Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/kclBuRKTMfByXqrmrwIbc_lZEnM.roa
File: kclBuRKTMfByXqrmrwIbc_lZEnM.roa (raw, json)
Hash identifier: MQr5fqlXn7Xd/Z8IgiENjDF+OVj4PMx+/5QB1sHm+8E=
Subject key identifier: 91:C9:41:B9:12:93:31:F0:72:5E:AA:E6:AF:02:1B:73:F9:59:12:73
Certificate issuer: /CN=c8e50ca17134837a50d3063d43d443385abe6f49
Certificate serial: 01941FFAA21A5261DA19BA83721BDE27DDAA
Authority key identifier: C8:E5:0C:A1:71:34:83:7A:50:D3:06:3D:43:D4:43:38:5A:BE:6F:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/kclBuRKTMfByXqrmrwIbc_lZEnM.roa
Signing time: Wed 01 Jan 2025 03:48:26 +0000
ROA not before: Wed 01 Jan 2025 03:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 27630
IP address blocks: 193.28.57.0/24 maxlen: 24
193.28.60.0/24 maxlen: 24
193.28.93.0/24 maxlen: 24
193.28.106.0/24 maxlen: 24
2a10:3680::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a2:1a:52:61:da:19:ba:83:72:1b:de:27:dd:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8e50ca17134837a50d3063d43d443385abe6f49
Validity
Not Before: Jan 1 03:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91c941b9129331f0725eaae6af021b73f9591273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a4:1b:f4:d4:bb:9d:3b:9f:41:16:44:8f:7b:
53:ec:4f:cb:93:dd:53:28:e6:05:4c:b7:21:19:ee:
2e:98:ce:3e:e6:bd:23:98:f9:68:52:36:b8:a2:66:
04:83:f3:75:08:08:7f:cd:0e:3c:cf:68:0b:0b:a5:
d8:4f:f3:23:cb:91:50:57:17:c1:1c:c8:49:5f:8e:
63:e1:bf:d1:56:da:3c:1b:f3:d8:0e:62:7d:1d:d1:
fe:55:38:ec:a8:cf:28:22:94:f0:08:4c:a6:96:da:
c7:dc:34:11:17:c0:6b:e0:01:bd:51:15:ec:2d:b4:
36:8e:44:91:07:d8:ae:9c:7e:26:a5:ab:74:19:51:
73:95:90:c2:9c:ab:df:46:42:18:c1:ef:26:67:4d:
18:14:3b:b4:e3:9d:a1:36:e1:41:66:eb:15:79:73:
63:5d:46:96:14:0c:55:28:a3:4e:ce:25:90:cc:cc:
56:7d:4e:9f:9d:15:52:d2:07:20:cc:c5:c8:21:5b:
db:68:9b:20:28:77:bf:4c:bb:0a:ed:57:a7:85:bd:
14:6d:ac:f1:1b:4c:49:b9:47:6a:3d:d5:d8:d4:6a:
07:f0:40:2d:67:27:2c:49:3d:2d:8e:ba:ea:3f:ee:
9e:ee:4c:fd:04:8e:f8:6d:22:f5:47:ab:30:11:c3:
13:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C9:41:B9:12:93:31:F0:72:5E:AA:E6:AF:02:1B:73:F9:59:12:73
X509v3 Authority Key Identifier:
keyid:C8:E5:0C:A1:71:34:83:7A:50:D3:06:3D:43:D4:43:38:5A:BE:6F:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/kclBuRKTMfByXqrmrwIbc_lZEnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.57.0/24
193.28.60.0/24
193.28.93.0/24
193.28.106.0/24
IPv6:
2a10:3680::/29
Signature Algorithm: sha256WithRSAEncryption
39:8f:12:9a:82:fc:36:14:8f:25:66:04:e9:b7:36:00:e9:e1:
fb:db:ba:66:00:5f:84:34:11:e4:5b:db:df:3b:f5:d4:26:0b:
0e:17:b0:b3:2a:9b:3d:0c:5d:99:00:1c:05:0b:43:a1:f1:4b:
54:2b:72:ef:79:16:b4:ac:de:90:a2:9b:92:34:d4:7d:f9:cf:
72:89:61:e0:45:e3:0c:e2:9e:6f:5b:9d:e7:e9:97:61:75:32:
89:23:ef:a2:66:61:3c:42:58:1a:f4:68:36:98:38:bd:04:f3:
d3:6a:c0:09:ed:d4:24:cd:f1:2a:84:aa:b1:3e:02:3a:d6:74:
2f:0a:0c:aa:40:47:ce:cd:8d:e2:9d:f1:eb:8e:fe:2d:09:b5:
d6:68:13:3c:93:83:94:46:97:f9:d7:36:df:4e:4b:f4:b3:f5:
44:20:b4:66:3f:f7:59:67:9a:20:e9:0c:f5:ad:40:f2:e8:fa:
c2:39:a4:62:7b:3e:c3:52:5f:31:28:21:2d:f6:f5:fd:81:1d:
80:d8:cd:ea:95:99:ef:bb:8b:c7:0d:20:36:d6:73:c4:20:69:
59:16:a1:9d:7c:11:f3:c7:ab:98:42:fb:60:92:94:55:8c:f6:
70:b8:ec:eb:18:d1:44:ad:9f:3a:cf:26:64:d2:80:97:16:c9:
7c:f1:dc:bc
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQf+qIaUmHaGbqDchveJ92qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZTUwY2ExNzEzNDgzN2E1MGQzMDYzZDQzZDQ0MzM4NWFi
ZTZmNDkwHhcNMjUwMTAxMDM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWM5NDFiOTEyOTMzMWYwNzI1ZWFhZTZhZjAyMWI3M2Y5NTkxMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16Qb9NS7nTufQRZEj3tT7E/Lk91T
KOYFTLchGe4umM4+5r0jmPloUja4omYEg/N1CAh/zQ48z2gLC6XYT/Mjy5FQVxfB
HMhJX45j4b/RVto8G/PYDmJ9HdH+VTjsqM8oIpTwCEymltrH3DQRF8Br4AG9URXs
LbQ2jkSRB9iunH4mpat0GVFzlZDCnKvfRkIYwe8mZ00YFDu0452hNuFBZusVeXNj
XUaWFAxVKKNOziWQzMxWfU6fnRVS0gcgzMXIIVvbaJsgKHe/TLsK7Venhb0Ubazx
G0xJuUdqPdXY1GoH8EAtZycsST0tjrrqP+6e7kz9BI74bSL1R6swEcMTfwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJHJQbkSkzHwcl6q5q8CG3P5WRJzMB8GA1UdIwQY
MBaAFMjlDKFxNIN6UNMGPUPUQzhavm9JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU9VTW9YRTBnM3BRMHdZOVE5UkRPRnEtYjBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iMTMwYjUtNWZjYy00MTk2LTkwNzUt
NWVmZjczZTg5ZmJiLzEva2NsQnVSS1RNZkJ5WHFybXJ3SWJjX2xaRW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9iMTMwYjUtNWZjYy00MTk2LTkwNzUtNWVmZjczZTg5ZmJi
LzEveU9VTW9YRTBnM3BRMHdZOVE5UkRPRnEtYjBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwRw5AwQA
wRw8AwQAwRxdAwQAwRxqMA0EAgACMAcDBQMqEDaAMA0GCSqGSIb3DQEBCwUAA4IB
AQA5jxKagvw2FI8lZgTptzYA6eH727pmAF+ENBHkW9vfO/XUJgsOF7CzKps9DF2Z
ABwFC0Oh8UtUK3LveRa0rN6QopuSNNR9+c9yiWHgReMM4p5vW53n6ZdhdTKJI++i
ZmE8Qlga9Gg2mDi9BPPTasAJ7dQkzfEqhKqxPgI61nQvCgyqQEfOzY3infHrjv4t
CbXWaBM8k4OURpf51zbfTkv0s/VEILRmP/dZZ5og6Qz1rUDy6PrCOaRiez7DUl8x
KCEt9vX9gR2A2M3qlZnvu4vHDSA21nPEIGlZFqGdfBHzx6uYQvtgkpRVjPZwuOzr
GNFErZ86zyZk0oCXFsl88dy8
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:24 2025 by rpki-client on console.sobornost.net