Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/rG6WmB4GVcfrW4cwVk_qp7Lv2gE.roa
File: rG6WmB4GVcfrW4cwVk_qp7Lv2gE.roa (raw, json)
Hash identifier: wfiPLFiCEMIbegeR9obNyO9ucvVXtvC2nUjCswI1Tdk=
Subject key identifier: AC:6E:96:98:1E:06:55:C7:EB:5B:87:30:56:4F:EA:A7:B2:EF:DA:01
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01948A16067EB53103EC0E7F5F23F3240706
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/rG6WmB4GVcfrW4cwVk_qp7Lv2gE.roa
Signing time: Tue 21 Jan 2025 18:18:06 +0000
ROA not before: Tue 21 Jan 2025 18:18:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214168
IP address blocks: 2a11:4540::/29 maxlen: 29
2a11:5980::/29 maxlen: 29
2a11:7b00::/29 maxlen: 29
2a11:8740::/29 maxlen: 29
2a11:bbc0::/29 maxlen: 29
2a12:d40::/29 maxlen: 29
2a12:8580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8a:16:06:7e:b5:31:03:ec:0e:7f:5f:23:f3:24:07:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 21 18:18:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac6e96981e0655c7eb5b8730564feaa7b2efda01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8d:cc:81:c5:d1:5b:70:bf:e6:8d:78:bf:95:
01:a0:2b:fd:6c:c4:a8:be:2e:7b:31:c2:cb:58:c4:
81:8b:ef:a3:b8:d1:a9:f0:14:f5:79:5d:2f:6e:34:
b0:27:b1:e0:1b:3e:0c:43:ac:19:df:0c:5a:f1:58:
4d:e6:63:db:77:48:47:4a:c7:c8:fd:60:39:5e:e8:
f8:28:f9:df:fe:b9:71:24:37:1f:a0:2e:e7:a5:0f:
bd:59:ec:48:c4:24:da:6e:76:79:ba:31:dc:53:93:
0c:3a:e6:20:8c:52:eb:5a:94:82:2e:33:a3:a8:78:
42:2d:27:51:4e:77:16:e0:da:93:f7:b1:63:62:53:
2f:dc:3a:95:f7:4c:56:75:49:7b:df:24:1e:4c:a1:
3c:c2:a2:62:15:d0:d6:f0:84:51:87:e9:d3:eb:a0:
4a:2f:6f:9c:fc:b6:1d:0f:71:92:6b:69:96:0d:6c:
57:9d:79:bc:95:95:3b:e0:99:dd:cf:f7:ca:98:2c:
0d:cb:4e:58:e8:29:af:f4:6d:cf:df:04:5a:50:4d:
28:a0:27:2e:79:20:1d:d5:98:05:33:e1:3e:33:9e:
dc:0b:06:8f:e6:19:ed:99:cf:1c:ad:ed:e6:ba:7e:
c2:f2:6f:eb:5c:4c:78:04:94:52:3e:0b:d1:7e:84:
71:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:6E:96:98:1E:06:55:C7:EB:5B:87:30:56:4F:EA:A7:B2:EF:DA:01
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/rG6WmB4GVcfrW4cwVk_qp7Lv2gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4540::/29
2a11:5980::/29
2a11:7b00::/29
2a11:8740::/29
2a11:bbc0::/29
2a12:d40::/29
2a12:8580::/29
Signature Algorithm: sha256WithRSAEncryption
3c:da:e2:24:24:48:9e:02:7c:a9:5b:62:26:83:10:d4:42:88:
46:78:74:1a:5d:0b:3e:d0:09:f7:54:3b:36:44:08:8b:3b:1b:
93:0d:ec:bc:c7:bc:d2:b0:4d:a1:07:3b:9d:e5:92:47:de:bf:
8a:b8:21:d0:fc:aa:96:42:69:6b:6e:68:53:d3:22:6f:da:05:
9f:f1:45:cd:93:29:35:79:05:48:20:c5:ae:45:32:0c:62:f7:
f9:f9:ea:c6:de:d5:e5:96:17:f5:25:90:ee:cc:8b:2b:7d:6f:
9a:aa:ab:68:f2:e5:bb:2c:97:c1:50:a5:73:af:a6:01:59:e5:
37:9b:75:17:9c:3a:ee:2d:e4:84:03:c1:f5:3d:cb:45:97:b6:
89:1b:94:f5:79:5c:96:1c:58:9d:7c:fa:6e:15:32:64:d3:9a:
22:c7:07:9e:be:c0:50:be:b2:d0:01:4a:13:03:f0:5e:db:95:
e8:35:6b:c8:9f:fe:56:17:1f:c6:01:80:b4:7d:45:3d:8a:39:
c4:23:12:08:ab:b8:85:69:03:52:d6:e0:e3:5f:91:00:7d:55:
e2:1a:9a:0b:33:f2:d2:ea:38:66:68:5e:7d:49:16:dd:ac:a2:
3d:b3:ac:da:8b:6b:3f:3a:4c:2d:10:51:23:a4:36:4b:2c:19:
6c:72:61:d1
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZSKFgZ+tTED7A5/XyPzJAcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTIxMTgxODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzZlOTY5ODFlMDY1NWM3ZWI1Yjg3MzA1NjRmZWFhN2IyZWZkYTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY3MgcXRW3C/5o14v5UBoCv9bMSo
vi57McLLWMSBi++juNGp8BT1eV0vbjSwJ7HgGz4MQ6wZ3wxa8VhN5mPbd0hHSsfI
/WA5Xuj4KPnf/rlxJDcfoC7npQ+9WexIxCTabnZ5ujHcU5MMOuYgjFLrWpSCLjOj
qHhCLSdRTncW4NqT97FjYlMv3DqV90xWdUl73yQeTKE8wqJiFdDW8IRRh+nT66BK
L2+c/LYdD3GSa2mWDWxXnXm8lZU74Jndz/fKmCwNy05Y6Cmv9G3P3wRaUE0ooCcu
eSAd1ZgFM+E+M57cCwaP5hntmc8cre3mun7C8m/rXEx4BJRSPgvRfoRxxwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFKxulpgeBlXH61uHMFZP6qey79oBMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvckc2V21CNEdWY2ZyVzRjd1ZrX3FwN0x2MmdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKhFFQAMF
AyoRWYADBQMqEXsAAwUDKhGHQAMFAyoRu8ADBQMqEg1AAwUDKhKFgDANBgkqhkiG
9w0BAQsFAAOCAQEAPNriJCRIngJ8qVtiJoMQ1EKIRnh0Gl0LPtAJ91Q7NkQIizsb
kw3svMe80rBNoQc7neWSR96/irgh0PyqlkJpa25oU9Mib9oFn/FFzZMpNXkFSCDF
rkUyDGL3+fnqxt7V5ZYX9SWQ7syLK31vmqqraPLluyyXwVClc6+mAVnlN5t1F5w6
7i3khAPB9T3LRZe2iRuU9XlclhxYnXz6bhUyZNOaIscHnr7AUL6y0AFKEwPwXtuV
6DVryJ/+VhcfxgGAtH1FPYo5xCMSCKu4hWkDUtbg41+RAH1V4hqaCzPy0uo4Zmhe
fUkW3ayiPbOs2otrPzpMLRBRI6Q2SywZbHJh0Q==
-----END CERTIFICATE-----
Generated at Tue Mar 25 22:13:15 2025 by rpki-client on console.sobornost.net