Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/o9F14TmJz-3o4btxFTmUNxIaMVQ.roa
File: o9F14TmJz-3o4btxFTmUNxIaMVQ.roa (raw, json)
Hash identifier: htBHVS9bsjwqqv6NPJnNf70ZDfm1OC4b9PUSs5jzuTY=
Subject key identifier: A3:D1:75:E1:39:89:CF:ED:E8:E1:BB:71:15:39:94:37:12:1A:31:54
Certificate issuer: /CN=e390f2ee0a70bcaefe0195a3d8b377d34297a943
Certificate serial: 019423D75119F837CDF36C23E95116C5B689
Authority key identifier: E3:90:F2:EE:0A:70:BC:AE:FE:01:95:A3:D8:B3:77:D3:42:97:A9:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/45Dy7gpwvK7-AZWj2LN300KXqUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/o9F14TmJz-3o4btxFTmUNxIaMVQ.roa
Signing time: Wed 01 Jan 2025 21:48:21 +0000
ROA not before: Wed 01 Jan 2025 21:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206583
IP address blocks: 2a04:71c2::/32 maxlen: 32
2a04:71c3::/32 maxlen: 32
2a04:71c4::/32 maxlen: 32
2a04:71c7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:51:19:f8:37:cd:f3:6c:23:e9:51:16:c5:b6:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e390f2ee0a70bcaefe0195a3d8b377d34297a943
Validity
Not Before: Jan 1 21:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3d175e13989cfede8e1bb7115399437121a3154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8a:0f:55:77:d9:62:69:17:8c:c9:a5:6c:87:
ca:c2:fb:ac:7a:26:b6:9f:dd:df:40:28:3c:32:ae:
e6:55:59:9e:57:6b:5f:16:a7:96:29:61:56:63:92:
ea:bf:48:13:38:a5:ef:1e:46:bb:c7:47:de:5f:e5:
a6:b7:52:4f:9d:36:36:e2:92:2f:a7:fc:30:f7:a0:
7b:a8:92:e4:33:4f:37:53:e3:5f:82:01:5f:3e:98:
33:b1:7e:5d:9c:26:00:27:0b:76:6c:f1:52:5a:7c:
b4:8d:2d:d5:18:cb:66:f2:5a:67:b1:39:79:85:78:
72:f2:f7:28:e9:ae:f7:8e:49:ed:ae:1e:a1:a7:0c:
55:e3:d1:48:0a:36:77:43:79:a3:fa:e3:eb:9c:76:
74:59:0a:50:8b:44:85:4c:06:90:e8:6d:b1:e8:dc:
74:2c:b0:68:c9:11:dd:e8:cd:2b:b9:c7:e9:d0:df:
47:3d:a3:f6:b0:20:7b:e3:32:c0:d0:f2:40:7b:55:
05:f8:31:e3:30:08:a7:bb:04:b8:b4:ee:a7:e1:2c:
fd:8b:2b:1c:5d:96:67:8b:08:2f:7f:20:ef:17:1c:
0a:53:1d:6a:f9:5e:c8:68:d4:70:12:e4:23:aa:3b:
e4:47:56:b6:a0:69:4c:78:f6:5f:96:03:37:06:59:
75:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D1:75:E1:39:89:CF:ED:E8:E1:BB:71:15:39:94:37:12:1A:31:54
X509v3 Authority Key Identifier:
keyid:E3:90:F2:EE:0A:70:BC:AE:FE:01:95:A3:D8:B3:77:D3:42:97:A9:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/45Dy7gpwvK7-AZWj2LN300KXqUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/o9F14TmJz-3o4btxFTmUNxIaMVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/45Dy7gpwvK7-AZWj2LN300KXqUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:71c2::-2a04:71c4:ffff:ffff:ffff:ffff:ffff:ffff
2a04:71c7::/32
Signature Algorithm: sha256WithRSAEncryption
25:d1:f5:d9:9d:8c:22:e0:ac:da:5f:c9:a4:5c:01:40:7f:88:
fb:c5:2f:71:94:c7:d2:f4:45:99:db:e2:2b:e4:c5:b7:f2:6a:
6f:19:aa:1e:eb:b5:7e:f2:f0:f9:6b:c9:0c:0a:1e:c2:84:b9:
7b:29:c8:1f:ee:31:e0:50:e4:6b:1b:b7:e1:77:11:27:f5:7f:
81:2b:12:6d:14:b5:e3:1d:71:5e:af:e7:0a:2c:f0:3c:b4:01:
1d:cb:47:27:b8:12:7d:d2:96:77:c8:ec:65:06:76:de:f9:b5:
bd:ea:d7:1e:fe:9d:67:bd:db:6d:98:f2:bf:75:c9:21:f2:0c:
ae:17:a4:e8:3d:7b:14:01:92:0e:fc:3a:87:7d:7d:37:b2:c3:
89:c7:f0:da:bb:d4:dc:bb:bc:ed:f4:dd:b5:80:4e:aa:c6:8c:
ce:fb:aa:72:13:9b:1c:23:18:9d:a3:d6:0d:56:df:ec:81:b7:
87:67:9c:99:44:54:9a:65:fc:e0:e5:82:91:47:9c:68:6c:9c:
02:f0:8a:d3:d6:24:c7:19:a0:99:fd:8d:37:b0:31:1a:9c:c4:
07:22:e7:d6:7e:fd:d1:6d:95:c3:9f:fe:9a:65:48:a2:26:24:
cc:3a:b4:3e:6b:f2:05:f2:72:36:7d:da:52:b2:a1:62:4b:99:
a9:8c:75:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQj11EZ+DfN82wj6VEWxbaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzOTBmMmVlMGE3MGJjYWVmZTAxOTVhM2Q4YjM3N2QzNDI5
N2E5NDMwHhcNMjUwMTAxMjE0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2QxNzVlMTM5ODljZmVkZThlMWJiNzExNTM5OTQzNzEyMWEzMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIoPVXfZYmkXjMmlbIfKwvuseia2
n93fQCg8Mq7mVVmeV2tfFqeWKWFWY5Lqv0gTOKXvHka7x0feX+Wmt1JPnTY24pIv
p/ww96B7qJLkM083U+NfggFfPpgzsX5dnCYAJwt2bPFSWny0jS3VGMtm8lpnsTl5
hXhy8vco6a73jkntrh6hpwxV49FICjZ3Q3mj+uPrnHZ0WQpQi0SFTAaQ6G2x6Nx0
LLBoyRHd6M0rucfp0N9HPaP2sCB74zLA0PJAe1UF+DHjMAinuwS4tO6n4Sz9iysc
XZZniwgvfyDvFxwKUx1q+V7IaNRwEuQjqjvkR1a2oGlMePZflgM3Bll1fQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKPRdeE5ic/t6OG7cRU5lDcSGjFUMB8GA1UdIwQY
MBaAFOOQ8u4KcLyu/gGVo9izd9NCl6lDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDVEeTdncHd2SzctQVpXajJMTjMwMEtYcVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9hNjA0Y2YtMTk0Ny00YjEyLTlhNmIt
M2ViOTEzNGVjNzlkLzEvbzlGMTRUbUp6LTNvNGJ0eEZUbVVOeElhTVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9hNjA0Y2YtMTk0Ny00YjEyLTlhNmItM2ViOTEzNGVjNzlk
LzEvNDVEeTdncHd2SzctQVpXajJMTjMwMEtYcVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQEqBHHC
AwUAKgRxxAMFACoEcccwDQYJKoZIhvcNAQELBQADggEBACXR9dmdjCLgrNpfyaRc
AUB/iPvFL3GUx9L0RZnb4ivkxbfyam8Zqh7rtX7y8PlryQwKHsKEuXspyB/uMeBQ
5Gsbt+F3ESf1f4ErEm0UteMdcV6v5wos8Dy0AR3LRye4En3SlnfI7GUGdt75tb3q
1x7+nWe9222Y8r91ySHyDK4XpOg9exQBkg78Ood9fTeyw4nH8Nq71Ny7vO303bWA
TqrGjM77qnITmxwjGJ2j1g1W3+yBt4dnnJlEVJpl/ODlgpFHnGhsnALwitPWJMcZ
oJn9jTewMRqcxAci59Z+/dFtlcOf/pplSKImJMw6tD5r8gXycjZ92lKyoWJLmamM
dSQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:15 2025 by rpki-client on console.sobornost.net