Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/1ohlvL5PZw_3hcwGQ_J581-Kfkw.roa
File: 1ohlvL5PZw_3hcwGQ_J581-Kfkw.roa (raw, json)
Hash identifier: okrFXmsJ6KTYYIjnZcAOYjjx16+oQFPNv0K3PQHdWEg=
Subject key identifier: D6:88:65:BC:BE:4F:67:0F:F7:85:CC:06:43:F2:79:F3:5F:8A:7E:4C
Certificate issuer: /CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Certificate serial: 0194258F6122471FA4FB94C5439CC7D27AA5
Authority key identifier: 48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/1ohlvL5PZw_3hcwGQ_J581-Kfkw.roa
Signing time: Thu 02 Jan 2025 05:49:00 +0000
ROA not before: Thu 02 Jan 2025 05:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216344
IP address blocks: 2a11:8a80:9000::/36 maxlen: 36
2a11:8a85:400::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:61:22:47:1f:a4:fb:94:c5:43:9c:c7:d2:7a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Validity
Not Before: Jan 2 05:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d68865bcbe4f670ff785cc0643f279f35f8a7e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:12:c1:70:61:2c:b5:74:6c:05:b9:ec:18:36:
ec:6e:7e:0a:95:0b:e9:55:d7:21:d8:7e:d5:64:95:
ef:11:90:03:51:28:98:0a:4e:59:cf:5f:16:a0:b9:
86:bc:f3:08:5b:92:1c:df:a9:7c:f4:01:39:8e:50:
8b:fc:a1:fb:15:b8:ea:48:de:08:75:b3:73:0a:da:
43:78:f9:e0:52:7a:18:f3:36:1d:90:6f:e5:2f:b6:
05:61:fd:d7:0d:f7:9e:39:c4:7f:e2:bc:f4:bc:85:
d2:a4:fc:3b:46:64:f7:0a:41:e6:bd:c8:e2:53:bc:
3d:d6:5b:f7:48:8f:0c:cc:b1:9c:cb:5c:64:0d:c0:
17:a7:8a:58:c1:13:97:fa:49:4e:ad:03:10:58:0e:
af:96:32:46:ff:7e:ab:7e:e9:e9:a4:c5:17:cc:c5:
a7:3f:ce:2e:32:f1:c4:1e:78:a7:9d:89:ef:75:99:
5e:3b:03:b1:b8:5f:22:7a:b3:0d:03:53:57:03:e0:
d3:fd:0b:d3:c4:62:cc:0d:83:53:ea:c6:7d:07:7e:
c5:ea:3d:be:10:61:35:11:68:96:1c:89:dc:a2:04:
e2:0b:8f:25:de:be:a6:c7:2a:85:b5:25:a6:ef:6d:
16:2e:9e:3e:8d:a6:f9:31:75:80:c4:64:55:1b:18:
2e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:88:65:BC:BE:4F:67:0F:F7:85:CC:06:43:F2:79:F3:5F:8A:7E:4C
X509v3 Authority Key Identifier:
keyid:48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/1ohlvL5PZw_3hcwGQ_J581-Kfkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8a80:9000::/36
2a11:8a85:400::/38
Signature Algorithm: sha256WithRSAEncryption
60:f5:ba:4a:f0:91:35:a2:bd:c7:b5:44:31:fc:da:42:aa:ba:
a5:f4:9d:6f:4b:fb:eb:ed:ef:ac:5e:70:bd:25:f9:67:19:e8:
13:88:ef:05:b0:3e:8a:cc:09:4c:45:34:96:df:a5:18:36:af:
11:78:0a:5d:5b:63:f2:61:1a:0a:eb:95:9a:19:74:90:8e:e0:
cc:45:aa:1a:1b:57:0c:41:7d:bd:9b:dd:8e:33:26:e7:98:ad:
5a:1f:ff:e7:f5:a6:84:fb:94:23:03:5a:d5:94:af:91:29:15:
33:d9:87:eb:b4:00:d9:9a:8e:cd:90:f6:21:63:40:4f:a3:67:
2d:90:2a:e4:5e:40:fb:cb:01:84:ec:00:96:cf:58:a2:3e:b5:
5a:c5:21:96:80:61:d8:c0:67:e7:70:d7:bc:ba:e9:0b:19:d7:
13:dd:d0:8c:da:b9:78:cf:9e:a0:06:f4:e9:4a:3b:4b:d7:ae:
c6:39:f8:45:a1:a1:ef:f9:a1:8b:2f:17:c6:c8:76:74:43:39:
8b:f5:82:3f:13:78:aa:95:80:39:40:0c:19:04:62:96:85:7f:
3b:bb:65:01:38:96:93:57:f3:af:4c:29:e9:3a:03:27:81:7c:
4a:c1:6e:12:e8:17:35:af:4e:80:4c:88:2d:21:d1:86:89:fa:
8a:c4:d9:14
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQlj2EiRx+k+5TFQ5zH0nqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YWJmMjlmZGVmODU3MDUwMmY0YjUxYmU1ZmZjMDVjNGQ5
YjM0NjUwHhcNMjUwMTAyMDU0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjg4NjViY2JlNGY2NzBmZjc4NWNjMDY0M2YyNzlmMzVmOGE3ZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRLBcGEstXRsBbnsGDbsbn4KlQvp
Vdch2H7VZJXvEZADUSiYCk5Zz18WoLmGvPMIW5Ic36l89AE5jlCL/KH7FbjqSN4I
dbNzCtpDePngUnoY8zYdkG/lL7YFYf3XDfeeOcR/4rz0vIXSpPw7RmT3CkHmvcji
U7w91lv3SI8MzLGcy1xkDcAXp4pYwROX+klOrQMQWA6vljJG/36rfunppMUXzMWn
P84uMvHEHninnYnvdZleOwOxuF8ierMNA1NXA+DT/QvTxGLMDYNT6sZ9B37F6j2+
EGE1EWiWHIncogTiC48l3r6mxyqFtSWm720WLp4+jab5MXWAxGRVGxgueQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFNaIZby+T2cP94XMBkPyefNfin5MMB8GA1UdIwQY
MBaAFEir8p/e+FcFAvS1G+X/wFxNmzRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQt
YWJhMTEzZjNlM2FlLzEvMW9obHZMNVBad18zaGN3R1FfSjU4MS1LZmt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQtYWJhMTEzZjNlM2Fl
LzEvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYEKhGKgJAD
BgIqEYqFBDANBgkqhkiG9w0BAQsFAAOCAQEAYPW6SvCRNaK9x7VEMfzaQqq6pfSd
b0v76+3vrF5wvSX5ZxnoE4jvBbA+iswJTEU0lt+lGDavEXgKXVtj8mEaCuuVmhl0
kI7gzEWqGhtXDEF9vZvdjjMm55itWh//5/WmhPuUIwNa1ZSvkSkVM9mH67QA2ZqO
zZD2IWNAT6NnLZAq5F5A+8sBhOwAls9Yoj61WsUhloBh2MBn53DXvLrpCxnXE93Q
jNq5eM+eoAb06Uo7S9euxjn4RaGh7/mhiy8Xxsh2dEM5i/WCPxN4qpWAOUAMGQRi
loV/O7tlATiWk1fzr0wp6ToDJ4F8SsFuEugXNa9OgEyILSHRhon6isTZFA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:23 2025 by rpki-client on console.sobornost.net