Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/dvwHTHC0Xxm9THUuGcG_09c4FjQ.roa
File: dvwHTHC0Xxm9THUuGcG_09c4FjQ.roa (raw, json)
Hash identifier: CYbIAVZhd9fZf4pQWMUjRGMNQOjRk1SD1cBDpwmXMpw=
Subject key identifier: 76:FC:07:4C:70:B4:5F:19:BD:4C:75:2E:19:C1:BF:D3:D7:38:16:34
Certificate issuer: /CN=5bf5bda583652e0587fef84166b41f6cda8f1f78
Certificate serial: 01948C2B22275D8F8F09D73EFA2036B6223E
Authority key identifier: 5B:F5:BD:A5:83:65:2E:05:87:FE:F8:41:66:B4:1F:6C:DA:8F:1F:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_W9pYNlLgWH_vhBZrQfbNqPH3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/dvwHTHC0Xxm9THUuGcG_09c4FjQ.roa
Signing time: Wed 22 Jan 2025 04:00:24 +0000
ROA not before: Wed 22 Jan 2025 04:00:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 2a09:a380:100::/40 maxlen: 40
2a09:a380:200::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8c:2b:22:27:5d:8f:8f:09:d7:3e:fa:20:36:b6:22:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf5bda583652e0587fef84166b41f6cda8f1f78
Validity
Not Before: Jan 22 04:00:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76fc074c70b45f19bd4c752e19c1bfd3d7381634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:09:a6:79:6b:b3:17:e0:2e:dc:c3:e0:dc:a4:
48:b0:5d:40:57:e9:76:b3:e0:be:92:2e:33:73:8a:
f2:cc:90:ef:4d:c3:59:7c:b2:4a:ae:df:09:84:2d:
8f:b6:20:c7:98:3c:b9:09:43:ac:f1:63:36:70:b3:
9b:7c:f6:6e:12:ad:b9:6c:98:94:54:1a:cc:f5:8e:
ed:30:b1:79:aa:69:a4:df:08:b8:ad:c4:18:d7:41:
b4:72:cb:57:3b:1e:8f:8d:3f:45:0c:b1:36:e5:1e:
e5:3e:08:7f:33:1a:5e:73:a2:c7:28:47:4c:08:8a:
40:c4:1f:2b:b3:9d:07:94:a7:94:9d:40:53:5f:17:
2f:9c:65:34:1f:65:0b:66:c8:25:3b:ca:6f:23:60:
ea:05:10:8d:2d:3e:ec:2d:fc:20:e1:2c:2f:b9:d0:
46:80:67:3a:7f:47:60:e1:23:c4:fd:f1:58:8a:21:
86:48:52:e1:7f:4a:9e:45:d9:af:db:0f:69:3c:51:
c3:4f:04:0d:34:fb:26:eb:f5:65:f4:14:df:bf:da:
0c:6e:7d:1d:5f:a0:56:79:1a:f9:0f:55:b6:3a:64:
e3:9e:42:64:bc:56:04:48:38:87:49:d8:cf:bb:18:
e9:0e:bb:21:36:03:12:ec:be:66:82:30:1b:af:ff:
50:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:FC:07:4C:70:B4:5F:19:BD:4C:75:2E:19:C1:BF:D3:D7:38:16:34
X509v3 Authority Key Identifier:
keyid:5B:F5:BD:A5:83:65:2E:05:87:FE:F8:41:66:B4:1F:6C:DA:8F:1F:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_W9pYNlLgWH_vhBZrQfbNqPH3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/dvwHTHC0Xxm9THUuGcG_09c4FjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/W_W9pYNlLgWH_vhBZrQfbNqPH3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a380:100::-2a09:a380:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7a:41:84:a1:a0:87:d3:bb:3f:71:b9:92:13:a2:79:63:95:5b:
c2:b5:c0:34:20:6b:f0:6a:0e:61:f5:51:a4:9d:77:86:ba:90:
5b:4c:20:93:27:e4:96:94:d3:b9:74:f3:73:8b:5e:56:3b:17:
7b:7d:bd:eb:2c:fe:a2:a2:55:21:b0:e0:7f:57:33:ca:5a:5a:
e6:3d:87:69:93:38:de:24:57:57:0a:9d:31:32:2f:da:80:af:
41:dc:10:df:cb:be:24:72:9b:2f:76:f9:1f:9d:7a:5b:c9:9e:
23:01:f7:79:cc:77:67:19:3e:70:4e:6a:d3:8d:9f:59:1c:ea:
49:a4:ae:a1:f5:ed:3e:9b:29:10:da:74:96:0d:1d:f0:ed:7b:
4f:dc:6e:1b:e4:f5:19:9d:77:cd:2a:69:2c:73:5a:24:41:35:
6a:52:69:dd:26:6f:35:21:03:b8:25:19:57:36:19:02:91:82:
1f:4b:13:b6:79:23:ca:a6:0b:1a:d0:2f:b8:f9:12:ad:a9:39:
e3:47:40:ea:1b:32:a3:b2:70:06:8b:0d:0b:c2:ab:00:17:be:
25:16:63:4b:b5:ab:9e:5e:1b:7e:e5:41:17:86:89:b9:a2:e0:
bf:3f:70:9f:69:8b:5b:1c:57:82:73:b3:81:92:59:36:65:f4:
f2:83:b4:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZSMKyInXY+PCdc++iA2tiI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZjViZGE1ODM2NTJlMDU4N2ZlZjg0MTY2YjQxZjZjZGE4
ZjFmNzgwHhcNMjUwMTIyMDQwMDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmZjMDc0YzcwYjQ1ZjE5YmQ0Yzc1MmUxOWMxYmZkM2Q3MzgxNjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAmmeWuzF+Au3MPg3KRIsF1AV+l2
s+C+ki4zc4ryzJDvTcNZfLJKrt8JhC2PtiDHmDy5CUOs8WM2cLObfPZuEq25bJiU
VBrM9Y7tMLF5qmmk3wi4rcQY10G0cstXOx6PjT9FDLE25R7lPgh/Mxpec6LHKEdM
CIpAxB8rs50HlKeUnUBTXxcvnGU0H2ULZsglO8pvI2DqBRCNLT7sLfwg4SwvudBG
gGc6f0dg4SPE/fFYiiGGSFLhf0qeRdmv2w9pPFHDTwQNNPsm6/Vl9BTfv9oMbn0d
X6BWeRr5D1W2OmTjnkJkvFYESDiHSdjPuxjpDrshNgMS7L5mgjAbr/9QgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHb8B0xwtF8ZvUx1LhnBv9PXOBY0MB8GA1UdIwQY
MBaAFFv1vaWDZS4Fh/74QWa0H2zajx94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV19XOXBZTmxMZ1dIX3ZoQlpyUWZiTnFQSDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jN2I3ZGQtMWY3MC00YmFlLTlkNmMt
MmE3OWU1ZDIyYWUxLzEvZHZ3SFRIQzBYeG05VEhVdUdjR18wOWM0RmpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jN2I3ZGQtMWY3MC00YmFlLTlkNmMtMmE3OWU1ZDIyYWUx
LzEvV19XOXBZTmxMZ1dIX3ZoQlpyUWZiTnFQSDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgAqCaOA
AQMGACoJo4ACMA0GCSqGSIb3DQEBCwUAA4IBAQB6QYShoIfTuz9xuZITonljlVvC
tcA0IGvwag5h9VGknXeGupBbTCCTJ+SWlNO5dPNzi15WOxd7fb3rLP6iolUhsOB/
VzPKWlrmPYdpkzjeJFdXCp0xMi/agK9B3BDfy74kcpsvdvkfnXpbyZ4jAfd5zHdn
GT5wTmrTjZ9ZHOpJpK6h9e0+mykQ2nSWDR3w7XtP3G4b5PUZnXfNKmksc1okQTVq
UmndJm81IQO4JRlXNhkCkYIfSxO2eSPKpgsa0C+4+RKtqTnjR0DqGzKjsnAGiw0L
wqsAF74lFmNLtaueXht+5UEXhom5ouC/P3CfaYtbHFeCc7OBklk2ZfTyg7T0
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:24:50 2025 by rpki-client on console.sobornost.net