Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/5AZ3tR0kmtggSX8GQL0nk_9vkNM.roa
File: 5AZ3tR0kmtggSX8GQL0nk_9vkNM.roa (raw, json)
Hash identifier: o7jn9b/bWLBA/ntIWwkYzFbMhpkdc8Mhco9rAn9gsO0=
Subject key identifier: E4:06:77:B5:1D:24:9A:D8:20:49:7F:06:40:BD:27:93:FF:6F:90:D3
Certificate issuer: /CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6
Certificate serial: 019421437EAAB97733347C6E7934B72AC2DF
Authority key identifier: B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/5AZ3tR0kmtggSX8GQL0nk_9vkNM.roa
Signing time: Wed 01 Jan 2025 09:47:38 +0000
ROA not before: Wed 01 Jan 2025 09:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50994
IP address blocks: 2a02:4a40:108::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:7e:aa:b9:77:33:34:7c:6e:79:34:b7:2a:c2:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6
Validity
Not Before: Jan 1 09:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e40677b51d249ad820497f0640bd2793ff6f90d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:eb:0b:cb:57:b9:30:42:cc:95:64:0c:39:33:
20:11:c3:35:c7:24:3a:c2:93:b8:d4:84:86:20:96:
37:ed:19:b7:b2:f8:fb:71:42:76:0f:c5:56:c3:e6:
c9:42:a8:91:1e:7c:d1:6b:d4:2f:5e:f5:f6:42:e2:
dc:ca:0b:0e:07:d4:e8:37:7f:71:ec:48:74:6a:33:
be:9b:63:8f:4d:f1:5f:5a:04:69:ba:8f:0f:20:b3:
40:dd:39:da:da:04:66:fe:97:2e:72:31:b9:c8:8f:
c1:5f:da:38:9e:c5:d0:17:ac:95:ac:e0:ef:9f:90:
0a:a5:95:fd:7f:93:b8:fa:97:40:d2:22:a2:f7:a9:
31:b8:6e:ab:d3:f5:b4:2f:34:b3:6a:39:f0:40:0a:
91:e3:4a:d5:08:d7:9a:75:08:56:62:b2:0f:40:c0:
9f:06:46:7d:63:40:44:cc:4e:f6:b9:f9:d3:f7:e5:
b4:cd:f3:eb:87:88:94:2f:84:cf:59:fd:97:1c:dc:
07:63:b3:79:fc:79:4f:09:46:19:3a:84:3a:90:d1:
6d:ac:b7:03:06:f8:60:4c:33:28:ea:16:43:ef:9c:
4e:14:9d:14:b6:31:aa:7e:64:e6:12:0d:d7:f2:4d:
eb:45:b1:f0:8f:68:eb:a8:41:97:de:b9:9b:94:19:
93:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:06:77:B5:1D:24:9A:D8:20:49:7F:06:40:BD:27:93:FF:6F:90:D3
X509v3 Authority Key Identifier:
keyid:B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/5AZ3tR0kmtggSX8GQL0nk_9vkNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:4a40:108::/48
Signature Algorithm: sha256WithRSAEncryption
50:f8:ea:99:03:94:44:b8:97:c3:89:ff:51:e3:fd:ff:5b:d8:
c6:73:7c:e2:44:02:14:6b:bd:47:06:1f:84:09:bc:0b:60:63:
5a:c7:3a:53:ec:88:3f:2e:31:f3:4a:2d:77:ca:b8:c3:7b:bf:
b1:cc:ec:c1:2b:b6:00:dc:b1:5f:3a:ad:6d:49:f5:c8:16:b3:
78:35:c6:a7:88:86:46:f7:d8:53:f0:9e:a9:c9:6f:4c:f0:63:
e9:60:b3:02:ac:35:26:cf:2a:7a:45:3f:4d:6f:2f:a6:11:79:
e6:03:7c:14:48:06:a2:35:2f:0a:51:1c:ba:dc:c9:c1:84:6e:
6d:5a:63:e2:df:b9:f0:b7:ec:10:69:7d:23:7e:18:6f:53:7b:
3d:ca:d1:d6:a4:ba:ff:14:77:3e:14:22:de:59:d1:98:80:69:
65:21:e4:4d:8e:cf:d1:0c:4e:1f:2c:9b:87:02:eb:a1:ae:ca:
e8:bb:b1:ed:a4:35:a5:a4:43:73:23:67:86:58:a5:52:69:fc:
b3:76:14:2e:36:d0:75:ca:c1:fd:8c:86:65:56:91:d4:1c:2f:
32:69:c4:1e:e9:18:f0:e9:cb:53:ff:1a:4f:96:ff:46:10:a0:
86:28:23:97:98:f6:21:2c:02:43:b5:24:cf:0d:5b:67:58:7e:
72:51:e7:84
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhQ36quXczNHxueTS3KsLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Zjc0YTQ3YTZkMWEwYmY0YzIxNmU1ZmFiNGQ5MWZiMTI5
ZGYzZDYwHhcNMjUwMTAxMDk0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDA2NzdiNTFkMjQ5YWQ4MjA0OTdmMDY0MGJkMjc5M2ZmNmY5MGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+sLy1e5MELMlWQMOTMgEcM1xyQ6
wpO41ISGIJY37Rm3svj7cUJ2D8VWw+bJQqiRHnzRa9QvXvX2QuLcygsOB9ToN39x
7Eh0ajO+m2OPTfFfWgRpuo8PILNA3Tna2gRm/pcucjG5yI/BX9o4nsXQF6yVrODv
n5AKpZX9f5O4+pdA0iKi96kxuG6r0/W0LzSzajnwQAqR40rVCNeadQhWYrIPQMCf
BkZ9Y0BEzE72ufnT9+W0zfPrh4iUL4TPWf2XHNwHY7N5/HlPCUYZOoQ6kNFtrLcD
BvhgTDMo6hZD75xOFJ0UtjGqfmTmEg3X8k3rRbHwj2jrqEGX3rmblBmTlwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOQGd7UdJJrYIEl/BkC9J5P/b5DTMB8GA1UdIwQY
MBaAFLn3Skem0aC/TCFuX6tNkfsSnfPWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2Qt
MzBmNjA4YWRlNDhkLzEvNUFaM3RSMGttdGdnU1g4R1FMMG5rXzl2a05NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2QtMzBmNjA4YWRlNDhk
LzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgJKQAEI
MA0GCSqGSIb3DQEBCwUAA4IBAQBQ+OqZA5REuJfDif9R4/3/W9jGc3ziRAIUa71H
Bh+ECbwLYGNaxzpT7Ig/LjHzSi13yrjDe7+xzOzBK7YA3LFfOq1tSfXIFrN4Ncan
iIZG99hT8J6pyW9M8GPpYLMCrDUmzyp6RT9Nby+mEXnmA3wUSAaiNS8KURy63MnB
hG5tWmPi37nwt+wQaX0jfhhvU3s9ytHWpLr/FHc+FCLeWdGYgGllIeRNjs/RDE4f
LJuHAuuhrsrou7HtpDWlpENzI2eGWKVSafyzdhQuNtB1ysH9jIZlVpHUHC8yacQe
6Rjw6ctT/xpPlv9GEKCGKCOXmPYhLAJDtSTPDVtnWH5yUeeE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:26 2025 by rpki-client on console.sobornost.net