Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/AaZqekVqXMtY7zZxpFlHfm5QAjY.roa
File: AaZqekVqXMtY7zZxpFlHfm5QAjY.roa (raw, json)
Hash identifier: sZGw/ceX9GbcsyDNRtsXxQmamgue/4b7o8nJC51Ghrc=
Subject key identifier: 01:A6:6A:7A:45:6A:5C:CB:58:EF:36:71:A4:59:47:7E:6E:50:02:36
Certificate issuer: /CN=315955c4af3eb1a8d3400a86625e365c26298d6a
Certificate serial: 0195185F22338FEF89C87B73EFEA3CCEF482
Authority key identifier: 31:59:55:C4:AF:3E:B1:A8:D3:40:0A:86:62:5E:36:5C:26:29:8D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MVlVxK8-sajTQAqGYl42XCYpjWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/AaZqekVqXMtY7zZxpFlHfm5QAjY.roa
Signing time: Tue 18 Feb 2025 09:24:02 +0000
ROA not before: Tue 18 Feb 2025 09:24:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213873
IP address blocks: 2a0f:3400:300::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:18:5f:22:33:8f:ef:89:c8:7b:73:ef:ea:3c:ce:f4:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=315955c4af3eb1a8d3400a86625e365c26298d6a
Validity
Not Before: Feb 18 09:24:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01a66a7a456a5ccb58ef3671a459477e6e500236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:18:cd:01:55:ef:0b:bd:f2:17:03:82:92:73:
36:4c:b1:05:8a:b1:48:8b:17:83:1b:0d:7f:07:72:
01:8c:db:61:51:32:b2:07:e2:47:be:b6:78:60:54:
02:46:ac:0f:62:22:7a:98:d8:9b:44:7e:70:4a:da:
9d:3f:dc:e9:b6:db:49:fd:c5:0b:69:49:20:03:69:
a8:9c:15:61:f2:ee:b6:19:6c:40:6c:31:dd:c5:e0:
bd:ae:90:3f:b3:81:1d:77:9b:d3:0c:42:d8:72:5f:
da:06:eb:89:59:60:21:23:d1:5e:b5:d6:d1:06:6c:
eb:04:f4:1d:7a:8b:99:ee:e2:1a:a4:ea:a0:e5:ae:
e4:e1:3f:da:0b:6c:50:3c:9e:ef:f5:c0:66:86:d1:
e9:52:8f:29:08:8a:a1:55:42:b2:91:6a:16:58:7b:
88:c4:e1:e3:44:4d:bd:10:e9:b7:2b:11:69:7c:23:
b0:bc:16:71:1d:24:4c:b1:40:05:86:5e:a5:40:3d:
8d:49:3f:87:50:b4:52:eb:5d:4b:0a:06:6a:6e:96:
f5:6e:f7:70:48:ba:5a:28:9c:56:00:51:57:c3:37:
f6:e9:eb:d1:d9:d7:21:ff:3c:53:30:03:ce:fa:49:
7e:9b:a0:67:9d:56:b3:08:fb:69:aa:85:ad:4d:2c:
2b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A6:6A:7A:45:6A:5C:CB:58:EF:36:71:A4:59:47:7E:6E:50:02:36
X509v3 Authority Key Identifier:
keyid:31:59:55:C4:AF:3E:B1:A8:D3:40:0A:86:62:5E:36:5C:26:29:8D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MVlVxK8-sajTQAqGYl42XCYpjWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/AaZqekVqXMtY7zZxpFlHfm5QAjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/MVlVxK8-sajTQAqGYl42XCYpjWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3400:300::/40
Signature Algorithm: sha256WithRSAEncryption
38:92:37:a8:4b:f8:dc:e6:f7:60:1f:ee:eb:23:24:eb:23:f5:
51:40:d4:91:d7:79:d2:75:ed:06:d7:dd:ba:b5:76:84:18:5a:
ea:17:ad:7f:21:ef:78:ee:2f:a1:ef:84:34:1f:86:17:54:f4:
c5:d7:35:12:3b:64:4d:53:76:73:d6:83:54:1a:5d:ab:97:9c:
b4:9c:c3:c3:e5:b8:10:96:a4:24:e6:55:6b:42:a7:56:89:f4:
e1:12:c8:a3:90:25:52:58:5d:e6:62:8b:74:b2:6c:49:e0:69:
56:10:e6:fc:b2:b0:23:32:03:01:c7:11:0e:00:6d:c9:45:d6:
95:ed:7c:e8:f1:53:1b:52:08:f3:4b:3b:be:86:54:4d:3e:1f:
8c:ab:6b:e8:e7:f8:69:06:a8:f2:7a:a1:8b:9f:94:9b:2a:41:
ba:a0:a8:38:2b:7a:44:38:4d:bb:c3:31:c8:27:12:89:f9:85:
8b:33:4c:a0:49:2e:04:d8:01:5d:74:51:7b:aa:d4:f7:8a:35:
86:93:10:d6:eb:8a:41:37:28:78:8d:a8:8d:6a:2a:55:7f:7e:
b3:a8:3d:84:d5:1b:1a:0c:4a:a5:67:34:7f:fc:23:db:74:6e:
d2:d9:79:a5:f1:af:06:14:b5:e7:f1:bb:fe:b0:65:65:3a:c0:
1d:75:d8:65
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZUYXyIzj++JyHtz7+o8zvSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNTk1NWM0YWYzZWIxYThkMzQwMGE4NjYyNWUzNjVjMjYy
OThkNmEwHhcNMjUwMjE4MDkyNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWE2NmE3YTQ1NmE1Y2NiNThlZjM2NzFhNDU5NDc3ZTZlNTAwMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBjNAVXvC73yFwOCknM2TLEFirFI
ixeDGw1/B3IBjNthUTKyB+JHvrZ4YFQCRqwPYiJ6mNibRH5wStqdP9zptttJ/cUL
aUkgA2monBVh8u62GWxAbDHdxeC9rpA/s4Edd5vTDELYcl/aBuuJWWAhI9FetdbR
BmzrBPQdeouZ7uIapOqg5a7k4T/aC2xQPJ7v9cBmhtHpUo8pCIqhVUKykWoWWHuI
xOHjRE29EOm3KxFpfCOwvBZxHSRMsUAFhl6lQD2NST+HULRS611LCgZqbpb1bvdw
SLpaKJxWAFFXwzf26evR2dch/zxTMAPO+kl+m6BnnVazCPtpqoWtTSwrZwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAGmanpFalzLWO82caRZR35uUAI2MB8GA1UdIwQY
MBaAFDFZVcSvPrGo00AKhmJeNlwmKY1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVZsVnhLOC1zYWpUUUFxR1lsNDJYQ1lwaldvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yMWM2MWEtZDZiMS00YWNhLTk3ODIt
OTczNDgzMzZmMzNhLzEvQWFacWVrVnFYTXRZN3paeHBGbEhmbTVRQWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yMWM2MWEtZDZiMS00YWNhLTk3ODItOTczNDgzMzZmMzNh
LzEvTVZsVnhLOC1zYWpUUUFxR1lsNDJYQ1lwaldvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg80AAMw
DQYJKoZIhvcNAQELBQADggEBADiSN6hL+Nzm92Af7usjJOsj9VFA1JHXedJ17QbX
3bq1doQYWuoXrX8h73juL6HvhDQfhhdU9MXXNRI7ZE1TdnPWg1QaXauXnLScw8Pl
uBCWpCTmVWtCp1aJ9OESyKOQJVJYXeZii3SybEngaVYQ5vyysCMyAwHHEQ4AbclF
1pXtfOjxUxtSCPNLO76GVE0+H4yra+jn+GkGqPJ6oYuflJsqQbqgqDgrekQ4TbvD
McgnEon5hYszTKBJLgTYAV10UXuq1PeKNYaTENbrikE3KHiNqI1qKlV/frOoPYTV
GxoMSqVnNH/8I9t0btLZeaXxrwYUtefxu/6wZWU6wB112GU=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:31 2025 by rpki-client on console.sobornost.net