Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/vFJBXwiLiT0SV6hpYm9T1KH_3Sw.roa
File: vFJBXwiLiT0SV6hpYm9T1KH_3Sw.roa (raw, json)
Hash identifier: iZ/rALDyZJ1JAyWAtw5uSLsZV8Z+UzVJnNgd7eGfu2E=
Subject key identifier: BC:52:41:5F:08:8B:89:3D:12:57:A8:69:62:6F:53:D4:A1:FF:DD:2C
Certificate issuer: /CN=3c177b528043a85953fc250f991d9d8020e2810d
Certificate serial: 0194236998E902082D83E497AF2A0E3C2A41
Authority key identifier: 3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/vFJBXwiLiT0SV6hpYm9T1KH_3Sw.roa
Signing time: Wed 01 Jan 2025 19:48:30 +0000
ROA not before: Wed 01 Jan 2025 19:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202572
IP address blocks: 2a0a:2303::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:98:e9:02:08:2d:83:e4:97:af:2a:0e:3c:2a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c177b528043a85953fc250f991d9d8020e2810d
Validity
Not Before: Jan 1 19:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc52415f088b893d1257a869626f53d4a1ffdd2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c7:7a:b2:75:8c:28:d6:6e:5c:65:40:ab:70:
68:d1:a6:21:60:d0:1c:7c:5b:21:9d:ca:4d:20:dc:
7b:11:da:35:b6:bb:7c:83:f8:d2:c6:6f:eb:61:46:
71:93:65:a0:2f:27:b6:79:70:e2:a5:00:41:48:93:
7a:74:9e:80:4f:c8:96:c1:ed:a3:9a:d7:70:6f:51:
f8:12:08:d6:b2:89:51:e8:2b:45:41:c7:e4:a2:10:
87:c5:87:f4:0f:b8:f5:43:23:d4:ba:3f:ea:d1:4b:
d0:61:03:b9:61:85:02:68:6b:f6:8e:08:8a:27:fe:
74:26:33:42:b4:c6:99:ce:af:de:b7:dd:1d:84:d5:
de:2c:5a:61:42:64:8e:b2:29:43:ad:db:56:09:5c:
32:1c:53:0f:8a:d5:4f:16:01:08:3b:51:bb:3e:e2:
66:1b:7c:90:2a:73:46:b5:c2:00:ef:1c:7f:c4:3f:
a0:b2:7a:9f:c8:04:ad:17:e4:4f:f7:38:dd:bc:17:
ab:24:ca:54:4d:ba:1a:6c:ea:24:38:b3:5a:59:8c:
16:1a:d5:a5:cc:7a:95:43:98:3b:7b:07:07:d9:2f:
b6:3e:d5:82:ba:21:cb:e8:c6:2c:8d:cb:e6:d2:c6:
3e:b0:ae:27:34:be:90:cd:e0:1a:5e:b8:2c:9e:2b:
26:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:52:41:5F:08:8B:89:3D:12:57:A8:69:62:6F:53:D4:A1:FF:DD:2C
X509v3 Authority Key Identifier:
keyid:3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/vFJBXwiLiT0SV6hpYm9T1KH_3Sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/PBd7UoBDqFlT_CUPmR2dgCDigQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2303::/32
Signature Algorithm: sha256WithRSAEncryption
22:b5:4c:a4:4e:7a:77:be:04:50:59:53:99:2e:5f:37:a4:d2:
ea:d7:f5:67:e3:74:a8:80:0e:ff:55:bd:60:af:59:7d:12:51:
90:ee:b2:fb:ea:c5:b1:82:0c:42:a5:ae:71:af:7e:32:ac:e6:
b9:02:a1:93:29:97:3e:75:73:07:bf:47:0c:aa:b6:51:0c:80:
1a:d9:70:38:d7:e3:85:7c:97:31:8d:fc:ee:51:5d:97:47:e6:
e4:8c:72:7f:d7:01:72:67:9c:55:cf:38:09:8c:86:70:ee:ea:
cd:c8:09:79:89:8d:c4:0c:ae:f3:38:bc:ac:c4:d2:95:24:d3:
cf:32:9b:79:22:fd:95:67:a3:f8:06:bd:48:a7:7d:ff:d6:ed:
c9:72:e5:46:64:6e:c2:0d:b9:06:e4:93:67:ba:23:fc:91:c5:
22:16:66:11:de:cb:67:d9:ce:b8:2e:14:d5:93:2e:74:aa:e4:
e8:4f:7d:b6:0a:6b:d2:ed:48:76:67:93:b5:ff:ab:8d:6d:99:
c1:17:c3:ae:d7:1f:51:d3:e5:b6:33:63:c3:5c:dd:1d:ad:4c:
35:4a:9b:44:6a:c0:d5:1d:28:d7:ff:da:a8:1a:28:3f:1c:5c:
54:ad:25:5f:65:f1:11:2b:2d:52:03:dc:2e:ed:2e:cc:2c:2a:
3f:13:94:b4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQjaZjpAggtg+SXryoOPCpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMTc3YjUyODA0M2E4NTk1M2ZjMjUwZjk5MWQ5ZDgwMjBl
MjgxMGQwHhcNMjUwMTAxMTk0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzUyNDE1ZjA4OGI4OTNkMTI1N2E4Njk2MjZmNTNkNGExZmZkZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28d6snWMKNZuXGVAq3Bo0aYhYNAc
fFshncpNINx7Edo1trt8g/jSxm/rYUZxk2WgLye2eXDipQBBSJN6dJ6AT8iWwe2j
mtdwb1H4EgjWsolR6CtFQcfkohCHxYf0D7j1QyPUuj/q0UvQYQO5YYUCaGv2jgiK
J/50JjNCtMaZzq/et90dhNXeLFphQmSOsilDrdtWCVwyHFMPitVPFgEIO1G7PuJm
G3yQKnNGtcIA7xx/xD+gsnqfyAStF+RP9zjdvBerJMpUTboabOokOLNaWYwWGtWl
zHqVQ5g7ewcH2S+2PtWCuiHL6MYsjcvm0sY+sK4nNL6QzeAaXrgsnism5wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLxSQV8Ii4k9EleoaWJvU9Sh/90sMB8GA1UdIwQY
MBaAFDwXe1KAQ6hZU/wlD5kdnYAg4oENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMt
YTQxNTFiNWUyZmNmLzEvdkZKQlh3aUxpVDBTVjZocFltOVQxS0hfM1N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMtYTQxNTFiNWUyZmNm
LzEvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgojAzAN
BgkqhkiG9w0BAQsFAAOCAQEAIrVMpE56d74EUFlTmS5fN6TS6tf1Z+N0qIAO/1W9
YK9ZfRJRkO6y++rFsYIMQqWuca9+MqzmuQKhkymXPnVzB79HDKq2UQyAGtlwONfj
hXyXMY387lFdl0fm5Ixyf9cBcmecVc84CYyGcO7qzcgJeYmNxAyu8zi8rMTSlSTT
zzKbeSL9lWej+Aa9SKd9/9btyXLlRmRuwg25BuSTZ7oj/JHFIhZmEd7LZ9nOuC4U
1ZMudKrk6E99tgpr0u1IdmeTtf+rjW2ZwRfDrtcfUdPltjNjw1zdHa1MNUqbRGrA
1R0o1//aqBooPxxcVK0lX2XxESstUgPcLu0uzCwqPxOUtA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:12 2025 by rpki-client on console.sobornost.net