Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/aa06b6-e766-4ad9-aa7a-a4bbb1bc98c6/1/1-lS6f9wSKHxOg6D2m2c9vfd7pZc.roa
File: 1-lS6f9wSKHxOg6D2m2c9vfd7pZc.roa (raw, json)
Hash identifier: aStR6HaP0T4xDkO1lgRZTnmtqTCZZifP6GMOa/WBLIw=
Subject key identifier: FA:54:BA:7F:DC:12:28:7C:4E:83:A0:F6:9B:67:3D:BD:F7:7B:A5:97
Certificate issuer: /CN=6ffe7b21b62183d5e3d4ae1b93ff00909282c912
Certificate serial: 019426D9B58ACA9044D2742EE9FD479D8045
Authority key identifier: 6F:FE:7B:21:B6:21:83:D5:E3:D4:AE:1B:93:FF:00:90:92:82:C9:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_57IbYhg9Xj1K4bk_8AkJKCyRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/aa06b6-e766-4ad9-aa7a-a4bbb1bc98c6/1/1-lS6f9wSKHxOg6D2m2c9vfd7pZc.roa
Signing time: Thu 02 Jan 2025 11:49:49 +0000
ROA not before: Thu 02 Jan 2025 11:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197942
IP address blocks: 171.32.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:b5:8a:ca:90:44:d2:74:2e:e9:fd:47:9d:80:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ffe7b21b62183d5e3d4ae1b93ff00909282c912
Validity
Not Before: Jan 2 11:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa54ba7fdc12287c4e83a0f69b673dbdf77ba597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:70:a4:df:44:c2:12:2b:fc:03:71:fa:ed:0b:
29:b0:d0:34:fb:c5:6f:4d:93:17:e0:2e:7a:51:23:
7d:c9:33:b7:84:52:e5:6a:0f:c1:dc:0d:26:57:3b:
f5:8b:07:68:54:e8:97:3c:ef:fa:9b:0f:c3:32:86:
c0:04:a9:af:a3:26:30:b4:c2:a0:8f:3a:a6:0d:b8:
2d:41:60:88:2c:be:f1:75:6e:fa:e7:fa:80:23:b0:
c4:e7:6d:94:3f:f7:b4:c0:98:2c:9e:b4:27:dc:08:
4d:bb:ba:37:e7:63:4c:8f:be:f7:26:a6:8d:79:1a:
cb:d8:a4:1a:95:87:2f:bd:11:74:07:c0:f7:b5:b7:
1c:df:0b:c1:d4:b6:6e:0c:c2:a1:21:93:9c:72:56:
26:80:ab:9b:72:5a:ef:9a:33:b9:1e:93:63:31:ef:
66:c2:a0:cc:7e:0e:1e:5e:ef:31:de:3c:99:c3:cf:
99:ec:0c:b6:d0:d7:2b:9c:89:33:a1:f5:dd:68:31:
d2:cd:4f:b2:5e:67:39:c9:1d:55:96:a9:63:b4:ec:
59:8a:f3:02:d3:97:1b:18:17:4d:e3:70:71:2e:7e:
8b:59:3a:25:14:ac:f3:88:0c:c1:8a:1e:5f:7a:57:
aa:a8:5b:f3:ee:3a:85:07:0d:16:7e:91:cc:86:37:
65:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:54:BA:7F:DC:12:28:7C:4E:83:A0:F6:9B:67:3D:BD:F7:7B:A5:97
X509v3 Authority Key Identifier:
keyid:6F:FE:7B:21:B6:21:83:D5:E3:D4:AE:1B:93:FF:00:90:92:82:C9:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_57IbYhg9Xj1K4bk_8AkJKCyRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/aa06b6-e766-4ad9-aa7a-a4bbb1bc98c6/1/1-lS6f9wSKHxOg6D2m2c9vfd7pZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/aa06b6-e766-4ad9-aa7a-a4bbb1bc98c6/1/b_57IbYhg9Xj1K4bk_8AkJKCyRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:43:70:49:ac:56:03:b3:a4:1a:9d:b7:b7:92:19:72:15:10:
a9:58:d7:1a:6e:fb:ae:64:7f:bd:ca:d9:fb:f6:83:2e:40:67:
de:12:6a:33:28:13:f9:d8:75:17:63:0f:2a:b2:6d:11:67:5d:
db:ff:83:af:1f:74:d7:fb:63:a5:34:c7:a5:7a:64:d1:66:b5:
1c:80:47:ba:6e:3d:7e:c1:f2:45:7c:d7:e3:27:38:a5:40:c8:
1a:f9:f7:b4:30:9b:eb:29:35:49:60:e4:d1:a9:ca:f6:6e:78:
0f:c5:53:bc:82:2f:54:43:b7:8c:e3:03:b7:75:84:ce:52:76:
96:a3:d8:96:48:db:ac:62:0b:5f:7d:94:be:a0:cd:08:cc:88:
f4:ac:f6:4c:46:9e:5a:61:b9:cf:b2:c1:35:20:eb:51:a7:36:
e3:cc:59:00:b5:8e:f9:3d:6f:b8:bc:66:8c:3a:93:70:e1:49:
a5:48:68:c2:9e:f9:e8:4c:b7:a7:2a:8f:71:13:3b:03:29:a1:
30:8d:fe:9c:6c:21:af:9e:ee:02:23:0e:6f:71:6d:ac:af:78:
ad:d7:2e:0f:bd:af:c2:49:64:9d:9b:e1:64:6a:5e:99:5a:57:
81:86:7b:9f:5e:17:7d:7e:9c:6f:d9:10:e0:1e:a5:52:fa:67:
ea:0c:f9:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2bWKypBE0nQu6f1HnYBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZmU3YjIxYjYyMTgzZDVlM2Q0YWUxYjkzZmYwMDkwOTI4
MmM5MTIwHhcNMjUwMTAyMTE0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTU0YmE3ZmRjMTIyODdjNGU4M2EwZjY5YjY3M2RiZGY3N2JhNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHCk30TCEiv8A3H67QspsNA0+8Vv
TZMX4C56USN9yTO3hFLlag/B3A0mVzv1iwdoVOiXPO/6mw/DMobABKmvoyYwtMKg
jzqmDbgtQWCILL7xdW765/qAI7DE522UP/e0wJgsnrQn3AhNu7o352NMj773JqaN
eRrL2KQalYcvvRF0B8D3tbcc3wvB1LZuDMKhIZOcclYmgKubclrvmjO5HpNjMe9m
wqDMfg4eXu8x3jyZw8+Z7Ay20NcrnIkzofXdaDHSzU+yXmc5yR1VlqljtOxZivMC
05cbGBdN43BxLn6LWTolFKzziAzBih5feleqqFvz7jqFBw0WfpHMhjdl6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPpUun/cEih8ToOg9ptnPb33e6WXMB8GA1UdIwQY
MBaAFG/+eyG2IYPV49SuG5P/AJCSgskSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl81N0liWWhnOVhqMUs0YmtfOEFrSktDeVJJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9hYTA2YjYtZTc2Ni00YWQ5LWFhN2Et
YTRiYmIxYmM5OGM2LzEvMS1sUzZmOXdTS0h4T2c2RDJtMmM5dmZkN3BaYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDYvYWEwNmI2LWU3NjYtNGFkOS1hYTdhLWE0YmJiMWJjOThj
Ni8xL2JfNTdJYlloZzlYajFLNGJrXzhBa0pLQ3lSSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAKsgMA0G
CSqGSIb3DQEBCwUAA4IBAQCBQ3BJrFYDs6Qanbe3khlyFRCpWNcabvuuZH+9ytn7
9oMuQGfeEmozKBP52HUXYw8qsm0RZ13b/4OvH3TX+2OlNMelemTRZrUcgEe6bj1+
wfJFfNfjJzilQMga+fe0MJvrKTVJYOTRqcr2bngPxVO8gi9UQ7eM4wO3dYTOUnaW
o9iWSNusYgtffZS+oM0IzIj0rPZMRp5aYbnPssE1IOtRpzbjzFkAtY75PW+4vGaM
OpNw4UmlSGjCnvnoTLenKo9xEzsDKaEwjf6cbCGvnu4CIw5vcW2sr3it1y4Pva/C
SWSdm+Fkal6ZWleBhnufXhd9fpxv2RDgHqVS+mfqDPkB
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:42 2025 by rpki-client on console.sobornost.net