Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/KHKAC9a3rTijbcUG7k0TG0oIfQw.roa
File: KHKAC9a3rTijbcUG7k0TG0oIfQw.roa (raw, json)
Hash identifier: mQICnOFfRCc92bylLzQGJ/CCdUJnG0edN7A+0K2B+IE=
Subject key identifier: 28:72:80:0B:D6:B7:AD:38:A3:6D:C5:06:EE:4D:13:1B:4A:08:7D:0C
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 0196287AD1D12F0D65B49EEB97C27636A8BE
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/KHKAC9a3rTijbcUG7k0TG0oIfQw.roa
Signing time: Sat 12 Apr 2025 05:30:59 +0000
ROA not before: Sat 12 Apr 2025 05:30:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135402
IP address blocks: 91.221.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:28:7a:d1:d1:2f:0d:65:b4:9e:eb:97:c2:76:36:a8:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Apr 12 05:30:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2872800bd6b7ad38a36dc506ee4d131b4a087d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a1:56:63:5f:d4:5f:6d:52:c7:a4:c9:93:5a:
1f:17:05:64:c5:b7:2b:26:10:c5:e0:5a:c1:3e:e1:
a1:ce:af:fa:4c:c8:13:36:e1:44:aa:ae:c5:35:16:
19:97:d5:24:47:e4:f2:cd:59:0e:28:56:a8:d6:da:
50:a1:a0:fc:6b:5b:4b:da:cb:01:36:d4:33:d0:db:
90:53:f3:b3:94:86:0c:f1:6b:c3:7e:79:88:28:36:
60:69:85:0a:c6:c7:d4:0e:eb:ef:db:84:46:b9:65:
7c:11:b7:21:98:0a:14:87:e6:ae:36:88:c8:22:b4:
f2:53:c9:84:f5:4a:33:4c:3e:71:17:fd:3d:51:38:
1f:ab:19:c6:e9:0f:f8:d0:23:2b:ea:d0:57:dd:76:
72:6f:a9:9a:9c:f6:78:12:60:1d:44:22:85:51:fc:
71:6a:a7:15:72:52:52:56:af:30:01:0f:e3:70:6c:
70:0f:f9:8b:e7:e1:61:eb:0e:82:99:81:7a:30:8d:
6e:04:ac:6f:bb:e3:ad:30:f3:08:0d:f8:ac:88:00:
88:b2:46:71:b1:a5:3a:a3:bb:07:1a:07:d5:4a:4e:
ef:5a:3e:9f:19:91:3a:8d:b9:9f:d5:a7:04:bd:1d:
22:d2:c6:1f:a9:ca:b1:39:9c:1e:e6:8e:6c:0c:ed:
fb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:72:80:0B:D6:B7:AD:38:A3:6D:C5:06:EE:4D:13:1B:4A:08:7D:0C
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/KHKAC9a3rTijbcUG7k0TG0oIfQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.116.0/24
Signature Algorithm: sha256WithRSAEncryption
50:d8:4b:95:da:97:07:4b:b7:5d:a9:ae:94:3d:28:1b:97:5c:
63:35:75:e3:a9:8d:b3:8a:09:ec:ed:7d:b6:92:c5:03:d1:56:
30:50:69:9d:08:8f:b7:db:86:92:0e:c9:c6:a6:7a:49:59:54:
eb:14:a3:ce:c8:d7:dc:c8:f4:d5:d7:37:ea:bb:67:49:73:8f:
e3:48:7d:b2:5a:1b:f4:98:75:51:5b:ad:00:cd:a2:4a:5c:b3:
a8:50:88:51:ce:ac:a0:cd:00:a4:46:08:04:5d:32:27:48:c9:
1d:aa:46:6c:40:5b:c4:8d:1e:e6:06:5e:c4:3a:0e:56:18:ab:
16:ab:21:10:de:f9:c1:15:18:d0:a4:86:2f:b4:d4:37:5b:0f:
7c:47:3a:2a:ab:d0:7f:b2:9e:68:73:db:f2:36:ec:0f:6a:e3:
cd:03:21:f6:83:77:4f:48:88:ad:d1:21:ab:cd:06:8a:bf:2e:
4f:eb:7e:00:e9:93:bb:d3:00:be:5e:ec:af:bc:63:59:25:cb:
d0:8b:be:71:06:32:0e:e0:f2:3d:45:47:31:c7:31:94:2b:d0:
55:40:ca:13:e2:67:d8:1b:c8:6f:e0:c4:2a:4b:1f:b6:7c:07:
1d:14:db:c8:44:c3:5d:b2:5a:3b:95:9f:80:e4:19:7b:c6:39:
e5:23:90:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYoetHRLw1ltJ7rl8J2Nqi+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjUwNDEyMDUzMDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODcyODAwYmQ2YjdhZDM4YTM2ZGM1MDZlZTRkMTMxYjRhMDg3ZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqFWY1/UX21Sx6TJk1ofFwVkxbcr
JhDF4FrBPuGhzq/6TMgTNuFEqq7FNRYZl9UkR+TyzVkOKFao1tpQoaD8a1tL2ssB
NtQz0NuQU/OzlIYM8WvDfnmIKDZgaYUKxsfUDuvv24RGuWV8EbchmAoUh+auNojI
IrTyU8mE9UozTD5xF/09UTgfqxnG6Q/40CMr6tBX3XZyb6manPZ4EmAdRCKFUfxx
aqcVclJSVq8wAQ/jcGxwD/mL5+Fh6w6CmYF6MI1uBKxvu+OtMPMIDfisiACIskZx
saU6o7sHGgfVSk7vWj6fGZE6jbmf1acEvR0i0sYfqcqxOZwe5o5sDO373QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChygAvWt604o23FBu5NExtKCH0MMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvS0hLQUM5YTNyVGlqYmNVRzdrMFRHMG9JZlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW910MA0G
CSqGSIb3DQEBCwUAA4IBAQBQ2EuV2pcHS7ddqa6UPSgbl1xjNXXjqY2zigns7X22
ksUD0VYwUGmdCI+324aSDsnGpnpJWVTrFKPOyNfcyPTV1zfqu2dJc4/jSH2yWhv0
mHVRW60AzaJKXLOoUIhRzqygzQCkRggEXTInSMkdqkZsQFvEjR7mBl7EOg5WGKsW
qyEQ3vnBFRjQpIYvtNQ3Ww98Rzoqq9B/sp5oc9vyNuwPauPNAyH2g3dPSIit0SGr
zQaKvy5P634A6ZO70wC+XuyvvGNZJcvQi75xBjIO4PI9RUcxxzGUK9BVQMoT4mfY
G8hv4MQqSx+2fAcdFNvIRMNdslo7lZ+A5Bl7xjnlI5B/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:07 2025 by rpki-client on console.sobornost.net