Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/tWTx91zKwnMqo4ymab78lMSrAv8.roa
File: tWTx91zKwnMqo4ymab78lMSrAv8.roa (raw, json)
Hash identifier: ueVp+aZdHi8wvh5xrtibgRIouCvFn7uQziD4gJ74yO0=
Subject key identifier: B5:64:F1:F7:5C:CA:C2:73:2A:A3:8C:A6:69:BE:FC:94:C4:AB:02:FF
Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial: 0194221FEECA72EEFB0E50B1F55CEBEE497E
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/tWTx91zKwnMqo4ymab78lMSrAv8.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1921
IP address blocks: 2a04:2b00:14cc::/48 maxlen: 48
2a04:2b00:14dd::/48 maxlen: 48
2a04:2b00:14ee::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ee:ca:72:ee:fb:0e:50:b1:f5:5c:eb:ee:49:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b564f1f75ccac2732aa38ca669befc94c4ab02ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ac:da:db:66:f5:d6:ea:34:42:ae:7a:c0:73:
a3:f1:a4:eb:8c:35:1b:6e:47:b2:b4:ca:23:73:88:
0f:c3:88:94:03:8d:8a:ad:b5:1d:de:36:c7:10:f9:
75:c0:38:56:7f:24:86:3e:ca:b8:39:8e:d8:d0:ef:
d0:aa:67:41:8e:c0:24:70:94:7e:bf:fd:92:75:e1:
fc:ba:a5:63:a1:35:cb:9c:2f:3a:b0:e0:40:a6:98:
72:e7:90:01:af:e5:19:bc:a6:2c:e9:6f:dc:26:37:
61:09:f0:7a:98:e5:ca:8a:85:d1:22:53:1e:19:ad:
fb:d0:2c:7d:af:12:42:51:de:58:52:4c:a0:43:58:
3c:c3:ce:52:e6:9d:27:13:ee:d5:4e:ea:8d:88:3e:
4c:04:25:a1:90:e7:31:9c:c5:26:4f:16:04:97:11:
b9:ba:c5:af:c6:15:f2:be:47:9f:2f:5c:db:45:26:
c4:79:6d:00:a1:da:a1:28:0e:66:d1:d0:6f:ef:46:
26:f6:a4:54:90:69:13:e6:f5:f1:61:d1:de:b0:a5:
63:f1:c5:cc:ff:da:09:fe:c8:ff:ca:66:c5:02:18:
63:77:63:f0:9d:c7:4f:33:06:71:b5:11:da:97:56:
07:a7:7a:61:f9:29:63:26:8c:a1:4d:3e:11:b1:d6:
4f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:64:F1:F7:5C:CA:C2:73:2A:A3:8C:A6:69:BE:FC:94:C4:AB:02:FF
X509v3 Authority Key Identifier:
keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/tWTx91zKwnMqo4ymab78lMSrAv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2b00:14cc::/48
2a04:2b00:14dd::/48
2a04:2b00:14ee::/48
Signature Algorithm: sha256WithRSAEncryption
8d:39:e8:3b:b8:74:e5:9b:13:e6:b4:68:24:04:93:1b:06:cf:
4c:10:a1:e7:00:1d:c6:8c:37:ad:c9:1f:6b:f9:06:bf:4a:43:
3e:2e:aa:d4:b8:11:10:e2:69:08:8c:82:11:03:72:85:50:37:
c7:ee:7a:73:65:f2:48:1e:f5:a3:5d:27:8b:69:ac:32:47:63:
41:a5:5f:73:bc:fa:d2:c6:15:61:de:fa:06:08:d5:55:67:7c:
ac:e7:83:e1:da:61:99:9d:b9:c6:d0:29:e6:44:bb:f8:da:91:
69:a7:eb:d4:71:fc:7c:17:78:0c:af:37:b8:48:06:49:dc:9d:
b1:f2:83:01:b8:c7:1b:9c:ab:84:ad:a3:5a:fd:a4:e3:eb:1b:
5d:5f:a4:86:a6:16:7c:61:1a:cc:6b:07:f9:67:ed:ce:32:03:
1a:29:a6:8c:78:b9:b4:dc:07:b2:80:61:c9:d1:f4:28:41:64:
9a:90:75:0a:19:82:78:cd:30:ac:78:9b:4e:c6:45:9d:3b:3c:
be:ec:d2:66:2f:07:ff:0a:52:06:c0:0b:4c:bf:5f:a3:1a:31:
10:ab:e6:68:2e:97:d5:b1:04:06:50:b8:32:44:79:69:1f:6b:
67:ad:bb:c9:66:8b:f9:7b:9f:6d:f1:e6:f6:f6:ff:bd:b0:db:
fd:16:73:1f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQiH+7Kcu77DlCx9Vzr7kl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzZhZmI3NGZhZDViYWYwYTYxODBiNDk1MTBkOGI4NDk3
ZGY4ZDMwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTY0ZjFmNzVjY2FjMjczMmFhMzhjYTY2OWJlZmM5NGM0YWIwMmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqza22b11uo0Qq56wHOj8aTrjDUb
bkeytMojc4gPw4iUA42KrbUd3jbHEPl1wDhWfySGPsq4OY7Y0O/QqmdBjsAkcJR+
v/2SdeH8uqVjoTXLnC86sOBApphy55ABr+UZvKYs6W/cJjdhCfB6mOXKioXRIlMe
Ga370Cx9rxJCUd5YUkygQ1g8w85S5p0nE+7VTuqNiD5MBCWhkOcxnMUmTxYElxG5
usWvxhXyvkefL1zbRSbEeW0AodqhKA5m0dBv70Ym9qRUkGkT5vXxYdHesKVj8cXM
/9oJ/sj/ymbFAhhjd2PwncdPMwZxtRHal1YHp3ph+SljJoyhTT4RsdZP3QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLVk8fdcysJzKqOMpmm+/JTEqwL/MB8GA1UdIwQY
MBaAFEd2r7dPrVuvCmGAtJUQ2LhJffjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEt
MDUzOGU5NWYzZjEyLzEvdFdUeDkxekt3bk1xbzR5bWFiNzhsTVNyQXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEtMDUzOGU5NWYzZjEy
LzEvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgQrABTM
AwcAKgQrABTdAwcAKgQrABTuMA0GCSqGSIb3DQEBCwUAA4IBAQCNOeg7uHTlmxPm
tGgkBJMbBs9MEKHnAB3GjDetyR9r+Qa/SkM+LqrUuBEQ4mkIjIIRA3KFUDfH7npz
ZfJIHvWjXSeLaawyR2NBpV9zvPrSxhVh3voGCNVVZ3ys54Ph2mGZnbnG0CnmRLv4
2pFpp+vUcfx8F3gMrze4SAZJ3J2x8oMBuMcbnKuEraNa/aTj6xtdX6SGphZ8YRrM
awf5Z+3OMgMaKaaMeLm03AeygGHJ0fQoQWSakHUKGYJ4zTCseJtOxkWdOzy+7NJm
Lwf/ClIGwAtMv1+jGjEQq+ZoLpfVsQQGULgyRHlpH2tnrbvJZov5e59t8eb29v+9
sNv9FnMf
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:27 2025 by rpki-client on console.sobornost.net