Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/K3Ex8mEiJiJljVyPtMZMxYneI7I.roa
File: K3Ex8mEiJiJljVyPtMZMxYneI7I.roa (raw, json)
Hash identifier: aJaX2AECKuC34XEcu2rHpFv38+A/LLcz4xe4s8U6QsU=
Subject key identifier: 2B:71:31:F2:61:22:26:22:65:8D:5C:8F:B4:C6:4C:C5:89:DE:23:B2
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019423D7BC956D7704FF00F25E746ED670EE
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/K3Ex8mEiJiJljVyPtMZMxYneI7I.roa
Signing time: Wed 01 Jan 2025 21:48:48 +0000
ROA not before: Wed 01 Jan 2025 21:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53667
IP address blocks: 2a0f:e000::/29 maxlen: 36
2a11:3b40::/29 maxlen: 29
2a12:6b80::/29 maxlen: 36
2a12:f0c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:bc:95:6d:77:04:ff:00:f2:5e:74:6e:d6:70:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jan 1 21:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b7131f261222622658d5c8fb4c64cc589de23b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e7:3c:58:d1:4b:7a:66:57:c3:33:54:05:6a:
b6:28:fb:68:37:d2:92:63:f1:0b:01:d0:a2:8d:dd:
46:eb:54:6e:e9:95:c4:3d:27:03:f3:70:d2:6a:4a:
82:f5:e8:07:7b:e1:22:f3:aa:64:6b:b7:4a:01:36:
52:7d:61:20:7c:02:f2:2c:f8:46:6c:c2:b4:35:de:
c4:e8:91:45:1c:72:b2:1e:0a:6a:7e:ab:b2:e1:e2:
09:0a:67:11:b0:2a:bc:80:a0:06:2e:ad:ab:09:7d:
bd:d8:8d:68:b9:34:57:08:4f:80:73:30:2a:b3:d9:
09:29:ee:13:24:47:1a:e4:8f:d3:32:11:35:1f:df:
fa:b1:6d:95:9b:23:68:46:ca:99:11:50:42:0a:14:
22:05:a7:1e:0d:6e:99:4b:06:df:82:a6:3d:80:25:
c8:33:77:ff:a0:96:0f:1b:8b:bf:74:f2:d6:9f:d3:
dc:e8:d0:e0:c3:e5:66:72:57:b1:3e:bf:cb:21:e2:
58:10:69:82:2d:b9:79:02:61:d1:bd:f6:a1:78:79:
da:45:a0:0c:fb:24:f2:59:9c:96:9f:1b:2e:b9:a7:
c9:97:60:a2:2d:4d:57:d3:16:9b:2a:3c:60:cd:c6:
06:2b:59:21:68:50:45:02:3f:0c:a5:48:ce:8f:3d:
89:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:71:31:F2:61:22:26:22:65:8D:5C:8F:B4:C6:4C:C5:89:DE:23:B2
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/K3Ex8mEiJiJljVyPtMZMxYneI7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e000::/29
2a11:3b40::/29
2a12:6b80::/29
2a12:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
41:65:d4:1e:52:ea:0f:02:7f:f1:39:a0:2c:98:92:26:51:15:
fd:73:6f:1d:ed:c2:d1:3a:f0:96:0c:7e:47:1c:c8:dc:b6:91:
ac:89:a8:45:74:47:91:bf:74:a6:26:3e:23:f4:c1:b5:0b:8d:
1f:f9:e6:16:08:30:5a:1a:59:fe:ab:94:e5:a8:5e:ee:d9:5c:
95:44:df:db:c4:c1:a9:e8:ce:c9:ef:e1:6c:57:99:c0:81:06:
ca:21:01:75:ad:88:6b:0d:8c:c4:46:56:e6:c5:3a:91:e6:84:
f7:e4:05:67:c3:41:de:79:f3:37:53:6a:94:2d:5f:cf:11:b4:
de:08:02:c3:77:6b:bf:b2:19:b0:fa:9a:6f:f6:f1:64:fc:65:
2f:07:70:ef:b4:86:9f:19:74:0e:89:85:f7:2f:89:59:64:8d:
e6:28:f8:b1:1b:98:f7:14:92:88:30:93:bc:0a:e8:16:b8:1e:
05:38:0e:ba:fa:8d:8e:3b:d0:6c:fa:f0:44:0b:bc:a8:0e:00:
aa:90:df:de:19:1d:9e:1d:a6:7c:5a:4c:83:0e:4f:95:f5:22:
52:d5:c6:41:de:0d:6d:e0:ba:02:22:be:4e:24:4d:9d:29:c2:
d6:91:2d:c7:6d:ba:06:ad:1c:dd:34:ef:f5:cc:82:dc:65:eb:
c7:a0:6c:25
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQj17yVbXcE/wDyXnRu1nDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwMTAxMjE0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjcxMzFmMjYxMjIyNjIyNjU4ZDVjOGZiNGM2NGNjNTg5ZGUyM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOc8WNFLemZXwzNUBWq2KPtoN9KS
Y/ELAdCijd1G61Ru6ZXEPScD83DSakqC9egHe+Ei86pka7dKATZSfWEgfALyLPhG
bMK0Nd7E6JFFHHKyHgpqfquy4eIJCmcRsCq8gKAGLq2rCX292I1ouTRXCE+AczAq
s9kJKe4TJEca5I/TMhE1H9/6sW2VmyNoRsqZEVBCChQiBaceDW6ZSwbfgqY9gCXI
M3f/oJYPG4u/dPLWn9Pc6NDgw+VmclexPr/LIeJYEGmCLbl5AmHRvfaheHnaRaAM
+yTyWZyWnxsuuafJl2CiLU1X0xabKjxgzcYGK1khaFBFAj8MpUjOjz2JbwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCtxMfJhIiYiZY1cj7TGTMWJ3iOyMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvSzNFeDhtRWlKaUpsalZ5UHRNWk14WW5lSTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg/gAAMF
AyoRO0ADBQMqEmuAAwUDKhLwwDANBgkqhkiG9w0BAQsFAAOCAQEAQWXUHlLqDwJ/
8TmgLJiSJlEV/XNvHe3C0Trwlgx+RxzI3LaRrImoRXRHkb90piY+I/TBtQuNH/nm
FggwWhpZ/quU5ahe7tlclUTf28TBqejOye/hbFeZwIEGyiEBda2Iaw2MxEZW5sU6
keaE9+QFZ8NB3nnzN1NqlC1fzxG03ggCw3drv7IZsPqab/bxZPxlLwdw77SGnxl0
DomF9y+JWWSN5ij4sRuY9xSSiDCTvAroFrgeBTgOuvqNjjvQbPrwRAu8qA4AqpDf
3hkdnh2mfFpMgw5PlfUiUtXGQd4NbeC6AiK+TiRNnSnC1pEtx226Bq0c3TTv9cyC
3GXrx6BsJQ==
-----END CERTIFICATE-----
Generated at Thu Jan 23 15:46:29 2025 by rpki-client on console.sobornost.net