Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/2f833f-a7e8-4f9d-a383-123fa2ab9408/1/U-ro-LNCvBFTwBgTtGDT2mvZouk.roa
File: U-ro-LNCvBFTwBgTtGDT2mvZouk.roa (raw, json)
Hash identifier: 6fLiIQ9uzQL3oVBXgLqfKJlttobGrN9uY8IvnWrXSwc=
Subject key identifier: 53:EA:E8:F8:B3:42:BC:11:53:C0:18:13:B4:60:D3:DA:6B:D9:A2:E9
Certificate issuer: /CN=72b25d859ff06be1ebc97add5dec05d36fcdca2d
Certificate serial: 019423D716636346524DF84763A16997FCE4
Authority key identifier: 72:B2:5D:85:9F:F0:6B:E1:EB:C9:7A:DD:5D:EC:05:D3:6F:CD:CA:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crJdhZ_wa-HryXrdXewF02_Nyi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/2f833f-a7e8-4f9d-a383-123fa2ab9408/1/U-ro-LNCvBFTwBgTtGDT2mvZouk.roa
Signing time: Wed 01 Jan 2025 21:48:05 +0000
ROA not before: Wed 01 Jan 2025 21:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35675
IP address blocks: 2001:678:980::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:16:63:63:46:52:4d:f8:47:63:a1:69:97:fc:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b25d859ff06be1ebc97add5dec05d36fcdca2d
Validity
Not Before: Jan 1 21:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53eae8f8b342bc1153c01813b460d3da6bd9a2e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b0:ce:ce:59:c3:82:fa:e2:65:ea:16:6b:b9:
fa:a5:1d:4f:18:98:05:70:26:5a:37:84:16:70:6d:
d5:fb:fe:92:f4:7a:24:e8:9b:84:12:a0:b8:a3:5c:
90:d7:f9:78:a8:40:4d:59:b2:5e:38:6a:70:8c:49:
d0:2f:12:9a:e3:f1:fb:f1:61:92:9c:68:41:e2:d1:
0b:25:ee:b5:f3:1e:ae:a9:9f:4d:9c:69:c1:a5:f0:
7c:4c:c6:d3:b8:7f:6f:cd:6d:e0:34:c2:03:8c:db:
84:68:b5:e2:dd:c4:58:53:c2:54:d8:cc:96:c2:1e:
78:f6:1d:b2:f2:0c:33:6c:e8:8b:cb:3f:64:79:9a:
ad:13:9a:7a:b1:76:11:70:72:41:cd:f1:20:78:5e:
45:cd:98:6b:d1:f3:fd:a3:89:c0:23:89:df:d5:07:
5d:97:fd:58:bc:33:eb:aa:8f:ae:4b:10:f3:bf:ef:
ab:9c:8a:13:10:9c:18:a0:50:c9:84:6c:ea:08:1a:
a1:1e:b1:32:bb:b2:76:38:9b:e2:e7:71:f0:90:58:
81:82:0e:be:88:ba:61:3c:d4:34:7b:b3:f4:df:08:
1c:d7:2b:23:46:5c:2f:1f:22:7e:73:c3:81:75:ef:
27:45:17:3f:f4:22:7a:32:16:33:46:89:cf:77:a6:
d7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EA:E8:F8:B3:42:BC:11:53:C0:18:13:B4:60:D3:DA:6B:D9:A2:E9
X509v3 Authority Key Identifier:
keyid:72:B2:5D:85:9F:F0:6B:E1:EB:C9:7A:DD:5D:EC:05:D3:6F:CD:CA:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crJdhZ_wa-HryXrdXewF02_Nyi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/2f833f-a7e8-4f9d-a383-123fa2ab9408/1/U-ro-LNCvBFTwBgTtGDT2mvZouk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/2f833f-a7e8-4f9d-a383-123fa2ab9408/1/crJdhZ_wa-HryXrdXewF02_Nyi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:980::/48
Signature Algorithm: sha256WithRSAEncryption
4b:00:8c:f0:1a:b1:d2:e6:be:04:c1:55:3f:22:c6:5d:66:88:
a4:7b:1d:17:13:d0:33:5b:8b:6d:cf:e4:a9:85:99:fe:41:b5:
e3:58:c7:ba:76:da:2c:83:8f:fa:f3:1a:98:b9:9a:0f:48:a5:
f6:e9:77:ec:16:95:0d:c6:99:25:8b:b6:d2:ca:28:68:f5:02:
60:e3:80:97:68:d1:c6:de:61:cf:e6:0f:85:92:a1:fa:10:25:
16:4e:bb:3d:f3:04:27:4a:15:01:cc:1c:6d:39:0f:d4:2e:a0:
3d:77:0c:b3:30:63:bc:37:d2:aa:27:09:6f:62:11:98:75:32:
d5:6e:13:7f:8b:7d:d2:6c:6f:0c:f5:4d:0f:78:04:88:04:c5:
83:b3:65:a9:01:75:f3:4a:fa:b0:03:6c:6f:ef:06:e7:b5:03:
ec:22:9d:03:79:d5:cf:3b:56:05:5e:fe:b4:98:4e:44:d7:bc:
51:61:9d:36:7e:27:6a:12:0d:c0:a0:dd:79:5a:97:ee:34:cc:
d5:01:e0:12:3e:ee:ce:44:38:70:70:f0:57:ce:4e:58:69:bc:
d0:ba:c5:78:88:31:d7:ff:10:df:42:11:64:35:c2:1f:dd:8b:
a5:e0:c5:2d:99:84:24:cc:2d:84:72:8e:c4:33:99:2a:a5:d5:
83:cf:af:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj1xZjY0ZSTfhHY6Fpl/zkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjI1ZDg1OWZmMDZiZTFlYmM5N2FkZDVkZWMwNWQzNmZj
ZGNhMmQwHhcNMjUwMTAxMjE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2VhZThmOGIzNDJiYzExNTNjMDE4MTNiNDYwZDNkYTZiZDlhMmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrDOzlnDgvriZeoWa7n6pR1PGJgF
cCZaN4QWcG3V+/6S9Hok6JuEEqC4o1yQ1/l4qEBNWbJeOGpwjEnQLxKa4/H78WGS
nGhB4tELJe618x6uqZ9NnGnBpfB8TMbTuH9vzW3gNMIDjNuEaLXi3cRYU8JU2MyW
wh549h2y8gwzbOiLyz9keZqtE5p6sXYRcHJBzfEgeF5FzZhr0fP9o4nAI4nf1Qdd
l/1YvDPrqo+uSxDzv++rnIoTEJwYoFDJhGzqCBqhHrEyu7J2OJvi53HwkFiBgg6+
iLphPNQ0e7P03wgc1ysjRlwvHyJ+c8OBde8nRRc/9CJ6MhYzRonPd6bXuQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFPq6PizQrwRU8AYE7Rg09pr2aLpMB8GA1UdIwQY
MBaAFHKyXYWf8Gvh68l63V3sBdNvzcotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JKZGhaX3dhLUhyeVhyZFhld0YwMl9OeWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8yZjgzM2YtYTdlOC00ZjlkLWEzODMt
MTIzZmEyYWI5NDA4LzEvVS1yby1MTkN2QkZUd0JnVHRHRFQybXZab3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8yZjgzM2YtYTdlOC00ZjlkLWEzODMtMTIzZmEyYWI5NDA4
LzEvY3JKZGhaX3dhLUhyeVhyZFhld0YwMl9OeWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAmA
MA0GCSqGSIb3DQEBCwUAA4IBAQBLAIzwGrHS5r4EwVU/IsZdZoikex0XE9AzW4tt
z+SphZn+QbXjWMe6dtosg4/68xqYuZoPSKX26XfsFpUNxpkli7bSyiho9QJg44CX
aNHG3mHP5g+FkqH6ECUWTrs98wQnShUBzBxtOQ/ULqA9dwyzMGO8N9KqJwlvYhGY
dTLVbhN/i33SbG8M9U0PeASIBMWDs2WpAXXzSvqwA2xv7wbntQPsIp0DedXPO1YF
Xv60mE5E17xRYZ02fidqEg3AoN15WpfuNMzVAeASPu7ORDhwcPBXzk5YabzQusV4
iDHX/xDfQhFkNcIf3Yul4MUtmYQkzC2Eco7EM5kqpdWDz68Q
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:27 2025 by rpki-client on console.sobornost.net