Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/2BM9QIgRxE_2RcNn9hahHozcEmo.roa
File: 2BM9QIgRxE_2RcNn9hahHozcEmo.roa (raw, json)
Hash identifier: 3yXUEMFWg/c9hZJEpu11jBt9UvzPYALdkLQvaRnOdJg=
Subject key identifier: D8:13:3D:40:88:11:C4:4F:F6:45:C3:67:F6:16:A1:1E:8C:DC:12:6A
Certificate issuer: /CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Certificate serial: 019423D6E786A83F9C226E92D7C279494529
Authority key identifier: 2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/2BM9QIgRxE_2RcNn9hahHozcEmo.roa
Signing time: Wed 01 Jan 2025 21:47:53 +0000
ROA not before: Wed 01 Jan 2025 21:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200449
IP address blocks: 2a06:3341::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e7:86:a8:3f:9c:22:6e:92:d7:c2:79:49:45:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Validity
Not Before: Jan 1 21:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8133d408811c44ff645c367f616a11e8cdc126a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f2:9d:83:9b:9a:32:9b:66:b8:c0:13:bf:f5:
a3:b0:f6:9e:9a:44:97:23:41:25:2d:ed:13:46:9a:
93:ee:aa:75:3a:f8:1c:0f:c2:29:c6:13:1a:2a:5b:
83:4d:c3:82:f2:bb:c4:c5:e8:c5:a0:8f:db:ed:3b:
89:09:76:65:50:58:39:d5:d8:e9:e4:37:a2:d9:ce:
fc:8d:c7:5a:fc:9d:c9:be:ed:3f:d6:d6:54:5c:4d:
46:a0:4a:d5:9c:78:6f:c9:36:d4:63:10:ad:7f:a6:
a8:90:d6:01:9f:24:f5:af:c3:3f:b7:0c:76:bd:c8:
71:15:a4:c8:28:40:e0:9b:c7:e8:66:7f:46:40:3a:
9d:35:31:08:2a:d8:7c:a8:dc:65:12:db:46:64:41:
11:06:b8:f1:7a:70:f6:bd:48:5c:f6:14:6a:7a:e5:
21:3d:7c:51:94:26:07:04:72:69:4a:46:4a:ad:ce:
11:ad:ed:ef:74:76:23:5f:54:8c:e3:07:39:a6:9e:
39:ad:1b:4f:ec:5c:52:39:47:21:46:b8:a7:39:be:
f7:0d:20:c4:e3:fe:40:d7:89:51:b4:f3:db:2b:0a:
f7:95:b1:99:a2:9a:c5:f5:3b:89:72:73:18:64:16:
a9:e1:a4:14:a4:a8:b8:fc:4b:10:a2:d3:52:b1:f7:
12:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:13:3D:40:88:11:C4:4F:F6:45:C3:67:F6:16:A1:1E:8C:DC:12:6A
X509v3 Authority Key Identifier:
keyid:2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/2BM9QIgRxE_2RcNn9hahHozcEmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/LS-TOfu4yzPFInUcUw86IKdTVHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:3341::/32
Signature Algorithm: sha256WithRSAEncryption
2e:4f:1b:47:95:cf:ca:ae:5a:b7:10:fe:62:f7:b6:4e:26:d1:
07:b8:b3:a5:7e:d5:b2:b1:ed:4b:b2:b0:5f:ae:d6:40:4b:8a:
f4:bf:3c:56:7f:c9:c5:9a:75:83:e5:93:dc:8f:36:d6:51:4f:
37:11:2f:1a:62:26:f9:17:a4:d7:04:7a:00:27:ab:e3:7e:90:
3e:7f:1c:c2:14:70:b1:21:0c:5e:b8:65:2c:0f:59:f3:d9:89:
1c:b3:cc:8e:76:e9:51:42:8e:68:c0:40:66:ef:6d:7d:72:ea:
a6:c7:d0:7a:8d:d8:ef:0d:c5:65:c0:2a:19:ad:60:df:cf:5a:
d0:79:b7:cd:15:84:32:2d:7e:d4:7d:74:be:36:04:b1:5c:f5:
d5:80:69:fb:df:a6:5c:a1:fc:52:e4:4c:f9:8e:91:94:8a:67:
8d:65:c3:9e:a7:1b:a0:7e:6c:f9:11:9d:40:bc:f9:8b:9d:e3:
f7:fd:ec:4f:f6:59:a4:b7:2a:c4:36:96:91:b1:3a:8e:c8:b0:
39:b4:9b:8b:79:71:be:2e:86:72:25:70:ca:26:ce:89:a5:d7:
c7:5b:2b:8c:f9:49:83:4e:6e:3f:ea:80:84:a9:78:46:39:1c:
97:3d:f7:d3:0e:f9:3d:90:4d:fe:c6:2a:31:3b:d4:62:65:41:
6c:77:40:c2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQj1ueGqD+cIm6S18J5SUUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMmY5MzM5ZmJiOGNiMzNjNTIyNzUxYzUzMGYzYTIwYTc1
MzU0N2MwHhcNMjUwMTAxMjE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODEzM2Q0MDg4MTFjNDRmZjY0NWMzNjdmNjE2YTExZThjZGMxMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfKdg5uaMptmuMATv/WjsPaemkSX
I0ElLe0TRpqT7qp1OvgcD8IpxhMaKluDTcOC8rvExejFoI/b7TuJCXZlUFg51djp
5Dei2c78jcda/J3Jvu0/1tZUXE1GoErVnHhvyTbUYxCtf6aokNYBnyT1r8M/twx2
vchxFaTIKEDgm8foZn9GQDqdNTEIKth8qNxlEttGZEERBrjxenD2vUhc9hRqeuUh
PXxRlCYHBHJpSkZKrc4Rre3vdHYjX1SM4wc5pp45rRtP7FxSOUchRrinOb73DSDE
4/5A14lRtPPbKwr3lbGZoprF9TuJcnMYZBap4aQUpKi4/EsQotNSsfcSsQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNgTPUCIEcRP9kXDZ/YWoR6M3BJqMB8GA1UdIwQY
MBaAFC0vkzn7uMszxSJ1HFMPOiCnU1R8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgt
MWQzYTFlOWI3NTQ1LzEvMkJNOVFJZ1J4RV8yUmNObjloYWhIb3pjRW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgtMWQzYTFlOWI3NTQ1
LzEvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgYzQTAN
BgkqhkiG9w0BAQsFAAOCAQEALk8bR5XPyq5atxD+Yve2TibRB7izpX7VsrHtS7Kw
X67WQEuK9L88Vn/JxZp1g+WT3I821lFPNxEvGmIm+Rek1wR6ACer436QPn8cwhRw
sSEMXrhlLA9Z89mJHLPMjnbpUUKOaMBAZu9tfXLqpsfQeo3Y7w3FZcAqGa1g389a
0Hm3zRWEMi1+1H10vjYEsVz11YBp+9+mXKH8UuRM+Y6RlIpnjWXDnqcboH5s+RGd
QLz5i53j9/3sT/ZZpLcqxDaWkbE6jsiwObSbi3lxvi6GciVwyibOiaXXx1srjPlJ
g05uP+qAhKl4Rjkclz330w75PZBN/sYqMTvUYmVBbHdAwg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:52 2025 by rpki-client on console.sobornost.net