Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/AAPuozOtYNy4K61ZvTIYHjD5I7I.roa
File: AAPuozOtYNy4K61ZvTIYHjD5I7I.roa (raw, json)
Hash identifier: OcW+g0HeO6IaZSx3EEThLo6AY79MxD65KTP11DyWVvU=
Subject key identifier: 00:03:EE:A3:33:AD:60:DC:B8:2B:AD:59:BD:32:18:1E:30:F9:23:B2
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 01961198351EA9760D104FB061CAD8414E7F
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/AAPuozOtYNy4K61ZvTIYHjD5I7I.roa
Signing time: Mon 07 Apr 2025 18:51:49 +0000
ROA not before: Mon 07 Apr 2025 18:51:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a11:5885::/32 maxlen: 32
2a11:f182::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:11:98:35:1e:a9:76:0d:10:4f:b0:61:ca:d8:41:4e:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Apr 7 18:51:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0003eea333ad60dcb82bad59bd32181e30f923b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4e:a1:cf:76:34:25:eb:d9:11:6b:87:9a:5e:
a3:6d:6c:7e:8e:6b:f0:20:9b:68:92:2b:2b:1e:b4:
88:db:b4:bd:62:c1:97:83:34:dc:76:9c:db:8c:5c:
f2:97:16:58:eb:ed:98:94:de:2d:64:bf:71:d9:81:
26:38:c0:b2:ec:ef:79:8a:f6:ea:74:4e:c3:7b:18:
5e:d8:67:fc:45:49:3f:e0:76:b3:0f:af:b4:34:fc:
40:73:18:55:da:21:6c:06:b2:e9:56:ac:20:3e:51:
fb:09:47:b5:92:bc:70:26:97:55:38:4c:74:2f:87:
3a:c7:ce:a4:99:fb:4f:19:e6:22:d4:9a:63:f1:97:
f1:d3:ce:00:a8:4f:1e:81:7b:2d:7d:83:4e:93:f3:
34:79:e4:62:df:90:f4:d8:29:5e:dd:6f:c6:69:cb:
9e:b4:37:5d:96:3e:52:83:c9:0c:3e:75:52:23:04:
7c:cf:37:87:3f:d0:32:80:95:11:a4:4c:60:d2:57:
ad:0f:b9:c6:58:4e:13:3a:81:b1:f1:d4:d0:2a:6d:
17:09:64:e6:a7:18:37:ca:e2:14:15:ac:07:ae:37:
db:3e:89:9a:d4:ca:b3:de:91:e5:9d:50:c4:36:0a:
6f:0c:a0:6a:f2:3f:63:fb:bd:e8:be:50:6c:a2:0d:
cf:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:03:EE:A3:33:AD:60:DC:B8:2B:AD:59:BD:32:18:1E:30:F9:23:B2
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/AAPuozOtYNy4K61ZvTIYHjD5I7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5885::/32
2a11:f182::/32
Signature Algorithm: sha256WithRSAEncryption
1b:43:32:d4:9c:cf:46:53:69:f0:a1:e8:29:ec:3c:e6:7a:de:
8b:03:7c:53:a7:2a:e5:d0:42:e1:12:5c:30:eb:76:d8:70:65:
61:f7:ae:47:0a:97:6e:86:4e:25:b3:5b:91:a7:4f:b2:ef:2d:
ab:fc:24:61:28:fb:98:8b:76:70:6c:99:da:b9:56:3f:f2:2e:
91:b5:6a:f3:ba:8d:b3:6a:cb:d0:aa:2a:08:9c:a8:9a:54:0f:
bb:30:6d:1b:d2:e3:e8:7a:ff:00:ea:dc:27:ae:1c:67:7e:8c:
3e:5d:bd:03:0f:fd:a8:0b:bf:62:75:40:36:b3:04:e3:9c:4c:
9c:20:23:9b:28:02:7e:46:84:53:dd:da:3b:8b:c5:53:93:98:
1b:05:6a:8c:7a:d1:35:ab:d2:2f:07:a2:92:5a:0e:7e:3e:d0:
0f:96:d7:bf:49:c3:ec:5e:60:8c:db:6e:7b:2e:9d:84:5c:66:
ba:02:ce:35:54:2b:ed:08:b4:20:a8:5a:55:2d:29:a9:0c:86:
f3:5e:1c:ef:4d:e4:68:05:0f:0b:de:94:68:e2:23:05:3e:29:
f2:f7:eb:72:ba:8b:b7:03:4f:9f:4c:f8:ea:32:1b:25:f1:e8:
68:06:66:81:8f:b6:3d:84:58:1d:82:96:1b:cf:02:9f:da:c2:
6f:b6:40:09
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZYRmDUeqXYNEE+wYcrYQU5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwNDA3MTg1MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDAzZWVhMzMzYWQ2MGRjYjgyYmFkNTliZDMyMTgxZTMwZjkyM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU6hz3Y0JevZEWuHml6jbWx+jmvw
IJtokisrHrSI27S9YsGXgzTcdpzbjFzylxZY6+2YlN4tZL9x2YEmOMCy7O95ivbq
dE7Dexhe2Gf8RUk/4HazD6+0NPxAcxhV2iFsBrLpVqwgPlH7CUe1krxwJpdVOEx0
L4c6x86kmftPGeYi1Jpj8Zfx084AqE8egXstfYNOk/M0eeRi35D02Cle3W/Gacue
tDddlj5Sg8kMPnVSIwR8zzeHP9AygJURpExg0letD7nGWE4TOoGx8dTQKm0XCWTm
pxg3yuIUFawHrjfbPoma1Mqz3pHlnVDENgpvDKBq8j9j+73ovlBsog3P8QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAAD7qMzrWDcuCutWb0yGB4w+SOyMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvQUFQdW96T3RZTnk0SzYxWnZUSVlIakQ1STdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhFYhQMF
ACoR8YIwDQYJKoZIhvcNAQELBQADggEBABtDMtScz0ZTafCh6CnsPOZ63osDfFOn
KuXQQuESXDDrdthwZWH3rkcKl26GTiWzW5GnT7LvLav8JGEo+5iLdnBsmdq5Vj/y
LpG1avO6jbNqy9CqKgicqJpUD7swbRvS4+h6/wDq3CeuHGd+jD5dvQMP/agLv2J1
QDazBOOcTJwgI5soAn5GhFPd2juLxVOTmBsFaox60TWr0i8HopJaDn4+0A+W179J
w+xeYIzbbnsunYRcZroCzjVUK+0ItCCoWlUtKakMhvNeHO9N5GgFDwvelGjiIwU+
KfL363K6i7cDT59M+OoyGyXx6GgGZoGPtj2EWB2ClhvPAp/awm+2QAk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:55 2025 by rpki-client on console.sobornost.net