Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/ac9cf6-1bec-424b-aa51-a0962d998e60/1/D8akI8P5Xi8Ifp8LsQyslMH9ydQ.roa
File: D8akI8P5Xi8Ifp8LsQyslMH9ydQ.roa (raw, json)
Hash identifier: AKGzJiWAK4O0wOeiBq1pBQs9Et3quYVUdawmatMGbA4=
Subject key identifier: 0F:C6:A4:23:C3:F9:5E:2F:08:7E:9F:0B:B1:0C:AC:94:C1:FD:C9:D4
Certificate issuer: /CN=1216abcc44c9a95540cdf5b1dc542ec7d11fe07a
Certificate serial: 01962B547DEF8E56CC0D832465A56448A162
Authority key identifier: 12:16:AB:CC:44:C9:A9:55:40:CD:F5:B1:DC:54:2E:C7:D1:1F:E0:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EharzETJqVVAzfWx3FQux9Ef4Ho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/ac9cf6-1bec-424b-aa51-a0962d998e60/1/D8akI8P5Xi8Ifp8LsQyslMH9ydQ.roa
Signing time: Sat 12 Apr 2025 18:47:59 +0000
ROA not before: Sat 12 Apr 2025 18:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60666
IP address blocks: 2a12:3fc2:aa40::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:2b:54:7d:ef:8e:56:cc:0d:83:24:65:a5:64:48:a1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1216abcc44c9a95540cdf5b1dc542ec7d11fe07a
Validity
Not Before: Apr 12 18:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fc6a423c3f95e2f087e9f0bb10cac94c1fdc9d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3d:26:3c:a7:9d:a5:81:98:94:9f:9f:83:56:
31:a1:3b:da:b7:b6:ee:e2:43:56:7b:c5:aa:40:8f:
32:66:f8:cc:f0:21:2f:ae:79:1e:1b:92:ba:c3:27:
97:80:cb:d5:3c:6d:d4:fd:ea:a9:66:c9:c4:f6:64:
75:5e:d3:b1:ab:7c:53:2b:04:5e:e7:b0:d8:b1:87:
5a:a5:12:64:0f:d9:0f:d9:9e:47:4d:5f:b5:0e:fd:
50:58:53:78:01:44:15:33:8e:f2:7d:58:d2:56:1a:
15:e9:a7:60:15:45:4a:57:46:c0:02:43:7d:08:fd:
a1:f9:43:aa:5e:8c:80:35:69:6f:53:64:a0:2e:38:
bb:85:0a:be:60:16:69:00:c2:26:07:ce:f5:d0:6e:
10:81:c1:1b:84:e1:58:d8:15:90:ba:8d:f3:7f:47:
47:ae:af:3d:ac:50:fc:38:6b:2f:63:85:5d:3a:83:
e0:23:42:1b:60:16:10:99:81:87:66:d5:b0:b8:10:
c6:df:51:05:89:85:1c:c2:bd:19:fe:83:05:de:1d:
ad:9f:91:44:ef:c8:a4:96:93:ca:8c:df:4e:00:18:
83:37:3c:d8:1b:ab:66:bf:22:db:8f:78:71:1f:ce:
1e:14:10:79:a2:a7:93:77:d8:84:6d:70:71:43:91:
f8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C6:A4:23:C3:F9:5E:2F:08:7E:9F:0B:B1:0C:AC:94:C1:FD:C9:D4
X509v3 Authority Key Identifier:
keyid:12:16:AB:CC:44:C9:A9:55:40:CD:F5:B1:DC:54:2E:C7:D1:1F:E0:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EharzETJqVVAzfWx3FQux9Ef4Ho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ac9cf6-1bec-424b-aa51-a0962d998e60/1/D8akI8P5Xi8Ifp8LsQyslMH9ydQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ac9cf6-1bec-424b-aa51-a0962d998e60/1/EharzETJqVVAzfWx3FQux9Ef4Ho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:aa40::/44
Signature Algorithm: sha256WithRSAEncryption
50:1d:70:f2:75:aa:c7:12:80:a8:28:92:a3:9e:d6:f5:53:75:
28:ee:86:68:de:00:3d:87:29:80:17:61:4b:9b:6d:a9:cf:40:
36:df:ab:b3:3c:86:85:30:b6:b7:f3:01:9f:6c:3a:70:3e:91:
82:70:a8:37:81:e7:d7:74:6c:15:8f:0e:ac:f0:31:61:17:23:
eb:53:c3:2c:d2:a3:2f:c2:95:b6:5b:d1:eb:46:04:ab:e6:18:
20:11:73:d9:06:42:3d:61:19:43:78:95:15:cb:7f:8a:b8:e4:
ac:fb:dd:b9:a6:dc:a5:a0:7e:54:c0:7f:7b:11:88:3f:65:27:
7a:bb:9e:96:a8:96:a4:ec:56:d8:ae:f5:4a:5a:8d:0d:f7:29:
40:20:0b:d1:89:f5:32:8f:86:66:ee:d6:2e:28:37:d0:77:3c:
48:ad:1c:55:42:55:e4:ef:e8:37:16:1a:3f:e3:9c:a0:7a:ba:
6b:07:69:2d:60:40:49:76:6b:d7:5f:4d:7a:81:e7:77:51:eb:
c1:82:db:8c:43:66:09:cd:c1:74:8d:35:fb:b3:ea:f8:0e:97:
07:6d:05:bc:ca:8f:c3:8a:8d:ab:d9:38:ab:0f:9d:08:04:58:
74:63:cd:80:7e:f4:49:65:f6:19:73:a4:15:ba:17:8d:5a:4f:
ae:bb:cd:68
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZYrVH3vjlbMDYMkZaVkSKFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTZhYmNjNDRjOWE5NTU0MGNkZjViMWRjNTQyZWM3ZDEx
ZmUwN2EwHhcNMjUwNDEyMTg0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmM2YTQyM2MzZjk1ZTJmMDg3ZTlmMGJiMTBjYWM5NGMxZmRjOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj0mPKedpYGYlJ+fg1YxoTvat7bu
4kNWe8WqQI8yZvjM8CEvrnkeG5K6wyeXgMvVPG3U/eqpZsnE9mR1XtOxq3xTKwRe
57DYsYdapRJkD9kP2Z5HTV+1Dv1QWFN4AUQVM47yfVjSVhoV6adgFUVKV0bAAkN9
CP2h+UOqXoyANWlvU2SgLji7hQq+YBZpAMImB8710G4QgcEbhOFY2BWQuo3zf0dH
rq89rFD8OGsvY4VdOoPgI0IbYBYQmYGHZtWwuBDG31EFiYUcwr0Z/oMF3h2tn5FE
78iklpPKjN9OABiDNzzYG6tmvyLbj3hxH84eFBB5oqeTd9iEbXBxQ5H4YwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA/GpCPD+V4vCH6fC7EMrJTB/cnUMB8GA1UdIwQY
MBaAFBIWq8xEyalVQM31sdxULsfRH+B6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhhcnpFVEpxVlZBemZXeDNGUXV4OUVmNEhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9hYzljZjYtMWJlYy00MjRiLWFhNTEt
YTA5NjJkOTk4ZTYwLzEvRDhha0k4UDVYaThJZnA4THNReXNsTUg5eWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9hYzljZjYtMWJlYy00MjRiLWFhNTEtYTA5NjJkOTk4ZTYw
LzEvRWhhcnpFVEpxVlZBemZXeDNGUXV4OUVmNEhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhI/wqpA
MA0GCSqGSIb3DQEBCwUAA4IBAQBQHXDydarHEoCoKJKjntb1U3Uo7oZo3gA9hymA
F2FLm22pz0A236uzPIaFMLa38wGfbDpwPpGCcKg3gefXdGwVjw6s8DFhFyPrU8Ms
0qMvwpW2W9HrRgSr5hggEXPZBkI9YRlDeJUVy3+KuOSs+925ptyloH5UwH97EYg/
ZSd6u56WqJak7FbYrvVKWo0N9ylAIAvRifUyj4Zm7tYuKDfQdzxIrRxVQlXk7+g3
Fho/45ygerprB2ktYEBJdmvXX016ged3UevBgtuMQ2YJzcF0jTX7s+r4DpcHbQW8
yo/Dio2r2TirD50IBFh0Y82AfvRJZfYZc6QVuheNWk+uu81o
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:43 2025 by rpki-client on console.sobornost.net