Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/4-TbcXFa8SESUNpbTLtHqKnqP4k.roa
File: 4-TbcXFa8SESUNpbTLtHqKnqP4k.roa (raw, json)
Hash identifier: rfh4ZMQFADgVlOUe/tULyDtfhvBafCEIjiEbbsuqihs=
Subject key identifier: E3:E4:DB:71:71:5A:F1:21:12:50:DA:5B:4C:BB:47:A8:A9:EA:3F:89
Certificate issuer: /CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Certificate serial: 0194266C3D48B39D32BE5AD39DFD07DBBA61
Authority key identifier: FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/4-TbcXFa8SESUNpbTLtHqKnqP4k.roa
Signing time: Thu 02 Jan 2025 09:50:15 +0000
ROA not before: Thu 02 Jan 2025 09:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216157
IP address blocks: 2a0d:f40::/29 maxlen: 29
2a13:80c0::/29 maxlen: 32
2a13:9240::/29 maxlen: 32
2a13:92c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3d:48:b3:9d:32:be:5a:d3:9d:fd:07:db:ba:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Validity
Not Before: Jan 2 09:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3e4db71715af1211250da5b4cbb47a8a9ea3f89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ce:ab:13:f9:32:4d:be:1e:b6:a6:3d:ec:22:
ea:a5:a0:dd:81:30:93:10:f5:0c:e2:43:37:e8:0b:
9c:51:04:19:9f:2a:36:ba:fa:07:4e:e0:c7:b6:73:
f6:79:36:2b:27:0c:21:2f:99:96:98:90:bf:74:42:
a1:3d:2c:64:97:21:3c:ad:59:a0:81:e1:fc:5e:6f:
81:61:49:eb:27:7a:51:db:b9:b8:b2:fe:39:ee:bc:
db:b5:29:a4:e7:26:b0:73:84:3c:85:3a:bf:5a:0e:
a5:af:c1:b4:73:72:32:5a:05:b8:ba:89:07:bd:cd:
28:6c:33:de:13:19:3c:36:18:28:0c:fc:1a:30:ea:
e6:d0:a9:fb:2f:89:bc:a0:1f:0a:5c:cf:ad:a8:b0:
48:0d:87:9e:51:50:c8:6d:92:05:6f:a2:8f:8c:d7:
c8:47:01:52:86:5b:8c:2f:cd:d0:72:a8:4c:c4:8e:
5e:7a:75:fd:42:3d:35:f1:39:03:ac:91:77:f4:4d:
12:e1:30:82:8d:24:01:ef:ec:9f:83:90:87:86:90:
2e:45:37:85:25:38:b6:e1:2f:6e:99:9a:08:f2:43:
58:b8:7a:6e:bb:d4:42:35:7d:ce:a9:44:1f:ac:48:
cb:c6:1e:6f:56:e2:50:82:73:7b:0a:4f:78:a9:e2:
86:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E4:DB:71:71:5A:F1:21:12:50:DA:5B:4C:BB:47:A8:A9:EA:3F:89
X509v3 Authority Key Identifier:
keyid:FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/4-TbcXFa8SESUNpbTLtHqKnqP4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:f40::/29
2a13:80c0::/29
2a13:9240::/29
2a13:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
74:c8:f1:b6:19:72:7e:d4:7c:e0:55:65:b9:fc:be:da:a4:20:
66:72:94:62:4a:c3:68:72:25:ab:7d:78:08:7f:58:b2:8e:54:
b1:d9:43:fe:e8:2e:9f:8e:92:df:b6:6c:10:f3:6f:f2:1b:d1:
6e:19:8d:92:61:8f:0f:6b:ca:82:da:a4:7d:ec:e7:c7:9d:0d:
ef:39:67:12:c7:98:02:ea:f8:01:02:d6:26:17:0f:dc:3c:e8:
fe:c9:c8:d8:87:c7:47:24:d4:90:a3:1c:54:4d:ff:1d:fd:c4:
79:f7:a3:aa:90:b4:90:55:81:28:0b:1c:a9:7f:7a:85:a5:8b:
0d:98:c6:04:e9:52:c9:20:51:73:cb:5d:bd:74:17:b6:b7:c8:
db:14:71:8c:3a:7d:f4:31:21:bb:30:c0:21:36:e5:d1:21:4d:
39:2b:1d:91:fa:a2:b8:9b:0e:eb:75:9c:2d:6d:02:0d:8d:f9:
ec:88:f3:83:9d:07:42:f3:88:1c:b7:2d:08:8a:84:3a:b2:7a:
01:ac:86:f9:51:e3:e7:df:59:89:e4:6b:19:c8:cf:ad:34:8c:
17:f5:e6:17:ba:74:22:44:5d:da:5b:59:09:9d:61:41:04:bb:
82:ae:78:39:f4:c9:f2:47:db:c6:12:28:8e:42:d9:8a:b6:ab:
66:04:40:22
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQmbD1Is50yvlrTnf0H27phMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2FiNTVkNTc1MDljYmZhZTc5OGJkNzFhYWEyM2IzNDQ0
ZDhlNWEwHhcNMjUwMTAyMDk1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2U0ZGI3MTcxNWFmMTIxMTI1MGRhNWI0Y2JiNDdhOGE5ZWEzZjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM6rE/kyTb4etqY97CLqpaDdgTCT
EPUM4kM36AucUQQZnyo2uvoHTuDHtnP2eTYrJwwhL5mWmJC/dEKhPSxklyE8rVmg
geH8Xm+BYUnrJ3pR27m4sv457rzbtSmk5yawc4Q8hTq/Wg6lr8G0c3IyWgW4uokH
vc0obDPeExk8NhgoDPwaMOrm0Kn7L4m8oB8KXM+tqLBIDYeeUVDIbZIFb6KPjNfI
RwFShluML83QcqhMxI5eenX9Qj018TkDrJF39E0S4TCCjSQB7+yfg5CHhpAuRTeF
JTi24S9umZoI8kNYuHpuu9RCNX3OqUQfrEjLxh5vVuJQgnN7Ck94qeKG2wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOPk23FxWvEhElDaW0y7R6ip6j+JMB8GA1UdIwQY
MBaAFPw6tV1XUJy/rnmL1xqqI7NETY5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYt
MGM0NTIxOGU3OTgxLzEvNC1UYmNYRmE4U0VTVU5wYlRMdEhxS25xUDRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYtMGM0NTIxOGU3OTgx
LzEvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg0PQAMF
AyoTgMADBQMqE5JAAwUDKhOSwDANBgkqhkiG9w0BAQsFAAOCAQEAdMjxthlyftR8
4FVlufy+2qQgZnKUYkrDaHIlq314CH9Yso5UsdlD/ugun46S37ZsEPNv8hvRbhmN
kmGPD2vKgtqkfeznx50N7zlnEseYAur4AQLWJhcP3Dzo/snI2IfHRyTUkKMcVE3/
Hf3EefejqpC0kFWBKAscqX96haWLDZjGBOlSySBRc8tdvXQXtrfI2xRxjDp99DEh
uzDAITbl0SFNOSsdkfqiuJsO63WcLW0CDY357Ijzg50HQvOIHLctCIqEOrJ6AayG
+VHj599ZieRrGcjPrTSMF/XmF7p0IkRd2ltZCZ1hQQS7gq54OfTJ8kfbxhIojkLZ
irarZgRAIg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:56 2025 by rpki-client on console.sobornost.net