Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/P5TwA4gqR6DNAZ9Tx38K6wVBeSw.roa
File: P5TwA4gqR6DNAZ9Tx38K6wVBeSw.roa (raw, json)
Hash identifier: JFHWlXs6ts8+WEohOsphMs0bmJPDZeURLkqEXMqad1U=
Subject key identifier: 3F:94:F0:03:88:2A:47:A0:CD:01:9F:53:C7:7F:0A:EB:05:41:79:2C
Certificate issuer: /CN=88ebaa2f1769a3ddf65f873dc31f351ef078ad25
Certificate serial: 0194221FB6326A05ACFC09C380BAD48FD7FD
Authority key identifier: 88:EB:AA:2F:17:69:A3:DD:F6:5F:87:3D:C3:1F:35:1E:F0:78:AD:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/P5TwA4gqR6DNAZ9Tx38K6wVBeSw.roa
Signing time: Wed 01 Jan 2025 13:48:11 +0000
ROA not before: Wed 01 Jan 2025 13:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209431
IP address blocks: 2a06:a7c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b6:32:6a:05:ac:fc:09:c3:80:ba:d4:8f:d7:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88ebaa2f1769a3ddf65f873dc31f351ef078ad25
Validity
Not Before: Jan 1 13:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f94f003882a47a0cd019f53c77f0aeb0541792c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:64:c5:24:46:b9:4d:98:12:be:6c:44:32:0c:
d2:0b:9a:a0:6b:f7:f4:20:05:b1:a4:4e:01:81:01:
5c:d7:05:64:15:cc:9e:ff:fd:e6:05:2e:bf:82:67:
a0:aa:6b:a7:8e:f0:a6:cf:11:7d:d5:36:67:b2:a0:
2b:7e:0d:c4:65:05:2d:07:9e:99:d3:02:06:06:e7:
de:9e:3d:e6:61:f2:ef:85:2d:16:1e:d4:49:13:3d:
eb:13:1a:0d:06:bb:31:b5:f2:e3:1b:df:a2:c6:fd:
aa:f9:d5:e6:6c:25:9e:94:89:19:ac:00:0e:d8:48:
38:01:a7:05:ba:65:b4:20:90:7c:63:a9:84:c9:ec:
ed:9d:f3:0e:ba:c8:cd:03:d3:84:45:4c:cc:15:c1:
cc:e6:ed:31:c0:b0:19:30:fb:18:7f:96:15:ae:d3:
c4:a2:cb:b7:fa:33:95:c0:0b:f0:9c:ed:31:9c:9e:
ca:81:3c:21:28:2b:43:8b:88:c1:68:c3:b5:03:df:
9a:4b:e2:ed:78:e4:16:57:05:d8:35:75:7a:6e:1b:
b2:5d:07:f0:60:e0:3c:c5:36:12:be:df:13:28:5b:
6b:f9:60:4a:67:de:ce:25:81:1b:36:d6:ef:17:36:
67:6a:b4:5a:7d:54:a5:ec:6e:e8:57:9b:03:f5:c5:
5a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:94:F0:03:88:2A:47:A0:CD:01:9F:53:C7:7F:0A:EB:05:41:79:2C
X509v3 Authority Key Identifier:
keyid:88:EB:AA:2F:17:69:A3:DD:F6:5F:87:3D:C3:1F:35:1E:F0:78:AD:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/P5TwA4gqR6DNAZ9Tx38K6wVBeSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
75:f7:2f:63:86:39:79:82:99:53:25:4f:34:f7:6e:9d:8c:9f:
53:34:87:6b:68:2b:04:e9:6f:0c:ef:b3:96:86:29:7a:6d:33:
d3:cb:65:62:2a:22:d1:fe:86:ea:04:f1:6d:bd:e4:c7:e7:7f:
57:ed:2a:f1:02:5b:44:3d:66:23:11:4a:89:6d:4d:d4:bf:1b:
2b:d1:15:0b:5b:cd:32:43:15:9b:31:f4:5f:60:ba:29:42:df:
52:83:a4:09:6e:93:14:00:2b:da:e5:2b:57:ac:ac:6d:8b:35:
ce:cd:ff:a0:fa:1a:00:8b:74:47:24:fd:a0:bd:9e:71:fd:cc:
0a:9e:00:6d:05:81:91:da:ff:bf:28:63:26:1f:41:a0:ca:11:
22:5e:76:b0:e8:1a:24:83:ef:25:ff:62:17:4f:0c:68:57:dc:
70:6f:06:8c:53:b1:34:a8:c6:ad:3d:41:50:a4:4c:ef:7d:17:
6a:cf:99:91:6d:9b:01:0f:78:c3:ac:f9:7f:2e:80:c6:85:f1:
27:59:e8:0f:f6:fd:c4:d6:0b:9f:ee:d5:e6:e4:24:08:c2:c9:
fe:c5:8d:e2:b4:4f:2c:5a:c0:3a:13:d1:71:c3:44:4b:c8:12:
bc:02:8d:11:49:54:64:2d:f0:86:3f:d4:4a:82:82:31:18:4c:
c6:06:1a:ba
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQiH7YyagWs/AnDgLrUj9f9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZWJhYTJmMTc2OWEzZGRmNjVmODczZGMzMWYzNTFlZjA3
OGFkMjUwHhcNMjUwMTAxMTM0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjk0ZjAwMzg4MmE0N2EwY2QwMTlmNTNjNzdmMGFlYjA1NDE3OTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWTFJEa5TZgSvmxEMgzSC5qga/f0
IAWxpE4BgQFc1wVkFcye//3mBS6/gmegqmunjvCmzxF91TZnsqArfg3EZQUtB56Z
0wIGBufenj3mYfLvhS0WHtRJEz3rExoNBrsxtfLjG9+ixv2q+dXmbCWelIkZrAAO
2Eg4AacFumW0IJB8Y6mEyeztnfMOusjNA9OERUzMFcHM5u0xwLAZMPsYf5YVrtPE
osu3+jOVwAvwnO0xnJ7KgTwhKCtDi4jBaMO1A9+aS+LteOQWVwXYNXV6bhuyXQfw
YOA8xTYSvt8TKFtr+WBKZ97OJYEbNtbvFzZnarRafVSl7G7oV5sD9cVaRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFD+U8AOIKkegzQGfU8d/CusFQXksMB8GA1UdIwQY
MBaAFIjrqi8XaaPd9l+HPcMfNR7weK0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmZjYzItNWRlZi00NGFhLTg3YzEt
MmJiZjQ2ODg0NTg1LzEvUDVUd0E0Z3FSNkROQVo5VHgzOEs2d1ZCZVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84YmZjYzItNWRlZi00NGFhLTg3YzEtMmJiZjQ2ODg0NTg1
LzEvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKganwDAN
BgkqhkiG9w0BAQsFAAOCAQEAdfcvY4Y5eYKZUyVPNPdunYyfUzSHa2grBOlvDO+z
loYpem0z08tlYioi0f6G6gTxbb3kx+d/V+0q8QJbRD1mIxFKiW1N1L8bK9EVC1vN
MkMVmzH0X2C6KULfUoOkCW6TFAAr2uUrV6ysbYs1zs3/oPoaAIt0RyT9oL2ecf3M
Cp4AbQWBkdr/vyhjJh9BoMoRIl52sOgaJIPvJf9iF08MaFfccG8GjFOxNKjGrT1B
UKRM730Xas+ZkW2bAQ94w6z5fy6AxoXxJ1noD/b9xNYLn+7V5uQkCMLJ/sWN4rRP
LFrAOhPRccNES8gSvAKNEUlUZC3whj/USoKCMRhMxgYaug==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:15 2025 by rpki-client on console.sobornost.net