Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/688e37-d942-486a-a932-5893bb7761cd/1/EkTaUypg_pd7rGnsbGXftVikPSk.roa
File: EkTaUypg_pd7rGnsbGXftVikPSk.roa (raw, json)
Hash identifier: sEhgMg8C+XnNqF8zClrkN2E7JsFwEbgtXl2it8CHZBU=
Subject key identifier: 12:44:DA:53:2A:60:FE:97:7B:AC:69:EC:6C:65:DF:B5:58:A4:3D:29
Certificate issuer: /CN=bcaa1146afd4f45f117095a15a7de0bbf978144a
Certificate serial: 019580E841FF579BDC622A6983D6DCCC48A2
Authority key identifier: BC:AA:11:46:AF:D4:F4:5F:11:70:95:A1:5A:7D:E0:BB:F9:78:14:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vKoRRq_U9F8RcJWhWn3gu_l4FEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/688e37-d942-486a-a932-5893bb7761cd/1/EkTaUypg_pd7rGnsbGXftVikPSk.roa
Signing time: Mon 10 Mar 2025 16:34:19 +0000
ROA not before: Mon 10 Mar 2025 16:34:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213603
IP address blocks: 2a14:ab00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:80:e8:41:ff:57:9b:dc:62:2a:69:83:d6:dc:cc:48:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcaa1146afd4f45f117095a15a7de0bbf978144a
Validity
Not Before: Mar 10 16:34:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1244da532a60fe977bac69ec6c65dfb558a43d29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:06:dc:8b:9e:29:a0:bf:e6:04:83:de:96:37:
f7:bf:54:44:2a:bc:41:0f:1b:5c:74:72:db:94:5c:
ad:1f:0b:37:18:59:c2:c3:1e:1c:e7:fc:94:50:5d:
f5:5a:a5:5e:c6:ef:bc:5d:10:21:a7:dc:a3:a6:cd:
00:0a:26:f6:ac:7c:8a:2b:5b:ae:c6:c2:94:b9:ea:
c2:8e:a7:a1:d9:15:c0:cb:69:a8:9e:96:0b:53:5a:
fb:2e:6a:0e:4a:a6:a3:a9:7a:4b:0a:a8:28:8c:4b:
7e:20:f9:1d:29:3c:b7:ea:f8:16:b3:81:80:5b:03:
16:b2:ac:3a:e5:30:bc:69:3a:32:80:a5:0b:5c:3a:
68:62:cf:89:26:b4:a8:a5:64:20:78:12:c0:ea:fe:
7c:f8:b2:34:d8:9d:98:65:09:f3:a4:f4:62:82:c9:
17:40:9e:3b:8d:0f:7d:98:ae:49:79:c1:8f:fc:0b:
3b:ee:a1:de:13:25:fe:5a:9f:18:00:c6:8c:f1:b7:
11:88:f9:10:e0:ac:86:14:95:45:4c:c5:fc:47:ff:
c5:ce:1c:42:3f:ce:64:3a:91:5e:ae:a1:2c:ea:01:
49:06:32:97:ce:a5:eb:48:f5:21:91:50:aa:24:73:
0f:21:b6:ca:46:9b:49:23:e0:d2:df:4f:2d:69:c4:
18:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:44:DA:53:2A:60:FE:97:7B:AC:69:EC:6C:65:DF:B5:58:A4:3D:29
X509v3 Authority Key Identifier:
keyid:BC:AA:11:46:AF:D4:F4:5F:11:70:95:A1:5A:7D:E0:BB:F9:78:14:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vKoRRq_U9F8RcJWhWn3gu_l4FEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/688e37-d942-486a-a932-5893bb7761cd/1/EkTaUypg_pd7rGnsbGXftVikPSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/688e37-d942-486a-a932-5893bb7761cd/1/vKoRRq_U9F8RcJWhWn3gu_l4FEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:ab00::/29
Signature Algorithm: sha256WithRSAEncryption
93:7b:c2:03:32:97:12:00:25:02:03:33:8f:ce:ef:86:15:ec:
96:eb:26:c8:74:7f:14:67:57:2e:3a:a2:23:51:2f:77:7f:2c:
33:90:0f:e1:f6:cd:e7:60:5c:d1:eb:7f:ee:46:94:2a:40:76:
cb:0f:8b:ff:66:75:f7:4d:22:e6:b4:19:ab:c2:a3:07:a2:25:
58:53:9f:2b:ce:1e:1f:4a:70:b6:be:8a:0d:e7:6b:63:0e:de:
40:3a:7b:b3:d3:6f:50:2b:33:59:34:ee:19:ef:de:5a:7a:6f:
6b:16:69:a2:f6:3a:0d:ec:16:52:06:9b:61:bd:d1:1d:b6:d5:
c6:ca:b3:fa:7f:3c:78:fe:ba:9c:b5:90:8b:59:f7:33:11:3f:
4a:41:a0:0c:37:08:c2:8d:6d:0e:58:06:b2:0d:64:94:42:e6:
d7:92:82:b9:6d:29:0a:db:2c:28:a4:be:17:d6:b6:1b:7f:95:
64:d8:fe:8d:ae:71:b4:89:71:7b:34:5e:d0:98:f4:72:bf:9c:
37:2d:86:79:5e:c8:ed:39:c8:b9:22:e6:11:55:c6:42:c9:e5:
4f:f1:02:98:5f:94:3a:d6:50:ff:08:82:1f:4b:fd:06:23:c2:
ee:e4:0a:93:45:35:d4:1e:4e:56:71:92:f5:65:27:8d:f6:d6:
99:82:e2:48
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZWA6EH/V5vcYippg9bczEiiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjYWExMTQ2YWZkNGY0NWYxMTcwOTVhMTVhN2RlMGJiZjk3
ODE0NGEwHhcNMjUwMzEwMTYzNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjQ0ZGE1MzJhNjBmZTk3N2JhYzY5ZWM2YzY1ZGZiNTU4YTQzZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAbci54poL/mBIPeljf3v1REKrxB
DxtcdHLblFytHws3GFnCwx4c5/yUUF31WqVexu+8XRAhp9yjps0ACib2rHyKK1uu
xsKUuerCjqeh2RXAy2monpYLU1r7LmoOSqajqXpLCqgojEt+IPkdKTy36vgWs4GA
WwMWsqw65TC8aToygKULXDpoYs+JJrSopWQgeBLA6v58+LI02J2YZQnzpPRigskX
QJ47jQ99mK5JecGP/As77qHeEyX+Wp8YAMaM8bcRiPkQ4KyGFJVFTMX8R//FzhxC
P85kOpFerqEs6gFJBjKXzqXrSPUhkVCqJHMPIbbKRptJI+DS308tacQYXwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBJE2lMqYP6Xe6xp7Gxl37VYpD0pMB8GA1UdIwQY
MBaAFLyqEUav1PRfEXCVoVp94Lv5eBRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdktvUlJxX1U5RjhSY0pXaFduM2d1X2w0RkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC82ODhlMzctZDk0Mi00ODZhLWE5MzIt
NTg5M2JiNzc2MWNkLzEvRWtUYVV5cGdfcGQ3ckduc2JHWGZ0VmlrUFNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC82ODhlMzctZDk0Mi00ODZhLWE5MzItNTg5M2JiNzc2MWNk
LzEvdktvUlJxX1U5RjhSY0pXaFduM2d1X2w0RkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhSrADAN
BgkqhkiG9w0BAQsFAAOCAQEAk3vCAzKXEgAlAgMzj87vhhXslusmyHR/FGdXLjqi
I1Evd38sM5AP4fbN52Bc0et/7kaUKkB2yw+L/2Z1900i5rQZq8KjB6IlWFOfK84e
H0pwtr6KDedrYw7eQDp7s9NvUCszWTTuGe/eWnpvaxZpovY6DewWUgabYb3RHbbV
xsqz+n88eP66nLWQi1n3MxE/SkGgDDcIwo1tDlgGsg1klELm15KCuW0pCtssKKS+
F9a2G3+VZNj+ja5xtIlxezRe0Jj0cr+cNy2GeV7I7TnIuSLmEVXGQsnlT/ECmF+U
OtZQ/wiCH0v9BiPC7uQKk0U11B5OVnGS9WUnjfbWmYLiSA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:04 2025 by rpki-client on console.sobornost.net