Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/vmFZgKQzxWrDyIlPo9bLJsZzTaI.roa
File: vmFZgKQzxWrDyIlPo9bLJsZzTaI.roa (raw, json)
Hash identifier: MbCpVVKtjeYphRczFK/T3URYALlKHDAeoNmAw+Plrsg=
Subject key identifier: BE:61:59:80:A4:33:C5:6A:C3:C8:89:4F:A3:D6:CB:26:C6:73:4D:A2
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0195289882F4B10E50BA571230AFA63F9BD3
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/vmFZgKQzxWrDyIlPo9bLJsZzTaI.roa
Signing time: Fri 21 Feb 2025 13:00:38 +0000
ROA not before: Fri 21 Feb 2025 13:00:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a0e:5646::/32 maxlen: 32
2a0e:5902::/32 maxlen: 32
2a0f:6fc4::/32 maxlen: 32
2a0f:c080::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:98:82:f4:b1:0e:50:ba:57:12:30:af:a6:3f:9b:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Feb 21 13:00:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be615980a433c56ac3c8894fa3d6cb26c6734da2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:55:f8:c1:92:e4:f1:e2:3b:c7:6b:3f:50:d1:
81:31:6e:5b:9b:94:21:cd:c2:01:69:24:3b:ee:4a:
e2:f4:6e:fa:bd:ad:10:31:cf:4b:95:15:1e:a7:9a:
33:d1:31:46:c8:3b:8d:c5:cf:20:46:c2:d8:3d:7a:
73:92:77:53:0b:04:12:79:5d:0f:b0:66:4e:c0:06:
33:89:ec:35:51:1d:8b:ab:d8:fb:ae:7e:98:b1:c3:
bf:0d:61:10:13:b1:86:2a:21:29:47:49:19:46:8f:
31:a1:a4:ba:14:58:e1:15:63:19:64:11:6a:3a:42:
8b:d5:af:87:5a:89:61:c4:d0:ec:e9:68:b0:7c:0c:
3e:7f:51:b5:86:ef:c6:b9:1a:ad:33:67:1e:6a:51:
15:01:2e:d4:2d:1b:c0:bd:6e:b2:1d:a3:48:84:fc:
03:46:51:ca:a6:e6:eb:3b:a7:58:45:05:9f:c9:68:
e8:be:6c:86:c4:e1:32:58:03:e6:15:fa:cb:f8:da:
11:c1:45:09:f0:c3:3f:67:17:11:2c:86:cf:f3:f4:
9c:f2:5a:b6:81:cd:6b:7d:62:3b:7c:32:cb:86:db:
d8:ba:12:05:86:ba:e3:88:34:3f:2a:0c:78:85:b8:
08:26:56:b6:a5:58:91:42:e0:ff:08:23:c1:44:63:
ad:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:61:59:80:A4:33:C5:6A:C3:C8:89:4F:A3:D6:CB:26:C6:73:4D:A2
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/vmFZgKQzxWrDyIlPo9bLJsZzTaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5646::/32
2a0e:5902::/32
2a0f:6fc4::/32
2a0f:c080::/32
Signature Algorithm: sha256WithRSAEncryption
41:4e:3b:92:f2:ba:d7:7e:b4:27:50:5e:a9:0a:9c:78:a4:8e:
3f:5a:f1:34:a3:3f:37:1a:c3:2f:18:20:f4:8e:cd:6c:fc:70:
54:cf:c1:72:d2:0c:e8:60:66:10:84:e7:1e:70:be:e1:ed:e4:
81:84:98:ec:1c:d4:0d:20:fd:01:bb:f0:23:0e:b0:bc:f9:92:
20:68:95:ad:2e:d5:81:f8:3c:26:7a:da:44:ca:f8:f0:70:92:
7f:d5:af:a1:02:3d:34:d6:1a:7b:83:5a:f8:81:5c:b4:c4:64:
66:dd:d2:21:d7:e9:de:65:39:b4:a3:2a:d1:e3:e4:f0:19:2a:
d6:54:51:0e:2c:82:80:85:bb:0b:8b:5f:c9:ee:05:e0:aa:1f:
e3:e9:5b:51:20:1a:3a:9c:cf:cc:fa:a2:15:65:28:89:26:68:
31:8c:c2:bb:52:ff:e4:37:e3:82:74:de:28:68:60:b2:31:82:
6a:c9:ac:54:e7:08:53:6a:55:78:ce:7f:3d:84:fe:63:05:09:
cb:f7:41:84:9f:8a:2b:6e:1e:ce:30:0e:06:59:02:e8:28:e4:
d3:ed:14:a3:ff:1b:1b:03:66:db:65:88:df:90:db:a8:02:7d:
11:40:fd:ca:d0:32:40:6a:4b:c5:ee:df:d2:c6:fa:70:a6:ef:
13:e8:c3:11
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZUomIL0sQ5QulcSMK+mP5vTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwMjIxMTMwMDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTYxNTk4MGE0MzNjNTZhYzNjODg5NGZhM2Q2Y2IyNmM2NzM0ZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFX4wZLk8eI7x2s/UNGBMW5bm5Qh
zcIBaSQ77kri9G76va0QMc9LlRUep5oz0TFGyDuNxc8gRsLYPXpzkndTCwQSeV0P
sGZOwAYziew1UR2Lq9j7rn6YscO/DWEQE7GGKiEpR0kZRo8xoaS6FFjhFWMZZBFq
OkKL1a+HWolhxNDs6WiwfAw+f1G1hu/GuRqtM2cealEVAS7ULRvAvW6yHaNIhPwD
RlHKpubrO6dYRQWfyWjovmyGxOEyWAPmFfrL+NoRwUUJ8MM/ZxcRLIbP8/Sc8lq2
gc1rfWI7fDLLhtvYuhIFhrrjiDQ/Kgx4hbgIJla2pViRQuD/CCPBRGOtZwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFL5hWYCkM8Vqw8iJT6PWyybGc02iMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvdm1GWmdLUXp4V3JEeUlsUG85YkxKc1p6VGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKg5WRgMF
ACoOWQIDBQAqD2/EAwUAKg/AgDANBgkqhkiG9w0BAQsFAAOCAQEAQU47kvK61360
J1BeqQqceKSOP1rxNKM/NxrDLxgg9I7NbPxwVM/BctIM6GBmEITnHnC+4e3kgYSY
7BzUDSD9AbvwIw6wvPmSIGiVrS7Vgfg8JnraRMr48HCSf9WvoQI9NNYae4Na+IFc
tMRkZt3SIdfp3mU5tKMq0ePk8Bkq1lRRDiyCgIW7C4tfye4F4Kof4+lbUSAaOpzP
zPqiFWUoiSZoMYzCu1L/5DfjgnTeKGhgsjGCasmsVOcIU2pVeM5/PYT+YwUJy/dB
hJ+KK24ezjAOBlkC6Cjk0+0Uo/8bGwNm22WI35DbqAJ9EUD9ytAyQGpLxe7f0sb6
cKbvE+jDEQ==
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:50:48 2025 by rpki-client on console.sobornost.net