Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/57c6ea-1bb5-42a0-8679-d07fa3e6b3d3/1/D4h91o5D5LpRFiTgm7RzTo2LaNw.roa
File: D4h91o5D5LpRFiTgm7RzTo2LaNw.roa (raw, json)
Hash identifier: Zr6sYgO/qCLvQUpUT/a9F1ZpmzMHKgAzXVdmByDQ8A4=
Subject key identifier: 0F:88:7D:D6:8E:43:E4:BA:51:16:24:E0:9B:B4:73:4E:8D:8B:68:DC
Certificate issuer: /CN=68c16663692f6c684574f6460aace6257fb792a2
Certificate serial: 0195D1C20AF33172E31B0FA8C666335FB75A
Authority key identifier: 68:C1:66:63:69:2F:6C:68:45:74:F6:46:0A:AC:E6:25:7F:B7:92:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMFmY2kvbGhFdPZGCqzmJX-3kqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/57c6ea-1bb5-42a0-8679-d07fa3e6b3d3/1/D4h91o5D5LpRFiTgm7RzTo2LaNw.roa
Signing time: Wed 26 Mar 2025 09:21:49 +0000
ROA not before: Wed 26 Mar 2025 09:21:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211445
IP address blocks: 2a14:aa80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d1:c2:0a:f3:31:72:e3:1b:0f:a8:c6:66:33:5f:b7:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c16663692f6c684574f6460aace6257fb792a2
Validity
Not Before: Mar 26 09:21:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f887dd68e43e4ba511624e09bb4734e8d8b68dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:33:ea:f4:d1:4a:88:e8:08:14:a0:1a:4f:12:
52:92:5e:f8:7c:0d:51:41:6e:da:fd:33:4a:75:a4:
4b:87:c9:a2:c3:ba:de:3f:00:99:8f:b9:0c:d2:71:
ad:92:8a:97:df:51:61:e7:e6:aa:48:a8:40:c3:6f:
b6:c8:44:ad:1c:70:1f:4e:92:d9:f2:d0:3c:fc:73:
32:e7:f9:00:74:cf:2d:73:86:a5:c4:66:ff:5c:a0:
4b:ab:fe:50:ec:9f:1d:5e:1d:59:db:ae:9c:7e:d9:
e6:be:05:03:f7:fc:bd:3a:a9:2f:b9:19:44:9e:c3:
3f:8f:f9:22:55:db:74:bb:bc:f3:28:29:80:19:0a:
83:a3:c9:8f:cd:e2:be:b4:98:90:4b:01:48:86:57:
46:01:a1:5f:ec:1d:3b:76:cf:93:76:ba:cd:aa:28:
6e:20:45:fc:43:76:2b:94:c4:3f:2d:c9:37:37:82:
46:52:26:a2:4b:b5:57:9f:54:92:c4:64:3a:00:dd:
54:6e:18:32:23:11:05:98:84:46:7f:06:7e:91:8b:
ba:ff:e5:ce:50:23:09:0c:6f:3a:a8:bb:41:50:35:
ee:bc:32:29:a9:27:15:c9:5b:8b:f2:09:f4:8c:c0:
33:f1:09:42:c1:6e:f1:40:1b:53:c4:6a:79:c3:2c:
a3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:88:7D:D6:8E:43:E4:BA:51:16:24:E0:9B:B4:73:4E:8D:8B:68:DC
X509v3 Authority Key Identifier:
keyid:68:C1:66:63:69:2F:6C:68:45:74:F6:46:0A:AC:E6:25:7F:B7:92:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMFmY2kvbGhFdPZGCqzmJX-3kqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/57c6ea-1bb5-42a0-8679-d07fa3e6b3d3/1/D4h91o5D5LpRFiTgm7RzTo2LaNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/57c6ea-1bb5-42a0-8679-d07fa3e6b3d3/1/aMFmY2kvbGhFdPZGCqzmJX-3kqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:aa80::/32
Signature Algorithm: sha256WithRSAEncryption
50:90:f5:b8:af:17:a3:78:77:e0:67:63:0a:a4:38:e2:88:2c:
13:0e:f9:13:43:73:59:e8:d9:5d:31:98:db:36:8a:82:59:3a:
9f:ac:f3:f0:7b:44:64:e3:ca:ea:48:63:9d:5d:e4:6e:23:fb:
56:d7:4a:99:2a:3a:01:f8:b8:2d:56:77:de:1b:47:a0:24:e7:
dc:ca:00:4e:5f:4a:76:90:e5:3a:2a:6c:a7:41:ef:7b:f2:4f:
51:d4:af:1c:c9:e6:de:cf:35:2b:1f:f2:7c:78:e2:07:ca:82:
cd:e1:55:e1:5c:7e:ac:b3:31:37:cb:5d:28:ef:61:a0:cf:65:
d9:ed:dd:61:4f:2b:de:7e:79:8c:2b:c1:8a:56:fd:83:d6:11:
9c:42:96:48:c5:ee:de:e3:37:66:32:28:c9:cd:0e:89:9c:8e:
67:7e:af:f4:82:d5:14:37:6c:6d:95:9d:e3:0b:88:e8:cb:21:
21:f1:85:9d:5c:31:47:05:7f:cf:22:77:5f:3f:aa:ca:45:cc:
17:7c:ba:66:94:f4:50:0a:6d:fa:76:89:9f:89:2d:c0:ba:bb:
ed:23:d4:a3:aa:23:ff:58:c2:e4:c8:88:57:07:63:b5:11:00:
52:18:01:40:f8:9c:36:6c:ce:eb:db:d5:b0:12:dc:39:6f:07:
a6:ef:94:05
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZXRwgrzMXLjGw+oxmYzX7daMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzE2NjYzNjkyZjZjNjg0NTc0ZjY0NjBhYWNlNjI1N2Zi
NzkyYTIwHhcNMjUwMzI2MDkyMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjg4N2RkNjhlNDNlNGJhNTExNjI0ZTA5YmI0NzM0ZThkOGI2OGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDPq9NFKiOgIFKAaTxJSkl74fA1R
QW7a/TNKdaRLh8miw7rePwCZj7kM0nGtkoqX31Fh5+aqSKhAw2+2yEStHHAfTpLZ
8tA8/HMy5/kAdM8tc4alxGb/XKBLq/5Q7J8dXh1Z266cftnmvgUD9/y9OqkvuRlE
nsM/j/kiVdt0u7zzKCmAGQqDo8mPzeK+tJiQSwFIhldGAaFf7B07ds+TdrrNqihu
IEX8Q3YrlMQ/Lck3N4JGUiaiS7VXn1SSxGQ6AN1UbhgyIxEFmIRGfwZ+kYu6/+XO
UCMJDG86qLtBUDXuvDIpqScVyVuL8gn0jMAz8QlCwW7xQBtTxGp5wyyjmwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA+IfdaOQ+S6URYk4Ju0c06Ni2jcMB8GA1UdIwQY
MBaAFGjBZmNpL2xoRXT2Rgqs5iV/t5KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1GbVkya3ZiR2hGZFBaR0Nxem1KWC0za3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81N2M2ZWEtMWJiNS00MmEwLTg2Nzkt
ZDA3ZmEzZTZiM2QzLzEvRDRoOTFvNUQ1THBSRmlUZ203UnpUbzJMYU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81N2M2ZWEtMWJiNS00MmEwLTg2NzktZDA3ZmEzZTZiM2Qz
LzEvYU1GbVkya3ZiR2hGZFBaR0Nxem1KWC0za3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhSqgDAN
BgkqhkiG9w0BAQsFAAOCAQEAUJD1uK8Xo3h34GdjCqQ44ogsEw75E0NzWejZXTGY
2zaKglk6n6zz8HtEZOPK6khjnV3kbiP7VtdKmSo6Afi4LVZ33htHoCTn3MoATl9K
dpDlOipsp0Hve/JPUdSvHMnm3s81Kx/yfHjiB8qCzeFV4Vx+rLMxN8tdKO9hoM9l
2e3dYU8r3n55jCvBilb9g9YRnEKWSMXu3uM3ZjIoyc0OiZyOZ36v9ILVFDdsbZWd
4wuI6MshIfGFnVwxRwV/zyJ3Xz+qykXMF3y6ZpT0UApt+naJn4ktwLq77SPUo6oj
/1jC5MiIVwdjtREAUhgBQPicNmzO69vVsBLcOW8Hpu+UBQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:24 2025 by rpki-client on console.sobornost.net