Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/KDN_6FFPENk8-bDnIrfpP21-8VE.roa
File: KDN_6FFPENk8-bDnIrfpP21-8VE.roa (raw, json)
Hash identifier: RLkioT2IjSMiI+bndKsLWNSNLlPwCFxgUoWcDB4O4GA=
Subject key identifier: 28:33:7F:E8:51:4F:10:D9:3C:F9:B0:E7:22:B7:E9:3F:6D:7E:F1:51
Certificate issuer: /CN=e58024b729d99f05133ec6d14390c73eb36db99e
Certificate serial: 0194228DFA3C05A388A3E66AB679E3E8FE24
Authority key identifier: E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/KDN_6FFPENk8-bDnIrfpP21-8VE.roa
Signing time: Wed 01 Jan 2025 15:48:37 +0000
ROA not before: Wed 01 Jan 2025 15:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57310
IP address blocks: 217.71.113.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:fa:3c:05:a3:88:a3:e6:6a:b6:79:e3:e8:fe:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e58024b729d99f05133ec6d14390c73eb36db99e
Validity
Not Before: Jan 1 15:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28337fe8514f10d93cf9b0e722b7e93f6d7ef151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8c:1c:0b:06:76:e5:16:a5:4a:2a:9c:dc:70:
04:db:d8:bc:21:52:10:c4:75:4c:b6:ef:c2:bf:80:
d0:41:a6:ea:35:44:f0:70:21:90:55:98:86:f0:e3:
b8:c4:17:be:3a:8c:3b:a7:61:87:4e:c9:47:45:e1:
99:8c:0b:d4:13:93:db:00:e4:b6:1a:cb:67:fd:59:
13:68:28:18:9a:b8:4c:05:53:b5:59:ae:c3:10:b1:
2b:f3:9d:10:b2:aa:a6:04:db:f1:31:ae:5f:24:d3:
b5:6e:40:42:37:fb:8b:cc:4c:41:b3:fe:8e:79:bd:
de:a4:17:ec:b8:79:fe:ee:f8:18:2e:88:43:1a:e8:
ed:d9:e5:34:06:6c:e9:a4:17:93:ce:84:dd:56:67:
e6:8d:55:45:8b:5f:f7:82:99:96:9d:ee:25:30:a1:
ee:b8:4d:20:8c:53:2b:7c:9e:d8:d1:9f:46:4c:ff:
24:01:38:9a:f9:68:cd:72:11:73:90:e3:5b:d2:30:
ee:84:5b:11:f5:15:8b:6a:45:68:95:ad:e7:56:13:
b3:91:fe:7b:3b:21:8d:ae:b0:80:38:a4:0a:e8:21:
54:44:05:71:42:60:7f:f8:ae:f7:d7:75:e4:48:16:
4b:be:5b:af:e1:aa:05:1c:22:f4:99:b4:6f:d5:de:
ac:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:33:7F:E8:51:4F:10:D9:3C:F9:B0:E7:22:B7:E9:3F:6D:7E:F1:51
X509v3 Authority Key Identifier:
keyid:E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/KDN_6FFPENk8-bDnIrfpP21-8VE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.71.113.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:a2:b6:e0:3b:d5:3e:8a:11:e0:27:b7:f4:db:ef:c2:8f:ba:
1a:e4:2b:cb:3b:71:2b:ef:61:38:29:a3:58:29:0e:b0:5b:83:
a3:e4:f1:e7:26:a3:7c:62:26:c7:b0:74:14:b7:a5:3b:31:cc:
9c:54:7c:16:bf:a9:d6:cb:e3:56:a0:76:25:aa:7e:bb:d5:18:
e9:ad:03:e9:b1:c8:9a:cf:6a:de:ab:bd:08:48:58:ec:76:19:
23:7a:af:7b:a9:d1:0b:94:aa:c0:6e:be:3e:db:da:ec:36:2d:
05:94:e4:3b:93:03:9e:ed:23:e4:9e:50:df:9c:07:93:53:3f:
07:48:45:9c:aa:a7:2b:e4:88:d8:d3:c5:4d:f6:81:73:01:74:
73:53:73:29:58:46:f5:e6:4b:31:ae:64:ab:a6:f2:5c:bb:4b:
af:9e:ae:dc:58:11:96:e7:7b:05:04:80:f4:b6:d3:75:ea:8f:
ef:34:e5:48:b9:bc:f5:9c:e3:da:eb:b4:c1:15:1a:80:9b:e9:
5a:6c:3e:25:3e:53:b6:45:5a:65:24:6b:c4:21:07:7a:81:b4:
de:be:04:06:74:7a:5d:e8:a4:99:c2:f3:f2:4e:ac:1b:7c:96:
96:92:88:b5:28:00:27:60:71:d6:8d:74:53:aa:81:43:f6:be:
63:1b:79:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijfo8BaOIo+Zqtnnj6P4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODAyNGI3MjlkOTlmMDUxMzNlYzZkMTQzOTBjNzNlYjM2
ZGI5OWUwHhcNMjUwMTAxMTU0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODMzN2ZlODUxNGYxMGQ5M2NmOWIwZTcyMmI3ZTkzZjZkN2VmMTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4wcCwZ25RalSiqc3HAE29i8IVIQ
xHVMtu/Cv4DQQabqNUTwcCGQVZiG8OO4xBe+Oow7p2GHTslHReGZjAvUE5PbAOS2
Gstn/VkTaCgYmrhMBVO1Wa7DELEr850QsqqmBNvxMa5fJNO1bkBCN/uLzExBs/6O
eb3epBfsuHn+7vgYLohDGujt2eU0BmzppBeTzoTdVmfmjVVFi1/3gpmWne4lMKHu
uE0gjFMrfJ7Y0Z9GTP8kATia+WjNchFzkONb0jDuhFsR9RWLakVola3nVhOzkf57
OyGNrrCAOKQK6CFURAVxQmB/+K7313XkSBZLvluv4aoFHCL0mbRv1d6s7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgzf+hRTxDZPPmw5yK36T9tfvFRMB8GA1UdIwQY
MBaAFOWAJLcp2Z8FEz7G0UOQxz6zbbmeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQt
OTU2ZjZiNWM2MTcwLzEvS0ROXzZGRlBFTms4LWJEbklyZnBQMjEtOFZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQtOTU2ZjZiNWM2MTcw
LzEvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2UdxMA0G
CSqGSIb3DQEBCwUAA4IBAQAOorbgO9U+ihHgJ7f02+/Cj7oa5CvLO3Er72E4KaNY
KQ6wW4Oj5PHnJqN8YibHsHQUt6U7McycVHwWv6nWy+NWoHYlqn671RjprQPpscia
z2req70ISFjsdhkjeq97qdELlKrAbr4+29rsNi0FlOQ7kwOe7SPknlDfnAeTUz8H
SEWcqqcr5IjY08VN9oFzAXRzU3MpWEb15ksxrmSrpvJcu0uvnq7cWBGW53sFBID0
ttN16o/vNOVIubz1nOPa67TBFRqAm+labD4lPlO2RVplJGvEIQd6gbTevgQGdHpd
6KSZwvPyTqwbfJaWkoi1KAAnYHHWjXRTqoFD9r5jG3nZ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:13 2025 by rpki-client on console.sobornost.net