Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/XhX8A-oz684Iwe53pFqloQYS-kU.roa
File: XhX8A-oz684Iwe53pFqloQYS-kU.roa (raw, json)
Hash identifier: Mq5uGJtvZYMl6nllrQZDhX8D38boD4gAAjpBeZPZFnU=
Subject key identifier: 5E:15:FC:03:EA:33:EB:CE:08:C1:EE:77:A4:5A:A5:A1:06:12:FA:45
Certificate issuer: /CN=b51e3f6bebcd05291dc5265e08b1cd6c401b9cfd
Certificate serial: 019423D73E97D899BFA1CD8A7629878B6628
Authority key identifier: B5:1E:3F:6B:EB:CD:05:29:1D:C5:26:5E:08:B1:CD:6C:40:1B:9C:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tR4_a-vNBSkdxSZeCLHNbEAbnP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/XhX8A-oz684Iwe53pFqloQYS-kU.roa
Signing time: Wed 01 Jan 2025 21:48:16 +0000
ROA not before: Wed 01 Jan 2025 21:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35659
IP address blocks: 2a01:130:42::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:3e:97:d8:99:bf:a1:cd:8a:76:29:87:8b:66:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b51e3f6bebcd05291dc5265e08b1cd6c401b9cfd
Validity
Not Before: Jan 1 21:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e15fc03ea33ebce08c1ee77a45aa5a10612fa45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:59:a7:24:05:b2:4d:97:8d:3b:e5:a6:ca:e6:
4b:e2:0b:da:ae:ba:d8:35:82:c9:b7:37:92:c3:19:
e9:d8:da:db:dd:47:e4:ef:86:31:cc:69:0b:96:b2:
0b:f3:2c:ec:5d:e0:3e:4d:b2:6b:0e:36:ab:8c:2e:
65:1f:c4:db:62:7c:23:a4:6a:83:e0:18:a2:7a:19:
e1:6c:d5:69:49:78:17:1e:35:84:5b:fd:fd:ef:45:
e6:d2:09:43:ad:0a:44:1b:6b:45:c0:33:7c:86:02:
59:53:20:17:78:8a:8d:51:ca:ce:e5:7c:8f:7d:7f:
4d:f9:5f:bf:72:bb:11:d1:cb:c0:4d:c2:85:eb:92:
ea:ca:a2:9e:d6:36:1c:14:3f:13:12:60:5c:9f:9d:
f6:d1:8d:99:b4:bf:7c:a1:2e:83:bd:b4:e4:1a:a8:
88:fe:b5:a8:3c:bf:42:83:5d:1e:fc:f4:cc:0b:17:
84:3f:22:e1:e7:e0:19:94:e8:38:77:50:a7:29:c3:
c7:f9:42:fd:27:1e:27:a4:de:26:06:ad:7d:be:55:
8f:e9:70:a9:06:aa:7d:83:4e:b4:ce:21:98:4b:10:
19:1c:59:16:2f:fd:af:b2:44:47:27:91:13:1e:c2:
e3:6a:08:aa:a1:eb:49:5d:b7:e9:4c:bb:f5:f6:59:
39:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:15:FC:03:EA:33:EB:CE:08:C1:EE:77:A4:5A:A5:A1:06:12:FA:45
X509v3 Authority Key Identifier:
keyid:B5:1E:3F:6B:EB:CD:05:29:1D:C5:26:5E:08:B1:CD:6C:40:1B:9C:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tR4_a-vNBSkdxSZeCLHNbEAbnP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/XhX8A-oz684Iwe53pFqloQYS-kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/tR4_a-vNBSkdxSZeCLHNbEAbnP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:130:42::/48
Signature Algorithm: sha256WithRSAEncryption
85:b7:e7:8f:b9:05:d5:2f:0f:ab:6f:f2:a7:dd:76:7f:1b:19:
37:3a:c4:33:33:61:4e:5e:3a:8d:02:67:81:93:57:ea:9f:79:
9a:61:7c:48:36:65:d9:0d:82:17:d7:13:55:41:1b:0a:d4:d0:
3e:e5:9c:58:d1:55:77:fc:a7:c3:f2:bf:12:ee:b2:8f:8b:8d:
3f:20:36:bc:82:f4:27:35:4d:f6:87:89:af:19:8d:98:09:0d:
49:60:1b:2b:b4:25:e0:6c:7e:9d:ec:f1:de:ec:bc:cd:05:a9:
09:25:39:9b:e1:fc:8c:ca:39:3b:26:36:93:23:01:11:99:4f:
fc:d6:a2:6a:75:74:c8:da:33:ca:ce:a0:2f:38:0e:41:80:f4:
d3:3b:5a:4c:08:5f:14:ee:71:24:06:f3:e5:23:04:9f:9b:e1:
8b:15:c2:51:a7:8a:2a:c1:90:ae:dd:b6:fe:46:1a:ed:0c:e3:
cc:59:9e:3d:5c:20:52:c4:e2:cd:88:3c:de:07:57:e9:76:b6:
2c:a2:31:f2:89:3c:49:44:c5:7e:36:38:20:4a:2f:42:e7:07:
1a:9f:9c:9f:50:2a:cc:5a:06:80:25:fe:c6:c0:b4:54:6a:27:
d9:88:28:71:aa:81:7b:6c:09:59:11:23:52:11:ea:ff:0e:6d:
f8:4e:52:1f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj1z6X2Jm/oc2KdimHi2YoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MWUzZjZiZWJjZDA1MjkxZGM1MjY1ZTA4YjFjZDZjNDAx
YjljZmQwHhcNMjUwMTAxMjE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTE1ZmMwM2VhMzNlYmNlMDhjMWVlNzdhNDVhYTVhMTA2MTJmYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1mnJAWyTZeNO+WmyuZL4gvarrrY
NYLJtzeSwxnp2Nrb3Ufk74YxzGkLlrIL8yzsXeA+TbJrDjarjC5lH8TbYnwjpGqD
4BiiehnhbNVpSXgXHjWEW/3970Xm0glDrQpEG2tFwDN8hgJZUyAXeIqNUcrO5XyP
fX9N+V+/crsR0cvATcKF65LqyqKe1jYcFD8TEmBcn5320Y2ZtL98oS6DvbTkGqiI
/rWoPL9Cg10e/PTMCxeEPyLh5+AZlOg4d1CnKcPH+UL9Jx4npN4mBq19vlWP6XCp
Bqp9g060ziGYSxAZHFkWL/2vskRHJ5ETHsLjagiqoetJXbfpTLv19lk5TwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF4V/APqM+vOCMHud6RapaEGEvpFMB8GA1UdIwQY
MBaAFLUeP2vrzQUpHcUmXgixzWxAG5z9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFI0X2Etdk5CU2tkeFNaZUNMSE5iRUFiblAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wMmZkZmQtN2FjOC00MzIxLWI5MzAt
OGZhNTUxZTZhZTc1LzEvWGhYOEEtb3o2ODRJd2U1M3BGcWxvUVlTLWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wMmZkZmQtN2FjOC00MzIxLWI5MzAtOGZhNTUxZTZhZTc1
LzEvdFI0X2Etdk5CU2tkeFNaZUNMSE5iRUFiblAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEBMABC
MA0GCSqGSIb3DQEBCwUAA4IBAQCFt+ePuQXVLw+rb/Kn3XZ/Gxk3OsQzM2FOXjqN
AmeBk1fqn3maYXxINmXZDYIX1xNVQRsK1NA+5ZxY0VV3/KfD8r8S7rKPi40/IDa8
gvQnNU32h4mvGY2YCQ1JYBsrtCXgbH6d7PHe7LzNBakJJTmb4fyMyjk7JjaTIwER
mU/81qJqdXTI2jPKzqAvOA5BgPTTO1pMCF8U7nEkBvPlIwSfm+GLFcJRp4oqwZCu
3bb+RhrtDOPMWZ49XCBSxOLNiDzeB1fpdrYsojHyiTxJRMV+NjggSi9C5wcan5yf
UCrMWgaAJf7GwLRUaifZiChxqoF7bAlZESNSEer/Dm34TlIf
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:19:02 2025 by rpki-client