Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/KsYncnghaxDA5x4UiPyWsOmG9RM.roa
File: KsYncnghaxDA5x4UiPyWsOmG9RM.roa (raw, json)
Hash identifier: UI503uf1Ey46JuitcxCO88jhsuoBiLbllr+HxyvpTkA=
Subject key identifier: 2A:C6:27:72:78:21:6B:10:C0:E7:1E:14:88:FC:96:B0:E9:86:F5:13
Certificate issuer: /CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Certificate serial: 019423D6ACA138E7279402CB05E31008D7DD
Authority key identifier: F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/KsYncnghaxDA5x4UiPyWsOmG9RM.roa
Signing time: Wed 01 Jan 2025 21:47:38 +0000
ROA not before: Wed 01 Jan 2025 21:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216363
IP address blocks: 212.59.104.0/22 maxlen: 22
212.59.108.0/24 maxlen: 24
212.59.110.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ac:a1:38:e7:27:94:02:cb:05:e3:10:08:d7:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Validity
Not Before: Jan 1 21:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ac6277278216b10c0e71e1488fc96b0e986f513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4a:de:4c:6b:05:05:6f:12:0d:4d:3d:71:dc:
8f:f7:e5:c7:13:2e:71:52:e5:02:55:b0:b6:9f:69:
4e:53:12:7f:14:0d:06:bd:6e:f5:2d:94:b4:b6:eb:
09:54:67:e2:f0:e1:07:c1:21:51:4d:c2:97:a4:83:
af:4c:b0:a4:79:4b:63:82:4f:d0:89:f7:b9:07:d7:
09:99:43:16:11:ae:6b:12:d3:5c:06:8e:23:96:92:
5c:11:b7:6c:f4:6c:66:00:1c:e2:fd:45:d4:2e:b4:
6f:fd:4b:db:90:21:d1:76:4d:fd:88:5f:0a:8c:2f:
98:26:da:b8:a5:b9:89:6f:52:51:cb:10:89:c7:bc:
68:ec:2f:d3:78:9d:05:c9:5d:a1:ce:9e:b8:2e:6d:
53:94:e6:df:62:c0:0b:07:7d:9c:f7:a3:60:f3:47:
9a:bc:cf:d8:ba:2d:cf:27:66:72:a0:89:a4:ca:04:
93:5d:52:6d:1f:c8:6b:df:74:06:5b:b7:5d:66:1e:
32:de:d4:2d:12:6d:eb:ac:69:9f:fd:11:be:58:d0:
aa:5d:f0:65:03:5e:ce:6d:25:f1:43:b5:18:27:8b:
ff:23:5f:c4:5e:c6:22:29:83:9c:c3:61:15:d5:63:
da:5b:c8:ec:87:d3:a3:13:2a:60:d7:40:f3:db:b8:
ca:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C6:27:72:78:21:6B:10:C0:E7:1E:14:88:FC:96:B0:E9:86:F5:13
X509v3 Authority Key Identifier:
keyid:F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/KsYncnghaxDA5x4UiPyWsOmG9RM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.59.104.0-212.59.108.255
212.59.110.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:fe:7b:2b:bc:e8:09:03:2e:04:9f:02:90:55:8a:ca:80:30:
df:cb:4f:9b:65:85:93:43:bf:ba:ea:c6:8b:37:1d:1c:3e:90:
bc:fe:78:8d:f2:8b:87:56:f3:13:7f:ee:5e:55:4f:8d:58:8d:
a7:8e:e6:88:e2:cb:b0:46:d5:09:aa:ee:25:3e:46:1d:82:ad:
ac:7e:cc:6f:5f:bf:e2:00:1f:2e:52:26:ad:2c:c5:da:fd:ed:
91:ab:aa:0e:13:0e:5c:d9:c9:d8:a7:bb:e5:1e:3d:a9:02:3f:
2c:56:27:2e:5b:b7:78:ca:c7:ab:28:f7:69:cf:8a:91:1c:59:
01:1e:3e:61:23:66:eb:72:56:03:5e:64:19:f0:9a:2a:c3:9b:
92:05:1f:e2:47:d5:e9:e6:56:e3:81:ee:03:ad:a7:d3:18:94:
f1:6b:67:61:03:fb:f0:67:cf:76:47:62:6f:90:0f:26:02:16:
f3:d7:72:7b:72:c2:a2:8d:a2:19:5e:e5:22:63:7c:24:cb:33:
bc:3d:f8:e5:08:39:eb:47:c2:44:96:0a:a4:e8:08:10:fd:18:
04:57:8c:ba:41:ef:00:00:e8:c3:c3:c3:b3:45:fc:77:5b:75:
92:e7:a1:35:f8:90:e8:81:5e:17:b7:b6:26:ed:07:a7:7d:4e:
9d:5a:00:f4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQj1qyhOOcnlALLBeMQCNfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjU2NDZiMzYwMzc5OTI0Y2I2ZDljM2Q5OTY2OWNlN2Yz
YjJjYTIwHhcNMjUwMTAxMjE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWM2Mjc3Mjc4MjE2YjEwYzBlNzFlMTQ4OGZjOTZiMGU5ODZmNTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEreTGsFBW8SDU09cdyP9+XHEy5x
UuUCVbC2n2lOUxJ/FA0GvW71LZS0tusJVGfi8OEHwSFRTcKXpIOvTLCkeUtjgk/Q
ife5B9cJmUMWEa5rEtNcBo4jlpJcEbds9GxmABzi/UXULrRv/UvbkCHRdk39iF8K
jC+YJtq4pbmJb1JRyxCJx7xo7C/TeJ0FyV2hzp64Lm1TlObfYsALB32c96Ng80ea
vM/Yui3PJ2ZyoImkygSTXVJtH8hr33QGW7ddZh4y3tQtEm3rrGmf/RG+WNCqXfBl
A17ObSXxQ7UYJ4v/I1/EXsYiKYOcw2EV1WPaW8jsh9OjEypg10Dz27jKZQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCrGJ3J4IWsQwOceFIj8lrDphvUTMB8GA1UdIwQY
MBaAFPO1ZGs2A3mSTLbZw9mWac5/OyyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTct
NTk3NTkxM2Y1MmM1LzEvS3NZbmNuZ2hheERBNXg0VWlQeVdzT21HOVJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTctNTk3NTkxM2Y1MmM1
LzEvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAPUO2gD
BADUO2wDBAHUO24wDQYJKoZIhvcNAQELBQADggEBAF3+eyu86AkDLgSfApBVisqA
MN/LT5tlhZNDv7rqxos3HRw+kLz+eI3yi4dW8xN/7l5VT41YjaeO5ojiy7BG1Qmq
7iU+Rh2Crax+zG9fv+IAHy5SJq0sxdr97ZGrqg4TDlzZydinu+UePakCPyxWJy5b
t3jKx6so92nPipEcWQEePmEjZutyVgNeZBnwmirDm5IFH+JH1enmVuOB7gOtp9MY
lPFrZ2ED+/Bnz3ZHYm+QDyYCFvPXcntywqKNohle5SJjfCTLM7w9+OUIOetHwkSW
CqToCBD9GARXjLpB7wAA6MPDw7NF/HdbdZLnoTX4kOiBXhe3tibtB6d9Tp1aAPQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:32 2025 by rpki-client on console.sobornost.net