Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/_XTUHF7bzFgSaXowSGHneABOjvk.roa
File: _XTUHF7bzFgSaXowSGHneABOjvk.roa (raw, json)
Hash identifier: xZKKmij8JPG4J8LJ39hdXDH65LDIJBc9mTBLxK22NGA=
Subject key identifier: FD:74:D4:1C:5E:DB:CC:58:12:69:7A:30:48:61:E7:78:00:4E:8E:F9
Certificate issuer: /CN=da7d5fca1e469929d4a8b6f57af3cbcdc639a35e
Certificate serial: 019509430826D679C199C173EA71BBD4D9B4
Authority key identifier: DA:7D:5F:CA:1E:46:99:29:D4:A8:B6:F5:7A:F3:CB:CD:C6:39:A3:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2n1fyh5GmSnUqLb1evPLzcY5o14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/_XTUHF7bzFgSaXowSGHneABOjvk.roa
Signing time: Sat 15 Feb 2025 10:59:02 +0000
ROA not before: Sat 15 Feb 2025 10:59:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 2a01:e5c0:2000::/36 maxlen: 36
2a01:e5c0:3000::/36 maxlen: 36
2a01:e5c0:4000::/36 maxlen: 36
2a01:e5c0:5000::/36 maxlen: 36
2a01:e5c0:6000::/36 maxlen: 36
2a01:e5c0:7000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:09:43:08:26:d6:79:c1:99:c1:73:ea:71:bb:d4:d9:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da7d5fca1e469929d4a8b6f57af3cbcdc639a35e
Validity
Not Before: Feb 15 10:59:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd74d41c5edbcc5812697a304861e778004e8ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:56:9a:25:51:8f:e5:3d:f9:67:68:3c:ba:6b:
65:8d:30:7d:98:e3:f1:cb:c6:b5:33:45:7e:76:8d:
96:bc:08:81:1a:4c:2e:95:37:69:e2:09:e1:ad:8e:
ae:ea:ed:bb:17:27:2a:a3:22:6a:1a:28:25:cf:75:
97:a7:95:c6:76:65:af:01:d0:0a:b0:8d:12:d1:f6:
70:36:70:ec:02:d5:22:44:e5:7b:2c:e1:d8:10:de:
4a:29:3f:67:7a:85:43:75:cf:66:95:9f:2d:76:8d:
20:ca:4c:57:93:ac:2f:d4:48:39:41:40:89:56:1e:
ce:91:8c:b2:74:bc:76:4b:0f:c8:5c:cf:f9:e0:28:
11:ff:0e:a7:b5:2c:12:a5:67:3d:3b:b5:4c:37:0d:
69:d3:75:7f:67:b1:be:c7:1e:16:5f:bb:cc:c5:d6:
49:32:d7:a4:a5:68:6f:ce:28:b3:5c:3b:c4:93:36:
83:7e:cd:f4:2e:c7:c2:05:ac:49:2b:16:bb:5c:4e:
5c:aa:83:98:0c:c6:9f:a5:18:8b:d0:7c:9d:a3:cd:
91:36:56:51:48:e8:3e:b3:0a:b8:ac:a5:1d:c4:b4:
dc:b6:44:86:96:ad:78:ee:d6:17:53:8d:65:19:dc:
44:c8:33:3a:72:69:91:4d:56:af:3e:d4:28:5b:03:
c5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:74:D4:1C:5E:DB:CC:58:12:69:7A:30:48:61:E7:78:00:4E:8E:F9
X509v3 Authority Key Identifier:
keyid:DA:7D:5F:CA:1E:46:99:29:D4:A8:B6:F5:7A:F3:CB:CD:C6:39:A3:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2n1fyh5GmSnUqLb1evPLzcY5o14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/_XTUHF7bzFgSaXowSGHneABOjvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/2n1fyh5GmSnUqLb1evPLzcY5o14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e5c0:2000::-2a01:e5c0:7fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3c:a3:e2:93:2e:e6:3e:df:2c:56:27:1c:63:32:65:d8:23:e6:
6f:b5:cd:09:20:f0:7a:54:94:66:50:b1:7e:5d:41:fa:10:87:
81:f5:eb:36:00:3e:9b:67:d5:ba:6d:e6:39:28:a8:7e:e2:27:
b2:2d:16:55:01:eb:82:f8:45:1e:0c:fd:41:c2:8b:a5:31:79:
7e:1d:dc:57:bc:e0:2a:54:43:7b:3d:cb:33:76:41:19:f6:ea:
f7:1d:67:ba:5b:59:2d:13:10:b1:ca:9f:30:e5:34:27:3f:cf:
88:cd:98:ef:68:0b:6b:a1:6b:ad:7c:2d:7d:09:0c:e9:09:21:
61:12:5c:e2:8b:ad:67:07:1d:da:9a:c5:ff:0a:23:37:c7:50:
2e:7b:a7:3a:51:10:cc:ba:7c:cf:8f:34:54:2f:07:92:58:b0:
58:ff:17:53:4b:09:5f:28:e4:9f:f1:5f:dc:62:3a:93:77:aa:
97:dc:41:2d:f9:31:4a:44:a7:47:26:71:4f:80:6e:67:a3:92:
60:31:48:e5:37:84:6b:a1:dc:a4:e4:38:04:d1:82:8d:3a:6d:
00:05:29:31:6b:ef:cd:7a:e6:6f:c0:72:4b:47:74:b1:c4:31:
dd:59:2f:f6:7d:8e:23:f5:28:23:98:34:6e:32:39:a7:b2:5c:
0a:f9:17:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUJQwgm1nnBmcFz6nG71Nm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhN2Q1ZmNhMWU0Njk5MjlkNGE4YjZmNTdhZjNjYmNkYzYz
OWEzNWUwHhcNMjUwMjE1MTA1OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDc0ZDQxYzVlZGJjYzU4MTI2OTdhMzA0ODYxZTc3ODAwNGU4ZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVaaJVGP5T35Z2g8umtljTB9mOPx
y8a1M0V+do2WvAiBGkwulTdp4gnhrY6u6u27FycqoyJqGiglz3WXp5XGdmWvAdAK
sI0S0fZwNnDsAtUiROV7LOHYEN5KKT9neoVDdc9mlZ8tdo0gykxXk6wv1Eg5QUCJ
Vh7OkYyydLx2Sw/IXM/54CgR/w6ntSwSpWc9O7VMNw1p03V/Z7G+xx4WX7vMxdZJ
MtekpWhvziizXDvEkzaDfs30LsfCBaxJKxa7XE5cqoOYDMafpRiL0Hydo82RNlZR
SOg+swq4rKUdxLTctkSGlq147tYXU41lGdxEyDM6cmmRTVavPtQoWwPF7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP101Bxe28xYEml6MEhh53gATo75MB8GA1UdIwQY
MBaAFNp9X8oeRpkp1Ki29Xrzy83GOaNeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm4xZnloNUdtU25VcUxiMWV2UEx6Y1k1bzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wNjBmMzItYTQ4Yi00NjU3LWE1OGIt
NDFiNzMwMzI3Yzc4LzEvX1hUVUhGN2J6RmdTYVhvd1NHSG5lQUJPanZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wNjBmMzItYTQ4Yi00NjU3LWE1OGItNDFiNzMwMzI3Yzc4
LzEvMm4xZnloNUdtU25VcUxiMWV2UEx6Y1k1bzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgUqAeXA
IAMGByoB5cAAMA0GCSqGSIb3DQEBCwUAA4IBAQA8o+KTLuY+3yxWJxxjMmXYI+Zv
tc0JIPB6VJRmULF+XUH6EIeB9es2AD6bZ9W6beY5KKh+4ieyLRZVAeuC+EUeDP1B
woulMXl+HdxXvOAqVEN7PcszdkEZ9ur3HWe6W1ktExCxyp8w5TQnP8+IzZjvaAtr
oWutfC19CQzpCSFhElzii61nBx3amsX/CiM3x1Aue6c6URDMunzPjzRULweSWLBY
/xdTSwlfKOSf8V/cYjqTd6qX3EEt+TFKRKdHJnFPgG5no5JgMUjlN4Rrodyk5DgE
0YKNOm0ABSkxa+/NeuZvwHJLR3SxxDHdWS/2fY4j9SgjmDRuMjmnslwK+ReH
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:54:16 2025 by rpki-client on console.sobornost.net