Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/edd984-9b3e-4786-b1cf-60f6fa881845/1/2nLsQqPE5llC17hwQkkSOMH6bAs.roa
File: 2nLsQqPE5llC17hwQkkSOMH6bAs.roa (raw, json)
Hash identifier: bh0+wwwfSzTifnsB5Zplv4YF5NGG3Z0ysixgx0plOO8=
Subject key identifier: DA:72:EC:42:A3:C4:E6:59:42:D7:B8:70:42:49:12:38:C1:FA:6C:0B
Certificate issuer: /CN=183ae8f8887a1309ba54bc4d2761b4b30ea28e49
Certificate serial: 0194221F51CA36E1C353778A66E52D30FCC3
Authority key identifier: 18:3A:E8:F8:88:7A:13:09:BA:54:BC:4D:27:61:B4:B3:0E:A2:8E:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GDro-Ih6Ewm6VLxNJ2G0sw6ijkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/edd984-9b3e-4786-b1cf-60f6fa881845/1/2nLsQqPE5llC17hwQkkSOMH6bAs.roa
Signing time: Wed 01 Jan 2025 13:47:45 +0000
ROA not before: Wed 01 Jan 2025 13:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54058
IP address blocks: 2a05:2200::/29 maxlen: 29
2a07:4e40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:51:ca:36:e1:c3:53:77:8a:66:e5:2d:30:fc:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=183ae8f8887a1309ba54bc4d2761b4b30ea28e49
Validity
Not Before: Jan 1 13:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da72ec42a3c4e65942d7b87042491238c1fa6c0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:21:5e:2e:53:58:7e:fb:38:33:83:64:b2:c8:
b0:fc:28:43:9f:c1:ae:5b:58:9c:a3:1d:3f:97:15:
e0:ea:f7:66:76:07:5d:7d:08:42:ac:be:b5:26:73:
3e:45:18:81:e3:a9:91:75:14:36:20:13:42:b2:7b:
42:55:7b:6d:a6:03:59:1e:fb:b1:d8:3a:31:be:02:
69:5b:fa:32:55:80:88:fa:ff:74:c0:c8:9e:fb:6e:
15:10:18:b8:8f:ba:a6:3a:35:e4:d2:21:91:ef:2a:
b8:3b:5e:c4:87:b6:0c:ca:6f:e0:51:9a:09:92:2d:
09:a5:8d:18:60:4e:86:f8:67:9a:ff:4b:aa:94:7f:
4f:af:5a:31:9f:06:d7:48:96:33:5e:cf:e9:29:0b:
0a:9e:f8:d1:e3:10:9a:ba:95:f3:48:53:60:17:c1:
3a:81:af:ca:fa:44:05:8b:f2:6d:99:d9:fc:43:42:
23:cb:87:d9:d2:1d:8c:f3:19:6a:57:3f:11:20:36:
90:54:d7:a3:73:b4:fb:75:d3:5d:cd:04:b5:6c:37:
12:c6:05:9d:34:fa:b5:8f:24:7a:ce:e9:d0:7f:ff:
9c:ef:71:8d:ad:ac:43:0b:13:8d:0c:a8:b5:93:99:
27:0c:23:88:b6:a6:ea:de:ca:c4:4e:c0:53:d9:f9:
e5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:72:EC:42:A3:C4:E6:59:42:D7:B8:70:42:49:12:38:C1:FA:6C:0B
X509v3 Authority Key Identifier:
keyid:18:3A:E8:F8:88:7A:13:09:BA:54:BC:4D:27:61:B4:B3:0E:A2:8E:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GDro-Ih6Ewm6VLxNJ2G0sw6ijkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/edd984-9b3e-4786-b1cf-60f6fa881845/1/2nLsQqPE5llC17hwQkkSOMH6bAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/edd984-9b3e-4786-b1cf-60f6fa881845/1/GDro-Ih6Ewm6VLxNJ2G0sw6ijkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:2200::/29
2a07:4e40::/29
Signature Algorithm: sha256WithRSAEncryption
69:0f:f2:bb:f4:78:70:4e:b0:db:03:6a:a8:2a:c1:ae:93:f0:
f8:a5:0f:67:c6:db:e3:16:2e:50:7e:a8:b9:6f:24:5c:0a:25:
b8:97:76:80:41:b3:b5:2e:2f:3e:14:76:45:e0:62:a7:69:c9:
e5:c9:6b:6f:24:14:53:67:14:81:13:50:59:ce:5c:02:06:97:
b0:bd:05:8c:a8:93:79:8b:d1:70:4c:0f:38:d1:0f:9c:34:4f:
84:50:9b:ce:e5:e7:ce:d7:ff:6a:fe:82:fd:04:27:58:79:86:
06:f3:18:c6:33:d4:a1:00:e0:16:68:2d:12:08:08:a2:09:3c:
02:5a:40:c6:ea:a2:60:c5:da:19:16:b3:6e:62:f8:c3:35:e0:
48:89:09:bd:26:3a:6b:d7:5a:4b:38:1e:a1:7a:e5:e6:8c:f2:
54:cb:09:14:10:81:e3:57:27:5d:62:8d:63:c9:43:7e:30:a7:
2e:27:54:29:1c:7a:a2:fa:9f:70:84:aa:62:86:d8:8c:52:92:
37:1a:00:62:75:4f:a9:c2:60:97:0a:53:eb:0c:02:40:35:c3:
64:fe:0a:ae:49:66:ab:69:d7:20:d2:e3:fa:70:73:f5:9d:1d:
5d:6e:90:a0:6b:60:c0:b9:d1:b2:89:c7:24:12:23:12:c3:13:
f9:d4:3c:9e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQiH1HKNuHDU3eKZuUtMPzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4M2FlOGY4ODg3YTEzMDliYTU0YmM0ZDI3NjFiNGIzMGVh
MjhlNDkwHhcNMjUwMTAxMTM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTcyZWM0MmEzYzRlNjU5NDJkN2I4NzA0MjQ5MTIzOGMxZmE2YzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyFeLlNYfvs4M4Nkssiw/ChDn8Gu
W1icox0/lxXg6vdmdgddfQhCrL61JnM+RRiB46mRdRQ2IBNCsntCVXttpgNZHvux
2DoxvgJpW/oyVYCI+v90wMie+24VEBi4j7qmOjXk0iGR7yq4O17Eh7YMym/gUZoJ
ki0JpY0YYE6G+Gea/0uqlH9Pr1oxnwbXSJYzXs/pKQsKnvjR4xCaupXzSFNgF8E6
ga/K+kQFi/Jtmdn8Q0Ijy4fZ0h2M8xlqVz8RIDaQVNejc7T7ddNdzQS1bDcSxgWd
NPq1jyR6zunQf/+c73GNraxDCxONDKi1k5knDCOItqbq3srETsBT2fnlGQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNpy7EKjxOZZQte4cEJJEjjB+mwLMB8GA1UdIwQY
MBaAFBg66PiIehMJulS8TSdhtLMOoo5JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0Ryby1JaDZFd202Vkx4TkoyRzBzdzZpamtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lZGQ5ODQtOWIzZS00Nzg2LWIxY2Yt
NjBmNmZhODgxODQ1LzEvMm5Mc1FxUEU1bGxDMTdod1Fra1NPTUg2YkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lZGQ5ODQtOWIzZS00Nzg2LWIxY2YtNjBmNmZhODgxODQ1
LzEvR0Ryby1JaDZFd202Vkx4TkoyRzBzdzZpamtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgUiAAMF
AyoHTkAwDQYJKoZIhvcNAQELBQADggEBAGkP8rv0eHBOsNsDaqgqwa6T8PilD2fG
2+MWLlB+qLlvJFwKJbiXdoBBs7UuLz4UdkXgYqdpyeXJa28kFFNnFIETUFnOXAIG
l7C9BYyok3mL0XBMDzjRD5w0T4RQm87l587X/2r+gv0EJ1h5hgbzGMYz1KEA4BZo
LRIICKIJPAJaQMbqomDF2hkWs25i+MM14EiJCb0mOmvXWks4HqF65eaM8lTLCRQQ
geNXJ11ijWPJQ34wpy4nVCkceqL6n3CEqmKG2IxSkjcaAGJ1T6nCYJcKU+sMAkA1
w2T+Cq5JZqtp1yDS4/pwc/WdHV1ukKBrYMC50bKJxyQSIxLDE/nUPJ4=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:54 2025 by rpki-client on console.sobornost.net