Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/a7851c-bb78-4f29-a1d9-7b991824bd83/1/ks8iWy1FilD9kiiIcgz0a9tcMkE.roa
File: ks8iWy1FilD9kiiIcgz0a9tcMkE.roa (raw, json)
Hash identifier: xbOsfKBCXele8prh5n/9hZCYsk36tRLAfw19ggRv57E=
Subject key identifier: 92:CF:22:5B:2D:45:8A:50:FD:92:28:88:72:0C:F4:6B:DB:5C:32:41
Certificate issuer: /CN=cf275d0fe63998ea1b7d39e518fb329f76bed166
Certificate serial: 0194221F5643DC097BCE4C34CFD4D2F79642
Authority key identifier: CF:27:5D:0F:E6:39:98:EA:1B:7D:39:E5:18:FB:32:9F:76:BE:D1:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zyddD-Y5mOobfTnlGPsyn3a-0WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/a7851c-bb78-4f29-a1d9-7b991824bd83/1/ks8iWy1FilD9kiiIcgz0a9tcMkE.roa
Signing time: Wed 01 Jan 2025 13:47:46 +0000
ROA not before: Wed 01 Jan 2025 13:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206506
IP address blocks: 2a0c:8200::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:56:43:dc:09:7b:ce:4c:34:cf:d4:d2:f7:96:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf275d0fe63998ea1b7d39e518fb329f76bed166
Validity
Not Before: Jan 1 13:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92cf225b2d458a50fd922888720cf46bdb5c3241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:99:1a:00:1a:2d:d4:a7:6a:c3:44:7b:33:7c:
b4:de:a0:4c:1d:de:0e:99:fe:a7:be:76:25:45:0c:
52:2a:86:2e:b8:e5:09:89:6b:b1:ee:e4:3e:44:57:
bf:64:15:56:f2:15:2b:b4:5e:8c:1e:3a:ad:29:16:
3c:f6:fc:a2:20:67:21:2f:21:43:b5:c8:c8:82:a2:
0d:ac:02:9a:2f:48:82:d2:18:eb:5c:9a:d9:4a:ba:
28:44:20:07:2f:12:a3:09:c9:c3:ce:38:04:ef:42:
87:1f:06:a0:15:fc:10:c7:d1:41:c5:51:4c:db:10:
14:20:93:88:71:f0:2c:a8:8b:53:28:73:75:47:f2:
d7:f9:f8:fd:58:ec:cc:73:a8:99:8d:6e:5d:69:b6:
2d:90:43:5b:43:18:d0:ee:d5:3f:2b:4b:42:ff:4a:
c3:0e:d2:30:db:39:bf:d1:14:2f:ec:47:fd:77:9b:
36:32:45:a5:61:32:98:a1:d8:56:ba:15:a3:33:b8:
7d:34:bc:bc:3e:8b:0a:23:91:c3:bd:7a:a1:7c:fe:
9a:ed:61:84:dd:6b:3c:df:cb:79:2c:34:d2:9c:27:
59:e9:20:c6:22:ef:f8:d3:24:7d:93:77:28:d4:ae:
b7:29:14:8a:25:92:36:26:40:07:ab:50:81:31:71:
72:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:CF:22:5B:2D:45:8A:50:FD:92:28:88:72:0C:F4:6B:DB:5C:32:41
X509v3 Authority Key Identifier:
keyid:CF:27:5D:0F:E6:39:98:EA:1B:7D:39:E5:18:FB:32:9F:76:BE:D1:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zyddD-Y5mOobfTnlGPsyn3a-0WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a7851c-bb78-4f29-a1d9-7b991824bd83/1/ks8iWy1FilD9kiiIcgz0a9tcMkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a7851c-bb78-4f29-a1d9-7b991824bd83/1/zyddD-Y5mOobfTnlGPsyn3a-0WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:8200::/29
Signature Algorithm: sha256WithRSAEncryption
4c:2c:f7:f3:fe:23:e3:1b:d3:9a:c3:dd:a8:3b:99:ce:e5:75:
94:5a:43:5c:f0:74:5d:31:80:0f:91:fe:76:c1:39:e0:db:29:
30:29:72:37:6b:59:cd:b9:99:54:cb:b9:e1:be:32:3d:c8:4d:
96:d1:b1:71:05:80:c3:71:f2:07:1b:81:82:5f:da:54:f5:31:
53:37:ee:a9:3a:eb:2f:8f:30:8d:91:df:df:cd:64:dc:15:88:
59:f6:dd:f5:e7:64:63:94:b6:09:b2:3c:30:51:92:b3:5a:fb:
a2:59:20:1e:b0:9d:b2:2e:5d:91:d6:dd:2f:c0:8f:55:e7:74:
47:03:4e:8b:e8:44:a1:7c:95:23:9e:05:86:dd:f2:bc:66:fe:
87:73:e7:b9:2e:fc:31:34:08:d3:f5:7b:a7:8c:a4:97:c3:2f:
ac:71:4c:08:05:0f:50:52:b4:73:e5:b0:85:0d:0d:5a:d9:56:
89:a8:94:71:5a:5b:5d:c6:29:cc:be:21:e2:32:1e:fb:5d:cf:
be:83:ac:27:b8:47:10:de:22:28:4c:b3:2e:d5:46:72:2b:1f:
67:45:43:7d:10:1c:92:9e:af:03:35:5f:96:4f:e1:32:28:44:
12:62:d9:eb:53:ce:fe:1f:88:94:0a:71:d0:3a:f0:c9:e4:9b:
9f:d2:5f:0d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQiH1ZD3Al7zkw0z9TS95ZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMjc1ZDBmZTYzOTk4ZWExYjdkMzllNTE4ZmIzMjlmNzZi
ZWQxNjYwHhcNMjUwMTAxMTM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmNmMjI1YjJkNDU4YTUwZmQ5MjI4ODg3MjBjZjQ2YmRiNWMzMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZkaABot1Kdqw0R7M3y03qBMHd4O
mf6nvnYlRQxSKoYuuOUJiWux7uQ+RFe/ZBVW8hUrtF6MHjqtKRY89vyiIGchLyFD
tcjIgqINrAKaL0iC0hjrXJrZSrooRCAHLxKjCcnDzjgE70KHHwagFfwQx9FBxVFM
2xAUIJOIcfAsqItTKHN1R/LX+fj9WOzMc6iZjW5dabYtkENbQxjQ7tU/K0tC/0rD
DtIw2zm/0RQv7Ef9d5s2MkWlYTKYodhWuhWjM7h9NLy8PosKI5HDvXqhfP6a7WGE
3Ws838t5LDTSnCdZ6SDGIu/40yR9k3co1K63KRSKJZI2JkAHq1CBMXFy8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJLPIlstRYpQ/ZIoiHIM9GvbXDJBMB8GA1UdIwQY
MBaAFM8nXQ/mOZjqG3055Rj7Mp92vtFmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenlkZEQtWTVtT29iZlRubEdQc3luM2EtMFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hNzg1MWMtYmI3OC00ZjI5LWExZDkt
N2I5OTE4MjRiZDgzLzEva3M4aVd5MUZpbEQ5a2lpSWNnejBhOXRjTWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hNzg1MWMtYmI3OC00ZjI5LWExZDktN2I5OTE4MjRiZDgz
LzEvenlkZEQtWTVtT29iZlRubEdQc3luM2EtMFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgyCADAN
BgkqhkiG9w0BAQsFAAOCAQEATCz38/4j4xvTmsPdqDuZzuV1lFpDXPB0XTGAD5H+
dsE54NspMClyN2tZzbmZVMu54b4yPchNltGxcQWAw3HyBxuBgl/aVPUxUzfuqTrr
L48wjZHf381k3BWIWfbd9edkY5S2CbI8MFGSs1r7olkgHrCdsi5dkdbdL8CPVed0
RwNOi+hEoXyVI54Fht3yvGb+h3PnuS78MTQI0/V7p4ykl8MvrHFMCAUPUFK0c+Ww
hQ0NWtlWiaiUcVpbXcYpzL4h4jIe+13PvoOsJ7hHEN4iKEyzLtVGcisfZ0VDfRAc
kp6vAzVflk/hMihEEmLZ61PO/h+IlApx0DrwyeSbn9JfDQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:30 2025 by rpki-client on console.sobornost.net