Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/kc4z2zzYiTW0GaLmTuuhDE91d5o.roa
File: kc4z2zzYiTW0GaLmTuuhDE91d5o.roa (raw, json)
Hash identifier: g/g6twuj787QLJVbdboV8m3Ts06Is1fDi161w4I+b/0=
Subject key identifier: 91:CE:33:DB:3C:D8:89:35:B4:19:A2:E6:4E:EB:A1:0C:4F:75:77:9A
Certificate issuer: /CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Certificate serial: 0194236A4B03E21AAD3C4D8DE10B7DCC85C2
Authority key identifier: 56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/kc4z2zzYiTW0GaLmTuuhDE91d5o.roa
Signing time: Wed 01 Jan 2025 19:49:15 +0000
ROA not before: Wed 01 Jan 2025 19:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210674
IP address blocks: 2a11:e487:ff00::/40 maxlen: 48
2a11:e487:ff00::/48 maxlen: 48
2a11:e487:ff01::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:4b:03:e2:1a:ad:3c:4d:8d:e1:0b:7d:cc:85:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Validity
Not Before: Jan 1 19:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91ce33db3cd88935b419a2e64eeba10c4f75779a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f3:9e:c6:53:47:7e:02:f6:ff:dd:d5:6d:87:
de:39:c4:e4:10:33:44:a4:08:6c:19:f6:dd:9e:b8:
c5:aa:ae:ff:e6:9c:97:72:c5:66:cf:f6:1b:aa:e4:
03:ec:98:07:52:88:2b:a1:6e:ea:61:aa:ff:dc:61:
61:67:f3:fa:c0:1a:dd:77:94:05:ad:9b:d8:cc:1d:
95:c2:c3:9c:6f:67:67:cf:f0:84:96:4f:11:85:b7:
f8:8d:d8:99:ee:be:9b:68:55:15:ff:02:22:3a:fd:
e6:1f:bc:16:57:36:6c:9e:3d:63:9a:51:07:fe:77:
79:e3:43:1c:06:23:c2:7b:c3:52:6f:98:66:68:c1:
f8:e8:c3:c4:9f:b7:ab:dd:5c:2b:46:a3:1d:ca:50:
d9:b1:20:06:ac:03:ea:60:db:df:93:dc:12:22:59:
d8:22:82:6b:ec:83:02:ae:bf:2c:a9:db:ee:e4:12:
7d:1e:42:e5:e3:b4:d0:14:04:fc:9e:0c:9c:f4:26:
d5:85:d4:6e:bf:b4:34:4b:9d:64:32:74:dd:34:7b:
aa:08:9d:1d:07:8d:03:10:70:7b:08:83:26:02:a7:
9c:18:3d:10:f5:ca:fd:53:45:32:a4:ad:0d:8a:f3:
9c:83:4e:96:b0:c0:16:bf:bd:6c:09:29:8e:75:a0:
54:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CE:33:DB:3C:D8:89:35:B4:19:A2:E6:4E:EB:A1:0C:4F:75:77:9A
X509v3 Authority Key Identifier:
keyid:56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/kc4z2zzYiTW0GaLmTuuhDE91d5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e487:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
7e:36:73:d8:f9:74:e2:53:0d:fa:b9:87:cf:75:80:32:70:70:
27:4a:22:f8:34:69:c8:bc:34:44:0a:8a:54:93:df:ea:d5:7a:
be:d7:2a:84:f0:8c:0c:8a:af:28:3e:cf:f8:c5:90:25:d3:d4:
25:f0:bb:e6:c4:8e:63:f1:c6:9d:59:0b:f7:ef:f5:b1:01:d9:
1a:c7:85:d2:12:f7:60:30:ff:8d:d4:72:c8:e9:fe:26:8a:e3:
33:b0:5b:5b:79:02:a2:83:99:0f:75:ca:44:91:61:8d:e9:08:
38:20:a0:e8:cf:cb:94:ea:25:bb:0f:ee:19:c4:11:ea:f5:93:
50:5d:33:c2:3a:e6:35:dd:09:de:5b:42:20:81:78:7e:4c:48:
56:38:cd:5a:ad:cb:26:ae:e7:eb:cd:eb:29:e4:d8:81:47:4c:
59:3b:40:0c:16:27:80:5b:34:1f:cd:46:2c:bd:e0:8f:66:73:
0d:61:08:b9:b0:c4:2f:5e:66:ac:b9:11:7f:1f:c5:b8:8b:0d:
fa:d9:21:c7:78:49:e1:c3:d9:dc:9d:77:f0:ee:b6:6d:23:f0:
7a:21:c5:61:81:75:f7:5d:5a:61:9f:0f:4a:f7:1f:eb:c9:7f:
1c:05:7d:93:ea:30:96:9d:81:2e:24:83:ba:bf:fa:71:69:7b:
0b:f7:13:94
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjaksD4hqtPE2N4Qt9zIXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWZjZDhmYjQwYWFlMWQyNDNjMmE4Y2UyNTQxYTY5OTg3
ZWVkMTMwHhcNMjUwMTAxMTk0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWNlMzNkYjNjZDg4OTM1YjQxOWEyZTY0ZWViYTEwYzRmNzU3NzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fOexlNHfgL2/93VbYfeOcTkEDNE
pAhsGfbdnrjFqq7/5pyXcsVmz/YbquQD7JgHUogroW7qYar/3GFhZ/P6wBrdd5QF
rZvYzB2VwsOcb2dnz/CElk8Rhbf4jdiZ7r6baFUV/wIiOv3mH7wWVzZsnj1jmlEH
/nd540McBiPCe8NSb5hmaMH46MPEn7er3VwrRqMdylDZsSAGrAPqYNvfk9wSIlnY
IoJr7IMCrr8sqdvu5BJ9HkLl47TQFAT8ngyc9CbVhdRuv7Q0S51kMnTdNHuqCJ0d
B40DEHB7CIMmAqecGD0Q9cr9U0UypK0NivOcg06WsMAWv71sCSmOdaBUbQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJHOM9s82Ik1tBmi5k7roQxPdXeaMB8GA1UdIwQY
MBaAFFavzY+0Cq4dJDwqjOJUGmmYfu0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYt
MjM3YmU3NzMwMDdhLzEva2M0ejJ6ellpVFcwR2FMbVR1dWhERTkxZDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYtMjM3YmU3NzMwMDdh
LzEvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhHkh/8w
DQYJKoZIhvcNAQELBQADggEBAH42c9j5dOJTDfq5h891gDJwcCdKIvg0aci8NEQK
ilST3+rVer7XKoTwjAyKryg+z/jFkCXT1CXwu+bEjmPxxp1ZC/fv9bEB2RrHhdIS
92Aw/43Ucsjp/iaK4zOwW1t5AqKDmQ91ykSRYY3pCDggoOjPy5TqJbsP7hnEEer1
k1BdM8I65jXdCd5bQiCBeH5MSFY4zVqtyyau5+vN6ynk2IFHTFk7QAwWJ4BbNB/N
Riy94I9mcw1hCLmwxC9eZqy5EX8fxbiLDfrZIcd4SeHD2dydd/Dutm0j8HohxWGB
dfddWmGfD0r3H+vJfxwFfZPqMJadgS4kg7q/+nFpewv3E5Q=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:51 2025 by rpki-client on console.sobornost.net