Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2b980a-1eb6-4808-8afa-3a5e18d00ddc/1/Eg4zth0ANX0mkRnAh6suVOeAzdk.roa
File: Eg4zth0ANX0mkRnAh6suVOeAzdk.roa (raw, json)
Hash identifier: zASvpGNGcNFQXQ8M9IjuKp7MbbcQqn5NoJLmUtGca/I=
Subject key identifier: 12:0E:33:B6:1D:00:35:7D:26:91:19:C0:87:AB:2E:54:E7:80:CD:D9
Certificate issuer: /CN=9568c6005b2840ab7bf8a3ad72a1751d0db29b9c
Certificate serial: 0194221FB00CA5300989ADDB4C2ED143A50E
Authority key identifier: 95:68:C6:00:5B:28:40:AB:7B:F8:A3:AD:72:A1:75:1D:0D:B2:9B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lWjGAFsoQKt7-KOtcqF1HQ2ym5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/2b980a-1eb6-4808-8afa-3a5e18d00ddc/1/Eg4zth0ANX0mkRnAh6suVOeAzdk.roa
Signing time: Wed 01 Jan 2025 13:48:09 +0000
ROA not before: Wed 01 Jan 2025 13:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210820
IP address blocks: 2a13:ef80::/48 maxlen: 48
2a13:ef80:2::/48 maxlen: 48
2a13:ef80:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b0:0c:a5:30:09:89:ad:db:4c:2e:d1:43:a5:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9568c6005b2840ab7bf8a3ad72a1751d0db29b9c
Validity
Not Before: Jan 1 13:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=120e33b61d00357d269119c087ab2e54e780cdd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:de:7e:fe:43:d0:24:be:cc:fa:c4:5f:d4:d9:
c0:80:eb:9b:d0:4b:18:da:b4:36:7e:41:6f:2a:93:
16:07:eb:58:0a:b3:b6:ae:7e:a8:9c:3b:1d:6b:cd:
be:5a:8f:35:4f:ff:c2:7c:a9:3b:74:22:29:4e:a9:
35:f3:f8:31:66:cd:04:12:fd:f2:df:6d:d1:bf:e9:
88:99:b8:2a:0b:bb:75:6a:84:4b:0f:ab:96:99:1e:
c1:fa:49:c2:11:ba:95:0e:24:ef:5c:b9:04:33:e5:
85:b4:6e:7e:28:8f:10:4b:9a:32:ea:b8:f6:b5:78:
ab:09:10:d6:c8:4e:d5:bd:58:4b:74:db:b8:72:52:
a6:cd:37:2b:2e:27:5f:5e:64:9b:48:80:be:b9:1b:
f9:c6:4e:29:92:d6:2a:c3:89:db:22:4b:41:ae:32:
4f:5c:61:69:2a:9e:c5:86:f0:8a:52:e6:06:4b:4f:
70:5f:a2:bf:f3:b9:b3:f9:e7:21:45:73:01:38:3a:
71:0b:f3:09:8c:e4:c8:fc:91:e2:68:28:67:c0:43:
b5:60:ed:80:58:4d:7c:f7:76:7c:a0:31:a4:1e:ee:
4d:69:db:2a:8b:0b:97:5d:3f:09:b4:91:a1:2b:9b:
87:3f:3f:dd:0f:ff:6e:f0:26:06:3d:93:08:20:21:
cc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:0E:33:B6:1D:00:35:7D:26:91:19:C0:87:AB:2E:54:E7:80:CD:D9
X509v3 Authority Key Identifier:
keyid:95:68:C6:00:5B:28:40:AB:7B:F8:A3:AD:72:A1:75:1D:0D:B2:9B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lWjGAFsoQKt7-KOtcqF1HQ2ym5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b980a-1eb6-4808-8afa-3a5e18d00ddc/1/Eg4zth0ANX0mkRnAh6suVOeAzdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b980a-1eb6-4808-8afa-3a5e18d00ddc/1/lWjGAFsoQKt7-KOtcqF1HQ2ym5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:ef80::/48
2a13:ef80:2::/47
Signature Algorithm: sha256WithRSAEncryption
0d:28:50:02:a1:52:a0:e1:3d:4c:be:70:fd:29:d9:25:5b:64:
f6:8a:7c:1c:7f:8c:57:a4:af:2b:66:f5:82:a1:e0:f6:c1:4d:
fb:e3:53:69:63:25:71:77:9b:7c:de:84:0f:2a:8b:2f:b1:06:
7a:36:ba:f2:80:35:31:ce:b8:72:07:94:d0:be:ab:2d:f8:f9:
41:77:2e:c1:aa:04:e1:ad:ba:9d:ef:a3:41:bc:3d:ee:3c:7b:
67:f5:41:ec:60:08:1a:e3:84:0e:ae:ab:5d:71:40:46:ff:e9:
60:10:31:3c:46:67:5f:6f:5d:1d:8f:a6:33:8a:1d:9d:28:ff:
c1:e4:dd:51:a5:ae:6e:23:3b:c9:2d:7f:6b:04:24:85:dc:20:
81:c7:7e:46:4b:e5:6d:0e:1d:43:bb:29:da:eb:69:63:6f:37:
dc:e9:dc:a4:3e:61:3f:b8:9a:b9:d7:ed:21:0b:6f:8b:5a:45:
cf:27:af:f6:10:a3:cf:42:2e:70:97:68:f6:f9:a0:4b:9b:da:
3c:1f:17:be:33:cb:21:b9:27:73:81:28:11:ba:fc:a8:4b:dc:
6a:67:68:21:28:0c:81:48:4a:a5:35:f0:db:d6:42:cc:71:0d:
a2:f1:fd:e6:3c:c5:5e:d5:78:ee:29:7f:c4:73:f3:64:7e:3c:
a6:79:d1:27
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH7AMpTAJia3bTC7RQ6UOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NjhjNjAwNWIyODQwYWI3YmY4YTNhZDcyYTE3NTFkMGRi
MjliOWMwHhcNMjUwMTAxMTM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjBlMzNiNjFkMDAzNTdkMjY5MTE5YzA4N2FiMmU1NGU3ODBjZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut5+/kPQJL7M+sRf1NnAgOub0EsY
2rQ2fkFvKpMWB+tYCrO2rn6onDsda82+Wo81T//CfKk7dCIpTqk18/gxZs0EEv3y
323Rv+mImbgqC7t1aoRLD6uWmR7B+knCEbqVDiTvXLkEM+WFtG5+KI8QS5oy6rj2
tXirCRDWyE7VvVhLdNu4clKmzTcrLidfXmSbSIC+uRv5xk4pktYqw4nbIktBrjJP
XGFpKp7FhvCKUuYGS09wX6K/87mz+echRXMBODpxC/MJjOTI/JHiaChnwEO1YO2A
WE1893Z8oDGkHu5NadsqiwuXXT8JtJGhK5uHPz/dD/9u8CYGPZMIICHMPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBIOM7YdADV9JpEZwIerLlTngM3ZMB8GA1UdIwQY
MBaAFJVoxgBbKECre/ijrXKhdR0NspucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFdqR0FGc29RS3Q3LUtPdGNxRjFIUTJ5bTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yYjk4MGEtMWViNi00ODA4LThhZmEt
M2E1ZTE4ZDAwZGRjLzEvRWc0enRoMEFOWDBta1JuQWg2c3VWT2VBemRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yYjk4MGEtMWViNi00ODA4LThhZmEtM2E1ZTE4ZDAwZGRj
LzEvbFdqR0FGc29RS3Q3LUtPdGNxRjFIUTJ5bTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhPvgAAA
AwcBKhPvgAACMA0GCSqGSIb3DQEBCwUAA4IBAQANKFACoVKg4T1MvnD9KdklW2T2
inwcf4xXpK8rZvWCoeD2wU3741NpYyVxd5t83oQPKosvsQZ6NrrygDUxzrhyB5TQ
vqst+PlBdy7BqgThrbqd76NBvD3uPHtn9UHsYAga44QOrqtdcUBG/+lgEDE8Rmdf
b10dj6Yzih2dKP/B5N1Rpa5uIzvJLX9rBCSF3CCBx35GS+VtDh1Duyna62ljbzfc
6dykPmE/uJq51+0hC2+LWkXPJ6/2EKPPQi5wl2j2+aBLm9o8Hxe+M8shuSdzgSgR
uvyoS9xqZ2ghKAyBSEqlNfDb1kLMcQ2i8f3mPMVe1XjuKX/Ec/NkfjymedEn
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:52 2025 by rpki-client on console.sobornost.net