Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/NfUK1WerAdsfJiTM68i5Lnvkb2w.roa
File: NfUK1WerAdsfJiTM68i5Lnvkb2w.roa (raw, json)
Hash identifier: ZGezIXFkpMHBb+7ell8DWUCsKtD9DU2fEiI/6174M+w=
Subject key identifier: 35:F5:0A:D5:67:AB:01:DB:1F:26:24:CC:EB:C8:B9:2E:7B:E4:6F:6C
Certificate issuer: /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial: 01942747275502019EF35C201BAA0370D73F
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/NfUK1WerAdsfJiTM68i5Lnvkb2w.roa
Signing time: Thu 02 Jan 2025 13:49:22 +0000
ROA not before: Thu 02 Jan 2025 13:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49556
IP address blocks: 2a14:4f80::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:27:55:02:01:9e:f3:5c:20:1b:aa:03:70:d7:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Validity
Not Before: Jan 2 13:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35f50ad567ab01db1f2624ccebc8b92e7be46f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:84:c7:f7:29:03:90:85:2f:ec:38:b1:05:67:
85:24:13:0f:21:60:ec:26:b7:9e:9e:d0:40:a4:38:
8f:00:e2:d7:8b:5f:ae:a2:7a:93:7a:0f:31:5a:a3:
4a:67:59:da:c5:6e:9a:de:1e:4c:90:78:82:78:43:
9c:23:29:bc:96:77:5a:64:bc:27:17:b6:3d:db:24:
be:cc:bd:73:d2:b3:8c:44:5d:4f:dd:74:98:c2:c1:
99:a9:a0:6f:a9:d1:11:11:74:fb:f8:22:a1:e3:38:
3c:18:7b:60:b1:54:ca:94:7e:e3:b5:46:75:8d:8e:
7e:d7:4a:31:da:67:b4:bf:f8:69:b0:31:d6:13:68:
9d:21:ea:c8:13:e8:69:64:dd:6a:2f:ab:6c:f5:1b:
56:79:42:66:d2:eb:c0:c8:fe:38:0a:a3:d4:ce:76:
fa:ed:dc:ac:b6:3a:7e:fe:de:71:c5:f8:48:40:ab:
20:66:99:32:97:b5:c1:7d:3d:6c:72:74:bd:56:37:
a7:c1:b6:0d:ae:38:72:dd:2e:22:8c:f5:06:c4:13:
8f:92:75:bd:d7:92:e1:cb:38:d7:20:f1:db:0c:cc:
23:5b:18:ce:25:a9:bf:ce:85:37:d8:82:5d:55:e2:
5c:b9:41:4f:db:93:5d:11:b5:aa:ac:a4:7f:52:19:
1e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F5:0A:D5:67:AB:01:DB:1F:26:24:CC:EB:C8:B9:2E:7B:E4:6F:6C
X509v3 Authority Key Identifier:
keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/NfUK1WerAdsfJiTM68i5Lnvkb2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:4f80::/38
Signature Algorithm: sha256WithRSAEncryption
92:6b:ba:27:b4:ec:0d:d9:c4:61:88:83:c3:05:7a:f7:4f:75:
72:f5:9c:7b:3f:77:1b:0d:27:56:0a:b7:01:dd:02:6c:32:37:
2d:ae:ac:51:23:d0:aa:f4:ca:67:77:16:4c:db:ee:09:60:f8:
5f:54:5c:e3:25:90:07:62:31:b6:6d:13:3a:28:d9:1a:47:e7:
da:29:38:c3:94:02:ee:77:21:dc:ab:13:7e:79:85:2b:a1:54:
c4:60:59:f3:31:28:7a:97:5f:ad:f4:ea:11:05:c7:1a:00:d7:
61:00:05:fd:ae:f9:c3:1d:9c:43:ff:cb:0d:dc:e5:c3:96:e3:
33:9f:35:02:74:fb:2a:38:a0:83:fc:c3:21:0c:25:ae:07:86:
27:08:7a:7b:4b:e8:dd:ae:c7:6f:ae:64:36:51:4e:d2:54:86:
34:8e:10:b7:86:07:e8:12:12:2a:ba:27:e6:61:91:6b:d3:84:
79:e6:fa:52:45:e7:92:be:50:50:59:da:c5:2e:d3:61:71:ac:
40:63:42:ba:e3:c5:ec:01:eb:de:e8:7d:cc:ed:63:25:45:27:
53:35:af:a8:5a:42:37:eb:d7:33:76:6f:25:65:a6:90:d3:f0:
8d:8a:9e:a7:41:b6:b8:59:e8:48:56:e0:bc:12:4e:6b:16:52:
2c:17:99:97
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQnRydVAgGe81wgG6oDcNc/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjUwMTAyMTM0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWY1MGFkNTY3YWIwMWRiMWYyNjI0Y2NlYmM4YjkyZTdiZTQ2ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvITH9ykDkIUv7DixBWeFJBMPIWDs
JreentBApDiPAOLXi1+uonqTeg8xWqNKZ1naxW6a3h5MkHiCeEOcIym8lndaZLwn
F7Y92yS+zL1z0rOMRF1P3XSYwsGZqaBvqdEREXT7+CKh4zg8GHtgsVTKlH7jtUZ1
jY5+10ox2me0v/hpsDHWE2idIerIE+hpZN1qL6ts9RtWeUJm0uvAyP44CqPUznb6
7dystjp+/t5xxfhIQKsgZpkyl7XBfT1scnS9VjenwbYNrjhy3S4ijPUGxBOPknW9
15LhyzjXIPHbDMwjWxjOJam/zoU32IJdVeJcuUFP25NdEbWqrKR/Uhke1wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDX1CtVnqwHbHyYkzOvIuS575G9sMB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvTmZVSzFXZXJBZHNmSmlUTTY4aTVMbnZrYjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhRPgAAw
DQYJKoZIhvcNAQELBQADggEBAJJruie07A3ZxGGIg8MFevdPdXL1nHs/dxsNJ1YK
twHdAmwyNy2urFEj0Kr0ymd3Fkzb7glg+F9UXOMlkAdiMbZtEzoo2RpH59opOMOU
Au53IdyrE355hSuhVMRgWfMxKHqXX6306hEFxxoA12EABf2u+cMdnEP/yw3c5cOW
4zOfNQJ0+yo4oIP8wyEMJa4HhicIentL6N2ux2+uZDZRTtJUhjSOELeGB+gSEiq6
J+ZhkWvThHnm+lJF55K+UFBZ2sUu02FxrEBjQrrjxewB697ofcztYyVFJ1M1r6ha
Qjfr1zN2byVlppDT8I2KnqdBtrhZ6EhW4LwSTmsWUiwXmZc=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:31 2025 by rpki-client on console.sobornost.net