Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/64_MTb5KgxHA8ajybrrfkFaqSHo.roa
File: 64_MTb5KgxHA8ajybrrfkFaqSHo.roa (raw, json)
Hash identifier: 3HoEZ5o8a764cMBp72+Je8xSTOL3XWu1W9vfmUxztJY=
Subject key identifier: EB:8F:CC:4D:BE:4A:83:11:C0:F1:A8:F2:6E:BA:DF:90:56:AA:48:7A
Certificate issuer: /CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Certificate serial: 0194228D8E19E9E88F86C3E526B57FF0EB20
Authority key identifier: 64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/64_MTb5KgxHA8ajybrrfkFaqSHo.roa
Signing time: Wed 01 Jan 2025 15:48:09 +0000
ROA not before: Wed 01 Jan 2025 15:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209990
IP address blocks: 2a0d:f9c0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:8e:19:e9:e8:8f:86:c3:e5:26:b5:7f:f0:eb:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Validity
Not Before: Jan 1 15:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb8fcc4dbe4a8311c0f1a8f26ebadf9056aa487a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:80:c4:9a:f9:ea:c9:0c:9f:a3:10:6e:91:d5:
95:27:ef:3b:81:0b:31:b3:f5:94:0e:76:d9:ae:06:
c6:bb:4d:b1:90:6c:f8:8f:ea:60:82:6c:10:39:64:
51:e9:c6:f3:f3:e1:58:c1:35:03:21:a9:c5:54:c3:
19:4f:96:e8:e0:fe:77:f1:44:bf:77:65:ae:1a:6b:
71:05:b5:31:cf:ed:5c:5b:62:4e:84:6e:37:e7:14:
2c:3d:e5:4a:93:d9:46:86:d0:f3:14:b2:65:ce:c9:
61:2e:7e:e7:44:14:f6:41:bf:99:90:16:f5:2b:c9:
24:01:5e:46:6c:af:79:aa:a6:eb:54:1a:d9:46:4e:
de:db:bd:34:43:42:ef:81:ea:fb:5d:aa:69:98:24:
24:65:1f:6d:ab:90:0a:f1:9e:65:ac:64:5a:ab:eb:
3a:35:24:5b:d8:af:94:71:f9:47:d0:5d:19:be:35:
0a:ae:59:85:f7:67:97:47:b7:d6:f7:26:64:99:df:
f3:a5:6a:fe:0c:0b:01:b8:6c:68:94:d9:96:a6:f8:
70:5c:ea:45:21:6a:1f:a5:dd:36:4d:5d:54:da:dd:
e1:43:3b:92:50:28:41:be:ef:c4:76:31:04:fa:a8:
a7:e6:5e:4b:b2:f4:01:0f:ac:06:4d:17:9c:a3:91:
f2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:8F:CC:4D:BE:4A:83:11:C0:F1:A8:F2:6E:BA:DF:90:56:AA:48:7A
X509v3 Authority Key Identifier:
keyid:64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/64_MTb5KgxHA8ajybrrfkFaqSHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:f9c0::/29
Signature Algorithm: sha256WithRSAEncryption
31:bb:02:31:2c:7b:6f:6b:91:90:42:84:64:37:25:e2:35:46:
f5:1c:62:31:21:de:c4:a5:23:58:51:d5:7a:fb:69:8d:b5:f2:
41:f1:01:67:1f:8c:c6:1f:98:df:a0:5d:54:e8:fa:9e:66:32:
fd:ca:8c:85:e0:01:a9:90:bf:8f:bf:f3:5e:6b:40:37:2e:92:
77:ec:73:e9:f2:aa:d7:48:d5:a3:e7:30:24:a7:45:0d:a2:95:
6d:25:0a:47:0d:7c:a0:28:98:85:b7:e5:ff:c8:ad:d2:40:2c:
a2:c7:dc:34:20:1d:39:32:40:50:f2:68:68:a4:11:20:d7:11:
15:24:85:ee:8a:2f:07:dd:1d:32:b6:98:46:e5:81:d3:e4:b5:
fa:8d:64:70:9a:99:b2:57:f0:ab:6f:80:2d:ef:31:6d:5b:61:
72:a5:c4:ce:d3:df:cf:62:83:a5:fe:33:1d:0a:95:04:b2:04:
7a:81:6c:fb:e4:b3:44:d7:05:6d:46:ed:fb:80:15:21:3e:83:
b4:05:9e:73:92:36:cf:a4:88:ef:c2:69:67:84:04:67:f4:67:
81:3d:cb:6f:61:07:b0:91:ce:88:26:2c:64:e6:ad:6c:ba:e7:
e9:3b:cd:74:83:09:65:39:42:ba:ef:e1:e9:3a:aa:9a:30:00:
e5:35:06:23
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQijY4Z6eiPhsPlJrV/8OsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0M2UxYmE5MWM1NjlhOGIyMWE2ZDJkNjdmNWRiYmQ2YzA0
ZTQzZWEwHhcNMjUwMTAxMTU0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjhmY2M0ZGJlNGE4MzExYzBmMWE4ZjI2ZWJhZGY5MDU2YWE0ODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IDEmvnqyQyfoxBukdWVJ+87gQsx
s/WUDnbZrgbGu02xkGz4j+pggmwQOWRR6cbz8+FYwTUDIanFVMMZT5bo4P538US/
d2WuGmtxBbUxz+1cW2JOhG435xQsPeVKk9lGhtDzFLJlzslhLn7nRBT2Qb+ZkBb1
K8kkAV5GbK95qqbrVBrZRk7e2700Q0Lvger7XappmCQkZR9tq5AK8Z5lrGRaq+s6
NSRb2K+UcflH0F0ZvjUKrlmF92eXR7fW9yZkmd/zpWr+DAsBuGxolNmWpvhwXOpF
IWofpd02TV1U2t3hQzuSUChBvu/EdjEE+qin5l5LsvQBD6wGTReco5HyfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOuPzE2+SoMRwPGo8m6635BWqkh6MB8GA1UdIwQY
MBaAFGQ+G6kcVpqLIabS1n9du9bATkPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAt
ZmVhMGFmZjM1OWY1LzEvNjRfTVRiNUtneEhBOGFqeWJycmZrRmFxU0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAtZmVhMGFmZjM1OWY1
LzEvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg35wDAN
BgkqhkiG9w0BAQsFAAOCAQEAMbsCMSx7b2uRkEKEZDcl4jVG9RxiMSHexKUjWFHV
evtpjbXyQfEBZx+Mxh+Y36BdVOj6nmYy/cqMheABqZC/j7/zXmtANy6Sd+xz6fKq
10jVo+cwJKdFDaKVbSUKRw18oCiYhbfl/8it0kAsosfcNCAdOTJAUPJoaKQRINcR
FSSF7oovB90dMraYRuWB0+S1+o1kcJqZslfwq2+ALe8xbVthcqXEztPfz2KDpf4z
HQqVBLIEeoFs++SzRNcFbUbt+4AVIT6DtAWec5I2z6SI78JpZ4QEZ/RngT3Lb2EH
sJHOiCYsZOatbLrn6TvNdIMJZTlCuu/h6TqqmjAA5TUGIw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:11 2025 by rpki-client on console.sobornost.net