Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/yT5ungE9NAr5a95GJEQ0WzC2bc4.roa
File: yT5ungE9NAr5a95GJEQ0WzC2bc4.roa (raw, json)
Hash identifier: 3Q09eXeA/SVTTdlEZBa1ZfiKoZceB51s1iopXPbgTXw=
Subject key identifier: C9:3E:6E:9E:01:3D:34:0A:F9:6B:DE:46:24:44:34:5B:30:B6:6D:CE
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 01942823416D0EA4C57CDEECBE3239EB683A
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/yT5ungE9NAr5a95GJEQ0WzC2bc4.roa
Signing time: Thu 02 Jan 2025 17:49:46 +0000
ROA not before: Thu 02 Jan 2025 17:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12513
IP address blocks: 2a02:c2c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:41:6d:0e:a4:c5:7c:de:ec:be:32:39:eb:68:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Jan 2 17:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c93e6e9e013d340af96bde462444345b30b66dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ac:b8:8a:32:fb:78:3a:ff:4f:d9:70:b8:42:
e7:df:9a:ac:55:d6:84:c8:ca:50:57:ee:aa:da:46:
25:0e:d9:16:2d:ed:4c:22:af:ff:7d:b7:d7:e4:3e:
fd:d9:a6:bd:c8:01:69:3d:b7:ec:34:12:02:45:00:
c0:18:5e:f9:81:8d:7e:2a:d7:e4:1c:4c:78:d4:91:
82:1e:d1:d4:86:9e:f7:08:08:89:22:10:df:0c:17:
94:dc:71:23:70:c7:81:d2:95:be:1a:9c:de:82:af:
df:8a:57:1c:44:bd:dd:2e:92:4b:2e:14:70:3d:dd:
d0:14:49:4e:2e:ae:5c:78:ca:d2:bf:2b:95:ef:f3:
60:c6:2e:15:bd:ae:d4:79:f1:76:f9:bd:f9:ee:33:
76:f2:8c:18:69:c5:19:e8:f1:ab:50:a6:99:b5:52:
a9:97:dd:33:a4:1c:4d:24:7a:ab:0b:06:c5:14:cc:
ff:80:c1:d4:e2:f8:6b:6a:dc:1a:a1:fb:c6:38:36:
86:e0:06:88:98:5c:36:2a:37:2d:d2:44:cc:5d:51:
2f:60:11:9f:18:37:f2:c5:f4:e6:77:bc:77:3e:8e:
2c:fd:fb:f9:20:cb:15:16:ad:ca:79:b6:c4:6d:0e:
56:66:b6:cf:00:a3:f4:3c:95:fa:10:54:7f:10:f3:
77:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3E:6E:9E:01:3D:34:0A:F9:6B:DE:46:24:44:34:5B:30:B6:6D:CE
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/yT5ungE9NAr5a95GJEQ0WzC2bc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:c2c0::/29
Signature Algorithm: sha256WithRSAEncryption
75:eb:64:62:cd:3b:bc:66:8d:39:02:ff:19:28:48:dc:9a:8c:
bd:03:18:b0:ba:40:40:34:d3:c8:0d:46:42:29:49:42:c1:7c:
56:d9:97:69:06:e1:ad:d8:c6:50:cd:d1:62:dd:ad:5b:bb:63:
dd:2f:6f:28:c1:0b:35:1a:42:38:7f:c5:1a:ea:cc:d9:f5:8e:
60:9e:ce:2e:c6:49:67:70:56:f9:40:fb:24:59:57:8c:71:fa:
d7:85:71:b6:b5:37:f8:4a:2a:c4:2f:09:d1:a1:d7:60:26:dd:
1f:8e:30:ad:e1:0c:15:f5:b2:08:ef:4e:cf:a5:74:32:0c:de:
9d:78:12:cf:af:e0:6e:8e:97:17:c7:55:75:de:64:11:ac:8d:
ae:ff:5d:09:97:72:6f:fd:3b:1d:c8:b9:7b:b0:d8:bb:cf:84:
cb:30:3e:6e:af:01:de:37:3c:93:07:c8:65:a4:c8:7b:66:19:
54:45:4b:19:29:09:70:c5:12:2e:a8:1f:fb:e4:9b:d6:76:64:
79:f3:cc:bf:e3:21:bd:00:9b:4d:b5:0c:11:8e:06:57:af:d0:
25:8a:93:ba:77:d8:bf:97:87:58:37:f5:f6:c1:1d:05:22:eb:
ed:34:e8:65:1d:14:5d:c0:21:f1:b5:71:37:bd:38:a4:d1:b8:
44:4c:b1:de
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQoI0FtDqTFfN7svjI562g6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjUwMTAyMTc0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTNlNmU5ZTAxM2QzNDBhZjk2YmRlNDYyNDQ0MzQ1YjMwYjY2ZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6y4ijL7eDr/T9lwuELn35qsVdaE
yMpQV+6q2kYlDtkWLe1MIq//fbfX5D792aa9yAFpPbfsNBICRQDAGF75gY1+Ktfk
HEx41JGCHtHUhp73CAiJIhDfDBeU3HEjcMeB0pW+Gpzegq/filccRL3dLpJLLhRw
Pd3QFElOLq5ceMrSvyuV7/Ngxi4Vva7UefF2+b357jN28owYacUZ6PGrUKaZtVKp
l90zpBxNJHqrCwbFFMz/gMHU4vhratwaofvGODaG4AaImFw2Kjct0kTMXVEvYBGf
GDfyxfTmd7x3Po4s/fv5IMsVFq3KebbEbQ5WZrbPAKP0PJX6EFR/EPN34QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMk+bp4BPTQK+WveRiRENFswtm3OMB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEveVQ1dW5nRTlOQXI1YTk1R0pFUTBXekMyYmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgLCwDAN
BgkqhkiG9w0BAQsFAAOCAQEAdetkYs07vGaNOQL/GShI3JqMvQMYsLpAQDTTyA1G
QilJQsF8VtmXaQbhrdjGUM3RYt2tW7tj3S9vKMELNRpCOH/FGurM2fWOYJ7OLsZJ
Z3BW+UD7JFlXjHH614VxtrU3+EoqxC8J0aHXYCbdH44wreEMFfWyCO9Oz6V0Mgze
nXgSz6/gbo6XF8dVdd5kEayNrv9dCZdyb/07Hci5e7DYu8+EyzA+bq8B3jc8kwfI
ZaTIe2YZVEVLGSkJcMUSLqgf++Sb1nZkefPMv+MhvQCbTbUMEY4GV6/QJYqTunfY
v5eHWDf19sEdBSLr7TToZR0UXcAh8bVxN704pNG4REyx3g==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:02 2025 by rpki-client on console.sobornost.net