Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/KXpcX79rphe0hn09XHERCH1SbuQ.roa
File: KXpcX79rphe0hn09XHERCH1SbuQ.roa (raw, json)
Hash identifier: uvULu6EYjz964rfcL4u9AdDDAre+YcxtNVTL8gEkIbE=
Subject key identifier: 29:7A:5C:5F:BF:6B:A6:17:B4:86:7D:3D:5C:71:11:08:7D:52:6E:E4
Certificate issuer: /CN=6f0c9a1117abd52ec8036b4f378644fa77a4b8a7
Certificate serial: 01946133C9F9F2521CFE134181CD8E3E22BC
Authority key identifier: 6F:0C:9A:11:17:AB:D5:2E:C8:03:6B:4F:37:86:44:FA:77:A4:B8:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bwyaERer1S7IA2tPN4ZE-nekuKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/KXpcX79rphe0hn09XHERCH1SbuQ.roa
Signing time: Mon 13 Jan 2025 19:46:11 +0000
ROA not before: Mon 13 Jan 2025 19:46:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216235
IP address blocks: 2a13:f3c0:1::/48 maxlen: 48
2a13:f3c0:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:61:33:c9:f9:f2:52:1c:fe:13:41:81:cd:8e:3e:22:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f0c9a1117abd52ec8036b4f378644fa77a4b8a7
Validity
Not Before: Jan 13 19:46:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=297a5c5fbf6ba617b4867d3d5c7111087d526ee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ab:09:0e:a7:e2:e9:9b:b8:75:c9:57:02:26:
ac:85:b4:ed:a9:f2:16:cc:51:65:93:64:2b:08:b6:
e0:e2:e5:46:df:b9:50:01:d9:c0:99:9d:63:68:cd:
0d:39:35:52:8c:ef:6d:ce:6f:0e:f1:50:97:30:00:
9f:f5:6e:1a:a2:1d:a9:ed:42:23:b7:b8:23:c3:ab:
51:73:25:c7:39:dd:de:16:7b:31:05:f5:dc:51:b2:
61:07:92:91:0c:60:a0:17:53:e0:a6:99:72:b2:0d:
d8:3e:0a:c9:73:d6:ca:39:1d:46:3e:63:e5:2e:8e:
ac:c9:63:08:02:a7:d6:7f:7c:ef:ce:d9:96:c1:be:
eb:d8:d0:80:87:ca:49:11:91:32:94:8b:74:84:18:
53:e4:a1:5a:04:b0:9a:9d:bb:25:f9:8e:31:06:8d:
ef:4c:62:ba:38:8c:33:06:85:fe:b3:8a:42:07:7b:
bb:81:72:92:f3:b8:31:be:11:af:3f:a4:0d:8c:3c:
d4:f2:39:58:63:a8:54:b0:17:f5:ce:7a:e0:c7:31:
9e:97:fd:68:86:71:aa:05:55:58:96:7d:29:56:54:
02:6d:7f:f8:2f:d3:2f:10:49:fb:0c:de:d7:bc:1d:
7d:9a:6d:e7:ca:f4:65:89:50:1b:d7:f1:ee:59:ec:
ec:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:7A:5C:5F:BF:6B:A6:17:B4:86:7D:3D:5C:71:11:08:7D:52:6E:E4
X509v3 Authority Key Identifier:
keyid:6F:0C:9A:11:17:AB:D5:2E:C8:03:6B:4F:37:86:44:FA:77:A4:B8:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwyaERer1S7IA2tPN4ZE-nekuKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/KXpcX79rphe0hn09XHERCH1SbuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/bwyaERer1S7IA2tPN4ZE-nekuKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:f3c0:1::-2a13:f3c0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
06:9c:e8:42:0f:f5:07:75:85:37:0e:f6:bf:9e:32:ef:48:ae:
c7:49:48:f7:28:6b:c7:a8:de:ae:77:ed:2c:c5:74:ee:1f:f9:
4d:a6:e8:6c:6d:b4:5d:7f:0d:5e:d2:8c:05:90:5d:59:99:6f:
04:3c:0d:7c:1c:3d:dc:2e:ab:94:3e:0b:a6:18:de:a2:7e:ef:
f5:47:03:75:17:34:8b:2f:8b:d8:ef:75:c1:f6:87:b2:bc:0f:
6d:73:e1:c6:30:2e:c7:83:27:fd:e4:21:da:8b:6f:f6:18:22:
f6:30:f4:df:1a:bc:27:ab:54:c0:24:6d:14:45:f3:d2:e8:b6:
1b:45:2e:f8:69:16:b4:e1:85:90:be:69:2c:97:13:23:d0:ae:
6c:4a:ea:53:7c:26:3e:3b:84:ae:65:34:dd:39:43:f4:72:34:
26:60:77:cd:25:b4:72:78:a6:af:44:d4:b3:23:83:1d:29:de:
6f:35:7d:8f:cc:85:9b:cf:25:ad:16:04:97:fc:25:2a:0b:6d:
68:5b:ad:99:41:1b:d0:6a:37:b6:c7:98:c8:72:18:7e:ec:9d:
37:44:74:b4:02:47:8f:bb:85:ab:2c:a2:b2:f9:44:94:4b:79:
1d:a1:dc:37:69:92:75:d3:ec:e3:63:18:72:30:9d:76:7e:be:
13:04:27:48
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZRhM8n58lIc/hNBgc2OPiK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGM5YTExMTdhYmQ1MmVjODAzNmI0ZjM3ODY0NGZhNzdh
NGI4YTcwHhcNMjUwMTEzMTk0NjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTdhNWM1ZmJmNmJhNjE3YjQ4NjdkM2Q1YzcxMTEwODdkNTI2ZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvasJDqfi6Zu4dclXAiashbTtqfIW
zFFlk2QrCLbg4uVG37lQAdnAmZ1jaM0NOTVSjO9tzm8O8VCXMACf9W4aoh2p7UIj
t7gjw6tRcyXHOd3eFnsxBfXcUbJhB5KRDGCgF1Pgpplysg3YPgrJc9bKOR1GPmPl
Lo6syWMIAqfWf3zvztmWwb7r2NCAh8pJEZEylIt0hBhT5KFaBLCanbsl+Y4xBo3v
TGK6OIwzBoX+s4pCB3u7gXKS87gxvhGvP6QNjDzU8jlYY6hUsBf1znrgxzGel/1o
hnGqBVVYln0pVlQCbX/4L9MvEEn7DN7XvB19mm3nyvRliVAb1/HuWezs+QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCl6XF+/a6YXtIZ9PVxxEQh9Um7kMB8GA1UdIwQY
MBaAFG8MmhEXq9UuyANrTzeGRPp3pLinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnd5YUVSZXIxUzdJQTJ0UE40WkUtbmVrdUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8xMWE5YmEtOWQwZS00YzQ0LWFkYTQt
NGJlMTI3ZmEzMTE4LzEvS1hwY1g3OXJwaGUwaG4wOVhIRVJDSDFTYnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8xMWE5YmEtOWQwZS00YzQ0LWFkYTQtNGJlMTI3ZmEzMTE4
LzEvYnd5YUVSZXIxUzdJQTJ0UE40WkUtbmVrdUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqE/PA
AAEDBwAqE/PAAAIwDQYJKoZIhvcNAQELBQADggEBAAac6EIP9Qd1hTcO9r+eMu9I
rsdJSPcoa8eo3q537SzFdO4f+U2m6GxttF1/DV7SjAWQXVmZbwQ8DXwcPdwuq5Q+
C6YY3qJ+7/VHA3UXNIsvi9jvdcH2h7K8D21z4cYwLseDJ/3kIdqLb/YYIvYw9N8a
vCerVMAkbRRF89LothtFLvhpFrThhZC+aSyXEyPQrmxK6lN8Jj47hK5lNN05Q/Ry
NCZgd80ltHJ4pq9E1LMjgx0p3m81fY/MhZvPJa0WBJf8JSoLbWhbrZlBG9BqN7bH
mMhyGH7snTdEdLQCR4+7hassorL5RJRLeR2h3DdpknXT7ONjGHIwnXZ+vhMEJ0g=
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:17:04 2025 by rpki-client on console.sobornost.net