Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/iL1epaX81Uq1u1Vt8v_LyUUIIKE.roa
File: iL1epaX81Uq1u1Vt8v_LyUUIIKE.roa (raw, json)
Hash identifier: O1duuQqWAaqh3DHxl+OWDb2NFBwVRxAmp4BqT82NJBo=
Subject key identifier: 88:BD:5E:A5:A5:FC:D5:4A:B5:BB:55:6D:F2:FF:CB:C9:45:08:20:A1
Certificate issuer: /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial: 0194BDA09A07F8D31310FCF78485DC6BB9A5
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/iL1epaX81Uq1u1Vt8v_LyUUIIKE.roa
Signing time: Fri 31 Jan 2025 18:30:06 +0000
ROA not before: Fri 31 Jan 2025 18:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216054
IP address blocks: 2a14:4f80::/29 maxlen: 39
2a14:4f85::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bd:a0:9a:07:f8:d3:13:10:fc:f7:84:85:dc:6b:b9:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Validity
Not Before: Jan 31 18:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88bd5ea5a5fcd54ab5bb556df2ffcbc9450820a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:03:07:b4:a2:25:f6:78:5c:7e:2b:20:b5:d8:
b6:05:3e:70:4f:2d:a0:ff:aa:be:71:d2:1e:3e:7d:
79:1c:47:fb:cc:63:ba:3e:db:c4:66:76:5f:fe:8d:
de:3d:e7:2f:da:a9:13:02:b0:f0:a9:d5:54:36:5d:
90:e4:4c:26:cf:bb:cf:52:fb:42:9f:bc:74:2d:8c:
89:74:a7:3c:fa:7d:8f:22:48:28:a9:f9:3a:52:da:
ac:00:a8:c9:2b:d8:24:16:0b:c5:67:7a:d3:0a:ef:
02:27:d4:97:fd:ef:8e:d1:22:7f:39:d5:7d:18:59:
d5:ba:b9:e6:ad:9b:3b:61:1d:b7:98:6a:22:c3:b8:
7b:56:85:6e:cb:5a:e0:26:1f:79:c0:2f:0f:43:75:
27:66:f5:39:f3:b2:57:b5:0c:77:70:57:71:9b:96:
69:b2:41:19:65:2d:de:a2:5e:fe:79:4b:a1:7b:46:
c0:9f:da:8d:75:77:47:73:22:0b:fc:94:90:6d:fd:
fa:d9:7b:51:2d:f2:dd:75:64:c0:b4:40:9e:2c:ec:
16:13:ee:62:97:28:49:00:a5:f6:f3:61:0c:07:62:
7d:27:62:04:56:f2:a9:b9:ef:bb:58:d2:67:b6:a8:
35:3b:92:1f:77:4a:89:74:82:00:0b:a9:f2:43:9b:
59:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:BD:5E:A5:A5:FC:D5:4A:B5:BB:55:6D:F2:FF:CB:C9:45:08:20:A1
X509v3 Authority Key Identifier:
keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/iL1epaX81Uq1u1Vt8v_LyUUIIKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:4f80::/29
Signature Algorithm: sha256WithRSAEncryption
85:ad:51:9a:89:9c:76:f4:64:13:22:94:3d:40:d9:c2:b6:e8:
15:06:45:08:9c:04:83:f3:ea:c6:46:82:20:ac:ba:3b:ac:c9:
5b:01:cd:42:cf:19:e9:b3:cf:cd:48:a8:dc:ad:2b:9c:c3:58:
3b:a7:98:dd:2d:97:d9:11:45:07:71:ee:cd:23:d1:4a:17:c8:
69:c6:16:03:86:3b:f3:fc:99:ae:a9:17:8f:47:c6:f1:d6:b9:
a6:63:f5:cc:1b:b0:7c:f7:0c:fa:3b:b2:88:a7:ea:b0:95:e9:
40:4e:ec:c5:cb:b8:0b:9b:1c:18:cb:6a:94:bc:cb:de:10:01:
0e:de:10:e2:07:37:a7:9e:13:12:69:9c:1d:b5:71:14:60:54:
d5:4d:d1:99:c8:40:7f:e7:91:59:9f:41:5e:d4:9a:5c:6c:24:
e8:b2:09:58:32:cc:0b:5e:ed:03:9d:55:5a:48:0f:c7:d6:9d:
e8:04:3f:9d:5b:13:c8:99:43:1c:76:08:32:77:3f:e1:98:c8:
3e:43:e8:96:65:78:ed:55:fa:a7:b3:ec:3f:bb:2f:47:84:10:
0b:e1:d4:0d:4f:89:63:ed:6d:8a:b6:b9:5b:69:20:8b:77:63:
d4:9a:32:4c:ca:db:74:17:a0:c0:8f:b0:ae:9c:f0:44:40:12:
b0:f0:b2:fa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZS9oJoH+NMTEPz3hIXca7mlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjUwMTMxMTgzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGJkNWVhNWE1ZmNkNTRhYjViYjU1NmRmMmZmY2JjOTQ1MDgyMGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywMHtKIl9nhcfisgtdi2BT5wTy2g
/6q+cdIePn15HEf7zGO6PtvEZnZf/o3ePecv2qkTArDwqdVUNl2Q5Ewmz7vPUvtC
n7x0LYyJdKc8+n2PIkgoqfk6UtqsAKjJK9gkFgvFZ3rTCu8CJ9SX/e+O0SJ/OdV9
GFnVurnmrZs7YR23mGoiw7h7VoVuy1rgJh95wC8PQ3UnZvU587JXtQx3cFdxm5Zp
skEZZS3eol7+eUuhe0bAn9qNdXdHcyIL/JSQbf362XtRLfLddWTAtECeLOwWE+5i
lyhJAKX282EMB2J9J2IEVvKpue+7WNJntqg1O5Ifd0qJdIIAC6nyQ5tZjwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIi9XqWl/NVKtbtVbfL/y8lFCCChMB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvaUwxZXBhWDgxVXExdTFWdDh2X0x5VVVJSUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRPgDAN
BgkqhkiG9w0BAQsFAAOCAQEAha1RmomcdvRkEyKUPUDZwrboFQZFCJwEg/PqxkaC
IKy6O6zJWwHNQs8Z6bPPzUio3K0rnMNYO6eY3S2X2RFFB3HuzSPRShfIacYWA4Y7
8/yZrqkXj0fG8da5pmP1zBuwfPcM+juyiKfqsJXpQE7sxcu4C5scGMtqlLzL3hAB
Dt4Q4gc3p54TEmmcHbVxFGBU1U3RmchAf+eRWZ9BXtSaXGwk6LIJWDLMC17tA51V
WkgPx9ad6AQ/nVsTyJlDHHYIMnc/4ZjIPkPolmV47VX6p7PsP7svR4QQC+HUDU+J
Y+1tira5W2kgi3dj1JoyTMrbdBegwI+wrpzwREASsPCy+g==
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:56:00 2025 by rpki-client on console.sobornost.net