Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/XUdNcNwhMqFtYsebg1gOrES8fg8.roa
File: XUdNcNwhMqFtYsebg1gOrES8fg8.roa (raw, json)
Hash identifier: 1SCBRGG9BH3bL2AIx7nLNmgCfpwCw1UXMhqNEU4goqY=
Subject key identifier: 5D:47:4D:70:DC:21:32:A1:6D:62:C7:9B:83:58:0E:AC:44:BC:7E:0F
Certificate issuer: /CN=a566d8337776c98746bd231e69e185db2a9a5be2
Certificate serial: 01942747688E68886B5E6589419A2E559016
Authority key identifier: A5:66:D8:33:77:76:C9:87:46:BD:23:1E:69:E1:85:DB:2A:9A:5B:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pWbYM3d2yYdGvSMeaeGF2yqaW-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/XUdNcNwhMqFtYsebg1gOrES8fg8.roa
Signing time: Thu 02 Jan 2025 13:49:38 +0000
ROA not before: Thu 02 Jan 2025 13:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207835
IP address blocks: 2a0e:1540:f9c0::/42 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:68:8e:68:88:6b:5e:65:89:41:9a:2e:55:90:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a566d8337776c98746bd231e69e185db2a9a5be2
Validity
Not Before: Jan 2 13:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d474d70dc2132a16d62c79b83580eac44bc7e0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:54:a4:e4:37:00:47:c7:32:70:1a:6c:93:b4:
ce:25:b8:01:95:8a:8c:c6:6c:2f:80:20:9f:8c:6f:
f4:b7:c5:08:10:d6:4f:a7:37:51:73:7d:90:95:cf:
da:77:8e:21:a5:87:8f:54:11:3a:39:cd:89:56:38:
2b:aa:16:ad:26:97:8e:71:68:48:85:00:5a:5a:8a:
c5:b1:c9:40:50:07:2a:8b:b4:df:2b:ef:d2:68:ed:
69:bc:47:6e:0f:ad:65:90:70:79:dd:04:4a:00:09:
bf:42:ff:13:c5:55:92:36:61:38:59:4f:ec:4c:84:
93:5f:ac:b0:36:ca:90:02:90:e2:d7:9b:85:c4:87:
eb:4d:4d:19:da:d8:cf:aa:aa:58:17:c0:c0:5a:62:
5c:02:ea:ed:fb:85:1c:81:c5:8e:06:66:25:df:9f:
ad:f3:59:09:7a:96:f2:d9:7e:1f:22:eb:bd:8a:c0:
fa:49:c9:b6:0c:6e:e9:f9:96:47:21:39:1b:cd:0c:
ae:31:aa:8b:d8:27:f0:cf:f6:a5:f1:86:84:43:b4:
7d:36:d8:d3:52:a2:bd:13:4d:54:a8:8b:3a:72:9d:
6b:cc:83:ed:67:f6:9b:30:37:45:89:68:26:d9:f4:
bc:77:1a:27:9e:dc:e9:3f:1d:4a:a3:35:6c:44:15:
b5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:47:4D:70:DC:21:32:A1:6D:62:C7:9B:83:58:0E:AC:44:BC:7E:0F
X509v3 Authority Key Identifier:
keyid:A5:66:D8:33:77:76:C9:87:46:BD:23:1E:69:E1:85:DB:2A:9A:5B:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pWbYM3d2yYdGvSMeaeGF2yqaW-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/XUdNcNwhMqFtYsebg1gOrES8fg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/pWbYM3d2yYdGvSMeaeGF2yqaW-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1540:f9c0::/42
Signature Algorithm: sha256WithRSAEncryption
89:5c:9a:33:37:8f:d0:fd:43:18:9e:3e:df:8e:1d:15:cb:5d:
a3:98:38:8c:aa:b6:60:fa:0c:4d:75:48:db:fe:9b:c7:10:e6:
c4:ec:a7:4d:65:3f:4b:bb:69:ad:93:b3:e3:c8:09:ae:61:2f:
21:0b:9a:a2:e1:d1:fd:08:6d:ef:98:c5:33:31:29:2e:83:61:
bb:6d:eb:88:de:f2:a2:51:db:b8:86:2c:b4:45:96:ea:b6:e0:
37:35:4d:e6:2b:72:e6:36:cf:d6:95:29:2c:40:19:60:1e:c0:
bb:96:01:95:ec:24:f7:92:84:40:c3:71:48:ce:cb:44:cd:1e:
17:a5:4a:c5:f6:d9:02:c0:ac:28:f9:47:1d:d4:68:13:ea:20:
9d:6f:d7:4f:1f:a2:ee:6b:b2:4b:01:2c:6b:62:b1:29:2e:e6:
4c:f0:bb:cf:61:51:ed:aa:67:de:d7:44:ca:74:8c:e7:dd:97:
94:a3:4a:eb:58:61:4c:61:2f:82:a7:09:7b:52:88:96:b3:42:
ae:7f:9f:86:f9:2a:9e:1e:7f:65:43:40:27:70:93:a8:e0:6a:
77:b5:ef:c3:9b:7f:9c:99:c0:b1:b1:e0:86:60:51:57:bb:78:
1a:25:63:cd:fa:ba:83:a2:c7:35:a6:de:ca:d6:35:d8:c1:0a:
83:0a:0b:62
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnR2iOaIhrXmWJQZouVZAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NjZkODMzNzc3NmM5ODc0NmJkMjMxZTY5ZTE4NWRiMmE5
YTViZTIwHhcNMjUwMTAyMTM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQ3NGQ3MGRjMjEzMmExNmQ2MmM3OWI4MzU4MGVhYzQ0YmM3ZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFSk5DcAR8cycBpsk7TOJbgBlYqM
xmwvgCCfjG/0t8UIENZPpzdRc32Qlc/ad44hpYePVBE6Oc2JVjgrqhatJpeOcWhI
hQBaWorFsclAUAcqi7TfK+/SaO1pvEduD61lkHB53QRKAAm/Qv8TxVWSNmE4WU/s
TISTX6ywNsqQApDi15uFxIfrTU0Z2tjPqqpYF8DAWmJcAurt+4UcgcWOBmYl35+t
81kJepby2X4fIuu9isD6Scm2DG7p+ZZHITkbzQyuMaqL2Cfwz/al8YaEQ7R9NtjT
UqK9E01UqIs6cp1rzIPtZ/abMDdFiWgm2fS8dxonntzpPx1KozVsRBW1/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF1HTXDcITKhbWLHm4NYDqxEvH4PMB8GA1UdIwQY
MBaAFKVm2DN3dsmHRr0jHmnhhdsqmlviMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFdiWU0zZDJ5WWRHdlNNZWFlR0YyeXFhVy1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wMTY4YWMtMzQyYy00ZGQwLTkxYTgt
MWI3NTg2N2U4ZGZmLzEvWFVkTmNOd2hNcUZ0WXNlYmcxZ09yRVM4Zmc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wMTY4YWMtMzQyYy00ZGQwLTkxYTgtMWI3NTg2N2U4ZGZm
LzEvcFdiWU0zZDJ5WWRHdlNNZWFlR0YyeXFhVy1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKg4VQPnA
MA0GCSqGSIb3DQEBCwUAA4IBAQCJXJozN4/Q/UMYnj7fjh0Vy12jmDiMqrZg+gxN
dUjb/pvHEObE7KdNZT9Lu2mtk7PjyAmuYS8hC5qi4dH9CG3vmMUzMSkug2G7beuI
3vKiUdu4hiy0RZbqtuA3NU3mK3LmNs/WlSksQBlgHsC7lgGV7CT3koRAw3FIzstE
zR4XpUrF9tkCwKwo+Ucd1GgT6iCdb9dPH6Lua7JLASxrYrEpLuZM8LvPYVHtqmfe
10TKdIzn3ZeUo0rrWGFMYS+Cpwl7UoiWs0Kuf5+G+SqeHn9lQ0AncJOo4Gp3te/D
m3+cmcCxseCGYFFXu3gaJWPN+rqDosc1pt7K1jXYwQqDCgti
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:47 2025 by rpki-client on console.sobornost.net