Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/rYNJq30hG9TfQKEAUAnbb-JlarU.roa
File: rYNJq30hG9TfQKEAUAnbb-JlarU.roa (raw, json)
Hash identifier: bobhiWtsSX2sPVTtreNAJF6ae9i50YxHtcGAHPsK84U=
Subject key identifier: AD:83:49:AB:7D:21:1B:D4:DF:40:A1:00:50:09:DB:6F:E2:65:6A:B5
Certificate issuer: /CN=28f981c20aa652aa85e008bd262f7bc1f856c358
Certificate serial: 01942825E96F03B78D091AFFB70CE2AE816F
Authority key identifier: 28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/rYNJq30hG9TfQKEAUAnbb-JlarU.roa
Signing time: Thu 02 Jan 2025 17:52:40 +0000
ROA not before: Thu 02 Jan 2025 17:52:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211564
IP address blocks: 2001:678:fa8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:e9:6f:03:b7:8d:09:1a:ff:b7:0c:e2:ae:81:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28f981c20aa652aa85e008bd262f7bc1f856c358
Validity
Not Before: Jan 2 17:52:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad8349ab7d211bd4df40a1005009db6fe2656ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:94:a1:ec:3f:5e:de:d2:fe:e5:7e:b2:e5:14:
d6:69:95:19:e7:e4:39:ca:c5:bb:43:36:32:42:a2:
54:88:34:9e:5a:cf:33:2b:ac:4e:9f:ca:e1:7b:a3:
d8:dd:8e:8d:7c:f3:60:70:dc:78:35:61:b4:df:3e:
cd:4d:82:0a:65:8a:05:5c:37:a6:f5:cb:08:fe:36:
25:c9:b7:74:5b:d6:6b:9a:ac:1e:cc:3a:3f:b6:dc:
01:0a:68:b6:3d:cd:9b:cd:4d:4f:cd:65:18:8f:1d:
8e:6f:53:68:1c:23:ec:cd:b2:c9:70:26:de:98:63:
89:5a:90:33:46:19:6f:25:09:13:b5:e3:ef:a3:db:
7f:ea:57:b6:b3:e8:52:77:6d:b4:f6:5a:e5:66:e4:
b0:a9:cd:1d:b0:88:86:c7:fa:b2:6b:a7:b4:35:7d:
85:66:2c:36:7f:18:ca:43:b6:bf:5d:55:fd:09:49:
39:01:c2:7e:e6:f3:e5:17:fe:8e:c2:19:1b:0b:41:
34:d7:58:78:7f:2f:97:84:47:7b:ae:aa:91:48:10:
b2:0a:0b:df:6d:9f:c1:c1:99:7d:a1:48:ed:de:76:
a8:c6:60:5e:80:4f:e2:07:a3:1b:9c:56:48:a4:b8:
4e:38:a7:15:51:6c:17:cc:e0:c2:63:fb:69:f5:53:
f9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:83:49:AB:7D:21:1B:D4:DF:40:A1:00:50:09:DB:6F:E2:65:6A:B5
X509v3 Authority Key Identifier:
keyid:28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/rYNJq30hG9TfQKEAUAnbb-JlarU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:fa8::/48
Signature Algorithm: sha256WithRSAEncryption
04:8c:aa:f9:f3:8c:f7:b7:ee:8e:98:07:7b:6d:ed:6b:89:15:
12:c7:c1:83:60:0d:22:a4:c0:58:45:4d:2d:87:3c:cf:9f:aa:
cf:09:45:de:cc:53:3d:ef:4e:46:10:ff:4d:96:18:51:64:41:
13:35:bb:46:60:38:27:4f:ac:d2:f4:2a:f3:64:25:e7:7b:54:
f3:34:ce:ba:9d:ce:e7:08:e3:c3:9a:66:39:40:79:e6:cb:69:
b9:2d:96:27:af:ad:94:69:80:57:71:ba:02:4f:b7:0e:ca:0e:
a3:6c:5f:38:c2:a6:2d:e5:10:94:70:7a:7a:0e:b0:a2:31:51:
9e:1f:9c:e7:03:aa:b4:d7:2c:29:59:e1:74:f7:25:1d:4f:44:
89:31:4b:7f:f9:a9:54:f1:d8:9f:11:f8:25:4f:c2:45:c4:4d:
9f:fa:76:0a:5c:32:16:37:bc:21:fe:08:4c:d2:83:db:ed:67:
3e:df:2b:8d:c7:09:1e:3b:d6:7f:e8:e2:8f:28:d8:4b:65:11:
bd:ad:d5:97:c1:86:81:7c:5a:d0:cf:82:4a:76:43:06:e1:8a:
85:a0:32:eb:a7:7d:cd:d5:94:97:83:97:1e:85:af:84:5a:80:
18:ce:eb:56:f4:7b:d9:9b:da:ab:03:f2:3a:32:dc:a4:8d:62:
8f:b7:bd:8b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoJelvA7eNCRr/twziroFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Zjk4MWMyMGFhNjUyYWE4NWUwMDhiZDI2MmY3YmMxZjg1
NmMzNTgwHhcNMjUwMTAyMTc1MjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDgzNDlhYjdkMjExYmQ0ZGY0MGExMDA1MDA5ZGI2ZmUyNjU2YWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopSh7D9e3tL+5X6y5RTWaZUZ5+Q5
ysW7QzYyQqJUiDSeWs8zK6xOn8rhe6PY3Y6NfPNgcNx4NWG03z7NTYIKZYoFXDem
9csI/jYlybd0W9ZrmqwezDo/ttwBCmi2Pc2bzU1PzWUYjx2Ob1NoHCPszbLJcCbe
mGOJWpAzRhlvJQkTtePvo9t/6le2s+hSd2209lrlZuSwqc0dsIiGx/qya6e0NX2F
Ziw2fxjKQ7a/XVX9CUk5AcJ+5vPlF/6OwhkbC0E011h4fy+XhEd7rqqRSBCyCgvf
bZ/BwZl9oUjt3naoxmBegE/iB6MbnFZIpLhOOKcVUWwXzODCY/tp9VP5aQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK2DSat9IRvU30ChAFAJ22/iZWq1MB8GA1UdIwQY
MBaAFCj5gcIKplKqheAIvSYve8H4VsNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMt
Yzg3ZmJiZDAzZTg2LzEvcllOSnEzMGhHOVRmUUtFQVVBbmJiLUpsYXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMtYzg3ZmJiZDAzZTg2
LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA+o
MA0GCSqGSIb3DQEBCwUAA4IBAQAEjKr584z3t+6OmAd7be1riRUSx8GDYA0ipMBY
RU0thzzPn6rPCUXezFM9705GEP9NlhhRZEETNbtGYDgnT6zS9CrzZCXne1TzNM66
nc7nCOPDmmY5QHnmy2m5LZYnr62UaYBXcboCT7cOyg6jbF84wqYt5RCUcHp6DrCi
MVGeH5znA6q01ywpWeF09yUdT0SJMUt/+alU8difEfglT8JFxE2f+nYKXDIWN7wh
/ghM0oPb7Wc+3yuNxwkeO9Z/6OKPKNhLZRG9rdWXwYaBfFrQz4JKdkMG4YqFoDLr
p33N1ZSXg5ceha+EWoAYzutW9HvZm9qrA/I6MtykjWKPt72L
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:01 2025 by rpki-client on console.sobornost.net