Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/3a6bdd-0d3c-4a0d-8db6-2dd25184b0d0/1/L86Czh-hgFnJfXYShvX9w1KKWEg.roa
File: L86Czh-hgFnJfXYShvX9w1KKWEg.roa (raw, json)
Hash identifier: UlpXjqDOYfOCQf+VBo1cHNYWZUpj4u/uB6dnGVYlbBQ=
Subject key identifier: 2F:CE:82:CE:1F:A1:80:59:C9:7D:76:12:86:F5:FD:C3:52:8A:58:48
Certificate issuer: /CN=d4336d5e74f1f8b7db1329f00bb857241ae74d19
Certificate serial: 019425FC31014C6CE26999334D9D449CD406
Authority key identifier: D4:33:6D:5E:74:F1:F8:B7:DB:13:29:F0:0B:B8:57:24:1A:E7:4D:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DNtXnTx-LfbEynwC7hXJBrnTRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/3a6bdd-0d3c-4a0d-8db6-2dd25184b0d0/1/L86Czh-hgFnJfXYShvX9w1KKWEg.roa
Signing time: Thu 02 Jan 2025 07:47:52 +0000
ROA not before: Thu 02 Jan 2025 07:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214319
IP address blocks: 2a01:e680::/29 maxlen: 120
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:31:01:4c:6c:e2:69:99:33:4d:9d:44:9c:d4:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4336d5e74f1f8b7db1329f00bb857241ae74d19
Validity
Not Before: Jan 2 07:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fce82ce1fa18059c97d761286f5fdc3528a5848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:70:6c:fb:70:f7:27:21:bc:b3:23:ab:60:3c:
f2:0d:1d:50:c3:f0:11:ae:dc:01:a9:95:8f:51:3a:
78:67:0e:45:e7:6e:ad:f8:06:33:f0:c0:95:fa:51:
ad:23:cd:2c:52:1f:49:52:3b:a0:d2:9a:a1:3e:22:
56:66:b2:0d:aa:0d:7b:18:9e:55:4a:2c:79:db:47:
21:f9:06:7a:c5:49:92:b4:e9:4a:f2:10:1d:10:d3:
c7:e8:9d:b0:04:86:9e:d0:e1:68:04:55:6c:f4:83:
4f:e9:9d:38:85:dc:87:93:18:84:3c:28:c2:7d:83:
ab:1d:11:22:64:e8:7a:c3:c0:ea:2e:8a:eb:81:9e:
50:92:22:ad:0f:b4:7f:dc:a0:7b:37:90:2e:23:1d:
aa:37:0b:5c:31:53:d3:c9:8e:9c:c7:47:3d:dd:45:
ec:50:a1:13:72:a2:32:74:0b:e4:3f:04:e8:18:c9:
15:f0:62:dc:66:ae:62:d8:0f:6b:b7:95:76:c0:de:
22:c7:1d:10:12:b4:8c:ee:cd:97:0b:d6:93:c2:27:
59:f0:a1:2f:3e:e1:3f:a1:8e:e0:9f:20:09:2b:17:
ea:31:dd:1a:a8:f3:7f:41:78:20:57:32:ec:40:a3:
c0:ec:63:11:09:09:fa:ee:cd:f6:19:55:7d:ed:5b:
7b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:CE:82:CE:1F:A1:80:59:C9:7D:76:12:86:F5:FD:C3:52:8A:58:48
X509v3 Authority Key Identifier:
keyid:D4:33:6D:5E:74:F1:F8:B7:DB:13:29:F0:0B:B8:57:24:1A:E7:4D:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DNtXnTx-LfbEynwC7hXJBrnTRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3a6bdd-0d3c-4a0d-8db6-2dd25184b0d0/1/L86Czh-hgFnJfXYShvX9w1KKWEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3a6bdd-0d3c-4a0d-8db6-2dd25184b0d0/1/1DNtXnTx-LfbEynwC7hXJBrnTRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e680::/29
Signature Algorithm: sha256WithRSAEncryption
59:be:7c:88:df:b2:51:a9:57:df:c1:16:1d:3d:41:b3:41:91:
22:18:5b:79:e3:c4:41:97:c1:b3:35:b8:02:9e:49:11:7d:16:
89:95:ee:99:22:57:1b:a2:66:1a:64:da:ce:ee:e7:c0:b2:54:
38:4d:62:6c:08:5a:b0:68:a5:11:11:b4:be:30:ac:38:8e:1b:
20:49:c4:bd:ca:41:c0:28:27:e1:a0:a0:7c:72:f5:bd:03:36:
f7:34:0f:4c:8b:37:27:6c:10:31:94:1a:0b:b6:da:1b:ce:51:
91:9f:e9:aa:c8:e6:22:25:8d:5c:ef:ac:4d:8e:b3:78:dd:15:
ff:fc:ff:19:80:99:bb:49:02:0c:02:ec:60:de:ea:d2:61:26:
5a:94:8f:b4:d0:4c:a1:6d:59:2e:b9:11:bc:99:af:b2:2d:01:
f6:c9:4b:ef:b3:7d:5a:c3:76:6d:40:70:74:73:e5:ee:f4:c9:
9d:de:e0:f7:46:41:3d:11:ce:5f:66:61:ca:8a:3b:90:a5:0b:
48:8a:0e:40:c2:c4:60:05:53:16:81:b2:6e:b9:08:fa:07:b6:
97:55:eb:b3:8c:4f:e4:3a:c3:1e:94:57:ae:d5:50:23:67:12:
8e:05:f3:f6:35:df:08:30:cd:da:11:9c:41:02:12:63:b6:1f:
e3:c4:2c:f2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl/DEBTGziaZkzTZ1EnNQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzM2ZDVlNzRmMWY4YjdkYjEzMjlmMDBiYjg1NzI0MWFl
NzRkMTkwHhcNMjUwMTAyMDc0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmNlODJjZTFmYTE4MDU5Yzk3ZDc2MTI4NmY1ZmRjMzUyOGE1ODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3Bs+3D3JyG8syOrYDzyDR1Qw/AR
rtwBqZWPUTp4Zw5F526t+AYz8MCV+lGtI80sUh9JUjug0pqhPiJWZrINqg17GJ5V
Six520ch+QZ6xUmStOlK8hAdENPH6J2wBIae0OFoBFVs9INP6Z04hdyHkxiEPCjC
fYOrHREiZOh6w8DqLorrgZ5QkiKtD7R/3KB7N5AuIx2qNwtcMVPTyY6cx0c93UXs
UKETcqIydAvkPwToGMkV8GLcZq5i2A9rt5V2wN4ixx0QErSM7s2XC9aTwidZ8KEv
PuE/oY7gnyAJKxfqMd0aqPN/QXggVzLsQKPA7GMRCQn67s32GVV97Vt76wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFC/Ogs4foYBZyX12Eob1/cNSilhIMB8GA1UdIwQY
MBaAFNQzbV508fi32xMp8Au4VyQa500ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUROdFhuVHgtTGZiRXlud0M3aFhKQnJuVFJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zYTZiZGQtMGQzYy00YTBkLThkYjYt
MmRkMjUxODRiMGQwLzEvTDg2Q3poLWhnRm5KZlhZU2h2WDl3MUtLV0VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8zYTZiZGQtMGQzYy00YTBkLThkYjYtMmRkMjUxODRiMGQw
LzEvMUROdFhuVHgtTGZiRXlud0M3aFhKQnJuVFJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHmgDAN
BgkqhkiG9w0BAQsFAAOCAQEAWb58iN+yUalX38EWHT1Bs0GRIhhbeePEQZfBszW4
Ap5JEX0WiZXumSJXG6JmGmTazu7nwLJUOE1ibAhasGilERG0vjCsOI4bIEnEvcpB
wCgn4aCgfHL1vQM29zQPTIs3J2wQMZQaC7baG85RkZ/pqsjmIiWNXO+sTY6zeN0V
//z/GYCZu0kCDALsYN7q0mEmWpSPtNBMoW1ZLrkRvJmvsi0B9slL77N9WsN2bUBw
dHPl7vTJnd7g90ZBPRHOX2Zhyoo7kKULSIoOQMLEYAVTFoGybrkI+ge2l1Xrs4xP
5DrDHpRXrtVQI2cSjgXz9jXfCDDN2hGcQQISY7Yf48Qs8g==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:41 2025 by rpki-client on console.sobornost.net