Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/46ed8d-3f2f-473d-bed5-0c66bd34019a/1/8NRIip7PRvYkRKm_8iGpYTYG-fQ.roa
File: 8NRIip7PRvYkRKm_8iGpYTYG-fQ.roa (raw, json)
Hash identifier: baP/2HoWmnxywqu4ozYPStRBgvEVcCSlNjY9VrvxlOY=
Subject key identifier: F0:D4:48:8A:9E:CF:46:F6:24:44:A9:BF:F2:21:A9:61:36:06:F9:F4
Certificate issuer: /CN=cfa13166130d29d5ad8a607d81498da66026d036
Certificate serial: 01941F8C9B5D59BDA033A0219DDE5A6122D3
Authority key identifier: CF:A1:31:66:13:0D:29:D5:AD:8A:60:7D:81:49:8D:A6:60:26:D0:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z6ExZhMNKdWtimB9gUmNpmAm0DY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/46ed8d-3f2f-473d-bed5-0c66bd34019a/1/8NRIip7PRvYkRKm_8iGpYTYG-fQ.roa
Signing time: Wed 01 Jan 2025 01:48:16 +0000
ROA not before: Wed 01 Jan 2025 01:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214151
IP address blocks: 2001:3f40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:9b:5d:59:bd:a0:33:a0:21:9d:de:5a:61:22:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfa13166130d29d5ad8a607d81498da66026d036
Validity
Not Before: Jan 1 01:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0d4488a9ecf46f62444a9bff221a9613606f9f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1d:63:ce:63:97:9e:61:9b:c1:81:09:06:ec:
93:ac:30:41:da:88:ae:26:c0:8b:c5:70:df:f5:6d:
50:87:78:96:c8:6b:18:4e:f0:f0:96:ef:8b:a1:f2:
b5:ff:37:b9:83:ed:43:a5:a8:8c:ce:d4:b7:53:3c:
ee:b2:b5:b5:ff:0f:a5:2e:e1:fc:f7:c7:2d:19:82:
e7:b9:4c:f6:98:29:c1:f0:9d:fc:ae:67:ae:6e:cd:
4e:c8:2d:bd:69:0d:77:79:53:01:15:51:d9:1e:19:
fe:dc:dd:cc:c6:3c:44:67:de:9b:fd:0b:bc:24:68:
d3:24:6f:27:97:a8:c3:c2:26:b8:41:65:c9:14:a9:
2d:53:20:e2:9c:3f:d8:5f:7a:14:f6:53:3f:02:23:
cf:5b:4b:78:39:f4:54:05:e9:49:85:3e:f5:a4:21:
22:71:78:2c:65:f0:1d:74:a2:b8:b8:20:45:ae:e2:
3a:d5:11:26:f4:ee:cd:f0:09:bb:58:3f:33:bf:ee:
ed:c2:bc:b3:f4:14:1f:e0:58:f1:66:33:ab:b6:fe:
6a:d3:0f:b0:82:5e:0b:19:88:45:ff:8a:42:dd:03:
d6:5f:ac:e4:19:ff:5b:4e:00:aa:2c:7d:25:6b:ee:
86:ab:a8:82:8a:82:5e:7d:d3:fa:03:da:f8:80:6b:
b8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D4:48:8A:9E:CF:46:F6:24:44:A9:BF:F2:21:A9:61:36:06:F9:F4
X509v3 Authority Key Identifier:
keyid:CF:A1:31:66:13:0D:29:D5:AD:8A:60:7D:81:49:8D:A6:60:26:D0:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z6ExZhMNKdWtimB9gUmNpmAm0DY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/46ed8d-3f2f-473d-bed5-0c66bd34019a/1/8NRIip7PRvYkRKm_8iGpYTYG-fQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/46ed8d-3f2f-473d-bed5-0c66bd34019a/1/z6ExZhMNKdWtimB9gUmNpmAm0DY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3f40::/29
Signature Algorithm: sha256WithRSAEncryption
54:eb:21:ca:ea:12:63:43:38:96:f2:f2:92:b0:a2:c9:7a:fb:
55:83:e4:5e:81:5d:d8:96:c0:cc:43:3a:49:b4:63:9e:0d:ad:
f3:dd:d2:3d:a1:41:2c:c1:a9:6a:04:d1:f3:f3:52:f3:f8:b4:
45:3e:0d:7c:2d:c9:77:07:b3:6e:ed:a7:e0:bc:be:ae:d6:ab:
51:16:64:79:b2:06:47:f0:da:56:b6:b2:34:93:24:d0:ef:42:
4f:ff:2d:d6:e5:57:46:9a:f7:3d:7c:73:23:6b:99:f5:1a:8c:
4c:85:a1:9f:44:02:d7:fb:c9:98:76:35:d2:80:42:8f:e4:10:
4a:75:8f:aa:e4:69:4a:ef:4c:83:31:d5:1e:e9:e1:77:13:58:
f1:46:3a:32:ca:db:cc:f6:9b:c5:30:ce:af:d3:ca:72:76:52:
be:75:dd:25:a6:f4:8e:3e:73:47:67:c9:bf:eb:c1:e1:98:ad:
77:d1:f2:50:57:ba:93:5f:e4:16:6b:45:b2:44:ac:68:bd:a0:
b2:37:61:8a:fa:2c:5e:9d:4f:44:39:f4:fe:9e:c8:08:96:06:
2a:7e:3c:5b:7c:d7:dd:ae:86:af:a0:ff:12:27:22:eb:f5:57:
6a:3f:c2:cc:b7:e4:45:29:3a:fa:68:d7:9c:7a:6b:da:c4:74:
30:20:6b:22
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQfjJtdWb2gM6Ahnd5aYSLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYTEzMTY2MTMwZDI5ZDVhZDhhNjA3ZDgxNDk4ZGE2NjAy
NmQwMzYwHhcNMjUwMTAxMDE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGQ0NDg4YTllY2Y0NmY2MjQ0NGE5YmZmMjIxYTk2MTM2MDZmOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5x1jzmOXnmGbwYEJBuyTrDBB2oiu
JsCLxXDf9W1Qh3iWyGsYTvDwlu+LofK1/ze5g+1DpaiMztS3UzzusrW1/w+lLuH8
98ctGYLnuUz2mCnB8J38rmeubs1OyC29aQ13eVMBFVHZHhn+3N3MxjxEZ96b/Qu8
JGjTJG8nl6jDwia4QWXJFKktUyDinD/YX3oU9lM/AiPPW0t4OfRUBelJhT71pCEi
cXgsZfAddKK4uCBFruI61REm9O7N8Am7WD8zv+7twryz9BQf4FjxZjOrtv5q0w+w
gl4LGYhF/4pC3QPWX6zkGf9bTgCqLH0la+6Gq6iCioJefdP6A9r4gGu46QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPDUSIqez0b2JESpv/IhqWE2Bvn0MB8GA1UdIwQY
MBaAFM+hMWYTDSnVrYpgfYFJjaZgJtA2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejZFeFpoTU5LZFd0aW1COWdVbU5wbUFtMERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80NmVkOGQtM2YyZi00NzNkLWJlZDUt
MGM2NmJkMzQwMTlhLzEvOE5SSWlwN1BSdllrUkttXzhpR3BZVFlHLWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80NmVkOGQtM2YyZi00NzNkLWJlZDUtMGM2NmJkMzQwMTlh
LzEvejZFeFpoTU5LZFd0aW1COWdVbU5wbUFtMERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDIAE/QDAN
BgkqhkiG9w0BAQsFAAOCAQEAVOshyuoSY0M4lvLykrCiyXr7VYPkXoFd2JbAzEM6
SbRjng2t893SPaFBLMGpagTR8/NS8/i0RT4NfC3Jdwezbu2n4Ly+rtarURZkebIG
R/DaVrayNJMk0O9CT/8t1uVXRpr3PXxzI2uZ9RqMTIWhn0QC1/vJmHY10oBCj+QQ
SnWPquRpSu9MgzHVHunhdxNY8UY6MsrbzPabxTDOr9PKcnZSvnXdJab0jj5zR2fJ
v+vB4Zitd9HyUFe6k1/kFmtFskSsaL2gsjdhivosXp1PRDn0/p7ICJYGKn48W3zX
3a6Gr6D/Eici6/VXaj/CzLfkRSk6+mjXnHpr2sR0MCBrIg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:58 2025 by rpki-client on console.sobornost.net