Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/K3PHjFr5iZQBePAHzZD7020H3CQ.roa
File: K3PHjFr5iZQBePAHzZD7020H3CQ.roa (raw, json)
Hash identifier: cYqNDwyqOAThtjZwtvIGK4yhgMYUiG7kHacZddA60SQ=
Subject key identifier: 2B:73:C7:8C:5A:F9:89:94:01:78:F0:07:CD:90:FB:D3:6D:07:DC:24
Certificate issuer: /CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
Certificate serial: 019600DE4A447F68D8389505D70E7CD12200
Authority key identifier: 29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/K3PHjFr5iZQBePAHzZD7020H3CQ.roa
Signing time: Fri 04 Apr 2025 12:54:50 +0000
ROA not before: Fri 04 Apr 2025 12:54:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205964
IP address blocks: 2a14:c882::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:de:4a:44:7f:68:d8:38:95:05:d7:0e:7c:d1:22:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
Validity
Not Before: Apr 4 12:54:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b73c78c5af989940178f007cd90fbd36d07dc24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d0:f2:60:29:a3:c9:f7:63:89:a2:1b:ab:b6:
2b:21:03:6b:0d:52:11:ba:63:83:4a:95:05:8e:ed:
69:7c:cd:d3:77:04:69:a4:bb:62:af:71:bd:36:ce:
cc:2d:4c:98:d7:4c:ec:16:28:17:07:fe:cf:68:04:
98:91:fb:dd:82:fb:91:93:14:c9:05:39:77:69:4b:
c4:6e:7a:58:ab:2c:21:3a:4e:64:8a:ca:da:88:e5:
dc:a6:b4:da:4d:f5:2e:03:da:bb:c3:96:c9:6a:b4:
5a:7c:03:47:79:02:28:22:8d:47:56:7a:4d:68:8a:
18:b4:d1:74:00:3a:4a:76:50:d3:b6:61:2f:79:74:
db:2b:47:13:16:68:95:b2:79:42:69:99:bf:5e:f6:
06:b0:99:6e:c1:57:05:82:f5:96:77:a3:49:7c:75:
6e:18:94:7b:96:ad:4f:7b:be:eb:24:33:d0:91:fb:
0e:98:33:db:50:ef:4b:2b:91:b7:74:69:25:3d:b0:
0c:de:e8:d1:6c:13:3d:86:4c:60:9f:72:db:23:bc:
3e:15:29:f2:cc:df:3b:e9:65:96:d8:3e:6e:9c:ef:
b0:67:ee:51:16:54:8d:4c:63:97:5e:3a:ea:f9:73:
46:57:47:dc:93:5e:fa:40:6b:55:5a:b0:1d:f1:83:
a0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:73:C7:8C:5A:F9:89:94:01:78:F0:07:CD:90:FB:D3:6D:07:DC:24
X509v3 Authority Key Identifier:
keyid:29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/K3PHjFr5iZQBePAHzZD7020H3CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c882::/33
Signature Algorithm: sha256WithRSAEncryption
07:c8:d1:cf:b4:8d:67:86:5d:7a:6b:73:c6:b4:00:47:d6:1d:
97:02:d7:a7:d6:71:45:9e:45:a0:7b:0a:b0:95:bc:9d:18:bb:
c9:28:76:50:3b:4a:9f:48:d5:b1:5b:63:d9:f0:46:87:8c:dd:
64:47:2f:7d:7f:14:d9:6b:a1:a0:6d:f7:f7:97:f9:b5:50:c8:
b4:ea:dc:e5:91:fb:9a:9f:1e:3f:1c:d9:a3:5c:11:47:b0:8b:
c0:ba:6e:39:fa:bb:4b:a8:c8:d7:96:0d:d1:87:b9:59:42:da:
36:72:c0:58:48:81:1a:63:59:cb:03:b6:3c:6a:97:00:2a:3c:
e6:bd:c6:08:29:39:e6:d1:d4:20:88:15:9b:f8:16:bb:b3:41:
d5:fb:3e:54:0a:43:b4:a3:37:a7:b8:c9:fb:0d:dd:6e:9d:e6:
8e:37:bc:21:c9:62:22:57:38:19:cf:54:11:39:b6:af:9c:8c:
70:b4:5c:78:b1:eb:84:c7:25:4b:03:c0:f1:c0:1a:db:df:9c:
4a:f9:07:64:ba:b2:45:64:4c:e2:69:0c:68:06:e1:04:c4:be:
78:ef:b9:bc:13:ac:40:90:05:e9:bf:21:8c:d9:2a:ab:72:9e:
96:52:42:1c:da:41:83:c7:47:d4:ac:48:38:19:af:3a:ab:57:
67:1f:72:09
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZYA3kpEf2jYOJUF1w580SIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmE3ZGQ2M2YyZTJkODdiNWY3ODUwMDkzYzc0M2JiZmJl
MTRlNDQwHhcNMjUwNDA0MTI1NDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjczYzc4YzVhZjk4OTk0MDE3OGYwMDdjZDkwZmJkMzZkMDdkYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdDyYCmjyfdjiaIbq7YrIQNrDVIR
umODSpUFju1pfM3TdwRppLtir3G9Ns7MLUyY10zsFigXB/7PaASYkfvdgvuRkxTJ
BTl3aUvEbnpYqywhOk5kisraiOXcprTaTfUuA9q7w5bJarRafANHeQIoIo1HVnpN
aIoYtNF0ADpKdlDTtmEveXTbK0cTFmiVsnlCaZm/XvYGsJluwVcFgvWWd6NJfHVu
GJR7lq1Pe77rJDPQkfsOmDPbUO9LK5G3dGklPbAM3ujRbBM9hkxgn3LbI7w+FSny
zN876WWW2D5unO+wZ+5RFlSNTGOXXjrq+XNGV0fck176QGtVWrAd8YOgDQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCtzx4xa+YmUAXjwB82Q+9NtB9wkMB8GA1UdIwQY
MBaAFCn6fdY/Li2HtfeFAJPHQ7v74U5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUt
NzlmN2I2ZWE3YzE0LzEvSzNQSGpGcjVpWlFCZVBBSHpaRDcwMjBIM0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUtNzlmN2I2ZWE3YzE0
LzEvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKhTIggAw
DQYJKoZIhvcNAQELBQADggEBAAfI0c+0jWeGXXprc8a0AEfWHZcC16fWcUWeRaB7
CrCVvJ0Yu8kodlA7Sp9I1bFbY9nwRoeM3WRHL31/FNlroaBt9/eX+bVQyLTq3OWR
+5qfHj8c2aNcEUewi8C6bjn6u0uoyNeWDdGHuVlC2jZywFhIgRpjWcsDtjxqlwAq
POa9xggpOebR1CCIFZv4FruzQdX7PlQKQ7SjN6e4yfsN3W6d5o43vCHJYiJXOBnP
VBE5tq+cjHC0XHix64THJUsDwPHAGtvfnEr5B2S6skVkTOJpDGgG4QTEvnjvubwT
rECQBem/IYzZKqtynpZSQhzaQYPHR9SsSDgZrzqrV2cfcgk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:25 2025 by rpki-client on console.sobornost.net