Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/GhTmp19MKGrha68k8FSg5O3MOXs.roa
File: GhTmp19MKGrha68k8FSg5O3MOXs.roa (raw, json)
Hash identifier: msOVTHZ3+no8UhxlXFgsYby23Ic3zy+iOJwGwYJ533I=
Subject key identifier: 1A:14:E6:A7:5F:4C:28:6A:E1:6B:AF:24:F0:54:A0:E4:ED:CC:39:7B
Certificate issuer: /CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Certificate serial: 019424B3E1868271B5DD5C993870056292C7
Authority key identifier: 0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/GhTmp19MKGrha68k8FSg5O3MOXs.roa
Signing time: Thu 02 Jan 2025 01:49:15 +0000
ROA not before: Thu 02 Jan 2025 01:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56849
IP address blocks: 2a0e:48c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e1:86:82:71:b5:dd:5c:99:38:70:05:62:92:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Validity
Not Before: Jan 2 01:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a14e6a75f4c286ae16baf24f054a0e4edcc397b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1c:bb:89:5c:20:af:72:03:ce:72:76:ab:c9:
74:03:9f:b7:d0:3b:47:34:5f:32:ae:94:8c:2c:0a:
dd:3d:84:4c:14:63:4c:2e:a5:d9:79:a3:45:22:e0:
b0:86:63:1c:79:8a:e5:55:67:92:fe:f0:8f:9e:41:
68:d0:08:b3:0b:0b:56:8b:68:f9:12:fe:de:2d:fa:
82:f1:3a:7f:c2:d2:44:63:dc:f3:11:85:be:83:c5:
f3:20:f0:1c:aa:6e:77:eb:4f:8d:ea:3e:f8:26:6a:
9d:cb:b2:bd:2c:f2:19:fa:86:d8:f4:d7:18:60:30:
fb:c1:76:b1:ea:f8:f9:fd:d5:0a:55:2a:c0:8e:c6:
cd:72:08:7c:4d:ec:8b:9c:9c:48:0e:59:c2:40:b6:
3b:78:56:32:a1:74:cf:a1:ba:ac:af:99:d8:0b:cc:
c8:30:80:5d:ee:90:4a:c4:c7:fc:1a:e5:0c:78:9d:
9b:a2:21:c1:dc:ed:80:6d:16:83:07:c5:b8:c6:f6:
1c:65:76:05:1c:55:df:64:b0:89:58:8b:5f:e9:2e:
92:20:65:cb:6d:bf:16:60:45:20:32:97:ff:18:7a:
e4:d4:6a:d7:8d:8a:0d:f3:d9:d9:9d:fa:3c:d0:29:
25:02:99:e1:1c:3e:fd:b7:a9:4c:65:b1:54:b8:b0:
de:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:14:E6:A7:5F:4C:28:6A:E1:6B:AF:24:F0:54:A0:E4:ED:CC:39:7B
X509v3 Authority Key Identifier:
keyid:0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/GhTmp19MKGrha68k8FSg5O3MOXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/C7PnOqi38K872EAFctrnKw1G9Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:48c0::/29
Signature Algorithm: sha256WithRSAEncryption
07:3f:57:4a:49:c4:f2:7c:13:2e:31:60:36:6e:2e:6d:0c:74:
2b:48:50:9d:ea:c3:a5:29:f6:1d:e6:25:63:7d:f9:7a:cf:2b:
63:c2:77:b0:60:49:d1:dd:86:46:67:ee:b8:14:18:bf:b7:5c:
72:68:31:a6:0c:a8:42:e1:a1:87:56:43:b4:e3:1c:81:0e:ca:
99:e7:7a:e4:ba:1b:f5:e2:5f:a3:2c:21:c6:51:ad:13:7a:27:
5a:7d:d2:bc:aa:4a:d0:86:a1:b4:47:68:fc:06:ae:6b:68:b6:
e3:11:94:b8:57:73:2c:f8:ad:71:f3:5f:c7:ba:1c:aa:c2:f7:
33:a8:cd:d8:50:4a:76:a0:f2:3c:d0:2d:ec:93:72:72:23:b3:
c3:5e:8d:28:99:86:43:6c:27:c6:03:78:ed:e9:09:66:6d:72:
35:07:21:8e:2c:ec:ed:32:e5:50:67:2e:ac:a6:94:f7:04:5a:
3d:db:2b:88:94:96:25:61:c3:0d:1f:5c:ee:43:cb:14:9d:4c:
fa:f4:a8:28:7b:f5:53:98:5f:b6:88:59:8b:fc:5f:07:61:b3:
6d:2c:a7:58:5f:9c:de:9c:60:a5:ad:0f:7e:e5:1c:48:73:01:
6b:37:c8:aa:5b:8b:a3:b2:d3:81:8a:8a:07:13:61:27:68:7b:
b2:0a:16:e0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQks+GGgnG13VyZOHAFYpLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjNlNzNhYThiN2YwYWYzYmQ4NDAwNTcyZGFlNzJiMGQ0
NmY1NWMwHhcNMjUwMTAyMDE0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTE0ZTZhNzVmNGMyODZhZTE2YmFmMjRmMDU0YTBlNGVkY2MzOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRy7iVwgr3IDznJ2q8l0A5+30DtH
NF8yrpSMLArdPYRMFGNMLqXZeaNFIuCwhmMceYrlVWeS/vCPnkFo0AizCwtWi2j5
Ev7eLfqC8Tp/wtJEY9zzEYW+g8XzIPAcqm5360+N6j74Jmqdy7K9LPIZ+obY9NcY
YDD7wXax6vj5/dUKVSrAjsbNcgh8TeyLnJxIDlnCQLY7eFYyoXTPobqsr5nYC8zI
MIBd7pBKxMf8GuUMeJ2boiHB3O2AbRaDB8W4xvYcZXYFHFXfZLCJWItf6S6SIGXL
bb8WYEUgMpf/GHrk1GrXjYoN89nZnfo80CklApnhHD79t6lMZbFUuLDeBQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBoU5qdfTChq4WuvJPBUoOTtzDl7MB8GA1UdIwQY
MBaAFAuz5zqot/CvO9hABXLa5ysNRvVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzIt
YWQyOGZhOTY2YjUxLzEvR2hUbXAxOU1LR3JoYTY4azhGU2c1TzNNT1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzItYWQyOGZhOTY2YjUx
LzEvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg5IwDAN
BgkqhkiG9w0BAQsFAAOCAQEABz9XSknE8nwTLjFgNm4ubQx0K0hQnerDpSn2HeYl
Y335es8rY8J3sGBJ0d2GRmfuuBQYv7dccmgxpgyoQuGhh1ZDtOMcgQ7Kmed65Lob
9eJfoywhxlGtE3onWn3SvKpK0IahtEdo/Aaua2i24xGUuFdzLPitcfNfx7ocqsL3
M6jN2FBKdqDyPNAt7JNyciOzw16NKJmGQ2wnxgN47ekJZm1yNQchjizs7TLlUGcu
rKaU9wRaPdsriJSWJWHDDR9c7kPLFJ1M+vSoKHv1U5hftohZi/xfB2GzbSynWF+c
3pxgpa0PfuUcSHMBazfIqluLo7LTgYqKBxNhJ2h7sgoW4A==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:02 2025 by rpki-client on console.sobornost.net