Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5af6ba-cec9-414c-b766-c015a9d4f8ef/1/iGABUqcXXN7aOyjtrZCgc7fQPto.roa
File: iGABUqcXXN7aOyjtrZCgc7fQPto.roa (raw, json)
Hash identifier: GEJ0Of7uNCnr4mLuQTqHOBw0HqR8tQuPsFCRYfeeMcM=
Subject key identifier: 88:60:01:52:A7:17:5C:DE:DA:3B:28:ED:AD:90:A0:73:B7:D0:3E:DA
Certificate issuer: /CN=656e407a6b99c0f052932cc777ff0de9b3a1974e
Certificate serial: 01951EFF9C0E1DD82A423E7D11AF013EF633
Authority key identifier: 65:6E:40:7A:6B:99:C0:F0:52:93:2C:C7:77:FF:0D:E9:B3:A1:97:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZW5AemuZwPBSkyzHd_8N6bOhl04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5af6ba-cec9-414c-b766-c015a9d4f8ef/1/iGABUqcXXN7aOyjtrZCgc7fQPto.roa
Signing time: Wed 19 Feb 2025 16:17:02 +0000
ROA not before: Wed 19 Feb 2025 16:17:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43336
IP address blocks: 2a0b:9780::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1e:ff:9c:0e:1d:d8:2a:42:3e:7d:11:af:01:3e:f6:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656e407a6b99c0f052932cc777ff0de9b3a1974e
Validity
Not Before: Feb 19 16:17:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88600152a7175cdeda3b28edad90a073b7d03eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:77:65:53:6d:73:1b:ea:7c:47:9f:3b:11:7c:
97:51:42:92:0e:54:8f:a3:6e:b7:a6:80:af:a4:68:
50:42:4e:b0:28:11:17:8d:15:43:76:cf:ea:d8:8a:
47:57:81:1a:6f:46:db:c8:4d:e7:e7:1b:be:64:7c:
b6:68:16:2c:2c:d2:c3:26:3a:28:76:33:0b:2a:54:
d0:5f:ef:60:12:50:03:d4:87:bc:84:81:37:2f:7c:
3c:ef:95:41:c3:59:b2:6a:c5:97:b9:a7:22:94:9e:
cd:4b:5f:6e:ae:0c:21:1e:f0:b2:ec:1d:b2:0e:d3:
e5:34:dc:83:0e:be:4c:3d:03:76:61:bb:ef:97:82:
af:d2:be:ac:c3:ab:d0:02:50:b3:c1:83:52:33:9c:
13:3a:66:6a:de:19:4d:e0:67:60:04:83:4f:3c:7a:
96:9d:2f:e3:99:92:8b:52:0a:d4:a6:7b:6b:62:ea:
02:5f:6b:26:c9:54:8a:24:e6:bb:41:71:d0:21:1f:
a0:b2:e3:1d:c7:06:b0:8e:63:3f:39:2d:bd:1c:51:
ad:27:ea:1a:68:6c:99:57:a8:0d:55:df:fc:66:96:
ea:ac:a7:2a:d3:6e:57:8a:ac:89:c6:fa:44:af:ca:
60:43:b5:15:e0:91:80:51:cc:a6:a3:1b:8c:6e:44:
76:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:60:01:52:A7:17:5C:DE:DA:3B:28:ED:AD:90:A0:73:B7:D0:3E:DA
X509v3 Authority Key Identifier:
keyid:65:6E:40:7A:6B:99:C0:F0:52:93:2C:C7:77:FF:0D:E9:B3:A1:97:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZW5AemuZwPBSkyzHd_8N6bOhl04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5af6ba-cec9-414c-b766-c015a9d4f8ef/1/iGABUqcXXN7aOyjtrZCgc7fQPto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5af6ba-cec9-414c-b766-c015a9d4f8ef/1/ZW5AemuZwPBSkyzHd_8N6bOhl04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:9780::/29
Signature Algorithm: sha256WithRSAEncryption
98:28:e2:42:39:bf:44:9d:2e:b2:ea:4b:f4:9b:cb:42:92:ff:
ec:8c:a9:d3:4f:ed:95:6c:c1:57:ba:23:97:7a:94:aa:e3:ae:
c1:60:ea:41:5e:18:1b:ef:d9:d8:e1:c3:98:da:79:26:d9:2f:
b1:99:d7:95:7d:b4:13:04:cf:91:08:e1:ec:a6:9d:6f:d6:0b:
17:58:1d:9d:25:ce:3e:50:0e:1a:bb:aa:37:e5:66:88:ba:a9:
1a:1d:fd:07:d5:24:2f:60:00:8b:bb:d9:9b:7a:0a:c3:35:e5:
97:f2:e2:10:98:a8:d3:a7:32:f9:ad:2a:0a:b8:1f:77:bc:cf:
cc:f8:7c:5a:5c:b7:f9:67:89:eb:7f:35:9b:46:48:a9:9a:1a:
15:bb:1e:4e:46:f7:fe:5a:24:be:39:01:24:e2:a4:99:da:47:
cf:38:48:83:6c:06:ce:ab:06:f6:86:93:ca:3d:40:c7:f9:7b:
cb:7f:d6:d6:03:d8:fe:a6:6d:64:78:0c:d8:11:fd:b6:01:93:
18:1f:1d:10:c9:97:e1:32:64:65:aa:15:d0:91:0f:e6:e8:08:
b5:f1:1f:44:c3:9f:13:cf:bb:e7:6d:cd:ca:73:d4:33:69:c7:
27:95:49:11:66:e4:c2:bb:41:63:b3:84:e6:77:3d:59:bf:78:
4e:ea:22:ba
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUe/5wOHdgqQj59Ea8BPvYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NmU0MDdhNmI5OWMwZjA1MjkzMmNjNzc3ZmYwZGU5YjNh
MTk3NGUwHhcNMjUwMjE5MTYxNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODYwMDE1MmE3MTc1Y2RlZGEzYjI4ZWRhZDkwYTA3M2I3ZDAzZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XdlU21zG+p8R587EXyXUUKSDlSP
o263poCvpGhQQk6wKBEXjRVDds/q2IpHV4Eab0bbyE3n5xu+ZHy2aBYsLNLDJjoo
djMLKlTQX+9gElAD1Ie8hIE3L3w875VBw1myasWXuacilJ7NS19urgwhHvCy7B2y
DtPlNNyDDr5MPQN2Ybvvl4Kv0r6sw6vQAlCzwYNSM5wTOmZq3hlN4GdgBINPPHqW
nS/jmZKLUgrUpntrYuoCX2smyVSKJOa7QXHQIR+gsuMdxwawjmM/OS29HFGtJ+oa
aGyZV6gNVd/8ZpbqrKcq025XiqyJxvpEr8pgQ7UV4JGAUcymoxuMbkR2+QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIhgAVKnF1ze2jso7a2QoHO30D7aMB8GA1UdIwQY
MBaAFGVuQHprmcDwUpMsx3f/DemzoZdOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlc1QWVtdVp3UEJTa3l6SGRfOE42Yk9obDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YWY2YmEtY2VjOS00MTRjLWI3NjYt
YzAxNWE5ZDRmOGVmLzEvaUdBQlVxY1hYTjdhT3lqdHJaQ2djN2ZRUHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YWY2YmEtY2VjOS00MTRjLWI3NjYtYzAxNWE5ZDRmOGVm
LzEvWlc1QWVtdVp3UEJTa3l6SGRfOE42Yk9obDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKguXgDAN
BgkqhkiG9w0BAQsFAAOCAQEAmCjiQjm/RJ0usupL9JvLQpL/7Iyp00/tlWzBV7oj
l3qUquOuwWDqQV4YG+/Z2OHDmNp5JtkvsZnXlX20EwTPkQjh7Kadb9YLF1gdnSXO
PlAOGruqN+VmiLqpGh39B9UkL2AAi7vZm3oKwzXll/LiEJio06cy+a0qCrgfd7zP
zPh8Wly3+WeJ6381m0ZIqZoaFbseTkb3/lokvjkBJOKkmdpHzzhIg2wGzqsG9oaT
yj1Ax/l7y3/W1gPY/qZtZHgM2BH9tgGTGB8dEMmX4TJkZaoV0JEP5ugItfEfRMOf
E8+7523NynPUM2nHJ5VJEWbkwrtBY7OE5nc9Wb94Tuoiug==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:12 2025 by rpki-client on console.sobornost.net