Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/e79202-acab-4b1a-992b-2a2ed45e2712/1/U6h0E3CpWcLE4IcpdPD5N0_flWE.roa
File: U6h0E3CpWcLE4IcpdPD5N0_flWE.roa (raw, json)
Hash identifier: /MeOIU5IzJfeECJ9wAs+zMCbOflzuiKPgRuM31+tyrU=
Subject key identifier: 53:A8:74:13:70:A9:59:C2:C4:E0:87:29:74:F0:F9:37:4F:DF:95:61
Certificate issuer: /CN=aa85c67f22309e0d84c30b542529725328605151
Certificate serial: 01942746C975427D9524F8CCCFF0885B06B9
Authority key identifier: AA:85:C6:7F:22:30:9E:0D:84:C3:0B:54:25:29:72:53:28:60:51:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qoXGfyIwng2EwwtUJSlyUyhgUVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/e79202-acab-4b1a-992b-2a2ed45e2712/1/U6h0E3CpWcLE4IcpdPD5N0_flWE.roa
Signing time: Thu 02 Jan 2025 13:48:58 +0000
ROA not before: Thu 02 Jan 2025 13:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204882
IP address blocks: 2001:678:a68::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:c9:75:42:7d:95:24:f8:cc:cf:f0:88:5b:06:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa85c67f22309e0d84c30b542529725328605151
Validity
Not Before: Jan 2 13:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53a8741370a959c2c4e0872974f0f9374fdf9561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:10:e9:30:5f:4a:8e:0a:5b:36:85:8a:d1:39:
12:eb:c0:7c:05:c0:ca:ed:e2:7d:10:ca:90:6e:5b:
15:8d:92:31:24:c8:28:07:1c:a1:1d:73:e7:4a:10:
02:d7:03:be:aa:12:5c:2d:be:00:a3:7d:8d:a8:73:
1f:03:15:24:67:a6:42:5e:78:de:cf:99:3b:33:57:
ef:3a:2a:c4:58:6f:c1:0e:6f:a3:ed:02:48:1c:f5:
7b:b1:4f:cc:b4:fe:a7:82:07:7f:af:10:f5:26:59:
c3:3f:f8:e0:84:22:d6:7f:60:72:66:ee:fc:cc:1b:
18:79:26:d4:a9:f3:f3:79:86:7e:d1:c5:48:3d:3d:
37:f1:02:ce:6c:4b:89:9f:bf:85:5b:3a:1d:4c:c3:
e3:7c:e8:46:9f:d0:78:d9:ca:4e:eb:c5:ee:8e:5f:
ba:45:e2:b9:d5:e4:35:0e:5e:0a:de:cc:80:95:5e:
da:03:6c:5e:3f:38:93:aa:2f:cc:8d:23:6c:6f:b1:
89:4d:01:08:18:ae:41:4d:da:59:d6:ab:45:df:22:
29:76:e2:42:2d:9d:3f:52:38:f3:82:11:fa:0c:69:
09:1e:63:20:df:fd:b2:5b:7f:d8:ba:35:fd:3d:6d:
30:72:de:42:5d:4e:55:9d:e6:d8:fc:95:9d:4c:a0:
1b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A8:74:13:70:A9:59:C2:C4:E0:87:29:74:F0:F9:37:4F:DF:95:61
X509v3 Authority Key Identifier:
keyid:AA:85:C6:7F:22:30:9E:0D:84:C3:0B:54:25:29:72:53:28:60:51:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoXGfyIwng2EwwtUJSlyUyhgUVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e79202-acab-4b1a-992b-2a2ed45e2712/1/U6h0E3CpWcLE4IcpdPD5N0_flWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e79202-acab-4b1a-992b-2a2ed45e2712/1/qoXGfyIwng2EwwtUJSlyUyhgUVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:a68::/48
Signature Algorithm: sha256WithRSAEncryption
2d:bb:ea:c4:b7:05:56:a1:2e:10:c9:e1:dd:39:2b:56:fe:1a:
13:16:76:b5:99:c7:f2:60:e6:3a:8f:32:59:9e:34:69:ec:2f:
64:d8:b9:16:0e:14:b4:af:2b:c1:e5:2d:fa:06:10:b2:ff:01:
ff:e3:3f:85:42:f9:7d:06:ea:cb:dc:df:50:8c:34:b2:bc:e8:
93:7c:22:f7:ef:0e:72:91:41:63:14:ae:22:71:2b:fd:69:85:
bb:3e:cb:56:41:35:74:de:e3:1d:7b:a5:0c:20:24:65:73:02:
8a:2d:fe:80:b0:06:06:f7:03:0c:86:f8:ad:8c:72:52:da:7f:
30:2e:5c:5a:33:7a:ec:7e:93:55:05:d0:6c:a6:f1:1c:46:c4:
a4:f2:5a:ea:a3:2b:5c:c8:d0:46:17:26:75:3a:82:ed:03:50:
8a:c3:9c:9f:61:a0:4d:26:a9:f0:0c:1a:e0:68:82:1e:05:df:
1b:df:e7:b9:bb:73:f3:47:3a:96:9c:b8:f5:33:c5:29:93:cb:
f1:52:e1:74:e8:ec:46:29:95:67:eb:c0:cd:6f:5f:34:7e:f8:
f5:b8:62:49:10:8e:ac:25:95:21:61:23:92:37:66:3f:55:ee:
08:14:6c:c5:a0:e6:46:6e:4c:84:dd:10:9b:c4:a7:54:fc:16:
52:97:95:ac
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnRsl1Qn2VJPjMz/CIWwa5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhODVjNjdmMjIzMDllMGQ4NGMzMGI1NDI1Mjk3MjUzMjg2
MDUxNTEwHhcNMjUwMTAyMTM0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2E4NzQxMzcwYTk1OWMyYzRlMDg3Mjk3NGYwZjkzNzRmZGY5NTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxDpMF9KjgpbNoWK0TkS68B8BcDK
7eJ9EMqQblsVjZIxJMgoBxyhHXPnShAC1wO+qhJcLb4Ao32NqHMfAxUkZ6ZCXnje
z5k7M1fvOirEWG/BDm+j7QJIHPV7sU/MtP6nggd/rxD1JlnDP/jghCLWf2ByZu78
zBsYeSbUqfPzeYZ+0cVIPT038QLObEuJn7+FWzodTMPjfOhGn9B42cpO68Xujl+6
ReK51eQ1Dl4K3syAlV7aA2xePziTqi/MjSNsb7GJTQEIGK5BTdpZ1qtF3yIpduJC
LZ0/UjjzghH6DGkJHmMg3/2yW3/YujX9PW0wct5CXU5VnebY/JWdTKAbTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFOodBNwqVnCxOCHKXTw+TdP35VhMB8GA1UdIwQY
MBaAFKqFxn8iMJ4NhMMLVCUpclMoYFFRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW9YR2Z5SXduZzJFd3d0VUpTbHlVeWhnVVZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9lNzkyMDItYWNhYi00YjFhLTk5MmIt
MmEyZWQ0NWUyNzEyLzEvVTZoMEUzQ3BXY0xFNEljcGRQRDVOMF9mbFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9lNzkyMDItYWNhYi00YjFhLTk5MmItMmEyZWQ0NWUyNzEy
LzEvcW9YR2Z5SXduZzJFd3d0VUpTbHlVeWhnVVZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeApo
MA0GCSqGSIb3DQEBCwUAA4IBAQAtu+rEtwVWoS4QyeHdOStW/hoTFna1mcfyYOY6
jzJZnjRp7C9k2LkWDhS0ryvB5S36BhCy/wH/4z+FQvl9BurL3N9QjDSyvOiTfCL3
7w5ykUFjFK4icSv9aYW7PstWQTV03uMde6UMICRlcwKKLf6AsAYG9wMMhvitjHJS
2n8wLlxaM3rsfpNVBdBspvEcRsSk8lrqoytcyNBGFyZ1OoLtA1CKw5yfYaBNJqnw
DBrgaIIeBd8b3+e5u3PzRzqWnLj1M8Upk8vxUuF06OxGKZVn68DNb180fvj1uGJJ
EI6sJZUhYSOSN2Y/Ve4IFGzFoOZGbkyE3RCbxKdU/BZSl5Ws
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:43 2025 by rpki-client on console.sobornost.net