Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/kLCDMTUTRbJeJajr_KP2p663xqk.roa
File: kLCDMTUTRbJeJajr_KP2p663xqk.roa (raw, json)
Hash identifier: Cd9LBaXNUzFq1myVM5COYVtjKiIjTzwaQ7rIDyhpbzE=
Subject key identifier: 90:B0:83:31:35:13:45:B2:5E:25:A8:EB:FC:A3:F6:A7:AE:B7:C6:A9
Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial: 01941F8C12D7D5EB8BAA10E0F5B2B8DDA1D7
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/kLCDMTUTRbJeJajr_KP2p663xqk.roa
Signing time: Wed 01 Jan 2025 01:47:41 +0000
ROA not before: Wed 01 Jan 2025 01:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58076
IP address blocks: 2a03:97c0:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:12:d7:d5:eb:8b:aa:10:e0:f5:b2:b8:dd:a1:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Validity
Not Before: Jan 1 01:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90b08331351345b25e25a8ebfca3f6a7aeb7c6a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2a:fb:5b:e5:14:69:1a:b6:8b:59:b3:e4:f7:
8a:90:7c:80:5e:52:4f:90:56:a8:22:af:83:72:06:
8b:77:ed:94:7a:e1:86:3c:24:15:54:73:45:1b:c6:
b3:fb:2a:57:61:81:9a:87:01:e4:c7:a5:f8:4d:3b:
75:b1:54:db:ff:e9:4f:85:0e:35:82:86:be:8e:d9:
ea:49:dc:da:cb:3a:5f:75:9e:88:ef:ec:14:d4:75:
d8:ee:49:e2:80:c7:5f:6a:3c:29:e4:b5:0a:c5:e0:
f9:cd:d7:01:a4:ad:f8:64:e8:0c:9c:ee:6c:79:b2:
f7:0b:ad:fe:f8:5d:d1:7f:54:f6:54:7b:99:c7:22:
3d:bf:ac:7b:04:24:40:f6:06:88:38:6c:3f:59:43:
5c:18:c3:be:5e:6a:71:50:1e:8d:5b:99:78:5e:f5:
8b:cd:7c:6d:f2:65:af:21:6e:1d:c9:e1:83:64:86:
ab:de:e7:b6:62:0b:f0:57:e4:0b:f8:b5:61:ff:93:
b5:0d:d3:b3:c2:48:2d:69:ca:9c:1b:22:e3:e1:84:
e5:e7:50:6f:b7:b9:af:74:c9:0c:30:0f:71:c9:ea:
cf:69:c6:b9:e2:44:86:ec:cf:1c:28:a6:ce:d0:ad:
fd:36:1b:cb:27:58:05:5f:9a:75:04:ca:49:01:4a:
2b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B0:83:31:35:13:45:B2:5E:25:A8:EB:FC:A3:F6:A7:AE:B7:C6:A9
X509v3 Authority Key Identifier:
keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/kLCDMTUTRbJeJajr_KP2p663xqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:97c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
91:f8:ce:44:ec:b7:51:0c:e9:0b:7a:50:8b:de:4f:4b:47:8e:
6a:b0:04:ec:af:89:2b:73:e0:3a:c2:20:ff:c2:ae:26:3b:02:
d0:29:78:fd:c2:a2:38:94:3f:82:9f:ce:44:10:bf:c3:e1:63:
25:a7:3a:f1:05:a2:16:f5:8e:b3:57:2f:df:06:ab:a6:e2:dd:
8a:03:98:56:46:ea:00:37:10:0f:d3:f0:27:c9:50:c2:77:c1:
c9:95:91:7b:b1:01:29:50:53:2b:61:26:20:01:ae:43:16:ca:
de:61:39:7f:1c:0b:7b:c2:d1:80:b9:66:cb:da:c7:07:75:09:
f6:9a:e8:ec:ab:ab:ea:d2:48:03:b7:88:af:96:28:56:d8:03:
0c:2b:5b:a4:cf:14:b8:ae:6c:0f:56:b7:16:ff:6d:57:80:7b:
b1:b7:f8:68:a2:c0:c3:31:72:6c:50:66:c5:9e:4a:89:47:db:
72:38:44:ff:2b:c3:f9:bd:73:8c:3a:5d:f8:57:a7:cd:10:cc:
10:d3:12:a0:56:1a:0a:cb:9a:63:c6:af:87:bb:f3:f5:94:56:
1f:99:59:c2:de:ad:a1:7d:49:2b:4d:54:25:59:d9:4e:e6:57:
79:3c:69:a6:50:84:b4:4a:ee:fc:35:ed:c0:1a:20:29:61:38:
01:72:58:b4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjBLX1euLqhDg9bK43aHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjUwMTAxMDE0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGIwODMzMTM1MTM0NWIyNWUyNWE4ZWJmY2EzZjZhN2FlYjdjNmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSr7W+UUaRq2i1mz5PeKkHyAXlJP
kFaoIq+DcgaLd+2UeuGGPCQVVHNFG8az+ypXYYGahwHkx6X4TTt1sVTb/+lPhQ41
goa+jtnqSdzayzpfdZ6I7+wU1HXY7knigMdfajwp5LUKxeD5zdcBpK34ZOgMnO5s
ebL3C63++F3Rf1T2VHuZxyI9v6x7BCRA9gaIOGw/WUNcGMO+XmpxUB6NW5l4XvWL
zXxt8mWvIW4dyeGDZIar3ue2YgvwV+QL+LVh/5O1DdOzwkgtacqcGyLj4YTl51Bv
t7mvdMkMMA9xyerPaca54kSG7M8cKKbO0K39NhvLJ1gFX5p1BMpJAUorbwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJCwgzE1E0WyXiWo6/yj9qeut8apMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEva0xDRE1UVVRSYkplSmFqcl9LUDJwNjYzeHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgOXwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCR+M5E7LdRDOkLelCL3k9LR45qsATsr4krc+A6
wiD/wq4mOwLQKXj9wqI4lD+Cn85EEL/D4WMlpzrxBaIW9Y6zVy/fBqum4t2KA5hW
RuoANxAP0/AnyVDCd8HJlZF7sQEpUFMrYSYgAa5DFsreYTl/HAt7wtGAuWbL2scH
dQn2mujsq6vq0kgDt4ivlihW2AMMK1ukzxS4rmwPVrcW/21XgHuxt/hoosDDMXJs
UGbFnkqJR9tyOET/K8P5vXOMOl34V6fNEMwQ0xKgVhoKy5pjxq+Hu/P1lFYfmVnC
3q2hfUkrTVQlWdlO5ld5PGmmUIS0Su78Ne3AGiApYTgBcli0
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:34 2025 by rpki-client on console.sobornost.net