Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/94aab2-b41e-460e-9fcb-242b58140e37/1/P6mLuYTWcn0KuLmD43cJ982GF44.roa
File: P6mLuYTWcn0KuLmD43cJ982GF44.roa (raw, json)
Hash identifier: lthkyf0qk/Tj3D6L/66lHDSOVo0evf5q6TD/uKiHGiM=
Subject key identifier: 3F:A9:8B:B9:84:D6:72:7D:0A:B8:B9:83:E3:77:09:F7:CD:86:17:8E
Certificate issuer: /CN=d99becd088794b11daf34c7f54e59f6939fe9864
Certificate serial: 0194266BB845FBD4084513E151EFD28CB19C
Authority key identifier: D9:9B:EC:D0:88:79:4B:11:DA:F3:4C:7F:54:E5:9F:69:39:FE:98:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Zvs0Ih5SxHa80x_VOWfaTn-mGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/94aab2-b41e-460e-9fcb-242b58140e37/1/P6mLuYTWcn0KuLmD43cJ982GF44.roa
Signing time: Thu 02 Jan 2025 09:49:41 +0000
ROA not before: Thu 02 Jan 2025 09:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211573
IP address blocks: 5.42.201.0/24 maxlen: 24
2a13:3c00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:b8:45:fb:d4:08:45:13:e1:51:ef:d2:8c:b1:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d99becd088794b11daf34c7f54e59f6939fe9864
Validity
Not Before: Jan 2 09:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3fa98bb984d6727d0ab8b983e37709f7cd86178e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5c:e7:c4:14:57:e2:5d:29:57:0a:bd:a1:0c:
61:12:8b:e9:12:c8:8c:9f:9c:91:d6:8d:a1:f8:e1:
84:1d:24:5a:79:c4:32:b6:c7:4a:13:4d:47:0d:10:
2b:2f:bf:ca:22:a7:c3:60:e7:7d:04:6e:85:2b:4c:
4f:b3:a3:1c:2b:24:2f:5b:90:0d:25:38:06:53:12:
bf:2d:90:24:a7:7a:df:1b:82:27:8c:7b:27:23:10:
7f:a2:c8:b3:3a:d7:68:94:6f:f4:0a:8f:e2:d4:a6:
32:b1:38:14:1f:94:ca:be:48:e6:df:14:11:bf:2a:
28:18:47:24:c0:f4:ee:f5:23:3b:20:d9:6a:9f:4b:
90:a3:9d:8d:3b:17:0a:3b:64:5e:7f:b6:07:06:f8:
65:27:30:bf:1d:3d:60:41:03:04:17:79:31:9d:4a:
99:0b:d7:90:41:4e:cb:15:74:98:54:3c:4c:55:b4:
ae:60:e0:a3:86:5c:60:bd:7a:fb:94:cc:0f:06:20:
da:12:a9:1c:0c:de:21:de:48:75:95:09:c6:0a:e9:
2c:0d:47:30:56:0e:98:4f:60:85:aa:b3:fc:6f:22:
e6:df:07:b1:3d:22:cc:30:e1:49:99:18:07:2e:70:
3b:47:18:d7:f0:8f:01:6c:d2:fb:f4:e5:99:c0:e6:
e9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A9:8B:B9:84:D6:72:7D:0A:B8:B9:83:E3:77:09:F7:CD:86:17:8E
X509v3 Authority Key Identifier:
keyid:D9:9B:EC:D0:88:79:4B:11:DA:F3:4C:7F:54:E5:9F:69:39:FE:98:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Zvs0Ih5SxHa80x_VOWfaTn-mGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/94aab2-b41e-460e-9fcb-242b58140e37/1/P6mLuYTWcn0KuLmD43cJ982GF44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/94aab2-b41e-460e-9fcb-242b58140e37/1/2Zvs0Ih5SxHa80x_VOWfaTn-mGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.201.0/24
IPv6:
2a13:3c00::/29
Signature Algorithm: sha256WithRSAEncryption
b3:9b:02:ea:98:7c:8c:1d:b2:bf:30:28:ea:17:2d:af:a1:2a:
0c:24:e7:3b:9c:02:ee:d7:fc:f7:7d:46:9a:c0:c6:d9:81:f2:
c8:e5:0b:d9:59:29:d8:dd:19:2f:47:f2:b0:15:2c:6f:da:d9:
e1:0d:6d:3f:4b:96:5b:be:f2:ee:e3:7b:23:5a:33:82:cc:49:
d9:31:5c:a6:0d:a5:a9:14:c5:a5:58:51:1c:02:8a:6c:86:1d:
13:67:f7:49:43:be:8a:fb:7d:d5:c6:da:5b:ba:ad:31:ab:95:
c1:21:a4:3d:e2:b3:f6:21:9e:e8:ad:2f:5e:bf:6b:cf:dc:19:
48:50:36:a0:7a:79:47:e0:68:99:32:ed:9b:6b:02:80:3f:91:
8f:84:58:ef:37:b1:3a:e8:d7:bd:9a:0a:85:28:08:ec:b9:f2:
0b:33:6f:cf:52:59:8b:07:01:0e:62:32:de:c1:4b:c8:6b:aa:
70:02:cd:89:84:81:ca:ba:d5:ef:f0:e7:47:45:fc:41:0b:a3:
77:83:5a:85:79:9e:b1:1a:d3:a3:10:83:e3:02:07:e0:fa:a1:
d3:91:77:4e:4d:7f:3d:1b:a9:44:21:7a:ba:4e:79:8a:fd:6e:
82:71:a2:1d:d3:f6:b2:d2:6e:2c:6c:92:2f:b9:64:95:9d:42:
cb:9f:3d:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma7hF+9QIRRPhUe/SjLGcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OWJlY2QwODg3OTRiMTFkYWYzNGM3ZjU0ZTU5ZjY5Mzlm
ZTk4NjQwHhcNMjUwMTAyMDk0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmE5OGJiOTg0ZDY3MjdkMGFiOGI5ODNlMzc3MDlmN2NkODYxNzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolznxBRX4l0pVwq9oQxhEovpEsiM
n5yR1o2h+OGEHSRaecQytsdKE01HDRArL7/KIqfDYOd9BG6FK0xPs6McKyQvW5AN
JTgGUxK/LZAkp3rfG4InjHsnIxB/osizOtdolG/0Co/i1KYysTgUH5TKvkjm3xQR
vyooGEckwPTu9SM7INlqn0uQo52NOxcKO2Ref7YHBvhlJzC/HT1gQQMEF3kxnUqZ
C9eQQU7LFXSYVDxMVbSuYOCjhlxgvXr7lMwPBiDaEqkcDN4h3kh1lQnGCuksDUcw
Vg6YT2CFqrP8byLm3wexPSLMMOFJmRgHLnA7RxjX8I8BbNL79OWZwObppQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD+pi7mE1nJ9Cri5g+N3CffNhheOMB8GA1UdIwQY
MBaAFNmb7NCIeUsR2vNMf1Tln2k5/phkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlp2czBJaDVTeEhhODB4X1ZPV2ZhVG4tbUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85NGFhYjItYjQxZS00NjBlLTlmY2It
MjQyYjU4MTQwZTM3LzEvUDZtTHVZVFdjbjBLdUxtRDQzY0o5ODJHRjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85NGFhYjItYjQxZS00NjBlLTlmY2ItMjQyYjU4MTQwZTM3
LzEvMlp2czBJaDVTeEhhODB4X1ZPV2ZhVG4tbUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABSrJMA0E
AgACMAcDBQMqEzwAMA0GCSqGSIb3DQEBCwUAA4IBAQCzmwLqmHyMHbK/MCjqFy2v
oSoMJOc7nALu1/z3fUaawMbZgfLI5QvZWSnY3RkvR/KwFSxv2tnhDW0/S5ZbvvLu
43sjWjOCzEnZMVymDaWpFMWlWFEcAopshh0TZ/dJQ76K+33Vxtpbuq0xq5XBIaQ9
4rP2IZ7orS9ev2vP3BlIUDagenlH4GiZMu2bawKAP5GPhFjvN7E66Ne9mgqFKAjs
ufILM2/PUlmLBwEOYjLewUvIa6pwAs2JhIHKutXv8OdHRfxBC6N3g1qFeZ6xGtOj
EIPjAgfg+qHTkXdOTX89G6lEIXq6TnmK/W6CcaId0/ay0m4sbJIvuWSVnULLnz2T
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:57 2025 by rpki-client on console.sobornost.net