Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/FIXTxK83aONdPFF2AHtd_L9hqX8.roa
File: FIXTxK83aONdPFF2AHtd_L9hqX8.roa (raw, json)
Hash identifier: ASMvIMrfq31CBtD6UNse5OQbU6UyvYGe4LUkuxAQxHg=
Subject key identifier: 14:85:D3:C4:AF:37:68:E3:5D:3C:51:76:00:7B:5D:FC:BF:61:A9:7F
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 019424456093E5D70CB2384D7CB69AE0AA21
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/FIXTxK83aONdPFF2AHtd_L9hqX8.roa
Signing time: Wed 01 Jan 2025 23:48:33 +0000
ROA not before: Wed 01 Jan 2025 23:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205718
IP address blocks: 2a09:eac0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:60:93:e5:d7:0c:b2:38:4d:7c:b6:9a:e0:aa:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 23:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1485d3c4af3768e35d3c5176007b5dfcbf61a97f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:69:2e:60:1b:00:1e:b9:bc:05:c7:e2:a5:35:
d6:30:1c:f3:7c:84:2b:83:df:09:58:f6:a0:51:76:
2a:be:3a:a2:38:c4:1c:88:0b:ce:e5:c0:5d:4d:88:
e2:b3:42:77:c7:ef:d7:d4:71:ab:6b:42:61:27:a5:
3d:8c:22:72:b6:cd:2c:51:33:ff:b6:bf:f7:46:c9:
39:9c:32:92:78:b6:64:79:6a:8c:c9:cd:63:69:bd:
f2:dd:3e:a1:5e:f6:24:f6:f0:4a:ae:18:dd:c5:7d:
67:33:cd:45:1c:2f:14:50:8a:cb:4a:6f:98:40:c8:
4e:17:63:3e:97:ff:8f:fe:80:a2:d4:67:4a:3d:b7:
1c:14:da:9e:ea:68:dc:15:0b:0f:8a:6d:c0:df:13:
44:8f:d1:93:52:62:8d:b2:b6:e6:5b:b8:0b:6a:47:
da:49:52:ff:fa:9f:22:a1:b3:85:ee:92:f0:85:2d:
d8:6f:37:d5:92:9c:2e:f1:6a:6f:1a:2c:ca:d0:c8:
4e:4f:ca:04:09:21:72:40:ce:a3:85:54:b5:51:2c:
2d:a0:f9:e8:c7:c3:b4:b9:8c:1b:6a:fb:f8:c2:53:
43:1c:82:24:33:0a:ef:5f:07:98:67:28:97:bb:a1:
5c:8a:8d:d3:d9:a4:ff:2c:2b:3f:ab:b6:4a:98:ef:
08:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:85:D3:C4:AF:37:68:E3:5D:3C:51:76:00:7B:5D:FC:BF:61:A9:7F
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/FIXTxK83aONdPFF2AHtd_L9hqX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:eac0::/32
Signature Algorithm: sha256WithRSAEncryption
c5:ee:5e:7d:6c:e3:ad:62:00:72:7d:5c:a0:34:46:ae:95:a8:
fd:c9:11:9d:c9:ab:3d:8d:73:93:d3:72:b2:96:9d:07:df:61:
2a:73:16:36:01:5e:fe:14:c1:90:52:c0:a8:e0:b0:ad:bf:b8:
dd:76:15:26:d1:eb:e6:26:10:40:4a:0c:7d:28:5b:3a:aa:58:
d2:5d:31:a1:7d:fd:a0:80:da:0a:85:2e:97:3c:ee:65:d5:fd:
4e:98:ab:22:e1:26:b9:ab:b3:b9:1d:80:a8:68:3c:59:66:d9:
bd:f4:24:ee:a2:0e:67:76:03:f2:d8:0e:ad:7e:69:6c:6f:62:
18:42:47:3d:6d:20:4d:4f:ca:61:89:24:cc:cf:82:17:52:4c:
ea:fe:a6:3a:dc:28:d0:3c:64:1b:82:1f:0d:61:c4:b9:46:48:
ce:22:6e:10:4d:3c:ae:5b:b4:97:02:bf:61:1e:43:17:06:21:
28:5e:80:3f:b2:61:7a:5f:8c:69:4d:41:9f:05:85:45:91:b9:
8b:08:1a:5f:64:83:76:7c:00:8f:53:11:9c:92:c9:da:48:dc:
b3:1f:a0:15:07:36:84:f1:f9:46:b4:ad:17:cd:4a:f5:af:cc:
98:ea:92:54:79:fe:2e:13:b4:10:02:87:10:f6:42:9f:d1:ad:
69:6b:e8:d6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQkRWCT5dcMsjhNfLaa4KohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjUwMTAxMjM0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDg1ZDNjNGFmMzc2OGUzNWQzYzUxNzYwMDdiNWRmY2JmNjFhOTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmkuYBsAHrm8BcfipTXWMBzzfIQr
g98JWPagUXYqvjqiOMQciAvO5cBdTYjis0J3x+/X1HGra0JhJ6U9jCJyts0sUTP/
tr/3Rsk5nDKSeLZkeWqMyc1jab3y3T6hXvYk9vBKrhjdxX1nM81FHC8UUIrLSm+Y
QMhOF2M+l/+P/oCi1GdKPbccFNqe6mjcFQsPim3A3xNEj9GTUmKNsrbmW7gLakfa
SVL/+p8iobOF7pLwhS3YbzfVkpwu8WpvGizK0MhOT8oECSFyQM6jhVS1USwtoPno
x8O0uYwbavv4wlNDHIIkMwrvXweYZyiXu6Fcio3T2aT/LCs/q7ZKmO8IzQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBSF08SvN2jjXTxRdgB7Xfy/Yal/MB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvRklYVHhLODNhT05kUEZGMkFIdGRfTDlocVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgnqwDAN
BgkqhkiG9w0BAQsFAAOCAQEAxe5efWzjrWIAcn1coDRGrpWo/ckRncmrPY1zk9Ny
spadB99hKnMWNgFe/hTBkFLAqOCwrb+43XYVJtHr5iYQQEoMfShbOqpY0l0xoX39
oIDaCoUulzzuZdX9TpirIuEmuauzuR2AqGg8WWbZvfQk7qIOZ3YD8tgOrX5pbG9i
GEJHPW0gTU/KYYkkzM+CF1JM6v6mOtwo0DxkG4IfDWHEuUZIziJuEE08rlu0lwK/
YR5DFwYhKF6AP7Jhel+MaU1BnwWFRZG5iwgaX2SDdnwAj1MRnJLJ2kjcsx+gFQc2
hPH5RrStF81K9a/MmOqSVHn+LhO0EAKHEPZCn9GtaWvo1g==
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:04:01 2025 by rpki-client on console.sobornost.net