Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/i3TPt-zWXJ3G1Bcyltkh5JTqgKc.roa
File: i3TPt-zWXJ3G1Bcyltkh5JTqgKc.roa (raw, json)
Hash identifier: nsFsnGrP6VO1UDltl+ftWvTkRkCPqzLwytsEDIGyZXI=
Subject key identifier: 8B:74:CF:B7:EC:D6:5C:9D:C6:D4:17:32:96:D9:21:E4:94:EA:80:A7
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0195ED47F1CDF19388191172B886A5303B3A
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/i3TPt-zWXJ3G1Bcyltkh5JTqgKc.roa
Signing time: Mon 31 Mar 2025 17:37:49 +0000
ROA not before: Mon 31 Mar 2025 17:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a11:8444::/32 maxlen: 32
2a11:9fc3::/32 maxlen: 32
2a11:c445::/32 maxlen: 32
2a11:fec3::/32 maxlen: 32
2a12:4c07::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ed:47:f1:cd:f1:93:88:19:11:72:b8:86:a5:30:3b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Mar 31 17:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b74cfb7ecd65c9dc6d4173296d921e494ea80a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:27:1a:4e:d0:22:c7:44:db:b6:be:24:70:9f:
4e:0e:de:aa:70:87:fa:90:4f:2e:1d:79:08:7d:2e:
3f:3a:6a:58:b3:d9:64:ea:90:1a:ca:11:2f:9e:68:
a6:f8:71:10:7a:9c:c6:a1:bd:76:b2:45:10:12:be:
2c:b7:cc:46:8c:b1:ca:b3:de:3d:87:95:a4:d6:0a:
22:84:35:89:50:3f:a6:59:83:cf:7b:4f:52:94:d6:
67:d5:59:8d:d5:88:49:5b:0f:62:cd:2f:6e:a0:c6:
1e:22:4a:ea:e7:09:5d:1a:00:5e:ef:65:35:67:58:
27:90:a5:32:3a:fb:e0:f5:53:a3:d1:f2:d1:e6:13:
8a:12:9e:6b:24:ed:20:d7:d2:f9:9b:77:4d:37:6c:
bf:b6:e9:ee:f5:e8:b3:54:8b:26:cd:39:97:d6:2f:
72:36:a5:70:01:6d:84:c9:be:17:8e:13:53:7b:2f:
d3:a4:11:2c:ae:73:4e:19:d1:09:9a:8f:eb:76:81:
39:d6:51:ec:38:e2:da:50:d4:1b:b2:da:51:78:43:
dd:a1:53:9d:c9:c9:17:6e:25:eb:95:d2:9b:e7:81:
d7:d9:d9:db:e8:c3:3f:23:0c:96:49:28:96:8e:12:
5f:7d:11:a1:8f:8a:82:f9:f9:10:b1:bb:e0:09:5e:
7b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:74:CF:B7:EC:D6:5C:9D:C6:D4:17:32:96:D9:21:E4:94:EA:80:A7
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/i3TPt-zWXJ3G1Bcyltkh5JTqgKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8444::/32
2a11:9fc3::/32
2a11:c445::/32
2a11:fec3::/32
2a12:4c07::/32
Signature Algorithm: sha256WithRSAEncryption
64:08:44:5a:9a:f1:1f:39:f1:a2:4a:3b:e4:e6:e6:1f:6a:b4:
75:f6:cd:37:58:8e:19:d4:d4:c0:23:63:54:be:57:1e:8b:64:
d0:3e:61:35:52:75:13:08:41:bb:e0:c3:f1:44:51:18:19:8e:
46:8c:9e:f7:c0:59:b6:79:a7:6b:a5:1b:48:d6:85:34:a6:99:
25:c7:53:06:d7:3b:9b:c5:78:f6:0e:4b:cd:67:67:7c:ae:f4:
ff:2f:14:da:5f:30:a0:38:c5:83:b6:d6:66:13:87:c6:90:03:
17:4f:17:83:59:3c:66:d6:a2:d8:45:2c:79:7f:6b:da:7e:86:
93:40:57:da:a6:b2:79:e6:cd:da:2b:72:82:7f:fa:21:5f:f5:
55:4f:d0:00:f6:ea:6c:6c:cb:be:40:09:cc:6e:15:5c:49:3d:
49:69:03:39:ab:b0:6b:c3:08:23:0b:38:8e:bf:4d:54:05:01:
19:c8:d2:19:81:04:c5:31:00:8a:d1:8d:91:90:90:b8:d6:b6:
97:0b:71:73:db:20:99:ed:bd:a7:ac:55:59:67:94:1d:ec:fd:
73:e9:07:de:29:7c:07:62:3a:fb:ea:ab:f0:0a:25:d4:d9:4d:
65:98:04:93:fa:0d:db:32:d5:ea:e8:46:33:1c:1f:44:c7:3e:
ad:1d:86:1d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZXtR/HN8ZOIGRFyuIalMDs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwMzMxMTczNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjc0Y2ZiN2VjZDY1YzlkYzZkNDE3MzI5NmQ5MjFlNDk0ZWE4MGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCcaTtAix0Tbtr4kcJ9ODt6qcIf6
kE8uHXkIfS4/OmpYs9lk6pAayhEvnmim+HEQepzGob12skUQEr4st8xGjLHKs949
h5Wk1goihDWJUD+mWYPPe09SlNZn1VmN1YhJWw9izS9uoMYeIkrq5wldGgBe72U1
Z1gnkKUyOvvg9VOj0fLR5hOKEp5rJO0g19L5m3dNN2y/tunu9eizVIsmzTmX1i9y
NqVwAW2Eyb4XjhNTey/TpBEsrnNOGdEJmo/rdoE51lHsOOLaUNQbstpReEPdoVOd
yckXbiXrldKb54HX2dnb6MM/IwyWSSiWjhJffRGhj4qC+fkQsbvgCV57+wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIt0z7fs1lydxtQXMpbZIeSU6oCnMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvaTNUUHQteldYSjNHMUJjeWx0a2g1SlRxZ0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKhGERAMF
ACoRn8MDBQAqEcRFAwUAKhH+wwMFACoSTAcwDQYJKoZIhvcNAQELBQADggEBAGQI
RFqa8R858aJKO+Tm5h9qtHX2zTdYjhnU1MAjY1S+Vx6LZNA+YTVSdRMIQbvgw/FE
URgZjkaMnvfAWbZ5p2ulG0jWhTSmmSXHUwbXO5vFePYOS81nZ3yu9P8vFNpfMKA4
xYO21mYTh8aQAxdPF4NZPGbWothFLHl/a9p+hpNAV9qmsnnmzdorcoJ/+iFf9VVP
0AD26mxsy75ACcxuFVxJPUlpAzmrsGvDCCMLOI6/TVQFARnI0hmBBMUxAIrRjZGQ
kLjWtpcLcXPbIJntvaesVVlnlB3s/XPpB94pfAdiOvvqq/AKJdTZTWWYBJP6Ddsy
1eroRjMcH0THPq0dhh0=
-----END CERTIFICATE-----
Generated at Wed Apr 2 00:23:39 2025 by rpki-client on console.sobornost.net