:04:80:99:1e:
c9:56:98:57:64:27:8a:72:43:d4:23:e2:75:e7:98:a4:9e:55:
01:e9:74:00:45:38:d2:bc:67:d9:f2:48:e6:41:a6:29:f9:e2:
9b:59:95:fe:2f:1a:60:c5:6f:9e:c9:b6:e5:b7:87:a6:50:c3:
73:fe:ad:74:f1:4d:4f:f6:24:a1:62:8f:a9:82:0f:da:aa:3d:
df:5f:94:28
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi/E5RZMMsziRW1rqLWLS9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGJhZTYwOTcwYTJkZmM4NmRkNjA3YzViOTE1YWQ1YzUz
NGI0MTMwHhcNMjUwMTAxMTc0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDNkM2VjM2E3NmE4OWY5YjJkOWY3ZjBhYzZlM2VhNzRjZmFjOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHS/Q2X60H+wfX1Nr072qHOEUqvx
e7g1b27yJSpoY3b/PJk9oC/W377R5ekqIqO3dAFhlaNXaQCsMgc9SsaeI3ApJg4j
VavYeu7wh3fkXhAvrv5ft3Dgm+xWg4jli1vD+hcjR0btRmcvg+toROrWf2X1I1CX
YaO4uIUYICG6kwT3dYeU8rzXpkcv93Bp35jTLhdxjclvrJH0rbk02Hq1XXsO4uYT
CqBsVRClRKte8FZc1WTYgMKBPCwyN+gxJ4lXYZOr3a4GPqS+p1pXodPALvJBMikY
vPPPe/l7iMotzg+5GHo0FogIGxopcDLgY/gt5SUxBBolttODYektwIjO8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF09PsOnaon5stn38KxuPqdM+smpMB8GA1UdIwQY
MBaAFPULrmCXCi38ht1gfFuRWtXFNLQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDIt
MzY2NTA2N2RiMjU2LzEvWFQwLXc2ZHFpZm15MmZmd3JHNC1wMHo2eWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDItMzY2NTA2N2RiMjU2
LzEvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgonhTAN
BgkqhkiG9w0BAQsFAAOCAQEARI372XeRRVtNY+lzURWvs5DCi5DQ5XAt91byFUoN
TgMxSg01RbN8Nxb/fcApwhjdX5lO9aE5aGtx8XYVkc9jE/uL2LpJ9/exE92owcIK
hlWvpxYB2i2KVmCXJEw97EZpSgj/bhGwSbkwfWJD4gMuhdYytqF46gfFpWQumTyC
vlMmzIpgZtMc0JQdw4GrQQNN8FJWPaBB7Z20gO5Uavvk/eJO87lT5qgTTHwS3tA3
WZMEgJkeyVaYV2QninJD1CPideeYpJ5VAel0AEU40rxn2fJI5kGmKfnim1mV/i8a
YMVvnsm25beHplDDc/6tdPFNT/YkoWKPqYIP2qo931+UKA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:03 2025 by rpki-client on console.sobornost.net