Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/C3a8w3EA0yZf6c0xKrOAJTxFR18.roa
File: C3a8w3EA0yZf6c0xKrOAJTxFR18.roa (raw, json)
Hash identifier: LNpEHJw7nSfysWTvnjy399UaYBj+VVtM2qrA/gSp1Ss=
Subject key identifier: 0B:76:BC:C3:71:00:D3:26:5F:E9:CD:31:2A:B3:80:25:3C:45:47:5F
Certificate issuer: /CN=23662c9a980ad7584650abaa3545b9ea91d3e35e
Certificate serial: 019422FBAA8D5E9BB8B414D8EF36D549E1EE
Authority key identifier: 23:66:2C:9A:98:0A:D7:58:46:50:AB:AA:35:45:B9:EA:91:D3:E3:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I2YsmpgK11hGUKuqNUW56pHT414.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/C3a8w3EA0yZf6c0xKrOAJTxFR18.roa
Signing time: Wed 01 Jan 2025 17:48:25 +0000
ROA not before: Wed 01 Jan 2025 17:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49009
IP address blocks: 2a03:2267::/32 maxlen: 32
2a03:2267:4e16::/48 maxlen: 48
2a03:2267:54ae::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:aa:8d:5e:9b:b8:b4:14:d8:ef:36:d5:49:e1:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23662c9a980ad7584650abaa3545b9ea91d3e35e
Validity
Not Before: Jan 1 17:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b76bcc37100d3265fe9cd312ab380253c45475f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f1:31:2c:f8:98:09:3d:39:88:8a:97:1c:35:
79:75:bd:66:ee:fb:3f:84:5c:48:96:66:b8:ca:dc:
58:97:c7:9f:26:62:df:11:9f:90:0a:17:36:17:05:
a5:d9:1d:47:ed:d3:e7:37:c1:0e:9a:82:51:9e:a0:
b5:ee:c8:f0:86:a6:d0:0b:e4:ca:03:5f:55:90:50:
6e:a2:d2:98:3e:dc:5b:8e:66:71:b0:fc:2f:b9:3e:
f3:80:c2:68:05:2c:71:ff:c6:85:2e:65:c9:13:3b:
a1:42:6a:06:e8:43:67:3f:98:a4:92:0a:bf:7a:82:
46:47:99:ba:29:3c:02:96:a9:b3:2d:d6:86:65:14:
36:80:f5:ac:74:27:1a:06:52:28:1a:e7:3b:64:21:
27:6f:7c:9a:99:2d:06:f8:6b:f2:39:a6:e9:6a:b4:
6b:f3:b8:ee:c5:08:0e:4f:a4:62:56:25:dd:7d:02:
6a:cb:ee:f5:23:f0:66:3c:e3:a0:61:69:50:73:0c:
0d:44:67:2b:52:3e:eb:c9:df:47:14:95:b1:70:36:
a5:d0:60:06:75:63:6f:25:6b:5c:0b:e6:a7:09:6e:
32:6c:99:dc:0b:a0:c0:b5:c1:9b:ec:aa:e6:75:6d:
5e:da:19:df:47:1b:f5:30:3c:79:59:d3:a4:b2:98:
cf:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:76:BC:C3:71:00:D3:26:5F:E9:CD:31:2A:B3:80:25:3C:45:47:5F
X509v3 Authority Key Identifier:
keyid:23:66:2C:9A:98:0A:D7:58:46:50:AB:AA:35:45:B9:EA:91:D3:E3:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I2YsmpgK11hGUKuqNUW56pHT414.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/C3a8w3EA0yZf6c0xKrOAJTxFR18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/I2YsmpgK11hGUKuqNUW56pHT414.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:2267::/32
Signature Algorithm: sha256WithRSAEncryption
a0:92:52:d7:6c:78:d6:f1:6b:59:46:bc:c6:8b:84:75:2f:fa:
92:f4:a0:c2:c6:55:20:11:4d:81:39:22:e9:44:24:ec:08:1d:
2d:07:50:c5:4e:f6:93:b5:39:4b:64:71:2b:21:94:05:b1:40:
82:73:37:3b:0f:b6:df:22:2b:e9:cb:43:7b:63:8a:b4:7e:3d:
75:06:86:03:3f:17:4a:2f:05:f8:fa:ca:08:a1:62:51:0c:46:
84:95:1e:59:1c:69:c3:fa:e0:c0:1f:3d:62:df:cd:25:57:9c:
d0:14:db:f1:b0:df:20:8e:31:57:22:c2:f1:5e:16:13:43:36:
a5:35:ad:3f:60:73:6a:76:ea:17:9c:85:bb:a1:0e:e2:78:8c:
89:d5:55:e9:15:09:9d:a0:e7:c6:f3:05:c7:95:a0:34:76:95:
59:6c:2d:5b:89:19:35:92:79:be:95:5a:d9:d9:75:66:19:ac:
8b:fe:cc:a4:fa:73:f1:4c:41:61:a6:fe:49:79:ca:44:f5:ce:
84:cd:66:9b:22:7a:30:34:a8:cf:eb:17:4f:a1:3b:ed:83:bc:
e4:b5:5b:32:7b:a0:16:50:4e:2d:45:d5:8c:1a:12:56:7f:0d:
82:72:f8:69:ae:e2:82:1e:72:95:3f:01:8c:02:1f:5a:8f:21:
eb:ab:63:c4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi+6qNXpu4tBTY7zbVSeHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNjYyYzlhOTgwYWQ3NTg0NjUwYWJhYTM1NDViOWVhOTFk
M2UzNWUwHhcNMjUwMTAxMTc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjc2YmNjMzcxMDBkMzI2NWZlOWNkMzEyYWIzODAyNTNjNDU0NzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/ExLPiYCT05iIqXHDV5db1m7vs/
hFxIlma4ytxYl8efJmLfEZ+QChc2FwWl2R1H7dPnN8EOmoJRnqC17sjwhqbQC+TK
A19VkFBuotKYPtxbjmZxsPwvuT7zgMJoBSxx/8aFLmXJEzuhQmoG6ENnP5ikkgq/
eoJGR5m6KTwClqmzLdaGZRQ2gPWsdCcaBlIoGuc7ZCEnb3yamS0G+GvyOabparRr
87juxQgOT6RiViXdfQJqy+71I/BmPOOgYWlQcwwNRGcrUj7ryd9HFJWxcDal0GAG
dWNvJWtcC+anCW4ybJncC6DAtcGb7KrmdW1e2hnfRxv1MDx5WdOkspjP4wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAt2vMNxANMmX+nNMSqzgCU8RUdfMB8GA1UdIwQY
MBaAFCNmLJqYCtdYRlCrqjVFueqR0+NeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTJZc21wZ0sxMWhHVUt1cU5VVzU2cEhUNDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wMTc1ZTYtNDI3Yi00ZWY5LThlYjEt
ODIzMmUzNTBkNDU4LzEvQzNhOHczRUEweVpmNmMweEtyT0FKVHhGUjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wMTc1ZTYtNDI3Yi00ZWY5LThlYjEtODIzMmUzNTBkNDU4
LzEvSTJZc21wZ0sxMWhHVUt1cU5VVzU2cEhUNDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgMiZzAN
BgkqhkiG9w0BAQsFAAOCAQEAoJJS12x41vFrWUa8xouEdS/6kvSgwsZVIBFNgTki
6UQk7AgdLQdQxU72k7U5S2RxKyGUBbFAgnM3Ow+23yIr6ctDe2OKtH49dQaGAz8X
Si8F+PrKCKFiUQxGhJUeWRxpw/rgwB89Yt/NJVec0BTb8bDfII4xVyLC8V4WE0M2
pTWtP2BzanbqF5yFu6EO4niMidVV6RUJnaDnxvMFx5WgNHaVWWwtW4kZNZJ5vpVa
2dl1Zhmsi/7MpPpz8UxBYab+SXnKRPXOhM1mmyJ6MDSoz+sXT6E77YO85LVbMnug
FlBOLUXVjBoSVn8NgnL4aa7igh5ylT8BjAIfWo8h66tjxA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:49 2025 by rpki-client on console.sobornost.net