Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/SlaU9HSyWOLbPlhtr9erox7ST1o.roa
File: SlaU9HSyWOLbPlhtr9erox7ST1o.roa (raw, json)
Hash identifier: iCddRZIQh0GzddiojJsCNP64OOzV5SHbTR0s3vNWL+A=
Subject key identifier: 4A:56:94:F4:74:B2:58:E2:DB:3E:58:6D:AF:D7:AB:A3:1E:D2:4F:5A
Certificate issuer: /CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Certificate serial: 019421437D86636B757ADEFF186F60251658
Authority key identifier: A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/SlaU9HSyWOLbPlhtr9erox7ST1o.roa
Signing time: Wed 01 Jan 2025 09:47:38 +0000
ROA not before: Wed 01 Jan 2025 09:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33886
IP address blocks: 2a01:298:d34d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:7d:86:63:6b:75:7a:de:ff:18:6f:60:25:16:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Validity
Not Before: Jan 1 09:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a5694f474b258e2db3e586dafd7aba31ed24f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:77:1f:69:14:6f:c4:c6:f2:29:86:06:3b:fd:
d3:ab:e5:62:58:3f:ad:e2:76:9f:e4:37:30:b8:88:
2e:7d:32:e7:d8:54:4e:b7:f4:15:ec:6d:4c:a6:6e:
65:4a:4f:41:7b:eb:79:7f:fa:3f:82:1b:b2:f5:8f:
71:fd:0a:3b:3f:92:85:a6:90:14:83:21:61:61:01:
af:f7:d7:f9:35:56:db:ed:f1:b5:6e:83:3c:08:f3:
95:91:15:72:19:03:61:24:db:c3:96:18:52:3c:8f:
0b:c8:aa:04:8e:49:42:44:bf:2c:93:61:65:3c:8f:
30:94:ad:f4:9a:c1:e2:e2:94:83:24:92:51:bd:3a:
00:2a:f8:34:fe:11:26:3e:b3:f6:5c:1a:8c:2c:4c:
b1:5c:59:ad:e4:fa:32:72:2f:32:b9:cb:ae:c0:e9:
61:78:f1:91:ab:49:44:54:0e:9e:ec:ff:8c:cb:f0:
87:6b:fd:52:8c:06:b5:ec:74:db:51:66:03:c2:ed:
13:04:de:e1:74:53:90:89:73:39:45:66:97:e5:0b:
e2:b0:1b:4a:04:b2:fb:d8:82:e2:9e:b8:2c:2a:5c:
1c:67:fb:fd:09:c9:41:06:a8:ac:95:8d:a2:df:64:
16:46:3a:27:63:b1:21:47:a5:95:0f:27:0d:7e:e3:
22:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:56:94:F4:74:B2:58:E2:DB:3E:58:6D:AF:D7:AB:A3:1E:D2:4F:5A
X509v3 Authority Key Identifier:
keyid:A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/SlaU9HSyWOLbPlhtr9erox7ST1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/pHZ7xfvLzvscHHR7sOtTN9q2kcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:298:d34d::/48
Signature Algorithm: sha256WithRSAEncryption
97:d2:63:52:50:37:d8:0a:f7:6e:bd:7a:9e:2d:32:ec:38:fa:
64:5b:9c:2c:dd:f8:e8:7a:ee:90:74:60:4b:07:f2:c7:0e:2a:
c9:a3:72:c9:f2:1d:5b:21:85:72:3e:1d:9b:12:70:13:4d:52:
3b:5b:e6:a5:ce:42:3a:3c:a8:13:c1:39:84:59:29:2f:ad:c8:
33:7a:6c:ec:a7:4e:c5:a9:8b:c6:e8:44:38:dc:49:a2:bd:fd:
81:66:58:cd:f5:5c:0a:9d:63:cc:5b:54:6d:4c:66:4c:84:bd:
4f:b0:00:a9:9c:9c:86:18:a7:57:4f:e1:77:f5:65:a7:14:5b:
31:7e:df:e4:53:1c:3c:16:21:89:ff:6d:1f:aa:64:01:a6:bc:
0c:68:12:a6:2f:53:66:a4:cd:f8:23:28:40:b3:73:05:f1:8e:
57:1e:bc:86:06:02:33:a2:83:69:88:91:7f:4c:81:17:1a:87:
72:86:86:fc:3b:ef:6c:11:cb:55:0c:af:d2:cb:36:e4:81:5a:
ac:c8:fb:9e:90:7b:8b:e9:39:a2:da:64:8e:8d:ac:a6:84:48:
a2:d9:94:d2:83:62:a5:48:09:2e:fc:44:5c:cf:53:2b:a1:cc:
db:f7:93:3b:d7:4d:15:5a:b5:4c:c9:ea:91:37:cf:bb:f9:e9:
85:71:7f:2e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhQ32GY2t1et7/GG9gJRZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NzY3YmM1ZmJjYmNlZmIxYzFjNzQ3YmIwZWI1MzM3ZGFi
NjkxYzAwHhcNMjUwMTAxMDk0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTU2OTRmNDc0YjI1OGUyZGIzZTU4NmRhZmQ3YWJhMzFlZDI0ZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHcfaRRvxMbyKYYGO/3Tq+ViWD+t
4naf5DcwuIgufTLn2FROt/QV7G1Mpm5lSk9Be+t5f/o/ghuy9Y9x/Qo7P5KFppAU
gyFhYQGv99f5NVbb7fG1boM8CPOVkRVyGQNhJNvDlhhSPI8LyKoEjklCRL8sk2Fl
PI8wlK30msHi4pSDJJJRvToAKvg0/hEmPrP2XBqMLEyxXFmt5Poyci8yucuuwOlh
ePGRq0lEVA6e7P+My/CHa/1SjAa17HTbUWYDwu0TBN7hdFOQiXM5RWaX5QvisBtK
BLL72ILinrgsKlwcZ/v9CclBBqislY2i32QWRjonY7EhR6WVDycNfuMitwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEpWlPR0slji2z5Yba/Xq6Me0k9aMB8GA1UdIwQY
MBaAFKR2e8X7y877HBx0e7DrUzfatpHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEhaN3hmdkx6dnNjSEhSN3NPdFROOXEya2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS84MDY1ZDUtMDRkMC00M2U1LWEyZjQt
MDQxYTQ4ZDIxMjNmLzEvU2xhVTlIU3lXT0xiUGxodHI5ZXJveDdTVDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS84MDY1ZDUtMDRkMC00M2U1LWEyZjQtMDQxYTQ4ZDIxMjNm
LzEvcEhaN3hmdkx6dnNjSEhSN3NPdFROOXEya2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgECmNNN
MA0GCSqGSIb3DQEBCwUAA4IBAQCX0mNSUDfYCvduvXqeLTLsOPpkW5ws3fjoeu6Q
dGBLB/LHDirJo3LJ8h1bIYVyPh2bEnATTVI7W+alzkI6PKgTwTmEWSkvrcgzemzs
p07FqYvG6EQ43Emivf2BZljN9VwKnWPMW1RtTGZMhL1PsACpnJyGGKdXT+F39WWn
FFsxft/kUxw8FiGJ/20fqmQBprwMaBKmL1NmpM34IyhAs3MF8Y5XHryGBgIzooNp
iJF/TIEXGodyhob8O+9sEctVDK/SyzbkgVqsyPuekHuL6Tmi2mSOjaymhEii2ZTS
g2KlSAku/ERcz1Mroczb95M7100VWrVMyeqRN8+7+emFcX8u
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:57 2025 by rpki-client on console.sobornost.net