Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/1Jb9tAxmFTyhZIq_yfShXZumtdc.roa
File: 1Jb9tAxmFTyhZIq_yfShXZumtdc.roa (raw, json)
Hash identifier: yIbenr0anVlVM6N8wz8OLk3Jjwi6TZT3YGqtsrL35mA=
Subject key identifier: D4:96:FD:B4:0C:66:15:3C:A1:64:8A:BF:C9:F4:A1:5D:9B:A6:B5:D7
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 019421445EAF2A9693DA9B95FE62941A4330
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/1Jb9tAxmFTyhZIq_yfShXZumtdc.roa
Signing time: Wed 01 Jan 2025 09:48:36 +0000
ROA not before: Wed 01 Jan 2025 09:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211286
IP address blocks: 2a0d:8d04::/32 maxlen: 48
2a0d:8d04:5::/48 maxlen: 48
2a0d:8d04:71a::/48 maxlen: 48
2a0d:8d04:71b::/48 maxlen: 48
2a0d:8d04:71d::/48 maxlen: 48
2a0d:8d04:5000::/36 maxlen: 48
2a0d:8d04:6000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:5e:af:2a:96:93:da:9b:95:fe:62:94:1a:43:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Jan 1 09:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d496fdb40c66153ca1648abfc9f4a15d9ba6b5d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:77:02:81:d0:a5:a6:6c:5a:01:2e:51:1c:26:
0c:76:c0:67:63:31:bd:d5:47:7e:a0:dd:8e:c1:b7:
22:3d:15:6a:c5:00:3f:ae:a1:fd:64:84:35:55:7e:
95:f1:e9:e8:87:a8:8e:61:a8:28:78:cb:34:56:11:
66:ef:a1:cd:62:be:11:1c:b3:38:86:f4:26:df:cc:
83:9d:30:6a:b1:32:ef:d0:ae:bd:86:cf:6b:4b:82:
d6:d5:be:f0:12:60:e5:09:85:72:b9:e2:c8:37:65:
95:9b:cd:9b:59:a1:d0:82:78:ff:cc:9e:e1:0f:5a:
53:5a:df:3b:14:7c:60:62:97:4e:1f:cf:56:74:31:
1d:4f:98:f6:3b:d6:f9:52:68:5d:21:67:29:e1:13:
d1:cf:f9:b7:9e:79:19:d9:da:fa:69:04:59:e6:ea:
e5:75:7d:de:cc:c4:63:9c:3d:01:68:8c:64:76:d8:
76:87:fa:97:c0:4b:f9:18:08:1c:ae:2b:fc:c9:e2:
17:3f:19:d7:19:7f:1c:ea:15:d9:94:d2:77:b1:bb:
3d:21:18:7f:59:c6:94:c5:d4:ca:56:ec:ed:57:4d:
c3:0f:1a:e8:23:5e:2f:fc:3f:fa:13:87:4f:80:9a:
f4:c9:8e:7c:4c:95:f4:f8:d9:54:a9:b3:c6:53:58:
47:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:96:FD:B4:0C:66:15:3C:A1:64:8A:BF:C9:F4:A1:5D:9B:A6:B5:D7
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/1Jb9tAxmFTyhZIq_yfShXZumtdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8d04::/32
Signature Algorithm: sha256WithRSAEncryption
26:7a:cd:7b:5b:20:85:d5:e7:9e:33:10:05:be:c8:4e:c5:b8:
cd:70:b1:62:62:ee:d3:4b:a4:62:06:26:e2:67:40:31:bb:fc:
36:ce:2a:31:79:9c:5b:21:a3:dd:84:ef:7b:86:e5:86:16:f2:
73:52:27:0e:6b:fb:b7:58:01:eb:40:16:8c:8c:f0:5a:0d:57:
bd:f3:d6:f2:b5:02:0d:e5:2e:48:25:c8:2c:41:7c:47:13:dd:
6c:e0:60:09:a2:22:5f:2f:ec:36:68:09:2f:38:88:c1:d8:ba:
b3:db:e4:99:2e:da:3d:06:73:d4:41:95:b0:3d:a2:83:32:db:
71:37:3d:cd:08:0a:cd:e2:b6:92:d6:1e:6d:4e:ca:ba:1e:d5:
27:dc:dc:14:48:a9:e5:7d:44:fb:93:5d:41:14:fe:10:8e:30:
1e:69:6b:a6:e0:86:c0:70:e6:52:b6:0c:74:b0:d3:20:ec:d0:
7a:12:c4:1d:4c:89:88:5f:dc:3c:71:71:23:c0:5c:5e:8d:21:
39:15:b0:ff:46:e9:cd:13:59:c5:f6:94:a3:aa:7a:e9:aa:e8:
ab:20:eb:1a:ac:c9:b8:2b:99:f2:9a:4a:53:8c:00:a3:a4:da:
39:66:b1:71:0c:e1:ea:d7:7f:a4:01:ef:96:8b:ad:5c:a7:84:
29:a9:e9:23
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhRF6vKpaT2puV/mKUGkMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDk2ZmRiNDBjNjYxNTNjYTE2NDhhYmZjOWY0YTE1ZDliYTZiNWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3cCgdClpmxaAS5RHCYMdsBnYzG9
1Ud+oN2OwbciPRVqxQA/rqH9ZIQ1VX6V8enoh6iOYagoeMs0VhFm76HNYr4RHLM4
hvQm38yDnTBqsTLv0K69hs9rS4LW1b7wEmDlCYVyueLIN2WVm82bWaHQgnj/zJ7h
D1pTWt87FHxgYpdOH89WdDEdT5j2O9b5UmhdIWcp4RPRz/m3nnkZ2dr6aQRZ5url
dX3ezMRjnD0BaIxkdth2h/qXwEv5GAgcriv8yeIXPxnXGX8c6hXZlNJ3sbs9IRh/
WcaUxdTKVuztV03DDxroI14v/D/6E4dPgJr0yY58TJX0+NlUqbPGU1hHAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNSW/bQMZhU8oWSKv8n0oV2bprXXMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvMUpiOXRBeG1GVHloWklxX3lmU2hYWnVtdGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg2NBDAN
BgkqhkiG9w0BAQsFAAOCAQEAJnrNe1sghdXnnjMQBb7ITsW4zXCxYmLu00ukYgYm
4mdAMbv8Ns4qMXmcWyGj3YTve4blhhbyc1InDmv7t1gB60AWjIzwWg1XvfPW8rUC
DeUuSCXILEF8RxPdbOBgCaIiXy/sNmgJLziIwdi6s9vkmS7aPQZz1EGVsD2igzLb
cTc9zQgKzeK2ktYebU7Kuh7VJ9zcFEip5X1E+5NdQRT+EI4wHmlrpuCGwHDmUrYM
dLDTIOzQehLEHUyJiF/cPHFxI8BcXo0hORWw/0bpzRNZxfaUo6p66aroqyDrGqzJ
uCuZ8ppKU4wAo6TaOWaxcQzh6td/pAHvloutXKeEKanpIw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:39 2025 by rpki-client on console.sobornost.net