Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/T1ExYbnMScXpW49W3TzA2j25m2g.roa
File: T1ExYbnMScXpW49W3TzA2j25m2g.roa (raw, json)
Hash identifier: y19xXSPvsH3iQpElfEG+Wwae1lHCoSGQlARfuGWM2P0=
Subject key identifier: 4F:51:31:61:B9:CC:49:C5:E9:5B:8F:56:DD:3C:C0:DA:3D:B9:9B:68
Certificate issuer: /CN=a566d8337776c98746bd231e69e185db2a9a5be2
Certificate serial: 0194274768438F2AAE5412D3171C3FCD20D7
Authority key identifier: A5:66:D8:33:77:76:C9:87:46:BD:23:1E:69:E1:85:DB:2A:9A:5B:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pWbYM3d2yYdGvSMeaeGF2yqaW-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/T1ExYbnMScXpW49W3TzA2j25m2g.roa
Signing time: Thu 02 Jan 2025 13:49:38 +0000
ROA not before: Thu 02 Jan 2025 13:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204982
IP address blocks: 2a0e:3bc0:fa00::/42 maxlen: 42
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:68:43:8f:2a:ae:54:12:d3:17:1c:3f:cd:20:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a566d8337776c98746bd231e69e185db2a9a5be2
Validity
Not Before: Jan 2 13:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f513161b9cc49c5e95b8f56dd3cc0da3db99b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b7:22:fc:d6:93:e3:3a:bb:ed:02:01:63:2b:
dc:76:3c:cc:aa:7c:ad:e7:85:e2:04:72:fc:38:fe:
d2:76:6b:2b:0a:6d:f1:4a:93:2e:2d:c1:48:d5:ae:
63:6e:6a:c2:7e:0e:93:37:28:a8:07:73:ec:34:64:
9c:a0:30:47:e0:01:11:a6:93:04:91:d0:3c:43:9f:
3d:dc:96:1f:b6:ff:78:e5:97:ea:ae:39:bd:9f:45:
54:23:11:fe:e7:b6:5d:3a:06:e3:d7:b6:e3:ee:fd:
53:c4:6b:04:8b:71:24:cd:3c:93:94:02:69:8a:f2:
29:75:17:0b:47:2e:58:bb:1d:7c:7b:a1:a2:79:f7:
91:a8:b8:e0:94:d3:ba:4e:ce:06:0d:cf:27:f3:c1:
cf:d8:73:74:2e:b1:f3:3b:b5:53:97:cb:47:7a:69:
8a:a5:41:09:0d:0b:63:23:0c:23:ee:94:25:3d:26:
56:fa:cb:6c:ea:1f:6b:0d:b9:68:af:ed:e3:16:02:
51:76:cb:c4:0a:a4:44:72:28:cb:ae:2f:0a:b0:84:
bb:ac:c8:30:f2:f3:ee:db:60:56:e2:f7:75:69:b3:
4e:ae:83:f0:47:ee:15:e6:a5:1c:eb:59:9a:90:0d:
41:c3:79:23:f8:61:57:72:61:89:bc:27:d2:04:57:
7f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:51:31:61:B9:CC:49:C5:E9:5B:8F:56:DD:3C:C0:DA:3D:B9:9B:68
X509v3 Authority Key Identifier:
keyid:A5:66:D8:33:77:76:C9:87:46:BD:23:1E:69:E1:85:DB:2A:9A:5B:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pWbYM3d2yYdGvSMeaeGF2yqaW-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/T1ExYbnMScXpW49W3TzA2j25m2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/pWbYM3d2yYdGvSMeaeGF2yqaW-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:3bc0:fa00::/42
Signature Algorithm: sha256WithRSAEncryption
c9:d1:20:55:ce:eb:67:09:30:f5:5a:a2:14:7d:fb:25:86:22:
46:9e:b7:0e:ff:f3:1e:e2:54:0e:4d:84:61:77:ea:3c:47:76:
cc:f6:aa:76:89:f5:39:32:e7:99:74:f6:76:f0:08:07:2b:17:
b9:8b:0f:d6:a8:ae:9d:c6:92:1d:c6:2d:31:c3:04:f5:72:aa:
39:17:5a:e8:77:79:5a:e6:5b:71:44:ea:fb:eb:41:a5:14:6d:
df:7b:2f:5d:98:df:43:44:1b:70:c2:6f:f4:e3:76:a2:35:f2:
0d:e5:10:51:eb:33:a3:25:d1:5b:e3:af:e4:4c:28:87:ca:ad:
05:26:96:06:a4:82:6d:0a:d6:86:02:63:b2:74:62:d2:01:a4:
ab:a4:19:c5:e6:3b:c3:f0:a0:2a:6b:6a:a0:0a:d8:3c:c3:0f:
4d:93:20:6d:ce:e6:27:22:a5:5f:89:21:ba:44:2c:a5:a6:f7:
c6:59:c0:d6:ea:68:5d:7f:d0:60:ec:c3:e2:e9:b5:fe:82:bd:
2b:9d:c9:1c:69:1f:be:54:b5:02:e2:66:cc:95:18:00:29:8e:
c0:d4:ca:62:31:42:0d:20:3a:0e:1e:b5:ca:53:f0:4d:6f:21:
52:39:7a:d5:62:ce:e3:59:d8:1c:bc:92:23:cd:7d:fe:de:91:
70:3b:eb:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnR2hDjyquVBLTFxw/zSDXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NjZkODMzNzc3NmM5ODc0NmJkMjMxZTY5ZTE4NWRiMmE5
YTViZTIwHhcNMjUwMTAyMTM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjUxMzE2MWI5Y2M0OWM1ZTk1YjhmNTZkZDNjYzBkYTNkYjk5YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrci/NaT4zq77QIBYyvcdjzMqnyt
54XiBHL8OP7SdmsrCm3xSpMuLcFI1a5jbmrCfg6TNyioB3PsNGScoDBH4AERppME
kdA8Q5893JYftv945Zfqrjm9n0VUIxH+57ZdOgbj17bj7v1TxGsEi3EkzTyTlAJp
ivIpdRcLRy5Yux18e6GiefeRqLjglNO6Ts4GDc8n88HP2HN0LrHzO7VTl8tHemmK
pUEJDQtjIwwj7pQlPSZW+sts6h9rDblor+3jFgJRdsvECqREcijLri8KsIS7rMgw
8vPu22BW4vd1abNOroPwR+4V5qUc61makA1Bw3kj+GFXcmGJvCfSBFd/qwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE9RMWG5zEnF6VuPVt08wNo9uZtoMB8GA1UdIwQY
MBaAFKVm2DN3dsmHRr0jHmnhhdsqmlviMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFdiWU0zZDJ5WWRHdlNNZWFlR0YyeXFhVy1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wMTY4YWMtMzQyYy00ZGQwLTkxYTgt
MWI3NTg2N2U4ZGZmLzEvVDFFeFlibk1TY1hwVzQ5VzNUekEyajI1bTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wMTY4YWMtMzQyYy00ZGQwLTkxYTgtMWI3NTg2N2U4ZGZm
LzEvcFdiWU0zZDJ5WWRHdlNNZWFlR0YyeXFhVy1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKg47wPoA
MA0GCSqGSIb3DQEBCwUAA4IBAQDJ0SBVzutnCTD1WqIUffslhiJGnrcO//Me4lQO
TYRhd+o8R3bM9qp2ifU5MueZdPZ28AgHKxe5iw/WqK6dxpIdxi0xwwT1cqo5F1ro
d3la5ltxROr760GlFG3fey9dmN9DRBtwwm/043aiNfIN5RBR6zOjJdFb46/kTCiH
yq0FJpYGpIJtCtaGAmOydGLSAaSrpBnF5jvD8KAqa2qgCtg8ww9NkyBtzuYnIqVf
iSG6RCylpvfGWcDW6mhdf9Bg7MPi6bX+gr0rnckcaR++VLUC4mbMlRgAKY7A1Mpi
MUINIDoOHrXKU/BNbyFSOXrVYs7jWdgcvJIjzX3+3pFwO+u+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:47 2025 by rpki-client on console.sobornost.net