Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/86RH0sDRLgQyh72ODjCn4yKHaZQ.roa
File: 86RH0sDRLgQyh72ODjCn4yKHaZQ.roa (raw, json)
Hash identifier: /zKpHEbNzUGhISSz7T6og5zeJtAV07c6h+cicejhfYk=
Subject key identifier: F3:A4:47:D2:C0:D1:2E:04:32:87:BD:8E:0E:30:A7:E3:22:87:69:94
Certificate issuer: /CN=dfecad56eaae1235fa788e4ead3922c296e283a5
Certificate serial: 0195F5F417EF7E78652B54BE9B717549A255
Authority key identifier: DF:EC:AD:56:EA:AE:12:35:FA:78:8E:4E:AD:39:22:C2:96:E2:83:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-ytVuquEjX6eI5OrTkiwpbig6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/86RH0sDRLgQyh72ODjCn4yKHaZQ.roa
Signing time: Wed 02 Apr 2025 10:02:49 +0000
ROA not before: Wed 02 Apr 2025 10:02:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58030
IP address blocks: 2a0e:2300::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:f4:17:ef:7e:78:65:2b:54:be:9b:71:75:49:a2:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfecad56eaae1235fa788e4ead3922c296e283a5
Validity
Not Before: Apr 2 10:02:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3a447d2c0d12e043287bd8e0e30a7e322876994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:13:1c:f9:6e:a5:df:f5:ea:5b:57:2d:f3:c9:
78:18:56:8a:00:7b:58:45:94:5a:09:a4:8c:f2:38:
97:de:8e:e2:4b:79:6c:00:4a:28:48:ec:87:7a:02:
66:32:80:b8:1c:50:fd:b4:8f:b6:c7:49:cf:d3:a1:
3f:60:ca:8f:ea:7a:a7:ae:06:24:f9:97:98:9e:9e:
89:1c:0e:f9:8e:6e:29:d1:bb:e3:3b:fd:58:c7:d8:
f5:26:ee:46:62:b7:04:33:bc:10:62:e7:55:cd:69:
48:ee:62:f4:2a:fa:72:0a:a0:4c:41:46:ed:34:03:
27:bf:df:87:a8:9d:ca:06:e0:9e:9f:87:6e:d8:00:
33:6a:38:52:2a:fa:76:08:e3:ed:cd:58:2b:35:fd:
d9:36:b7:4f:51:ff:f6:bc:aa:27:5c:f4:58:dd:80:
32:3a:80:72:ab:ec:5b:75:9f:69:b9:6b:c6:bb:59:
df:58:0a:1a:b0:24:59:eb:2c:8d:0d:28:ba:5d:e3:
51:5a:3b:1d:a9:28:fb:04:4f:77:e2:91:27:6d:c7:
2e:03:5d:c1:31:d9:fb:39:ba:e9:68:d7:1e:9c:c9:
5f:5b:fa:d8:b7:81:4f:f5:76:e1:c4:f0:f1:8f:a3:
90:5b:2a:8a:11:8e:a0:89:2d:74:f1:5d:29:99:fd:
d2:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A4:47:D2:C0:D1:2E:04:32:87:BD:8E:0E:30:A7:E3:22:87:69:94
X509v3 Authority Key Identifier:
keyid:DF:EC:AD:56:EA:AE:12:35:FA:78:8E:4E:AD:39:22:C2:96:E2:83:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-ytVuquEjX6eI5OrTkiwpbig6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/86RH0sDRLgQyh72ODjCn4yKHaZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:2300::/29
Signature Algorithm: sha256WithRSAEncryption
5f:ef:9b:dd:96:96:ea:61:2b:90:e3:a0:2f:22:0b:2f:85:4a:
ce:f1:ef:e6:c2:9e:58:3d:88:3f:26:67:cd:46:cd:bd:93:44:
fc:b3:c6:07:ad:61:67:10:8b:2b:db:b5:8e:aa:b9:63:b4:20:
2c:01:90:ca:e9:ea:72:9b:cf:05:7c:96:a8:58:bd:5e:c6:50:
c3:62:6f:90:7a:71:98:a5:7a:19:bf:82:1f:06:fa:de:2b:eb:
08:98:c5:50:c7:e2:a7:93:d8:40:a9:fd:8d:5d:cf:21:5c:bf:
b5:39:59:d9:e4:47:2c:45:f7:ab:de:a2:9f:d4:31:cd:34:9f:
0a:ff:b9:43:c3:2a:5d:fe:0b:43:e3:2d:e1:94:93:6b:fa:f9:
c2:4a:5b:6a:8a:5c:ad:db:38:86:e5:d2:0f:e0:0f:e0:94:a7:
cd:03:91:b2:16:fb:b8:4a:3b:02:72:3b:d6:29:63:df:b0:f7:
65:6c:67:42:df:3c:ea:d6:48:8a:cc:ba:d4:25:e2:56:b5:a7:
ca:92:0c:78:61:79:78:5a:ec:79:ff:79:cb:8b:d7:e5:1d:2b:
49:b5:12:0b:9f:9d:cd:1f:66:70:59:fe:7a:15:2f:34:8f:c7:
d8:10:22:33:1b:c0:26:75:b9:05:43:97:db:82:d7:b8:b5:37:
aa:1a:25:28
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZX19BfvfnhlK1S+m3F1SaJVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWNhZDU2ZWFhZTEyMzVmYTc4OGU0ZWFkMzkyMmMyOTZl
MjgzYTUwHhcNMjUwNDAyMTAwMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2E0NDdkMmMwZDEyZTA0MzI4N2JkOGUwZTMwYTdlMzIyODc2OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBMc+W6l3/XqW1ct88l4GFaKAHtY
RZRaCaSM8jiX3o7iS3lsAEooSOyHegJmMoC4HFD9tI+2x0nP06E/YMqP6nqnrgYk
+ZeYnp6JHA75jm4p0bvjO/1Yx9j1Ju5GYrcEM7wQYudVzWlI7mL0KvpyCqBMQUbt
NAMnv9+HqJ3KBuCen4du2AAzajhSKvp2COPtzVgrNf3ZNrdPUf/2vKonXPRY3YAy
OoByq+xbdZ9puWvGu1nfWAoasCRZ6yyNDSi6XeNRWjsdqSj7BE934pEnbccuA13B
Mdn7ObrpaNcenMlfW/rYt4FP9XbhxPDxj6OQWyqKEY6giS108V0pmf3SeQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPOkR9LA0S4EMoe9jg4wp+Mih2mUMB8GA1UdIwQY
MBaAFN/srVbqrhI1+niOTq05IsKW4oOlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy15dFZ1cXVFalg2ZUk1T3JUa2l3cGJpZzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9kNjcwODctNzY1Yi00NmViLTgwOGMt
Njc3YmFiNjEzYWZmLzEvODZSSDBzRFJMZ1F5aDcyT0RqQ240eUtIYVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9kNjcwODctNzY1Yi00NmViLTgwOGMtNjc3YmFiNjEzYWZm
LzEvMy15dFZ1cXVFalg2ZUk1T3JUa2l3cGJpZzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg4jADAN
BgkqhkiG9w0BAQsFAAOCAQEAX++b3ZaW6mErkOOgLyILL4VKzvHv5sKeWD2IPyZn
zUbNvZNE/LPGB61hZxCLK9u1jqq5Y7QgLAGQyunqcpvPBXyWqFi9XsZQw2JvkHpx
mKV6Gb+CHwb63ivrCJjFUMfip5PYQKn9jV3PIVy/tTlZ2eRHLEX3q96in9QxzTSf
Cv+5Q8MqXf4LQ+Mt4ZSTa/r5wkpbaopcrds4huXSD+AP4JSnzQORshb7uEo7AnI7
1ilj37D3ZWxnQt886tZIisy61CXiVrWnypIMeGF5eFrsef95y4vX5R0rSbUSC5+d
zR9mcFn+ehUvNI/H2BAiMxvAJnW5BUOX24LXuLU3qholKA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:28 2025 by rpki-client on console.sobornost.net