Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/8xMxjtO-k2WYJj5fJmeVkGV5YA4.roa
File: 8xMxjtO-k2WYJj5fJmeVkGV5YA4.roa (raw, json)
Hash identifier: h2/dulkFhykUkX0igL56x6SI1vv2NsPZ43/9G+3BAxs=
Subject key identifier: F3:13:31:8E:D3:BE:93:65:98:26:3E:5F:26:67:95:90:65:79:60:0E
Certificate issuer: /CN=533b46e3a9dd5b7ea8a8bfda2f6e3bad15509113
Certificate serial: 01942068582E6ECB660E1387C39714518A4C
Authority key identifier: 53:3B:46:E3:A9:DD:5B:7E:A8:A8:BF:DA:2F:6E:3B:AD:15:50:91:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UztG46ndW36oqL_aL247rRVQkRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/8xMxjtO-k2WYJj5fJmeVkGV5YA4.roa
Signing time: Wed 01 Jan 2025 05:48:16 +0000
ROA not before: Wed 01 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208658
IP address blocks: 2001:678:aac::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:58:2e:6e:cb:66:0e:13:87:c3:97:14:51:8a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=533b46e3a9dd5b7ea8a8bfda2f6e3bad15509113
Validity
Not Before: Jan 1 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f313318ed3be936598263e5f266795906579600e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3f:e0:ac:6e:8c:8d:cf:08:d8:f8:e7:90:3b:
89:59:e3:78:cb:8e:3d:8b:4d:13:3d:e5:de:f0:96:
11:a4:99:0a:22:dd:0d:67:59:9f:2d:68:35:19:d5:
40:a1:a2:f3:41:ae:51:c1:ce:f9:41:6c:40:e3:1e:
42:c5:dc:a1:37:d7:79:ee:02:e3:f9:7d:23:b5:c4:
3e:ec:ca:00:df:1d:70:f4:5a:76:ea:23:d9:56:34:
1d:38:ac:94:37:e9:2d:71:c4:47:1b:ca:bf:98:a2:
df:33:bf:2a:ab:eb:2f:dc:91:b8:34:2d:51:d5:bc:
b5:69:a8:5a:17:6a:3f:fb:45:ef:78:a9:04:b3:05:
68:cd:10:c4:ea:5c:4e:e7:a2:c6:16:84:9b:4a:0f:
b1:b9:4b:b6:1d:ba:63:59:a6:41:59:cb:27:84:82:
f8:23:ae:8f:72:da:1f:c0:bc:77:f3:bd:82:eb:20:
f4:d0:f3:cb:5e:da:14:6b:28:f6:65:4f:85:33:b1:
77:36:51:32:a2:2e:cb:fa:79:58:1e:2a:f1:3e:4e:
9b:71:1f:3e:ae:86:94:e5:20:68:48:ac:45:ff:c4:
71:c5:a5:40:ad:e7:3e:d6:d7:84:80:2f:3d:39:cd:
8b:b3:29:41:03:b9:c1:f1:5b:0d:bd:c2:9f:4c:1c:
2d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:13:31:8E:D3:BE:93:65:98:26:3E:5F:26:67:95:90:65:79:60:0E
X509v3 Authority Key Identifier:
keyid:53:3B:46:E3:A9:DD:5B:7E:A8:A8:BF:DA:2F:6E:3B:AD:15:50:91:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UztG46ndW36oqL_aL247rRVQkRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/8xMxjtO-k2WYJj5fJmeVkGV5YA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:aac::/48
Signature Algorithm: sha256WithRSAEncryption
6e:8f:5f:ff:34:b9:7e:bb:32:81:ee:46:c6:a0:b1:95:c7:bc:
0c:3b:cf:07:a9:5e:da:4c:cc:5d:5c:b9:05:d0:c1:aa:cf:be:
f8:d2:6d:62:ba:b3:26:a9:2c:31:bb:87:cb:46:ed:ff:57:36:
33:64:66:80:aa:8e:b9:90:07:ec:8f:de:49:09:22:bb:9b:24:
33:e8:74:8e:c4:07:09:b6:b1:f1:51:11:df:01:00:54:ff:61:
d5:f3:d9:64:25:04:f3:1b:6a:53:1e:bb:36:9c:30:e3:5e:50:
27:a4:45:54:7d:1f:01:a3:71:e2:a4:49:eb:5b:67:60:03:76:
e2:4c:f5:8c:5e:66:b4:4d:36:5e:86:ad:29:38:1b:8d:55:fb:
71:00:f0:7d:42:dd:b9:34:e9:39:60:b6:b2:c1:45:c6:ea:bb:
de:0f:c9:07:bc:2b:74:20:ab:50:78:62:33:f6:a4:61:79:15:
e5:6b:aa:54:e9:84:03:c8:09:40:82:42:c4:35:d6:31:4a:d9:
92:76:19:84:15:67:11:8e:70:d2:d3:b5:3d:70:f0:3a:93:8d:
e7:23:48:c0:ad:a7:e1:e8:1b:d3:25:40:35:a0:b6:46:14:5f:
2c:4c:d9:1a:cb:31:52:49:ef:7e:c6:de:af:9f:0d:74:9b:6b:
a0:02:6a:8f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQgaFgubstmDhOHw5cUUYpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzM2I0NmUzYTlkZDViN2VhOGE4YmZkYTJmNmUzYmFkMTU1
MDkxMTMwHhcNMjUwMTAxMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzEzMzE4ZWQzYmU5MzY1OTgyNjNlNWYyNjY3OTU5MDY1Nzk2MDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT/grG6Mjc8I2PjnkDuJWeN4y449
i00TPeXe8JYRpJkKIt0NZ1mfLWg1GdVAoaLzQa5Rwc75QWxA4x5CxdyhN9d57gLj
+X0jtcQ+7MoA3x1w9Fp26iPZVjQdOKyUN+ktccRHG8q/mKLfM78qq+sv3JG4NC1R
1by1aahaF2o/+0XveKkEswVozRDE6lxO56LGFoSbSg+xuUu2HbpjWaZBWcsnhIL4
I66PctofwLx3872C6yD00PPLXtoUayj2ZU+FM7F3NlEyoi7L+nlYHirxPk6bcR8+
roaU5SBoSKxF/8RxxaVArec+1teEgC89Oc2LsylBA7nB8VsNvcKfTBwtXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPMTMY7TvpNlmCY+XyZnlZBleWAOMB8GA1UdIwQY
MBaAFFM7RuOp3Vt+qKi/2i9uO60VUJETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXp0RzQ2bmRXMzZvcUxfYUwyNDdyUlZRa1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9mNTBlMmQtZTQwMC00NGYxLTg4MzIt
ZTI2OTYwYmYzNGU1LzEvOHhNeGp0Ty1rMldZSmo1ZkptZVZrR1Y1WUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9mNTBlMmQtZTQwMC00NGYxLTg4MzItZTI2OTYwYmYzNGU1
LzEvVXp0RzQ2bmRXMzZvcUxfYUwyNDdyUlZRa1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqs
MA0GCSqGSIb3DQEBCwUAA4IBAQBuj1//NLl+uzKB7kbGoLGVx7wMO88HqV7aTMxd
XLkF0MGqz7740m1iurMmqSwxu4fLRu3/VzYzZGaAqo65kAfsj95JCSK7myQz6HSO
xAcJtrHxURHfAQBU/2HV89lkJQTzG2pTHrs2nDDjXlAnpEVUfR8Bo3HipEnrW2dg
A3biTPWMXma0TTZehq0pOBuNVftxAPB9Qt25NOk5YLaywUXG6rveD8kHvCt0IKtQ
eGIz9qRheRXla6pU6YQDyAlAgkLENdYxStmSdhmEFWcRjnDS07U9cPA6k43nI0jA
rafh6BvTJUA1oLZGFF8sTNkayzFSSe9+xt6vnw10m2ugAmqP
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:07:13 2025 by rpki-client