Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/X4Hc3LqECKDuhJLXat77StWqpZs.roa
File: X4Hc3LqECKDuhJLXat77StWqpZs.roa (raw, json)
Hash identifier: QQlPSZa19ptCFLr6cbYavTdRyojqnFB5KG08VG23O/0=
Subject key identifier: 5F:81:DC:DC:BA:84:08:A0:EE:84:92:D7:6A:DE:FB:4A:D5:AA:A5:9B
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 0194266C2A1244AFA43E4F03D56FB05C89DD
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/X4Hc3LqECKDuhJLXat77StWqpZs.roa
Signing time: Thu 02 Jan 2025 09:50:10 +0000
ROA not before: Thu 02 Jan 2025 09:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215420
IP address blocks: 2a13:a700::/31 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:2a:12:44:af:a4:3e:4f:03:d5:6f:b0:5c:89:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Jan 2 09:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f81dcdcba8408a0ee8492d76adefb4ad5aaa59b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b1:5e:24:3f:d0:bd:89:e2:a5:f4:1e:38:d1:
0f:d7:41:17:05:90:09:0e:1b:3c:9d:b7:05:b3:e7:
ef:13:9d:01:7a:47:a0:b5:e1:e9:f3:4d:81:d6:4e:
6a:49:b5:32:29:be:d5:06:9d:22:cf:1e:a2:c5:92:
6f:ef:14:61:0e:34:0e:8e:08:d5:41:3c:ba:4e:ae:
25:0a:94:47:88:7d:2d:19:ae:82:5f:e5:ea:33:ca:
94:c0:f1:82:fc:8a:40:49:c6:2d:d4:a4:45:4e:a2:
94:74:ce:70:3f:f7:17:c2:74:0d:4b:39:5b:7c:3a:
07:07:5a:5b:0e:f4:d7:67:f5:b0:4a:e4:06:25:64:
c0:ad:58:e5:fc:da:b3:a8:b7:3a:ae:3d:06:84:1d:
2f:e8:73:b8:cd:ab:06:da:dd:7a:da:73:03:c9:27:
78:6f:ae:08:11:f0:8b:c8:e8:26:5f:1f:b9:56:3e:
a2:35:ea:9b:a3:1a:ea:d8:38:1a:2d:b3:21:75:c4:
a6:f9:43:7b:da:8f:4c:2c:a1:a9:eb:e0:da:7b:d4:
47:2b:4f:50:da:fa:d1:54:33:0b:f0:91:86:ce:3f:
16:4f:7b:9c:56:51:c1:32:40:1f:ba:d2:1d:d9:69:
de:17:17:0f:06:bf:e3:5d:a5:8a:f7:7a:93:0b:e5:
22:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:81:DC:DC:BA:84:08:A0:EE:84:92:D7:6A:DE:FB:4A:D5:AA:A5:9B
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/X4Hc3LqECKDuhJLXat77StWqpZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a700::/31
Signature Algorithm: sha256WithRSAEncryption
90:af:15:4a:09:58:fc:dc:37:6f:8a:86:8b:05:2f:23:ba:ce:
12:e3:4e:17:4a:16:74:07:26:50:5f:36:ad:95:76:ba:8b:e7:
c4:7e:88:e1:2f:5b:0b:b3:0b:46:5a:f8:6a:f2:18:8d:74:30:
60:eb:79:73:52:96:07:c3:ab:27:ea:16:64:86:a9:98:f5:bf:
f0:58:dc:70:e6:a5:39:67:40:b8:80:6e:32:b5:ee:85:b7:29:
cd:ea:96:be:50:54:fd:fc:88:3c:6e:5f:b9:14:53:ce:3c:3e:
99:e8:88:92:ae:dd:e2:1c:89:23:6a:47:72:a9:df:37:3b:4d:
19:d6:4a:86:f5:7c:84:4d:a5:4e:2c:3b:79:11:a2:ce:ed:60:
54:fe:d9:f5:38:fa:d5:d5:60:d3:92:85:13:d7:40:c0:62:65:
a4:93:29:f6:21:ba:6e:83:cf:1a:a0:dc:53:27:8c:64:70:13:
ed:1a:05:bc:bd:0e:7f:51:95:6a:f4:cc:a9:13:4d:4b:24:df:
c5:c3:ca:aa:1c:8c:a9:66:db:dc:2c:8b:82:6f:55:99:17:cd:
a7:88:a9:6a:b5:ad:b7:66:6f:11:76:54:fd:26:f6:7d:90:03:
0a:8c:2d:26:9c:0d:23:3c:14:b4:67:23:69:e2:6c:75:48:8a:
a8:52:6c:04
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQmbCoSRK+kPk8D1W+wXIndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjUwMTAyMDk1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjgxZGNkY2JhODQwOGEwZWU4NDkyZDc2YWRlZmI0YWQ1YWFhNTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27FeJD/QvYnipfQeONEP10EXBZAJ
Dhs8nbcFs+fvE50BekegteHp802B1k5qSbUyKb7VBp0izx6ixZJv7xRhDjQOjgjV
QTy6Tq4lCpRHiH0tGa6CX+XqM8qUwPGC/IpAScYt1KRFTqKUdM5wP/cXwnQNSzlb
fDoHB1pbDvTXZ/WwSuQGJWTArVjl/NqzqLc6rj0GhB0v6HO4zasG2t162nMDySd4
b64IEfCLyOgmXx+5Vj6iNeqboxrq2DgaLbMhdcSm+UN72o9MLKGp6+Dae9RHK09Q
2vrRVDML8JGGzj8WT3ucVlHBMkAfutId2WneFxcPBr/jXaWK93qTC+UiqwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF+B3Ny6hAig7oSS12re+0rVqqWbMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvWDRIYzNMcUVDS0R1aEpMWGF0NzdTdFdxcFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKhOnADAN
BgkqhkiG9w0BAQsFAAOCAQEAkK8VSglY/Nw3b4qGiwUvI7rOEuNOF0oWdAcmUF82
rZV2uovnxH6I4S9bC7MLRlr4avIYjXQwYOt5c1KWB8OrJ+oWZIapmPW/8FjccOal
OWdAuIBuMrXuhbcpzeqWvlBU/fyIPG5fuRRTzjw+meiIkq7d4hyJI2pHcqnfNztN
GdZKhvV8hE2lTiw7eRGizu1gVP7Z9Tj61dVg05KFE9dAwGJlpJMp9iG6boPPGqDc
UyeMZHAT7RoFvL0Of1GVavTMqRNNSyTfxcPKqhyMqWbb3CyLgm9VmRfNp4iparWt
t2ZvEXZU/Sb2fZADCowtJpwNIzwUtGcjaeJsdUiKqFJsBA==
-----END CERTIFICATE-----
Generated at Tue Apr 29 10:18:58 2025 by rpki-client