Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/Kr-1FkX8isznu7LNjpkGbo9RXAQ.roa
File: Kr-1FkX8isznu7LNjpkGbo9RXAQ.roa (raw, json)
Hash identifier: Nkup561eSF2a1lVSMy8ZbGKlbupLimNEQbbUAaz0DIc=
Subject key identifier: 2A:BF:B5:16:45:FC:8A:CC:E7:BB:B2:CD:8E:99:06:6E:8F:51:5C:04
Certificate issuer: /CN=90620638ca1d835650e08ddcf363f10789b53057
Certificate serial: 0194228DC56F5BD33E700587226AF484EA29
Authority key identifier: 90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/Kr-1FkX8isznu7LNjpkGbo9RXAQ.roa
Signing time: Wed 01 Jan 2025 15:48:23 +0000
ROA not before: Wed 01 Jan 2025 15:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397918
IP address blocks: 206.195.48.0/24 maxlen: 24
2a04:5781:3001::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:c5:6f:5b:d3:3e:70:05:87:22:6a:f4:84:ea:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90620638ca1d835650e08ddcf363f10789b53057
Validity
Not Before: Jan 1 15:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2abfb51645fc8acce7bbb2cd8e99066e8f515c04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:33:f4:c9:e1:61:3f:ec:3a:a9:47:f3:0d:59:
13:0a:2e:37:4e:d4:dd:70:a2:62:a7:34:6a:36:66:
5b:24:f0:23:41:6d:9e:40:97:56:0f:c6:6b:2b:5e:
ec:04:24:c9:2e:e6:3b:a2:d0:74:e8:56:e2:8b:85:
46:f8:cc:7b:6d:1e:01:19:a9:10:a2:bc:76:3a:1e:
7d:1a:c9:55:38:de:b1:73:3b:a4:ab:59:0b:83:da:
c8:25:38:d9:63:1c:b6:40:87:a4:86:df:0b:02:6f:
3d:ed:85:cd:af:93:03:de:98:8b:7f:81:54:48:de:
e9:ca:7d:cb:ef:20:39:a3:21:94:8b:bb:16:76:47:
cb:d2:8f:ac:54:30:15:12:06:61:ad:43:ab:20:cc:
2f:20:ea:e0:79:33:ca:f3:e9:78:99:dd:4b:33:99:
6b:5a:4b:4b:27:09:2e:61:f0:04:47:d2:72:cb:65:
8a:11:45:15:e3:cb:9c:6e:ad:8e:ba:05:d9:2f:29:
5d:b6:19:e6:93:c9:c6:d9:b5:67:00:f9:27:74:8a:
9f:af:3f:7b:6b:6b:c1:ed:c4:c3:63:3a:d5:34:70:
6d:c5:ce:9e:f5:91:6c:f5:8e:27:3a:3a:36:e1:0c:
02:e8:59:3d:31:4e:39:22:0d:0c:ba:e6:ef:13:c1:
ea:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BF:B5:16:45:FC:8A:CC:E7:BB:B2:CD:8E:99:06:6E:8F:51:5C:04
X509v3 Authority Key Identifier:
keyid:90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/Kr-1FkX8isznu7LNjpkGbo9RXAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/kGIGOModg1ZQ4I3c82PxB4m1MFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
206.195.48.0/24
IPv6:
2a04:5781:3001::/48
Signature Algorithm: sha256WithRSAEncryption
8c:4e:71:a1:ff:6c:38:ae:22:ac:37:04:0f:68:69:d1:71:93:
7a:bc:1e:7f:3d:11:b0:b2:69:06:ab:a3:31:a7:bc:e1:e4:e3:
6d:f9:86:da:48:05:42:26:43:c2:82:a1:55:b6:0a:24:f9:f1:
85:d5:f3:1f:14:73:52:02:eb:30:97:1d:ba:2e:d6:e4:7e:74:
0e:68:b2:22:22:fa:c4:ea:c5:9a:bc:41:6d:bf:17:3b:66:55:
f5:f5:4c:34:26:61:41:80:69:18:77:17:b8:e8:02:ae:1f:d4:
2c:6e:0e:82:77:6b:5d:f8:5c:c5:cd:d0:ed:1e:40:e2:43:3d:
e2:c2:f7:c5:d5:c0:60:fa:a2:b9:df:a8:e2:c0:e0:e2:ad:1d:
93:2f:23:2d:d2:41:d0:62:1e:4b:3d:61:85:de:63:63:57:ae:
f3:9e:fc:27:ce:fd:bd:61:b5:42:f6:6f:58:0d:65:1e:07:51:
c5:04:1f:42:78:98:09:40:c6:f1:07:f9:90:41:a0:eb:2d:62:
ea:25:8c:9d:0b:50:f5:67:87:c2:95:4f:e7:6f:3a:06:d5:7e:
49:ce:e6:42:75:48:a4:99:68:74:78:8a:19:da:61:78:e7:29:
77:95:5c:0e:08:f8:8c:e7:75:5d:28:7c:0b:06:05:41:31:b4:
70:b1:1b:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQijcVvW9M+cAWHImr0hOopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjIwNjM4Y2ExZDgzNTY1MGUwOGRkY2YzNjNmMTA3ODli
NTMwNTcwHhcNMjUwMTAxMTU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWJmYjUxNjQ1ZmM4YWNjZTdiYmIyY2Q4ZTk5MDY2ZThmNTE1YzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzP0yeFhP+w6qUfzDVkTCi43TtTd
cKJipzRqNmZbJPAjQW2eQJdWD8ZrK17sBCTJLuY7otB06Fbii4VG+Mx7bR4BGakQ
orx2Oh59GslVON6xczukq1kLg9rIJTjZYxy2QIekht8LAm897YXNr5MD3piLf4FU
SN7pyn3L7yA5oyGUi7sWdkfL0o+sVDAVEgZhrUOrIMwvIOrgeTPK8+l4md1LM5lr
WktLJwkuYfAER9Jyy2WKEUUV48ucbq2OugXZLyldthnmk8nG2bVnAPkndIqfrz97
a2vB7cTDYzrVNHBtxc6e9ZFs9Y4nOjo24QwC6Fk9MU45Ig0MuubvE8HqywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCq/tRZF/IrM57uyzY6ZBm6PUVwEMB8GA1UdIwQY
MBaAFJBiBjjKHYNWUOCN3PNj8QeJtTBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMt
YzQzYWM0MjllNTNmLzEvS3ItMUZrWDhpc3pudTdMTmpwa0dibzlSWEFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMtYzQzYWM0MjllNTNm
LzEva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAzsMwMA8E
AgACMAkDBwAqBFeBMAEwDQYJKoZIhvcNAQELBQADggEBAIxOcaH/bDiuIqw3BA9o
adFxk3q8Hn89EbCyaQarozGnvOHk4235htpIBUImQ8KCoVW2CiT58YXV8x8Uc1IC
6zCXHbou1uR+dA5osiIi+sTqxZq8QW2/FztmVfX1TDQmYUGAaRh3F7joAq4f1Cxu
DoJ3a134XMXN0O0eQOJDPeLC98XVwGD6ornfqOLA4OKtHZMvIy3SQdBiHks9YYXe
Y2NXrvOe/CfO/b1htUL2b1gNZR4HUcUEH0J4mAlAxvEH+ZBBoOstYuoljJ0LUPVn
h8KVT+dvOgbVfknO5kJ1SKSZaHR4ihnaYXjnKXeVXA4I+IzndV0ofAsGBUExtHCx
Gww=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:47 2025 by rpki-client on console.sobornost.net