Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/KhKVdZ95SIDLCqmLTot9fRyUA3I.roa
File: KhKVdZ95SIDLCqmLTot9fRyUA3I.roa (raw, json)
Hash identifier: Z/g1tEu6eO8FbiMmU8YnuhMnq78oO5YVB25e+sQJfjE=
Subject key identifier: 2A:12:95:75:9F:79:48:80:CB:0A:A9:8B:4E:8B:7D:7D:1C:94:03:72
Certificate issuer: /CN=644f033f782eaf32ab09088775d64ac4b94b5b11
Certificate serial: 01942067D5B68637109CFC096A9257DE4B60
Authority key identifier: 64:4F:03:3F:78:2E:AF:32:AB:09:08:87:75:D6:4A:C4:B9:4B:5B:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZE8DP3gurzKrCQiHddZKxLlLWxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/KhKVdZ95SIDLCqmLTot9fRyUA3I.roa
Signing time: Wed 01 Jan 2025 05:47:43 +0000
ROA not before: Wed 01 Jan 2025 05:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44947
IP address blocks: 213.134.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d5:b6:86:37:10:9c:fc:09:6a:92:57:de:4b:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=644f033f782eaf32ab09088775d64ac4b94b5b11
Validity
Not Before: Jan 1 05:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a1295759f794880cb0aa98b4e8b7d7d1c940372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4a:09:70:d4:a1:96:2b:1c:a7:a6:dc:e4:de:
1c:96:1a:54:f9:18:11:ba:e5:20:34:47:59:b5:7e:
77:81:1a:1f:5a:e6:11:cd:c7:1e:55:0b:fa:64:5f:
58:b1:70:34:bf:37:07:ad:f5:72:ba:a4:e2:b1:97:
cd:d1:0d:51:c6:97:49:f2:46:57:8e:64:0a:69:13:
7d:3a:d2:ae:16:00:62:b7:dc:ab:f9:f9:77:53:6d:
98:30:af:5b:c8:d9:0b:a5:5e:67:a7:e4:ce:b6:03:
0f:a3:fb:e6:aa:83:7c:30:44:b0:10:18:f7:e6:4c:
e7:0a:0f:cf:c8:16:59:c6:84:72:f5:0a:fc:7b:db:
4f:bb:da:95:c6:95:f4:3c:55:f4:ff:27:b8:37:fa:
06:91:d5:64:c6:cd:71:01:22:62:02:fd:05:75:a4:
c5:1e:12:b4:85:0d:31:fc:69:ab:57:9a:8b:9a:c1:
a6:8a:fe:a6:ed:53:48:2d:0b:7e:f7:50:83:5b:97:
b5:3e:64:0e:7f:a8:56:35:bb:3b:ca:a5:20:28:a0:
df:a5:08:21:ed:ea:1c:b6:1b:65:fd:c2:79:5f:c7:
00:80:3c:69:4f:be:7f:81:d6:66:9d:81:bf:26:95:
f8:6e:ac:6c:0b:07:00:5e:fa:8b:59:19:bf:32:30:
28:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:12:95:75:9F:79:48:80:CB:0A:A9:8B:4E:8B:7D:7D:1C:94:03:72
X509v3 Authority Key Identifier:
keyid:64:4F:03:3F:78:2E:AF:32:AB:09:08:87:75:D6:4A:C4:B9:4B:5B:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZE8DP3gurzKrCQiHddZKxLlLWxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/KhKVdZ95SIDLCqmLTot9fRyUA3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/ZE8DP3gurzKrCQiHddZKxLlLWxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.134.17.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:68:58:47:d7:e5:c8:e8:75:81:2e:8a:a1:89:d6:14:b5:94:
18:84:1d:f8:ae:ba:41:19:d0:50:47:7e:9e:e6:36:4c:61:07:
ad:6d:db:b4:e4:f6:5d:ec:f6:89:fd:73:4d:cd:6c:cd:da:9d:
e3:e7:56:84:1a:81:75:63:e0:47:fa:49:5f:e9:2f:72:ac:3c:
d9:3b:14:6e:4f:a7:ee:7f:57:cd:fb:f0:1b:26:b0:30:b3:bd:
d4:fa:03:48:1a:e5:ce:bb:86:01:27:8e:5c:89:4f:8f:f8:f6:
36:89:11:4b:2d:85:b7:77:99:0c:95:5d:e3:48:08:cd:00:b5:
8e:42:cf:ad:2f:cb:a7:01:ee:2e:f1:35:62:cb:9a:0f:19:4f:
09:bd:2e:b0:f6:be:15:32:b5:dd:cf:33:56:ba:ca:81:86:06:
ff:cc:d4:be:14:1a:7b:7e:f5:82:b0:5e:d9:0a:bd:2f:09:c4:
98:4d:1d:f9:59:89:a8:70:ef:e2:61:d9:62:47:74:03:06:86:
d9:4f:96:e6:a4:fd:79:1b:2f:03:4b:86:8e:50:62:9b:88:ad:
a9:eb:4d:d3:52:d2:fe:34:54:38:40:d7:44:c8:5b:f9:e4:99:
04:cd:04:f2:f6:3b:c0:bf:49:f2:a4:ba:6f:29:a3:4e:88:35:
82:c1:4a:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ9W2hjcQnPwJapJX3ktgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NGYwMzNmNzgyZWFmMzJhYjA5MDg4Nzc1ZDY0YWM0Yjk0
YjViMTEwHhcNMjUwMTAxMDU0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTEyOTU3NTlmNzk0ODgwY2IwYWE5OGI0ZThiN2Q3ZDFjOTQwMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEoJcNShliscp6bc5N4clhpU+RgR
uuUgNEdZtX53gRofWuYRzcceVQv6ZF9YsXA0vzcHrfVyuqTisZfN0Q1RxpdJ8kZX
jmQKaRN9OtKuFgBit9yr+fl3U22YMK9byNkLpV5np+TOtgMPo/vmqoN8MESwEBj3
5kznCg/PyBZZxoRy9Qr8e9tPu9qVxpX0PFX0/ye4N/oGkdVkxs1xASJiAv0FdaTF
HhK0hQ0x/GmrV5qLmsGmiv6m7VNILQt+91CDW5e1PmQOf6hWNbs7yqUgKKDfpQgh
7eocthtl/cJ5X8cAgDxpT75/gdZmnYG/JpX4bqxsCwcAXvqLWRm/MjAofQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoSlXWfeUiAywqpi06LfX0clANyMB8GA1UdIwQY
MBaAFGRPAz94Lq8yqwkIh3XWSsS5S1sRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkU4RFAzZ3VyektyQ1FpSGRkWkt4TGxMV3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS84N2NhOTEtNmZiOC00MDM4LTg5MGMt
NDkxNWZlN2Y5MmNlLzEvS2hLVmRaOTVTSURMQ3FtTFRvdDlmUnlVQTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS84N2NhOTEtNmZiOC00MDM4LTg5MGMtNDkxNWZlN2Y5MmNl
LzEvWkU4RFAzZ3VyektyQ1FpSGRkWkt4TGxMV3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YYRMA0G
CSqGSIb3DQEBCwUAA4IBAQCkaFhH1+XI6HWBLoqhidYUtZQYhB34rrpBGdBQR36e
5jZMYQetbdu05PZd7PaJ/XNNzWzN2p3j51aEGoF1Y+BH+klf6S9yrDzZOxRuT6fu
f1fN+/AbJrAws73U+gNIGuXOu4YBJ45ciU+P+PY2iRFLLYW3d5kMlV3jSAjNALWO
Qs+tL8unAe4u8TViy5oPGU8JvS6w9r4VMrXdzzNWusqBhgb/zNS+FBp7fvWCsF7Z
Cr0vCcSYTR35WYmocO/iYdliR3QDBobZT5bmpP15Gy8DS4aOUGKbiK2p603TUtL+
NFQ4QNdEyFv55JkEzQTy9jvAv0nypLpvKaNOiDWCwUpR
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:27:00 2025 by rpki-client on console.sobornost.net