Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/7d0029-f330-4a66-bedc-42f2ff859373/1/xmQ5skD8YtPqUxW5yzoA6bHhREg.roa
File: xmQ5skD8YtPqUxW5yzoA6bHhREg.roa (raw, json)
Hash identifier: JOTsRiuQWzCXcl+Wr2hE6xVJO7LXDTormwzqqmVX6eE=
Subject key identifier: C6:64:39:B2:40:FC:62:D3:EA:53:15:B9:CB:3A:00:E9:B1:E1:44:48
Certificate issuer: /CN=ec535f4c8680ce0dba4a03d95e665c93cc99ceb9
Certificate serial: 01958A6DD9F00C317802CE6F918E11AD8C7A
Authority key identifier: EC:53:5F:4C:86:80:CE:0D:BA:4A:03:D9:5E:66:5C:93:CC:99:CE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7FNfTIaAzg26SgPZXmZck8yZzrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/7d0029-f330-4a66-bedc-42f2ff859373/1/xmQ5skD8YtPqUxW5yzoA6bHhREg.roa
Signing time: Wed 12 Mar 2025 12:56:49 +0000
ROA not before: Wed 12 Mar 2025 12:56:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204671
IP address blocks: 2001:678:5e0::/48 maxlen: 48
2a14:b680::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:6d:d9:f0:0c:31:78:02:ce:6f:91:8e:11:ad:8c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec535f4c8680ce0dba4a03d95e665c93cc99ceb9
Validity
Not Before: Mar 12 12:56:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c66439b240fc62d3ea5315b9cb3a00e9b1e14448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:80:1f:9a:e4:b3:0f:f4:28:51:6e:55:c9:c2:
86:bc:7d:b2:d1:d9:e3:a6:78:f2:4a:ca:7f:c6:f0:
13:93:cb:31:40:e5:68:ab:31:6c:e4:4d:cb:2c:09:
86:ea:9f:84:eb:9f:49:aa:59:bd:8a:15:62:6c:9a:
16:2c:6e:b8:aa:7d:e6:77:c2:a4:5d:fe:43:49:be:
3a:11:c6:75:31:65:5b:15:37:a6:cd:ce:4d:c1:21:
db:25:b0:70:56:ad:4f:17:32:cf:30:10:a3:c8:de:
70:37:36:a8:e7:9e:0d:cf:3e:d0:06:9e:ce:4d:23:
09:7f:8e:71:38:e3:36:04:cc:8a:a1:42:db:18:60:
ff:4e:49:a5:b8:bb:20:51:88:1e:e7:c8:18:85:46:
5f:91:95:fa:f3:ac:c1:01:ea:be:af:56:33:31:55:
a3:76:bb:28:ea:13:f0:c4:cf:99:c6:57:ca:45:b2:
9f:45:cd:56:7b:f6:14:e1:6d:2f:0f:3f:0f:3e:d9:
7f:2b:4d:a1:36:d8:f3:da:49:8e:c8:7c:31:7d:e6:
b5:ce:e2:22:5f:be:f4:7e:a8:53:30:c9:f6:33:9a:
05:5d:24:12:6a:53:ff:90:d4:4c:85:8d:f0:6c:3b:
57:60:46:f6:54:e6:ed:81:62:f8:b5:6f:58:29:72:
d6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:64:39:B2:40:FC:62:D3:EA:53:15:B9:CB:3A:00:E9:B1:E1:44:48
X509v3 Authority Key Identifier:
keyid:EC:53:5F:4C:86:80:CE:0D:BA:4A:03:D9:5E:66:5C:93:CC:99:CE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7FNfTIaAzg26SgPZXmZck8yZzrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/7d0029-f330-4a66-bedc-42f2ff859373/1/xmQ5skD8YtPqUxW5yzoA6bHhREg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/7d0029-f330-4a66-bedc-42f2ff859373/1/7FNfTIaAzg26SgPZXmZck8yZzrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:5e0::/48
2a14:b680::/48
Signature Algorithm: sha256WithRSAEncryption
a1:8d:36:19:53:9b:33:9f:32:31:1f:66:ea:e5:cf:20:c8:2e:
a6:be:b4:e1:a0:77:d5:b6:2b:af:39:9c:52:2a:17:5f:b7:5a:
b5:8e:35:23:dd:b6:4b:b3:6a:2a:49:0f:5f:42:a3:48:ad:43:
e2:b7:30:eb:f4:08:bb:a4:a2:2d:b3:ac:83:fb:b1:60:8d:b4:
23:af:2e:3d:0d:29:c5:be:3b:10:95:ab:28:17:b2:e8:08:4d:
59:ca:25:59:11:16:7c:0c:0b:1d:20:30:0f:3b:85:33:bf:b9:
08:f3:ec:ed:d4:db:cf:71:eb:18:8b:d1:78:88:47:3b:4f:36:
9c:4d:12:36:a6:bb:88:0e:69:7f:91:fb:58:4c:5c:b3:c0:bd:
95:d7:67:d2:cd:81:36:d8:e6:eb:f3:b9:21:3b:7b:b1:94:2e:
cb:1c:90:25:71:68:6f:a2:1c:13:ec:73:b9:4d:04:2f:d9:48:
51:b0:1d:b4:1a:c7:50:7f:23:40:b8:d4:22:3d:8d:50:51:57:
7b:31:83:07:80:53:de:cf:e9:99:89:52:0b:a2:d6:31:64:6a:
39:e5:d0:55:35:14:86:a4:64:59:b1:87:07:c2:b4:af:04:9e:
23:e3:03:67:1f:fa:70:ee:27:e7:de:94:92:ed:e6:3e:43:9c:
1c:9b:50:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZWKbdnwDDF4As5vkY4RrYx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNTM1ZjRjODY4MGNlMGRiYTRhMDNkOTVlNjY1YzkzY2M5
OWNlYjkwHhcNMjUwMzEyMTI1NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjY0MzliMjQwZmM2MmQzZWE1MzE1YjljYjNhMDBlOWIxZTE0NDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioAfmuSzD/QoUW5VycKGvH2y0dnj
pnjySsp/xvATk8sxQOVoqzFs5E3LLAmG6p+E659Jqlm9ihVibJoWLG64qn3md8Kk
Xf5DSb46EcZ1MWVbFTemzc5NwSHbJbBwVq1PFzLPMBCjyN5wNzao554Nzz7QBp7O
TSMJf45xOOM2BMyKoULbGGD/TkmluLsgUYge58gYhUZfkZX686zBAeq+r1YzMVWj
drso6hPwxM+ZxlfKRbKfRc1We/YU4W0vDz8PPtl/K02hNtjz2kmOyHwxfea1zuIi
X770fqhTMMn2M5oFXSQSalP/kNRMhY3wbDtXYEb2VObtgWL4tW9YKXLWtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMZkObJA/GLT6lMVucs6AOmx4URIMB8GA1UdIwQY
MBaAFOxTX0yGgM4NukoD2V5mXJPMmc65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ZOZlRJYUF6ZzI2U2dQWlhtWmNrOHlaenJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS83ZDAwMjktZjMzMC00YTY2LWJlZGMt
NDJmMmZmODU5MzczLzEveG1RNXNrRDhZdFBxVXhXNXl6b0E2YkhoUkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS83ZDAwMjktZjMzMC00YTY2LWJlZGMtNDJmMmZmODU5Mzcz
LzEvN0ZOZlRJYUF6ZzI2U2dQWlhtWmNrOHlaenJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeAXg
AwcAKhS2gAAAMA0GCSqGSIb3DQEBCwUAA4IBAQChjTYZU5sznzIxH2bq5c8gyC6m
vrThoHfVtiuvOZxSKhdft1q1jjUj3bZLs2oqSQ9fQqNIrUPitzDr9Ai7pKIts6yD
+7FgjbQjry49DSnFvjsQlasoF7LoCE1ZyiVZERZ8DAsdIDAPO4Uzv7kI8+zt1NvP
cesYi9F4iEc7TzacTRI2pruIDml/kftYTFyzwL2V12fSzYE22Obr87khO3uxlC7L
HJAlcWhvohwT7HO5TQQv2UhRsB20GsdQfyNAuNQiPY1QUVd7MYMHgFPez+mZiVIL
otYxZGo55dBVNRSGpGRZsYcHwrSvBJ4j4wNnH/pw7ifn3pSS7eY+Q5wcm1A7
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:15 2025 by rpki-client on console.sobornost.net