Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/b4ilz5cjneNbJCGND0KrV8AKjB8.roa
File: b4ilz5cjneNbJCGND0KrV8AKjB8.roa (raw, json)
Hash identifier: PSjmmrzuJ8D1JvT+xfT6TqWRijjyUCKhXYQ2nxXKOEI=
Subject key identifier: 6F:88:A5:CF:97:23:9D:E3:5B:24:21:8D:0F:42:AB:57:C0:0A:8C:1F
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01961BE1E80F75143DC1333A1E023B5E273F
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/b4ilz5cjneNbJCGND0KrV8AKjB8.roa
Signing time: Wed 09 Apr 2025 18:48:31 +0000
ROA not before: Wed 09 Apr 2025 18:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a0e:f05::/32 maxlen: 32
2a11:4344::/32 maxlen: 32
2a11:7884::/32 maxlen: 32
2a11:8501::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1b:e1:e8:0f:75:14:3d:c1:33:3a:1e:02:3b:5e:27:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 9 18:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f88a5cf97239de35b24218d0f42ab57c00a8c1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7e:f1:b2:df:ee:5e:3a:4c:a6:1c:04:84:47:
8a:5e:c9:ac:d3:77:fc:9c:01:07:c7:ef:64:6d:af:
74:2c:05:56:b7:41:fa:0c:ee:a7:3c:4b:d1:35:a3:
5f:5b:1e:83:7a:e0:72:f7:b6:83:1c:99:d0:04:81:
68:39:33:5a:92:2e:30:4d:8b:95:e4:b8:62:b2:fe:
ff:ec:b9:94:bf:61:1b:51:8d:f1:e1:f9:f1:90:2f:
36:df:6f:b1:b3:66:bb:55:87:d5:5f:62:8d:9d:1c:
8d:4c:51:bf:59:d6:28:2b:35:af:66:95:df:bd:63:
cd:61:35:dc:f4:22:ce:e6:4b:1a:e8:20:49:82:90:
47:c4:10:7e:f2:ff:3f:92:ba:58:95:8c:f3:27:c8:
e7:db:6a:f0:1b:8a:ab:02:30:38:b3:4d:84:31:00:
45:91:51:44:ea:6e:df:77:4e:aa:5d:34:ac:42:0b:
b9:5a:d4:33:dd:53:08:0b:ff:e1:52:75:1a:35:c9:
c7:de:d2:6f:72:ad:85:bc:d7:9d:1d:a4:a8:cd:4c:
99:3d:9a:cc:9c:da:48:36:bf:73:11:04:e3:27:d3:
87:4c:71:d8:08:13:6a:7c:e1:c1:ac:ac:6e:2e:a8:
5e:71:21:a7:e4:cb:ce:92:37:93:20:0e:0f:98:cc:
5c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:88:A5:CF:97:23:9D:E3:5B:24:21:8D:0F:42:AB:57:C0:0A:8C:1F
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/b4ilz5cjneNbJCGND0KrV8AKjB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:f05::/32
2a11:4344::/32
2a11:7884::/32
2a11:8501::/32
Signature Algorithm: sha256WithRSAEncryption
cd:b0:db:46:8e:97:c9:a9:43:e5:1b:a4:bd:71:72:79:b5:2e:
c2:e0:2b:d4:bf:d5:13:6d:78:33:e2:e3:8b:60:de:7c:80:7e:
83:9f:de:e4:0f:3a:22:a9:4a:ea:92:8e:ef:13:7a:1c:8d:b5:
a2:6d:0e:ea:97:ab:9f:94:73:66:a4:8e:da:66:af:4c:b2:db:
29:6c:84:1c:f2:a0:f0:8b:43:bc:e9:cc:e0:25:15:ad:e2:17:
28:d8:0d:6a:a3:78:3b:56:27:6d:6b:a5:f8:f5:46:9a:56:ad:
90:49:7a:61:20:95:2e:63:c0:75:d9:28:1b:b0:94:5a:ec:81:
b9:19:c2:64:3e:6f:54:15:29:b4:44:11:37:69:ed:d2:4f:e2:
dd:92:7d:77:7d:a4:00:41:d8:ac:bf:8d:57:c1:6c:c7:ba:fc:
26:0f:ca:64:0e:7d:f3:99:9f:95:92:5b:4f:f3:e2:a8:d7:36:
1f:5d:f2:e7:57:35:2b:d9:aa:77:2d:04:43:bb:12:fe:c8:e5:
28:5d:44:76:19:0c:27:c0:03:c1:c9:17:9c:2b:a7:ad:57:b2:
f1:ff:26:9a:a9:3c:f8:d7:ff:a7:d8:4a:cf:6b:36:5b:43:b2:
5a:29:5e:d3:28:88:2b:22:0e:6f:ab:52:40:28:90:3b:29:61:
4a:66:20:51
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZYb4egPdRQ9wTM6HgI7Xic/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDA5MTg0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjg4YTVjZjk3MjM5ZGUzNWIyNDIxOGQwZjQyYWI1N2MwMGE4YzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmH7xst/uXjpMphwEhEeKXsms03f8
nAEHx+9kba90LAVWt0H6DO6nPEvRNaNfWx6DeuBy97aDHJnQBIFoOTNaki4wTYuV
5Lhisv7/7LmUv2EbUY3x4fnxkC8232+xs2a7VYfVX2KNnRyNTFG/WdYoKzWvZpXf
vWPNYTXc9CLO5ksa6CBJgpBHxBB+8v8/krpYlYzzJ8jn22rwG4qrAjA4s02EMQBF
kVFE6m7fd06qXTSsQgu5WtQz3VMIC//hUnUaNcnH3tJvcq2FvNedHaSozUyZPZrM
nNpINr9zEQTjJ9OHTHHYCBNqfOHBrKxuLqhecSGn5MvOkjeTIA4PmMxcNQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFG+Ipc+XI53jWyQhjQ9Cq1fACowfMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvYjRpbHo1Y2puZU5iSkNHTkQwS3JWOEFLakI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKg4PBQMF
ACoRQ0QDBQAqEXiEAwUAKhGFATANBgkqhkiG9w0BAQsFAAOCAQEAzbDbRo6XyalD
5RukvXFyebUuwuAr1L/VE214M+Lji2DefIB+g5/e5A86IqlK6pKO7xN6HI21om0O
6pern5RzZqSO2mavTLLbKWyEHPKg8ItDvOnM4CUVreIXKNgNaqN4O1YnbWul+PVG
mlatkEl6YSCVLmPAddkoG7CUWuyBuRnCZD5vVBUptEQRN2nt0k/i3ZJ9d32kAEHY
rL+NV8Fsx7r8Jg/KZA5985mflZJbT/PiqNc2H13y51c1K9mqdy0EQ7sS/sjlKF1E
dhkMJ8ADwckXnCunrVey8f8mmqk8+Nf/p9hKz2s2W0OyWile0yiIKyIOb6tSQCiQ
OylhSmYgUQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:46 2025 by rpki-client on console.sobornost.net