Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2397fb-0dd0-41c3-bc6e-ba87439b7da9/1/Kj9VfdUCgMk4aGgFNgZJ64WvAz4.roa
File: Kj9VfdUCgMk4aGgFNgZJ64WvAz4.roa (raw, json)
Hash identifier: B1YIPHashB6NFlEh7qNPbd/2OLMoFdhR39F9O5/IGts=
Subject key identifier: 2A:3F:55:7D:D5:02:80:C9:38:68:68:05:36:06:49:EB:85:AF:03:3E
Certificate issuer: /CN=ce4ddafc2cf5658d02e56828c2c91353529ede8e
Certificate serial: 019422FB209AD4A16A9788B5C9DF13AF26DD
Authority key identifier: CE:4D:DA:FC:2C:F5:65:8D:02:E5:68:28:C2:C9:13:53:52:9E:DE:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zk3a_Cz1ZY0C5WgowskTU1Ke3o4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2397fb-0dd0-41c3-bc6e-ba87439b7da9/1/Kj9VfdUCgMk4aGgFNgZJ64WvAz4.roa
Signing time: Wed 01 Jan 2025 17:47:50 +0000
ROA not before: Wed 01 Jan 2025 17:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202733
IP address blocks: 2001:67c:1b64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:20:9a:d4:a1:6a:97:88:b5:c9:df:13:af:26:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce4ddafc2cf5658d02e56828c2c91353529ede8e
Validity
Not Before: Jan 1 17:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a3f557dd50280c938686805360649eb85af033e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:82:be:d3:fe:b2:b5:09:05:93:fe:23:26:d2:
a8:7d:e7:e0:6f:57:24:5f:1e:ba:d4:00:06:c8:3e:
e0:74:08:b8:1d:bf:95:79:39:a6:2a:5a:cb:89:0a:
a9:4d:93:ec:a4:43:9a:17:4c:67:db:13:22:a7:c7:
a3:8c:ea:c6:49:8f:45:be:dd:22:74:e2:c6:b7:36:
03:3d:34:7b:43:6c:27:34:92:fa:8f:b9:aa:69:85:
49:17:cc:8f:df:ab:54:2b:47:c7:5d:d2:2c:fe:43:
b6:ac:ff:dd:07:dc:b8:da:71:ff:19:d6:30:b3:9e:
fa:e0:2f:7f:0f:18:ed:7c:92:c2:a6:ab:41:6e:5c:
81:f8:d0:1e:50:34:f8:f4:9f:25:79:8e:3b:8c:72:
3a:4c:3d:b4:7a:eb:9c:3e:93:a8:c4:8a:22:d8:1a:
de:ab:fb:cd:72:3e:10:c4:b4:80:37:67:8b:f9:23:
f6:b4:a1:d6:d2:c0:1f:bf:b5:05:7f:64:78:5b:ba:
70:e3:a0:7f:57:d8:d6:47:96:d8:4b:dd:4b:e9:36:
c1:44:17:00:dc:12:48:65:52:aa:26:ab:ad:7f:f0:
1d:73:ef:eb:fd:db:b3:af:a6:9c:e7:4d:b9:7c:b8:
65:d5:fd:09:cc:00:34:dd:1c:ae:b7:9e:61:e9:7e:
6d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:3F:55:7D:D5:02:80:C9:38:68:68:05:36:06:49:EB:85:AF:03:3E
X509v3 Authority Key Identifier:
keyid:CE:4D:DA:FC:2C:F5:65:8D:02:E5:68:28:C2:C9:13:53:52:9E:DE:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zk3a_Cz1ZY0C5WgowskTU1Ke3o4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2397fb-0dd0-41c3-bc6e-ba87439b7da9/1/Kj9VfdUCgMk4aGgFNgZJ64WvAz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2397fb-0dd0-41c3-bc6e-ba87439b7da9/1/zk3a_Cz1ZY0C5WgowskTU1Ke3o4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1b64::/48
Signature Algorithm: sha256WithRSAEncryption
18:b2:1c:c6:55:14:db:af:84:42:cd:23:ac:3e:67:a3:c2:4e:
27:6d:e2:9a:11:c3:52:99:1e:e0:43:d7:c5:d7:3c:a4:48:f8:
ad:bd:91:21:3a:4d:b7:1b:d8:21:01:51:9f:6a:a7:05:31:6c:
3c:d4:29:5d:23:b6:ef:47:90:c1:54:db:b1:75:d7:4d:e1:66:
7f:e1:7d:41:c5:1f:48:ea:e0:cf:2f:1b:27:84:27:ae:95:56:
b6:11:8c:88:5e:cc:86:7e:e7:ff:16:73:3e:43:79:f8:59:b0:
6d:04:d0:30:c6:36:ce:0d:84:9f:57:82:e4:5e:e1:51:bd:fd:
d5:51:24:c7:3c:e1:f2:80:e3:de:f0:32:2c:74:c8:a7:fc:54:
b3:ab:a2:14:11:5c:61:3c:df:1e:1e:e4:f0:23:b6:41:33:7e:
eb:b7:07:a9:8e:b8:97:ce:27:f4:aa:31:ac:61:44:41:9c:1d:
0f:a1:ce:2a:56:41:42:84:96:85:95:02:78:a9:99:d8:25:c6:
9f:2a:f7:79:dc:8f:36:cb:f4:5f:0a:49:db:fc:c9:93:ce:fa:
f9:5a:e5:84:51:47:ba:d0:02:dd:af:bc:35:0e:91:d8:f8:04:
d4:19:6a:30:5b:30:2d:11:7b:cb:d2:36:ef:3c:5a:e6:d3:bf:
e7:37:a6:0b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+yCa1KFql4i1yd8TrybdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNGRkYWZjMmNmNTY1OGQwMmU1NjgyOGMyYzkxMzUzNTI5
ZWRlOGUwHhcNMjUwMTAxMTc0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTNmNTU3ZGQ1MDI4MGM5Mzg2ODY4MDUzNjA2NDllYjg1YWYwMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoK+0/6ytQkFk/4jJtKofefgb1ck
Xx661AAGyD7gdAi4Hb+VeTmmKlrLiQqpTZPspEOaF0xn2xMip8ejjOrGSY9Fvt0i
dOLGtzYDPTR7Q2wnNJL6j7mqaYVJF8yP36tUK0fHXdIs/kO2rP/dB9y42nH/GdYw
s5764C9/DxjtfJLCpqtBblyB+NAeUDT49J8leY47jHI6TD20euucPpOoxIoi2Bre
q/vNcj4QxLSAN2eL+SP2tKHW0sAfv7UFf2R4W7pw46B/V9jWR5bYS91L6TbBRBcA
3BJIZVKqJqutf/Adc+/r/duzr6ac5025fLhl1f0JzAA03Ryut55h6X5tVwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCo/VX3VAoDJOGhoBTYGSeuFrwM+MB8GA1UdIwQY
MBaAFM5N2vws9WWNAuVoKMLJE1NSnt6OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemszYV9DejFaWTBDNVdnb3dza1RVMUtlM280LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yMzk3ZmItMGRkMC00MWMzLWJjNmUt
YmE4NzQzOWI3ZGE5LzEvS2o5VmZkVUNnTWs0YUdnRk5nWko2NFd2QXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yMzk3ZmItMGRkMC00MWMzLWJjNmUtYmE4NzQzOWI3ZGE5
LzEvemszYV9DejFaWTBDNVdnb3dza1RVMUtlM280LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBtk
MA0GCSqGSIb3DQEBCwUAA4IBAQAYshzGVRTbr4RCzSOsPmejwk4nbeKaEcNSmR7g
Q9fF1zykSPitvZEhOk23G9ghAVGfaqcFMWw81CldI7bvR5DBVNuxdddN4WZ/4X1B
xR9I6uDPLxsnhCeulVa2EYyIXsyGfuf/FnM+Q3n4WbBtBNAwxjbODYSfV4LkXuFR
vf3VUSTHPOHygOPe8DIsdMin/FSzq6IUEVxhPN8eHuTwI7ZBM37rtwepjriXzif0
qjGsYURBnB0Poc4qVkFChJaFlQJ4qZnYJcafKvd53I82y/RfCknb/MmTzvr5WuWE
UUe60ALdr7w1DpHY+ATUGWowWzAtEXvL0jbvPFrm07/nN6YL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:43 2025 by rpki-client on console.sobornost.net