Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/856ea4-de5a-4f11-8228-87bf6fdbe193/1/UIZd9CI7aaVoCr978zA_tJuQwXc.roa
File: UIZd9CI7aaVoCr978zA_tJuQwXc.roa (raw, json)
Hash identifier: gtKlay3p/m+1ysOhvty8fHbcgsJz5ALUFkSpQwwLWbI=
Subject key identifier: 50:86:5D:F4:22:3B:69:A5:68:0A:BF:7B:F3:30:3F:B4:9B:90:C1:77
Certificate issuer: /CN=bfa6e96fca7a2783cb9721ebb62de1b536c163a9
Certificate serial: 01941F8C7C7C530CC3B0178617F470845533
Authority key identifier: BF:A6:E9:6F:CA:7A:27:83:CB:97:21:EB:B6:2D:E1:B5:36:C1:63:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6bpb8p6J4PLlyHrti3htTbBY6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/856ea4-de5a-4f11-8228-87bf6fdbe193/1/UIZd9CI7aaVoCr978zA_tJuQwXc.roa
Signing time: Wed 01 Jan 2025 01:48:08 +0000
ROA not before: Wed 01 Jan 2025 01:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42927
IP address blocks: 2a07:a440::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:7c:7c:53:0c:c3:b0:17:86:17:f4:70:84:55:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfa6e96fca7a2783cb9721ebb62de1b536c163a9
Validity
Not Before: Jan 1 01:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50865df4223b69a5680abf7bf3303fb49b90c177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f5:24:34:de:5e:ac:04:d4:41:96:24:29:71:
5c:41:ed:09:d6:dc:c7:47:9c:a5:1a:9e:04:aa:48:
32:80:75:7a:77:d0:1a:12:6c:1f:5c:d6:e9:c6:3e:
d3:e5:c6:6c:c0:2d:8f:ea:d4:d8:0b:6f:2d:20:ed:
41:1a:f3:03:b0:02:d1:77:c3:bf:c5:75:08:55:7f:
05:91:2c:0f:72:86:17:16:83:c0:96:dd:9d:d6:86:
76:46:58:66:06:8a:38:a0:5b:87:90:92:b8:aa:cd:
17:af:52:1c:9a:af:73:c7:22:c9:00:d9:45:a0:86:
b6:44:23:d9:bc:c9:89:6e:03:f4:83:14:78:79:74:
c3:8e:24:27:bc:9a:1c:19:89:07:f1:a4:db:7d:92:
8e:47:eb:46:78:99:f8:64:0a:e1:0e:ac:6f:c7:09:
aa:93:16:da:8e:cb:c9:ea:48:e9:e3:50:3f:80:f2:
99:d1:07:c1:cb:34:18:95:42:fb:b4:51:65:90:47:
8b:c2:90:3d:bc:a0:f9:75:23:d8:f6:20:99:19:55:
4b:6d:7a:d1:c1:cf:7f:d8:f8:cf:23:27:a0:e2:96:
c9:22:35:f2:9d:d9:b6:48:a2:94:12:6c:0b:e9:d9:
6b:ab:67:14:6f:a2:17:26:df:4b:9e:1c:d2:b1:21:
4b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:86:5D:F4:22:3B:69:A5:68:0A:BF:7B:F3:30:3F:B4:9B:90:C1:77
X509v3 Authority Key Identifier:
keyid:BF:A6:E9:6F:CA:7A:27:83:CB:97:21:EB:B6:2D:E1:B5:36:C1:63:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6bpb8p6J4PLlyHrti3htTbBY6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/856ea4-de5a-4f11-8228-87bf6fdbe193/1/UIZd9CI7aaVoCr978zA_tJuQwXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/856ea4-de5a-4f11-8228-87bf6fdbe193/1/v6bpb8p6J4PLlyHrti3htTbBY6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:a440::/30
Signature Algorithm: sha256WithRSAEncryption
18:9a:47:16:7d:78:53:43:3d:0f:59:0d:7a:c0:bc:9a:95:36:
b8:a6:c8:bf:a6:38:08:45:62:1d:c3:e1:9a:4e:03:b0:e8:bb:
d8:af:5f:5a:eb:fe:62:6d:4b:9f:74:d2:69:ab:c9:a6:99:69:
5a:a8:6d:2e:0b:7b:5c:cd:9f:cd:12:2e:0f:93:a0:e9:85:51:
28:78:ea:2a:5d:cd:ea:83:33:2c:37:c1:78:69:77:7e:58:b9:
b2:dd:4b:19:70:6a:a4:38:c4:31:f7:8f:c0:e1:64:b7:9b:af:
4c:a2:c5:ac:d7:35:41:73:82:f0:27:33:2a:76:11:36:46:ae:
b3:96:1f:cc:5a:65:94:5e:0d:1f:8b:57:67:0e:b5:a4:d3:d2:
a5:fe:08:68:c3:8f:5f:fa:f0:a7:ca:78:5d:00:65:57:f8:3a:
c9:59:23:3f:c7:c1:a9:24:30:16:ae:5b:ea:61:b8:5c:cf:18:
50:fd:aa:90:af:5e:a9:df:ba:64:f4:67:70:f8:09:f2:9a:20:
89:5b:ff:a7:d9:4f:78:c6:e3:77:ff:33:22:21:9e:c5:10:b4:
93:fb:e8:e3:64:d0:e3:29:ce:2c:59:a1:ff:a9:20:0b:a1:6e:
16:c9:0d:7d:8e:06:c1:03:ea:34:6d:58:28:4c:4f:71:87:03:
9e:d4:da:a4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQfjHx8UwzDsBeGF/RwhFUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYTZlOTZmY2E3YTI3ODNjYjk3MjFlYmI2MmRlMWI1MzZj
MTYzYTkwHhcNMjUwMTAxMDE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDg2NWRmNDIyM2I2OWE1NjgwYWJmN2JmMzMwM2ZiNDliOTBjMTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfUkNN5erATUQZYkKXFcQe0J1tzH
R5ylGp4EqkgygHV6d9AaEmwfXNbpxj7T5cZswC2P6tTYC28tIO1BGvMDsALRd8O/
xXUIVX8FkSwPcoYXFoPAlt2d1oZ2RlhmBoo4oFuHkJK4qs0Xr1Icmq9zxyLJANlF
oIa2RCPZvMmJbgP0gxR4eXTDjiQnvJocGYkH8aTbfZKOR+tGeJn4ZArhDqxvxwmq
kxbajsvJ6kjp41A/gPKZ0QfByzQYlUL7tFFlkEeLwpA9vKD5dSPY9iCZGVVLbXrR
wc9/2PjPIyeg4pbJIjXyndm2SKKUEmwL6dlrq2cUb6IXJt9LnhzSsSFLSQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFCGXfQiO2mlaAq/e/MwP7SbkMF3MB8GA1UdIwQY
MBaAFL+m6W/KeieDy5ch67Yt4bU2wWOpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjZicGI4cDZKNFBMbHlIcnRpM2h0VGJCWTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84NTZlYTQtZGU1YS00ZjExLTgyMjgt
ODdiZjZmZGJlMTkzLzEvVUlaZDlDSTdhYVZvQ3I5Nzh6QV90SnVRd1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84NTZlYTQtZGU1YS00ZjExLTgyMjgtODdiZjZmZGJlMTkz
LzEvdjZicGI4cDZKNFBMbHlIcnRpM2h0VGJCWTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKgekQDAN
BgkqhkiG9w0BAQsFAAOCAQEAGJpHFn14U0M9D1kNesC8mpU2uKbIv6Y4CEViHcPh
mk4DsOi72K9fWuv+Ym1Ln3TSaavJpplpWqhtLgt7XM2fzRIuD5Og6YVRKHjqKl3N
6oMzLDfBeGl3fli5st1LGXBqpDjEMfePwOFkt5uvTKLFrNc1QXOC8CczKnYRNkau
s5YfzFpllF4NH4tXZw61pNPSpf4IaMOPX/rwp8p4XQBlV/g6yVkjP8fBqSQwFq5b
6mG4XM8YUP2qkK9eqd+6ZPRncPgJ8pogiVv/p9lPeMbjd/8zIiGexRC0k/vo42TQ
4ynOLFmh/6kgC6FuFskNfY4GwQPqNG1YKExPcYcDntTapA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:06 2025 by rpki-client on console.sobornost.net