Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/luaak96rxl3BpQDOlilu-Ao8mkw.roa
File: luaak96rxl3BpQDOlilu-Ao8mkw.roa (raw, json)
Hash identifier: pwAYhEbt4FHFaEl56W0oBs/0SEuKAQ3pZ57+umcKBc0=
Subject key identifier: 96:E6:9A:93:DE:AB:C6:5D:C1:A5:00:CE:96:29:6E:F8:0A:3C:9A:4C
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 019611974AC021DFDAA9E52C38997F8E2016
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/luaak96rxl3BpQDOlilu-Ao8mkw.roa
Signing time: Mon 07 Apr 2025 18:50:49 +0000
ROA not before: Mon 07 Apr 2025 18:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0a:c384::/32 maxlen: 32
2a0e:7f45::/32 maxlen: 32
2a11:6500::/32 maxlen: 32
2a11:c100::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:11:97:4a:c0:21:df:da:a9:e5:2c:38:99:7f:8e:20:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Apr 7 18:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96e69a93deabc65dc1a500ce96296ef80a3c9a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:81:2c:68:39:47:f5:97:bf:38:08:9d:5e:8d:
62:d4:98:15:ca:e1:90:61:93:a9:d1:96:d5:0f:f8:
6c:ef:56:72:b0:f6:f7:0a:f8:f8:d5:51:d6:6c:3c:
a1:1b:2c:0b:7c:6b:11:c6:9c:c0:ca:d7:10:cc:21:
d6:c9:c4:c4:e4:d9:e7:83:14:ee:fa:13:a6:95:81:
56:35:41:de:53:52:0c:6e:44:60:49:f8:90:18:5c:
58:98:af:4e:6a:62:48:9e:77:15:44:75:45:21:dd:
11:3d:88:f4:55:6c:10:1a:c1:88:45:55:64:b0:9e:
cb:b4:d2:9d:69:ec:6a:b4:b9:93:79:ba:87:d7:75:
84:31:a0:2d:b5:b2:af:3e:31:7d:15:0a:38:89:bb:
6a:71:95:d1:ca:50:c1:4b:dc:75:1d:35:e8:a3:73:
1a:09:80:98:5d:66:7f:b9:44:b1:24:27:68:6e:0c:
b4:76:91:00:bb:65:91:2e:b7:65:68:dc:ec:45:cd:
61:d0:36:d2:57:b5:71:b5:6c:dc:80:ae:49:59:d4:
eb:8c:12:e5:8f:7e:c3:df:94:f0:21:2a:ea:84:79:
0c:82:68:85:3a:6b:9d:53:39:fe:ef:59:9a:2a:18:
a4:81:aa:ff:66:c0:ff:6f:1f:8d:5c:c4:d2:99:eb:
e3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E6:9A:93:DE:AB:C6:5D:C1:A5:00:CE:96:29:6E:F8:0A:3C:9A:4C
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/luaak96rxl3BpQDOlilu-Ao8mkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c384::/32
2a0e:7f45::/32
2a11:6500::/32
2a11:c100::/32
Signature Algorithm: sha256WithRSAEncryption
89:54:37:51:33:50:a2:d8:e3:43:06:3f:78:ee:8e:cb:fb:58:
e9:5f:cd:32:1e:6a:2a:97:79:75:5e:cd:3f:c7:d5:be:a2:0a:
e1:7e:7f:69:6b:5c:fd:ae:c9:56:48:c5:ea:9d:52:80:96:4c:
0f:0f:36:d1:2b:2e:a3:06:e2:cf:cc:24:49:4f:83:9b:09:2a:
a7:55:f3:04:c4:e4:84:52:37:a7:63:1e:05:39:05:8c:6d:3e:
70:d8:4b:83:5f:44:4c:11:7b:e9:7e:6f:b8:8b:b4:1e:7f:6b:
17:d7:10:a5:47:08:0f:71:64:09:68:40:f2:20:09:b4:2e:57:
cb:65:a7:b3:97:67:75:5c:39:57:bb:9e:16:cc:4d:7b:30:4c:
91:62:7a:24:40:6e:01:24:21:43:76:e3:c3:0e:34:99:c1:eb:
29:24:ab:2b:e7:67:36:63:c1:3e:f1:8c:e6:63:bd:09:7a:3a:
ab:ac:d6:6b:d9:07:a2:1d:c6:6c:7f:be:5a:14:3e:70:6f:f7:
bc:6e:ce:99:e2:f7:1f:59:11:0d:4d:f0:2d:28:e2:a0:3f:d5:
89:03:9e:56:cd:be:5c:2e:66:b6:fc:d5:5d:41:c2:c1:32:34:
b5:c5:4b:bd:68:a4:b1:b0:bb:21:ae:76:02:39:8a:75:ad:31:
a0:64:7a:dd
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZYRl0rAId/aqeUsOJl/jiAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwNDA3MTg1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmU2OWE5M2RlYWJjNjVkYzFhNTAwY2U5NjI5NmVmODBhM2M5YTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4EsaDlH9Ze/OAidXo1i1JgVyuGQ
YZOp0ZbVD/hs71ZysPb3Cvj41VHWbDyhGywLfGsRxpzAytcQzCHWycTE5NnngxTu
+hOmlYFWNUHeU1IMbkRgSfiQGFxYmK9OamJInncVRHVFId0RPYj0VWwQGsGIRVVk
sJ7LtNKdaexqtLmTebqH13WEMaAttbKvPjF9FQo4ibtqcZXRylDBS9x1HTXoo3Ma
CYCYXWZ/uUSxJCdobgy0dpEAu2WRLrdlaNzsRc1h0DbSV7VxtWzcgK5JWdTrjBLl
j37D35TwISrqhHkMgmiFOmudUzn+71maKhikgar/ZsD/bx+NXMTSmevj+wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJbmmpPeq8ZdwaUAzpYpbvgKPJpMMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvbHVhYWs5NnJ4bDNCcFFET2xpbHUtQW84bWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgrDhAMF
ACoOf0UDBQAqEWUAAwUAKhHBADANBgkqhkiG9w0BAQsFAAOCAQEAiVQ3UTNQotjj
QwY/eO6Oy/tY6V/NMh5qKpd5dV7NP8fVvqIK4X5/aWtc/a7JVkjF6p1SgJZMDw82
0Ssuowbiz8wkSU+Dmwkqp1XzBMTkhFI3p2MeBTkFjG0+cNhLg19ETBF76X5vuIu0
Hn9rF9cQpUcID3FkCWhA8iAJtC5Xy2Wns5dndVw5V7ueFsxNezBMkWJ6JEBuASQh
Q3bjww40mcHrKSSrK+dnNmPBPvGM5mO9CXo6q6zWa9kHoh3GbH++WhQ+cG/3vG7O
meL3H1kRDU3wLSjioD/ViQOeVs2+XC5mtvzVXUHCwTI0tcVLvWiksbC7Ia52AjmK
da0xoGR63Q==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:55 2025 by rpki-client on console.sobornost.net