Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/Cq9NUQOEoD_cfBfrTo3KNErVqYM.roa
File: Cq9NUQOEoD_cfBfrTo3KNErVqYM.roa (raw, json)
Hash identifier: cJB8Mu44T/5XwRYPtGiwBr+NSfIkREd5+89CECE5vZE=
Subject key identifier: 0A:AF:4D:51:03:84:A0:3F:DC:7C:17:EB:4E:8D:CA:34:4A:D5:A9:83
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 0194221FE085BF6029CD64F7AEC5C0283900
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/Cq9NUQOEoD_cfBfrTo3KNErVqYM.roa
Signing time: Wed 01 Jan 2025 13:48:21 +0000
ROA not before: Wed 01 Jan 2025 13:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a0d:b9c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e0:85:bf:60:29:cd:64:f7:ae:c5:c0:28:39:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jan 1 13:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0aaf4d510384a03fdc7c17eb4e8dca344ad5a983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:14:ff:63:6d:ae:b4:5a:f9:3c:9e:d5:73:ab:
93:9c:79:ef:f8:04:98:ba:b6:df:13:b4:a4:28:0a:
1a:da:de:fa:f7:ed:3a:07:9e:73:8d:56:ff:f4:be:
cf:a6:ce:e9:1e:ba:72:17:53:0f:d3:0a:53:b4:94:
2d:88:38:b2:22:f8:4e:dc:9a:68:d7:ef:58:a4:64:
ab:39:2b:39:e1:07:57:8a:17:4f:4e:6a:d6:cd:40:
3f:6a:96:a7:1b:87:1c:47:d6:50:88:f1:9f:18:11:
fb:16:01:63:9e:1d:14:f9:53:74:a4:f8:0f:a0:f9:
5b:69:af:04:9f:32:b8:55:b4:8e:ad:2e:06:c0:12:
a4:6c:c3:3f:fe:69:3d:38:e3:1a:d3:ed:ed:14:a0:
13:a8:12:89:bb:07:1b:f3:3a:bf:b0:f7:05:f3:ca:
69:84:fd:d4:7c:62:e5:01:9b:1c:1d:db:5d:73:42:
e2:c5:2b:8b:c6:42:34:63:ee:36:35:ee:72:95:1a:
22:54:3b:3c:73:b5:b3:50:e3:2d:5a:d1:15:df:59:
53:f2:46:50:a8:57:3e:6a:92:90:59:6b:b4:93:81:
b3:2e:92:c2:62:60:15:d1:15:14:ce:e1:f4:97:81:
65:32:00:fc:6f:f1:9f:90:5c:54:1b:e7:02:97:b9:
3e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AF:4D:51:03:84:A0:3F:DC:7C:17:EB:4E:8D:CA:34:4A:D5:A9:83
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/Cq9NUQOEoD_cfBfrTo3KNErVqYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c0::/32
Signature Algorithm: sha256WithRSAEncryption
5a:12:b5:c9:7c:4e:7d:a3:0c:3f:1b:31:bf:8e:88:11:86:73:
0b:c0:39:cb:dd:e5:0d:4c:79:59:c2:8a:3e:3e:00:ee:8f:f9:
12:de:d8:d1:bd:75:a0:c4:aa:12:f5:65:56:60:e4:07:10:47:
40:29:d7:42:c9:25:ee:c2:cc:3c:0e:78:64:bc:91:e7:0c:fd:
48:83:26:ab:93:52:f6:35:ce:3c:ec:d9:40:da:cf:f0:e9:4a:
ec:d1:20:a3:6c:8c:84:ff:d5:95:90:60:04:db:89:57:f7:22:
83:51:6d:f1:18:25:af:36:cb:9c:f3:92:10:eb:1d:2b:a3:65:
3c:34:c5:a5:cc:31:7b:eb:13:a1:b2:e4:01:b6:73:b1:06:a3:
2b:71:95:55:f9:f3:b6:08:5b:96:1b:f1:92:7a:c0:6d:cb:5f:
a9:36:e9:e3:2c:74:fe:6f:e2:c1:f6:9e:ac:d7:30:f9:11:86:
94:55:4c:95:96:88:d1:7e:85:8f:bb:e3:28:64:a0:2e:28:f8:
9c:c0:8a:06:d9:25:3b:28:cf:2b:bd:0b:ef:9d:1b:83:52:cb:
ea:9a:f6:be:f7:84:da:d8:de:28:93:5d:1c:36:b1:da:17:7a:
50:be:66:25:69:dc:87:71:ba:7a:2f:66:3a:67:8f:85:92:22:
01:98:aa:e9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQiH+CFv2ApzWT3rsXAKDkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwMTAxMTM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWFmNGQ1MTAzODRhMDNmZGM3YzE3ZWI0ZThkY2EzNDRhZDVhOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxT/Y22utFr5PJ7Vc6uTnHnv+ASY
urbfE7SkKAoa2t769+06B55zjVb/9L7Pps7pHrpyF1MP0wpTtJQtiDiyIvhO3Jpo
1+9YpGSrOSs54QdXihdPTmrWzUA/apanG4ccR9ZQiPGfGBH7FgFjnh0U+VN0pPgP
oPlbaa8EnzK4VbSOrS4GwBKkbMM//mk9OOMa0+3tFKATqBKJuwcb8zq/sPcF88pp
hP3UfGLlAZscHdtdc0LixSuLxkI0Y+42Ne5ylRoiVDs8c7WzUOMtWtEV31lT8kZQ
qFc+apKQWWu0k4GzLpLCYmAV0RUUzuH0l4FlMgD8b/GfkFxUG+cCl7k+VQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAqvTVEDhKA/3HwX606NyjRK1amDMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvQ3E5TlVRT0VvRF9jZkJmclRvM0tORXJWcVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg25wDAN
BgkqhkiG9w0BAQsFAAOCAQEAWhK1yXxOfaMMPxsxv46IEYZzC8A5y93lDUx5WcKK
Pj4A7o/5Et7Y0b11oMSqEvVlVmDkBxBHQCnXQskl7sLMPA54ZLyR5wz9SIMmq5NS
9jXOPOzZQNrP8OlK7NEgo2yMhP/VlZBgBNuJV/cig1Ft8RglrzbLnPOSEOsdK6Nl
PDTFpcwxe+sTobLkAbZzsQajK3GVVfnztghblhvxknrAbctfqTbp4yx0/m/iwfae
rNcw+RGGlFVMlZaI0X6Fj7vjKGSgLij4nMCKBtklOyjPK70L750bg1LL6pr2vveE
2tjeKJNdHDax2hd6UL5mJWnch3G6ei9mOmePhZIiAZiq6Q==
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:49:47 2025 by rpki-client on console.sobornost.net