Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/f69975-affd-4f8e-a9f2-5ce9832e7495/1/kGh2ZAKJM2CfYt9swIKSZAfzB_I.roa
File: kGh2ZAKJM2CfYt9swIKSZAfzB_I.roa (raw, json)
Hash identifier: aTLGH5HWVmrOF0Jwd8eHkKzJcYT3fAVpizSVbGt2XVc=
Subject key identifier: 90:68:76:64:02:89:33:60:9F:62:DF:6C:C0:82:92:64:07:F3:07:F2
Certificate issuer: /CN=fc9282a576fd62a0a24166b5ec1f124e4258db49
Certificate serial: 019423D75C9BE2371F3BAF0803FEA7FCBDA2
Authority key identifier: FC:92:82:A5:76:FD:62:A0:A2:41:66:B5:EC:1F:12:4E:42:58:DB:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_JKCpXb9YqCiQWa17B8STkJY20k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/f69975-affd-4f8e-a9f2-5ce9832e7495/1/kGh2ZAKJM2CfYt9swIKSZAfzB_I.roa
Signing time: Wed 01 Jan 2025 21:48:23 +0000
ROA not before: Wed 01 Jan 2025 21:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215773
IP address blocks: 212.32.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:5c:9b:e2:37:1f:3b:af:08:03:fe:a7:fc:bd:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc9282a576fd62a0a24166b5ec1f124e4258db49
Validity
Not Before: Jan 1 21:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90687664028933609f62df6cc082926407f307f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ce:6f:8d:ea:bb:44:85:18:5e:7d:43:1e:50:
51:1c:44:df:0b:6c:9c:c3:35:8f:2e:c5:eb:02:71:
cd:7f:fb:df:fe:97:23:cf:f3:51:56:35:fa:6f:1e:
97:40:7f:8e:8b:27:6f:6d:2e:33:b7:0a:0a:9d:fb:
5f:48:f0:66:7f:1b:01:73:98:8f:19:e7:39:46:3f:
a5:be:9f:c8:e2:45:d1:bd:07:96:51:ce:4f:20:51:
ba:2f:2f:bf:04:3b:07:5b:6a:9a:fd:87:c4:dc:31:
ee:58:b7:2e:73:e0:1c:f8:70:14:b5:e2:69:fb:74:
b8:f7:06:9a:65:75:6e:5d:96:c6:cf:1c:1f:e5:31:
bb:e0:fe:d3:d1:5c:06:df:fc:87:96:f2:e0:97:6d:
bd:5e:7b:43:2f:fa:02:a9:e9:ef:25:c2:d9:71:98:
17:ae:e5:6a:69:66:38:b9:af:bc:c2:9c:92:a4:86:
81:66:7a:f8:d5:d3:11:b4:2f:50:ad:51:a7:85:40:
8f:0b:e9:67:aa:c2:a1:27:0b:92:32:d6:d3:bc:99:
9f:d9:c3:0c:97:42:aa:f7:34:57:c5:3b:27:2a:5a:
08:2a:7b:21:f6:94:68:30:3f:9f:29:fc:77:dd:77:
be:a0:2a:4c:a0:a8:9c:e8:28:1b:af:c1:e5:db:ea:
93:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:68:76:64:02:89:33:60:9F:62:DF:6C:C0:82:92:64:07:F3:07:F2
X509v3 Authority Key Identifier:
keyid:FC:92:82:A5:76:FD:62:A0:A2:41:66:B5:EC:1F:12:4E:42:58:DB:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_JKCpXb9YqCiQWa17B8STkJY20k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/f69975-affd-4f8e-a9f2-5ce9832e7495/1/kGh2ZAKJM2CfYt9swIKSZAfzB_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/f69975-affd-4f8e-a9f2-5ce9832e7495/1/_JKCpXb9YqCiQWa17B8STkJY20k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.32.43.0/24
Signature Algorithm: sha256WithRSAEncryption
72:73:b0:c9:c4:ab:d9:88:c7:0d:ee:fa:05:0a:24:23:86:49:
39:a8:a2:4c:0e:d8:b9:0c:c7:69:00:c5:7b:57:98:d9:db:c2:
f8:50:2e:59:bf:b1:de:f7:fa:0c:04:38:fa:0d:00:5c:ad:13:
4e:0f:75:50:92:13:13:f2:6b:6c:26:b8:f8:74:95:04:18:de:
5e:cf:82:b9:79:0e:02:0d:6a:61:4f:bd:1d:6c:b5:64:43:40:
a6:28:4a:30:98:35:e6:06:e4:17:be:c7:ba:d5:e3:76:93:0b:
d8:84:70:d5:ce:30:13:61:28:f9:d5:55:17:5a:cd:a1:0c:eb:
04:62:c9:e0:51:2b:bc:85:89:78:79:a2:bc:2e:e5:e5:5a:f2:
0b:ef:4b:b2:45:f1:50:59:73:c8:c5:ef:87:f9:8d:1e:00:c2:
37:27:ab:74:5a:b2:07:6c:66:7a:78:12:24:ec:09:9e:46:b5:
3c:04:c5:54:9b:ac:db:2e:79:97:78:36:ee:c7:1d:b3:7e:c8:
ed:26:b9:f7:c1:dd:2d:c7:a8:21:1b:2a:8f:e8:e5:a4:e5:16:
49:b8:92:63:60:4c:4f:f1:71:78:ff:1b:37:eb:47:5e:d8:45:
c9:ec:97:bc:aa:b2:08:5b:32:f2:80:03:8f:dc:40:50:3e:1e:
cf:67:c3:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj11yb4jcfO68IA/6n/L2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOTI4MmE1NzZmZDYyYTBhMjQxNjZiNWVjMWYxMjRlNDI1
OGRiNDkwHhcNMjUwMTAxMjE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDY4NzY2NDAyODkzMzYwOWY2MmRmNmNjMDgyOTI2NDA3ZjMwN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA085vjeq7RIUYXn1DHlBRHETfC2yc
wzWPLsXrAnHNf/vf/pcjz/NRVjX6bx6XQH+OiydvbS4ztwoKnftfSPBmfxsBc5iP
Gec5Rj+lvp/I4kXRvQeWUc5PIFG6Ly+/BDsHW2qa/YfE3DHuWLcuc+Ac+HAUteJp
+3S49waaZXVuXZbGzxwf5TG74P7T0VwG3/yHlvLgl229XntDL/oCqenvJcLZcZgX
ruVqaWY4ua+8wpySpIaBZnr41dMRtC9QrVGnhUCPC+lnqsKhJwuSMtbTvJmf2cMM
l0Kq9zRXxTsnKloIKnsh9pRoMD+fKfx33Xe+oCpMoKic6Cgbr8Hl2+qTNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJBodmQCiTNgn2LfbMCCkmQH8wfyMB8GA1UdIwQY
MBaAFPySgqV2/WKgokFmtewfEk5CWNtJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0pLQ3BYYjlZcUNpUVdhMTdCOFNUa0pZMjBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9mNjk5NzUtYWZmZC00ZjhlLWE5ZjIt
NWNlOTgzMmU3NDk1LzEva0doMlpBS0pNMkNmWXQ5c3dJS1NaQWZ6Ql9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9mNjk5NzUtYWZmZC00ZjhlLWE5ZjItNWNlOTgzMmU3NDk1
LzEvX0pLQ3BYYjlZcUNpUVdhMTdCOFNUa0pZMjBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1CArMA0G
CSqGSIb3DQEBCwUAA4IBAQByc7DJxKvZiMcN7voFCiQjhkk5qKJMDti5DMdpAMV7
V5jZ28L4UC5Zv7He9/oMBDj6DQBcrRNOD3VQkhMT8mtsJrj4dJUEGN5ez4K5eQ4C
DWphT70dbLVkQ0CmKEowmDXmBuQXvse61eN2kwvYhHDVzjATYSj51VUXWs2hDOsE
YsngUSu8hYl4eaK8LuXlWvIL70uyRfFQWXPIxe+H+Y0eAMI3J6t0WrIHbGZ6eBIk
7AmeRrU8BMVUm6zbLnmXeDbuxx2zfsjtJrn3wd0tx6ghGyqP6OWk5RZJuJJjYExP
8XF4/xs360de2EXJ7Je8qrIIWzLygAOP3EBQPh7PZ8P+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:16 2025 by rpki-client on console.sobornost.net