Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/fT2_EFW0DfZkecpq3-Z3Y0ydChQ.roa
File: fT2_EFW0DfZkecpq3-Z3Y0ydChQ.roa (raw, json)
Hash identifier: sCy4Wdx4DF+D/M40ONnN0oIScO/KHN2fGOgKfZdlDCA=
Subject key identifier: 7D:3D:BF:10:55:B4:0D:F6:64:79:CA:6A:DF:E6:77:63:4C:9D:0A:14
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0194282646186BB2CED62353C5E79160805D
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/fT2_EFW0DfZkecpq3-Z3Y0ydChQ.roa
Signing time: Thu 02 Jan 2025 17:53:04 +0000
ROA not before: Thu 02 Jan 2025 17:53:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207108
IP address blocks: 2a0b:8440::/29 maxlen: 29
2a0b:a4c0::/29 maxlen: 29
2a13:cdc0::/29 maxlen: 29
2a13:d140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:46:18:6b:b2:ce:d6:23:53:c5:e7:91:60:80:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jan 2 17:53:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d3dbf1055b40df66479ca6adfe677634c9d0a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1d:b3:e2:b7:1e:08:44:7d:1a:1a:13:de:e6:
5d:e2:f1:6c:f1:28:04:3e:ee:c7:ac:b8:88:67:37:
ba:9a:4d:10:c9:f6:eb:14:ef:f8:54:22:5f:58:6d:
02:1c:10:3b:9b:7f:56:7b:fb:d7:d2:34:df:fb:62:
37:d7:9c:43:44:1a:c0:84:a1:3d:ce:cc:4b:b6:e6:
bc:08:32:25:48:ce:61:c7:0f:91:03:43:61:bb:26:
49:94:94:2e:8a:4d:d2:5a:d3:ec:c0:51:d1:0d:42:
86:5f:7e:eb:4c:eb:30:c4:1f:e6:d9:5f:26:94:47:
f0:fa:06:79:db:4c:a4:6c:f1:14:12:36:ed:12:7a:
63:c4:de:ab:b1:bb:8b:ec:b8:4e:f1:ae:dd:6d:c5:
09:7c:b5:a3:f6:b8:06:16:c7:ed:86:48:b6:35:0b:
57:e0:ba:fa:ae:2a:43:07:26:97:87:82:d8:3b:43:
4a:cb:82:29:b4:72:53:9f:60:67:d4:15:95:5c:f8:
56:f7:98:20:05:92:5c:5d:c2:8b:e2:61:6e:6d:e0:
6f:c6:db:58:52:d7:95:1a:a2:ac:1c:92:dc:f6:d7:
8b:72:ce:4b:7e:67:8a:e2:20:1d:1b:73:29:bd:ed:
93:76:03:51:be:49:b8:bb:cf:0a:f6:47:a6:b3:cd:
cd:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:3D:BF:10:55:B4:0D:F6:64:79:CA:6A:DF:E6:77:63:4C:9D:0A:14
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/fT2_EFW0DfZkecpq3-Z3Y0ydChQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8440::/29
2a0b:a4c0::/29
2a13:cdc0::/29
2a13:d140::/29
Signature Algorithm: sha256WithRSAEncryption
8c:d6:4b:ba:19:89:ac:ec:16:b0:db:46:96:a2:a0:9d:6f:c7:
52:77:ad:bc:ee:b6:9a:6a:d3:78:cd:ce:5f:61:d3:6c:2d:00:
cc:76:fa:4f:b2:4b:57:36:61:4c:74:f5:23:0c:67:49:7c:70:
53:4b:bd:30:ee:94:26:4d:da:4e:1a:16:28:66:b6:54:bb:b4:
31:36:46:6d:16:0f:db:8d:09:b7:4e:29:65:99:d1:d4:81:9a:
41:b7:4e:f6:ff:6d:7c:ad:c7:98:79:cd:28:a7:52:1c:f5:52:
35:77:17:16:d4:9a:95:a0:a5:24:96:3e:e4:d8:59:65:9d:5f:
7a:70:49:8a:9f:10:ba:2a:5c:d3:f7:e1:48:2b:7a:22:a1:45:
46:39:a6:ed:b8:9a:d4:d0:05:18:dd:f8:ca:6d:58:4f:9f:63:
b5:28:56:6b:d4:24:08:7e:20:d2:65:c3:d0:ff:28:07:18:f2:
9c:09:e5:08:81:7c:83:24:c0:78:fe:eb:0c:7d:61:e3:00:97:
d3:5e:72:28:f0:fa:1a:d0:9b:48:08:74:cf:9c:e5:06:b3:18:
b5:de:7b:76:7b:80:bf:29:69:44:4e:85:86:12:97:be:14:ba:
e4:4c:c0:f8:91:57:cf:3c:a6:21:b8:fe:66:77:09:ab:94:6d:
89:12:28:43
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQoJkYYa7LO1iNTxeeRYIBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMTAyMTc1MzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDNkYmYxMDU1YjQwZGY2NjQ3OWNhNmFkZmU2Nzc2MzRjOWQwYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwh2z4rceCER9GhoT3uZd4vFs8SgE
Pu7HrLiIZze6mk0QyfbrFO/4VCJfWG0CHBA7m39We/vX0jTf+2I315xDRBrAhKE9
zsxLtua8CDIlSM5hxw+RA0NhuyZJlJQuik3SWtPswFHRDUKGX37rTOswxB/m2V8m
lEfw+gZ520ykbPEUEjbtEnpjxN6rsbuL7LhO8a7dbcUJfLWj9rgGFsfthki2NQtX
4Lr6ripDByaXh4LYO0NKy4IptHJTn2Bn1BWVXPhW95ggBZJcXcKL4mFubeBvxttY
UteVGqKsHJLc9teLcs5LfmeK4iAdG3Mpve2TdgNRvkm4u88K9kems83NKwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFH09vxBVtA32ZHnKat/md2NMnQoUMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvZlQyX0VGVzBEZlprZWNwcTMtWjNZMHlkQ2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKguEQAMF
AyoLpMADBQMqE83AAwUDKhPRQDANBgkqhkiG9w0BAQsFAAOCAQEAjNZLuhmJrOwW
sNtGlqKgnW/HUnetvO62mmrTeM3OX2HTbC0AzHb6T7JLVzZhTHT1IwxnSXxwU0u9
MO6UJk3aThoWKGa2VLu0MTZGbRYP240Jt04pZZnR1IGaQbdO9v9tfK3HmHnNKKdS
HPVSNXcXFtSalaClJJY+5NhZZZ1fenBJip8Quipc0/fhSCt6IqFFRjmm7bia1NAF
GN34ym1YT59jtShWa9QkCH4g0mXD0P8oBxjynAnlCIF8gyTAeP7rDH1h4wCX015y
KPD6GtCbSAh0z5zlBrMYtd57dnuAvylpRE6FhhKXvhS65EzA+JFXzzymIbj+ZncJ
q5RtiRIoQw==
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:16 2025 by rpki-client on console.sobornost.net