Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/CSLei6HY2j3VfIVdv44wXz8jv5k.roa
File: CSLei6HY2j3VfIVdv44wXz8jv5k.roa (raw, json)
Hash identifier: q1VNMVTwGczbERKMS3ThWINcZNQRYe/MAqBbs+mqgek=
Subject key identifier: 09:22:DE:8B:A1:D8:DA:3D:D5:7C:85:5D:BF:8E:30:5F:3F:23:BF:99
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01942369EF96D77E14EB906C8408B3270003
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/CSLei6HY2j3VfIVdv44wXz8jv5k.roa
Signing time: Wed 01 Jan 2025 19:48:52 +0000
ROA not before: Wed 01 Jan 2025 19:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213903
IP address blocks: 2a0f:7807::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:ef:96:d7:7e:14:eb:90:6c:84:08:b3:27:00:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 19:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0922de8ba1d8da3dd57c855dbf8e305f3f23bf99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0f:3a:36:72:e2:ec:47:6e:3c:4c:ba:27:c1:
72:0a:c0:4b:cb:6f:ca:5e:67:56:36:69:59:94:b6:
56:9e:8e:85:48:6f:1d:f3:82:aa:eb:97:a8:01:52:
43:79:0f:9d:ba:eb:3e:12:0f:97:75:21:b1:7e:d4:
6f:91:4e:dd:04:7e:0e:5d:eb:f2:90:a0:1d:0e:fb:
5c:33:7c:44:89:ba:a7:d5:bc:94:85:10:86:91:e4:
ce:fb:e4:df:5c:e1:ad:45:f5:11:5b:01:44:f5:dd:
33:cb:52:8b:c7:db:bd:d8:9e:3f:95:df:86:29:8d:
75:a6:8e:18:e8:0b:2b:69:1a:c4:8d:0d:9c:93:c1:
ea:e8:8e:6e:68:09:60:3c:53:39:ef:b1:8d:d0:9a:
de:e2:93:5e:4d:8e:d5:76:bc:af:5d:8c:68:ca:60:
34:4a:1b:70:ca:2e:aa:82:1e:ff:78:1c:d2:5c:0b:
2c:ec:bc:34:da:49:91:0c:97:b8:37:40:ad:1f:43:
2c:e2:28:e8:0b:54:24:37:30:07:80:51:10:0b:e7:
f7:df:c0:7b:2c:9d:a9:ac:fb:e1:90:7d:75:ea:30:
df:42:ea:3f:e3:41:ac:c9:d5:0f:12:4f:1c:c9:2c:
fd:f0:0e:2b:4d:24:e2:aa:d0:99:76:6d:cc:af:8f:
23:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:22:DE:8B:A1:D8:DA:3D:D5:7C:85:5D:BF:8E:30:5F:3F:23:BF:99
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/CSLei6HY2j3VfIVdv44wXz8jv5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7807::/32
Signature Algorithm: sha256WithRSAEncryption
29:27:83:bc:71:93:e7:27:90:d5:be:6e:65:9f:82:6e:23:f2:
07:40:d9:59:db:ac:e8:fc:7c:b3:d4:80:14:0e:7e:a3:76:6a:
f8:2b:a7:9f:b4:0d:78:d0:3c:49:ed:34:b1:ad:1b:46:d2:ea:
d4:92:0e:11:e9:e0:f0:a5:25:d6:06:20:d5:e7:77:04:76:13:
8d:b4:5a:a2:10:35:bb:cb:0d:e6:3c:a4:19:8c:d7:a0:7d:92:
22:e6:26:68:6b:9f:00:7d:48:b3:95:62:1c:1e:8b:12:40:b6:
fb:0f:7d:c0:ee:34:01:89:57:79:35:07:ec:88:a0:c0:27:55:
6a:c8:1c:00:48:96:9d:be:aa:e5:ec:b6:9c:dd:bb:52:71:71:
0c:a6:09:a2:99:c3:37:87:c4:68:f5:16:78:77:8e:ba:d4:92:
b1:3e:e2:59:44:04:36:c9:44:f1:cc:04:38:bd:69:c2:60:07:
5e:68:28:99:bc:b9:06:c4:c8:c7:1e:b9:84:b3:c2:ec:ae:65:
fd:67:6f:2f:8e:d6:28:cc:66:ea:bf:99:fd:68:ba:1d:ce:17:
62:eb:0b:8c:27:5b:91:ab:7f:73:68:f2:4e:ef:18:fe:b5:79:
bd:89:03:66:04:43:60:f6:83:15:06:29:0a:22:6e:2b:1e:9d:
04:3a:75:80
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQjae+W134U65BshAizJwADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwMTAxMTk0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTIyZGU4YmExZDhkYTNkZDU3Yzg1NWRiZjhlMzA1ZjNmMjNiZjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmg86NnLi7EduPEy6J8FyCsBLy2/K
XmdWNmlZlLZWno6FSG8d84Kq65eoAVJDeQ+duus+Eg+XdSGxftRvkU7dBH4OXevy
kKAdDvtcM3xEibqn1byUhRCGkeTO++TfXOGtRfURWwFE9d0zy1KLx9u92J4/ld+G
KY11po4Y6AsraRrEjQ2ck8Hq6I5uaAlgPFM577GN0Jre4pNeTY7VdryvXYxoymA0
Shtwyi6qgh7/eBzSXAss7Lw02kmRDJe4N0CtH0Ms4ijoC1QkNzAHgFEQC+f338B7
LJ2prPvhkH116jDfQuo/40GsydUPEk8cySz98A4rTSTiqtCZdm3Mr48jZwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAki3ouh2No91XyFXb+OMF8/I7+ZMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvQ1NMZWk2SFkyajNWZklWZHY0NHdYejhqdjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg94BzAN
BgkqhkiG9w0BAQsFAAOCAQEAKSeDvHGT5yeQ1b5uZZ+CbiPyB0DZWdus6Px8s9SA
FA5+o3Zq+Cunn7QNeNA8Se00sa0bRtLq1JIOEeng8KUl1gYg1ed3BHYTjbRaohA1
u8sN5jykGYzXoH2SIuYmaGufAH1Is5ViHB6LEkC2+w99wO40AYlXeTUH7IigwCdV
asgcAEiWnb6q5ey2nN27UnFxDKYJopnDN4fEaPUWeHeOutSSsT7iWUQENslE8cwE
OL1pwmAHXmgomby5BsTIxx65hLPC7K5l/WdvL47WKMxm6r+Z/Wi6Hc4XYusLjCdb
kat/c2jyTu8Y/rV5vYkDZgRDYPaDFQYpCiJuKx6dBDp1gA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:15 2025 by rpki-client on console.sobornost.net