Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/PNksOOv08BA7DWvnAviAYokxay8.roa
File: PNksOOv08BA7DWvnAviAYokxay8.roa (raw, json)
Hash identifier: IRl9mg3ZRyBhLRBvGzL8Uuqx0WZwZ1SKAqmPlIk/7pA=
Subject key identifier: 3C:D9:2C:38:EB:F4:F0:10:3B:0D:6B:E7:02:F8:80:62:89:31:6B:2F
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0194709CB8F96D3A99FCAB8F0FEDFEA491AA
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/PNksOOv08BA7DWvnAviAYokxay8.roa
Signing time: Thu 16 Jan 2025 19:35:06 +0000
ROA not before: Thu 16 Jan 2025 19:35:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214967
IP address blocks: 2a0f:63c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:70:9c:b8:f9:6d:3a:99:fc:ab:8f:0f:ed:fe:a4:91:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jan 16 19:35:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3cd92c38ebf4f0103b0d6be702f8806289316b2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:02:3e:8c:13:35:7f:94:a0:84:4e:40:9b:e4:
28:be:35:42:0f:68:24:ec:57:90:d2:51:c0:39:4b:
9b:95:8d:ab:00:e2:a8:75:c0:b9:ee:fe:c5:fa:3a:
06:92:c6:a2:02:99:91:0e:8e:76:78:a4:61:3f:29:
d1:d0:41:d0:63:89:51:fb:f3:65:89:25:e7:c0:00:
33:f0:82:22:db:cd:e4:96:56:fd:2e:de:a2:88:ee:
e0:3a:51:ed:9c:ac:73:76:eb:99:b1:eb:69:f6:29:
e4:52:e4:14:8e:6f:d7:0f:cf:01:31:a9:5d:a5:c4:
d9:af:02:96:e6:fd:f4:eb:4f:5d:d4:5c:09:2d:73:
46:04:cc:d6:42:64:0d:81:99:a3:35:9b:f6:02:9c:
b1:ae:a0:bd:7d:7a:24:41:a1:5f:91:83:c2:23:8a:
75:2e:1e:c1:c8:45:bc:76:cb:e6:13:df:27:e9:6a:
09:7c:82:3f:5f:2d:0c:40:e0:c4:f1:9d:a0:cf:81:
c9:99:1d:3e:78:f2:50:ad:d0:50:96:dd:ab:ce:5b:
c0:39:a0:d5:83:7e:a1:db:26:68:bd:79:c7:ff:55:
16:f9:35:1a:e5:9a:0a:2c:d8:1b:50:61:46:03:12:
c7:a5:d3:15:b2:30:94:d7:fb:70:b0:b5:60:15:a1:
62:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D9:2C:38:EB:F4:F0:10:3B:0D:6B:E7:02:F8:80:62:89:31:6B:2F
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/PNksOOv08BA7DWvnAviAYokxay8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:6f:4a:ae:d4:12:22:fb:5e:29:f3:76:aa:c1:9a:c3:4b:c8:
69:97:d2:b2:5d:46:30:97:b8:48:7f:32:35:52:13:df:75:41:
cb:22:29:80:4d:b1:25:cd:ba:a4:f4:fa:67:00:c8:af:f3:c2:
98:46:06:ba:f3:e1:49:39:17:70:a0:33:75:ea:1d:3f:d1:0e:
92:7c:38:a0:7c:1c:d4:b6:f9:94:1c:74:f7:53:15:bd:8a:c5:
e3:3f:05:d9:d2:66:8a:b2:58:41:9c:cb:e2:71:64:af:ca:97:
89:79:ef:81:ab:42:26:b0:02:97:26:45:c6:6e:44:92:25:05:
c6:f1:1f:da:18:42:cb:d1:c0:fa:34:a0:60:d7:66:6e:e8:42:
3a:45:c3:bb:5c:de:d3:3c:0a:b1:95:02:29:94:7b:74:29:ff:
3e:de:ab:b3:d6:48:cf:53:a5:62:5b:ec:ee:7b:7e:e2:ea:db:
bb:a9:dc:4c:ff:55:b3:6f:a2:37:a5:b9:89:94:6c:12:3d:27:
c1:78:8c:23:c7:66:2a:bf:69:7d:f2:30:7c:16:85:18:be:16:
28:c1:e7:50:e8:93:5e:48:8d:3d:b5:65:72:38:60:1f:f7:75:
46:93:86:23:2d:77:43:ea:9c:81:5b:e3:a2:c8:cd:34:fd:aa:
46:0a:1c:53
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZRwnLj5bTqZ/KuPD+3+pJGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMTE2MTkzNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2Q5MmMzOGViZjRmMDEwM2IwZDZiZTcwMmY4ODA2Mjg5MzE2YjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwI+jBM1f5SghE5Am+QovjVCD2gk
7FeQ0lHAOUublY2rAOKodcC57v7F+joGksaiApmRDo52eKRhPynR0EHQY4lR+/Nl
iSXnwAAz8IIi283kllb9Lt6iiO7gOlHtnKxzduuZsetp9inkUuQUjm/XD88BMald
pcTZrwKW5v30609d1FwJLXNGBMzWQmQNgZmjNZv2ApyxrqC9fXokQaFfkYPCI4p1
Lh7ByEW8dsvmE98n6WoJfII/Xy0MQODE8Z2gz4HJmR0+ePJQrdBQlt2rzlvAOaDV
g36h2yZovXnH/1UW+TUa5ZoKLNgbUGFGAxLHpdMVsjCU1/twsLVgFaFiDwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDzZLDjr9PAQOw1r5wL4gGKJMWsvMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvUE5rc09PdjA4QkE3RFd2bkF2aUFZb2t4YXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9jwDAN
BgkqhkiG9w0BAQsFAAOCAQEAPG9KrtQSIvteKfN2qsGaw0vIaZfSsl1GMJe4SH8y
NVIT33VByyIpgE2xJc26pPT6ZwDIr/PCmEYGuvPhSTkXcKAzdeodP9EOknw4oHwc
1Lb5lBx091MVvYrF4z8F2dJmirJYQZzL4nFkr8qXiXnvgatCJrAClyZFxm5EkiUF
xvEf2hhCy9HA+jSgYNdmbuhCOkXDu1ze0zwKsZUCKZR7dCn/Pt6rs9ZIz1OlYlvs
7nt+4urbu6ncTP9Vs2+iN6W5iZRsEj0nwXiMI8dmKr9pffIwfBaFGL4WKMHnUOiT
XkiNPbVlcjhgH/d1RpOGIy13Q+qcgVvjosjNNP2qRgocUw==
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:16 2025 by rpki-client on console.sobornost.net