Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/CkbJH_u2mfrM1Uhd_H6f1uTGBUg.roa
File: CkbJH_u2mfrM1Uhd_H6f1uTGBUg.roa (raw, json)
Hash identifier: wIIbbsShbZa1xMYj8dGCMuuWCy6aHKsTt7U9RACDy60=
Subject key identifier: 0A:46:C9:1F:FB:B6:99:FA:CC:D5:48:5D:FC:7E:9F:D6:E4:C6:05:48
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0195ED47F181785A052D32D034B3ADD8C5FE
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/CkbJH_u2mfrM1Uhd_H6f1uTGBUg.roa
Signing time: Mon 31 Mar 2025 17:37:49 +0000
ROA not before: Mon 31 Mar 2025 17:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a0e:13c3::/32 maxlen: 32
2a0f:bb01::/32 maxlen: 32
2a0f:bb02::/32 maxlen: 32
2a11:641::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ed:47:f1:81:78:5a:05:2d:32:d0:34:b3:ad:d8:c5:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Mar 31 17:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a46c91ffbb699faccd5485dfc7e9fd6e4c60548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0b:4e:42:85:6e:a2:f2:d4:5d:a3:81:32:63:
fb:4e:5d:0a:80:a8:5d:b5:27:d5:ee:0a:92:9a:fe:
5d:57:f7:17:91:fc:4a:34:c4:f8:17:01:13:45:08:
e7:e7:cb:3d:ba:b3:80:a3:f9:d7:34:67:68:d5:82:
d9:3d:73:77:21:37:85:cc:98:ac:89:75:36:98:35:
52:5c:83:d3:79:ba:b5:72:cd:1e:93:7e:67:63:cf:
1e:36:a0:36:90:de:51:33:b6:63:76:7e:44:cd:01:
bf:82:19:ad:46:e8:3e:d9:f4:73:f2:17:06:da:29:
79:37:da:e5:0c:a1:15:c5:4d:31:c6:9f:52:e3:d6:
4e:43:5d:a9:a3:f2:fb:77:3f:9b:22:e7:14:7c:36:
28:10:88:2e:7c:82:4d:da:1c:7c:83:88:3f:07:37:
ba:fa:82:3d:84:c1:ec:bf:a7:41:3e:1e:e2:c8:55:
ce:69:44:b8:53:af:7f:7e:ce:b9:cb:c7:44:ad:ce:
72:ce:4b:44:71:80:ac:f4:2e:9b:33:10:6b:e4:a6:
f7:79:ce:c8:92:82:39:b6:56:8e:fd:9d:2a:c1:18:
fb:d6:a4:ae:63:39:11:15:93:ae:ab:00:2e:04:a1:
e6:90:76:65:46:06:78:51:5f:5a:df:6a:e0:2b:e8:
72:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:46:C9:1F:FB:B6:99:FA:CC:D5:48:5D:FC:7E:9F:D6:E4:C6:05:48
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/CkbJH_u2mfrM1Uhd_H6f1uTGBUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:13c3::/32
2a0f:bb01::-2a0f:bb02:ffff:ffff:ffff:ffff:ffff:ffff
2a11:641::/32
Signature Algorithm: sha256WithRSAEncryption
e6:75:e0:12:2f:4b:ce:bc:e2:b2:a2:73:51:15:cb:fb:40:08:
8d:a7:09:5a:ea:41:68:cf:a4:78:3d:c0:f8:51:71:08:89:e5:
73:3a:ed:9e:dd:ba:62:58:28:c6:3c:b2:e5:9f:f9:61:fe:f7:
f2:bf:12:57:f3:06:98:ad:6c:18:44:0b:c5:85:6d:f7:08:d3:
fd:c9:77:96:d0:19:41:6f:d8:ff:3b:a2:d5:b6:a9:8b:db:e3:
b4:b4:44:0d:9c:d1:c9:22:49:b8:62:d9:26:18:5a:85:05:e3:
3a:da:cb:ec:35:12:8b:93:eb:a6:ee:5b:48:a7:39:05:73:b9:
7c:61:f7:40:eb:75:44:43:4c:95:08:77:ae:74:f1:2b:7a:94:
ac:1f:be:97:42:54:64:ca:f6:d4:54:67:cd:0d:cd:c3:cf:79:
cb:d8:f7:3e:1e:69:36:af:d3:2a:e9:10:3d:31:be:50:a1:c8:
15:be:af:ca:65:34:c9:0a:6c:6b:3a:e9:48:5d:53:c0:57:3c:
07:53:1e:7f:9e:af:ec:d1:ef:b4:76:ef:19:de:47:30:80:a2:
01:95:41:09:08:fa:46:59:fc:df:62:24:37:04:5d:d9:94:ca:
13:f1:f7:29:58:2f:1e:2a:40:6d:44:8c:d0:b5:a3:54:1a:61:
65:b0:65:26
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZXtR/GBeFoFLTLQNLOt2MX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwMzMxMTczNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQ2YzkxZmZiYjY5OWZhY2NkNTQ4NWRmYzdlOWZkNmU0YzYwNTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgtOQoVuovLUXaOBMmP7Tl0KgKhd
tSfV7gqSmv5dV/cXkfxKNMT4FwETRQjn58s9urOAo/nXNGdo1YLZPXN3ITeFzJis
iXU2mDVSXIPTebq1cs0ek35nY88eNqA2kN5RM7Zjdn5EzQG/ghmtRug+2fRz8hcG
2il5N9rlDKEVxU0xxp9S49ZOQ12po/L7dz+bIucUfDYoEIgufIJN2hx8g4g/Bze6
+oI9hMHsv6dBPh7iyFXOaUS4U69/fs65y8dErc5yzktEcYCs9C6bMxBr5Kb3ec7I
koI5tlaO/Z0qwRj71qSuYzkRFZOuqwAuBKHmkHZlRgZ4UV9a32rgK+hyvQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFApGyR/7tpn6zNVIXfx+n9bkxgVIMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvQ2tiSkhfdTJtZnJNMVVoZF9INmYxdVRHQlVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwUAKg4TwzAO
AwUAKg+7AQMFACoPuwIDBQAqEQZBMA0GCSqGSIb3DQEBCwUAA4IBAQDmdeASL0vO
vOKyonNRFcv7QAiNpwla6kFoz6R4PcD4UXEIieVzOu2e3bpiWCjGPLLln/lh/vfy
vxJX8waYrWwYRAvFhW33CNP9yXeW0BlBb9j/O6LVtqmL2+O0tEQNnNHJIkm4Ytkm
GFqFBeM62svsNRKLk+um7ltIpzkFc7l8YfdA63VEQ0yVCHeudPErepSsH76XQlRk
yvbUVGfNDc3Dz3nL2Pc+Hmk2r9Mq6RA9Mb5QocgVvq/KZTTJCmxrOulIXVPAVzwH
Ux5/nq/s0e+0du8Z3kcwgKIBlUEJCPpGWfzfYiQ3BF3ZlMoT8fcpWC8eKkBtRIzQ
taNUGmFlsGUm
-----END CERTIFICATE-----
Generated at Wed Apr 2 00:25:02 2025 by rpki-client on console.sobornost.net