Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/42253HLnOCeDdWXbVaBqxqKkqYk.roa
File: 42253HLnOCeDdWXbVaBqxqKkqYk.roa (raw, json)
Hash identifier: BqTlpMMwxPkAEoI6esdIhtxXnPLpelyVrWmMMy7G1IQ=
Subject key identifier: E3:6D:B9:DC:72:E7:38:27:83:75:65:DB:55:A0:6A:C6:A2:A4:A9:89
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0195ED4706EA9EF5A116055102B4F66E2D8A
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/42253HLnOCeDdWXbVaBqxqKkqYk.roa
Signing time: Mon 31 Mar 2025 17:36:49 +0000
ROA not before: Mon 31 Mar 2025 17:36:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:7682::/32 maxlen: 32
2a11:9fc2::/32 maxlen: 32
2a11:b780::/32 maxlen: 32
2a11:b785::/32 maxlen: 32
2a11:c441::/32 maxlen: 32
2a11:c443::/32 maxlen: 32
2a11:cd02::/32 maxlen: 32
2a11:d081::/32 maxlen: 32
2a11:d082::/32 maxlen: 32
2a11:fec1::/32 maxlen: 32
2a12:4c03::/32 maxlen: 32
2a12:4c06::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ed:47:06:ea:9e:f5:a1:16:05:51:02:b4:f6:6e:2d:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Mar 31 17:36:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e36db9dc72e73827837565db55a06ac6a2a4a989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:2d:af:fa:30:fa:4c:05:4f:09:6a:c9:f1:74:
31:14:ad:d3:40:05:97:e9:b3:f8:72:e0:90:34:dd:
76:33:26:8c:a7:c6:e7:57:3c:0f:b6:fc:e8:80:1f:
32:bf:b3:c4:db:a1:24:ff:77:81:ab:e1:21:23:18:
3e:10:a9:6b:8d:2b:6c:31:6f:3d:9b:1c:a7:13:03:
06:1b:81:6c:7f:bf:26:2a:84:65:81:d3:c7:31:fc:
87:55:08:37:a7:a9:99:5f:92:18:6b:15:ce:23:f0:
92:d7:bc:51:da:e5:d2:8f:e0:96:78:84:0a:5c:f7:
cc:f7:15:36:a6:09:b2:86:ad:9e:70:7c:93:1f:15:
59:08:b1:9f:d4:81:88:06:c7:bd:2f:5c:17:87:89:
af:33:51:3a:9f:ff:4b:2b:1b:ac:fb:ac:6b:ab:cd:
de:0d:a9:08:a3:3d:26:ae:9c:d8:c1:08:ec:22:26:
83:59:ef:65:00:e6:f2:e0:c3:11:ee:d7:69:db:9f:
d5:42:53:f1:67:4a:cc:e9:5f:ca:a9:f3:62:0d:ac:
3b:a5:ce:bd:3f:16:ec:30:00:98:2f:6e:71:d4:84:
d4:f2:d4:3a:0c:e7:7b:1f:6f:5b:25:aa:55:ad:28:
45:51:7f:b9:2a:0d:03:19:a6:8e:d4:50:0d:1a:c4:
bb:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6D:B9:DC:72:E7:38:27:83:75:65:DB:55:A0:6A:C6:A2:A4:A9:89
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/42253HLnOCeDdWXbVaBqxqKkqYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7682::/32
2a11:9fc2::/32
2a11:b780::/32
2a11:b785::/32
2a11:c441::/32
2a11:c443::/32
2a11:cd02::/32
2a11:d081::-2a11:d082:ffff:ffff:ffff:ffff:ffff:ffff
2a11:fec1::/32
2a12:4c03::/32
2a12:4c06::/32
Signature Algorithm: sha256WithRSAEncryption
4c:75:49:48:58:85:da:98:7d:bc:67:dd:c7:52:09:07:73:de:
fe:4b:c4:3e:f8:e7:17:13:61:b2:70:94:08:7f:f1:8d:b9:f1:
7f:62:48:57:c6:af:9d:1d:3d:d0:5f:44:63:b5:e7:ab:01:aa:
9e:13:f5:89:ad:b9:3d:03:6a:aa:de:c2:2f:b3:ae:0a:16:1b:
5a:34:05:53:23:d2:fe:bf:a5:28:48:7f:fe:a9:09:62:4f:dc:
9d:39:57:e6:1f:dd:c6:c3:4b:60:17:97:3f:5d:53:cf:7e:1c:
2c:72:63:29:35:0b:f8:cc:0c:eb:d3:b6:a4:90:5c:78:8c:16:
bf:9a:52:55:f9:8c:f2:33:4f:ea:66:f9:9f:6d:63:fc:77:a0:
87:23:da:00:1a:0f:c3:ad:e6:2a:fb:f5:d4:23:d1:57:cb:6e:
aa:14:2b:8e:00:18:8a:8e:96:3b:3f:80:e2:1f:16:8c:c1:9a:
7b:4e:10:29:d1:b7:aa:03:13:c9:46:59:29:fe:25:38:af:2d:
f0:c0:62:c8:b3:24:eb:ae:75:32:da:d7:f0:a0:14:ac:f5:be:
d7:85:42:ad:47:57:f6:42:cf:83:23:ac:f3:0a:1a:ef:ff:ef:
1e:97:c4:59:8d:2f:c5:9e:22:1b:23:b0:b7:7a:1f:53:dc:f6:
3f:26:de:a2
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZXtRwbqnvWhFgVRArT2bi2KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwMzMxMTczNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzZkYjlkYzcyZTczODI3ODM3NTY1ZGI1NWEwNmFjNmEyYTRhOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9S2v+jD6TAVPCWrJ8XQxFK3TQAWX
6bP4cuCQNN12MyaMp8bnVzwPtvzogB8yv7PE26Ek/3eBq+EhIxg+EKlrjStsMW89
mxynEwMGG4Fsf78mKoRlgdPHMfyHVQg3p6mZX5IYaxXOI/CS17xR2uXSj+CWeIQK
XPfM9xU2pgmyhq2ecHyTHxVZCLGf1IGIBse9L1wXh4mvM1E6n/9LKxus+6xrq83e
DakIoz0mrpzYwQjsIiaDWe9lAOby4MMR7tdp25/VQlPxZ0rM6V/KqfNiDaw7pc69
PxbsMACYL25x1ITU8tQ6DOd7H29bJapVrShFUX+5Kg0DGaaO1FANGsS7nwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFONtudxy5zgng3Vl21WgasaipKmJMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvNDIyNTNITG5PQ2VEZFdYYlZhQnF4cUtrcVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAAjBWAwUAKhF2ggMF
ACoRn8IDBQAqEbeAAwUAKhG3hQMFACoRxEEDBQAqEcRDAwUAKhHNAjAOAwUAKhHQ
gQMFACoR0IIDBQAqEf7BAwUAKhJMAwMFACoSTAYwDQYJKoZIhvcNAQELBQADggEB
AEx1SUhYhdqYfbxn3cdSCQdz3v5LxD745xcTYbJwlAh/8Y258X9iSFfGr50dPdBf
RGO156sBqp4T9YmtuT0Daqrewi+zrgoWG1o0BVMj0v6/pShIf/6pCWJP3J05V+Yf
3cbDS2AXlz9dU89+HCxyYyk1C/jMDOvTtqSQXHiMFr+aUlX5jPIzT+pm+Z9tY/x3
oIcj2gAaD8Ot5ir79dQj0VfLbqoUK44AGIqOljs/gOIfFozBmntOECnRt6oDE8lG
WSn+JTivLfDAYsizJOuudTLa1/CgFKz1vteFQq1HV/ZCz4MjrPMKGu//7x6XxFmN
L8WeIhsjsLd6H1Pc9j8m3qI=
-----END CERTIFICATE-----
Generated at Wed Apr 2 00:23:39 2025 by rpki-client on console.sobornost.net