Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/KCWaCnY3aEHIgK58R3H4FHaqUx4.roa
File: KCWaCnY3aEHIgK58R3H4FHaqUx4.roa (raw, json)
Hash identifier: w8mfp+HqNmBu2EhMLrBbv1ohJamr7CfX45+BqPKjkdk=
Subject key identifier: 28:25:9A:0A:76:37:68:41:C8:80:AE:7C:47:71:F8:14:76:AA:53:1E
Certificate issuer: /CN=5ad943a41ce27e7b7bcfdff69a89c3e337ea63b5
Certificate serial: 019420680127643D06E8E10FBF4EA63B1A93
Authority key identifier: 5A:D9:43:A4:1C:E2:7E:7B:7B:CF:DF:F6:9A:89:C3:E3:37:EA:63:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WtlDpBzifnt7z9_2monD4zfqY7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/KCWaCnY3aEHIgK58R3H4FHaqUx4.roa
Signing time: Wed 01 Jan 2025 05:47:54 +0000
ROA not before: Wed 01 Jan 2025 05:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51306
IP address blocks: 194.127.244.0/22 maxlen: 24
2a07:cf80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:01:27:64:3d:06:e8:e1:0f:bf:4e:a6:3b:1a:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ad943a41ce27e7b7bcfdff69a89c3e337ea63b5
Validity
Not Before: Jan 1 05:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28259a0a76376841c880ae7c4771f81476aa531e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fb:fb:d7:d3:13:20:26:8d:8f:4c:ee:ed:40:
2c:51:b3:b6:c0:04:8f:39:65:f0:ad:de:b5:4e:9d:
b9:9d:4c:b6:f7:d5:ec:5b:45:24:6c:de:04:35:f6:
6a:f8:ff:8e:ba:ea:1e:ab:2a:72:0c:82:4e:f2:a3:
92:8d:4b:96:81:be:c3:9f:b7:10:98:d2:a9:5a:1f:
3e:7a:74:66:2f:a4:32:15:55:ea:9a:7a:ac:be:02:
0c:f0:ba:d7:44:b7:2d:30:53:5c:df:46:d2:13:63:
70:7d:c9:8c:79:13:45:15:1a:79:6d:92:80:8f:d7:
46:4c:67:53:30:d0:7b:ae:0a:08:45:68:dd:f9:9d:
b4:40:27:ee:87:3b:a7:b7:d5:e9:a3:c3:35:a4:7f:
3a:09:9d:59:ed:53:69:3b:8b:3c:ab:ac:cc:57:72:
13:45:f3:fa:7b:77:77:8c:4c:34:60:23:c4:b4:4e:
aa:a3:4d:de:ab:0e:3e:89:4f:de:82:ad:80:68:69:
bc:26:c1:67:42:20:e1:17:30:3d:8d:97:19:86:28:
35:f6:3a:cf:47:bb:ab:2a:49:1f:31:bd:85:8a:6d:
38:34:ff:e0:0b:85:12:e1:23:09:93:e2:fe:e0:bc:
f8:b7:c7:67:2b:17:e9:f8:56:71:ba:e2:cf:70:04:
48:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:25:9A:0A:76:37:68:41:C8:80:AE:7C:47:71:F8:14:76:AA:53:1E
X509v3 Authority Key Identifier:
keyid:5A:D9:43:A4:1C:E2:7E:7B:7B:CF:DF:F6:9A:89:C3:E3:37:EA:63:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WtlDpBzifnt7z9_2monD4zfqY7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/KCWaCnY3aEHIgK58R3H4FHaqUx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/WtlDpBzifnt7z9_2monD4zfqY7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.244.0/22
IPv6:
2a07:cf80::/32
Signature Algorithm: sha256WithRSAEncryption
8d:a0:97:e2:b8:bb:18:5d:c5:bf:e9:85:5e:de:98:6a:07:5e:
1d:92:58:bb:0f:91:c3:16:a5:18:53:e5:10:3e:ba:c8:09:f5:
d4:dc:da:9c:6b:00:d0:e3:ec:5d:b0:c7:13:6e:06:82:ef:d7:
70:14:53:68:7e:be:1c:2e:72:e4:1a:39:92:85:6d:6b:af:dd:
bf:ef:a9:b6:48:33:ea:94:50:6d:64:d7:3b:fa:1b:15:0d:3d:
15:59:fc:9f:f4:ec:db:95:06:56:11:65:db:00:ad:16:85:34:
ec:cf:16:ca:13:15:3a:b7:1d:36:c3:01:45:f7:2c:9a:59:62:
85:30:15:5a:36:bd:98:6b:c7:61:7c:98:63:30:65:85:c0:ad:
7e:a4:fb:20:e2:56:bb:cd:62:78:10:a6:3d:16:81:c2:db:a4:
14:95:55:09:68:3e:3a:6c:30:59:60:40:3b:ef:ad:bc:13:d4:
f5:12:f1:e1:af:36:4d:fd:3c:e2:b9:58:42:c0:dc:96:58:17:
fa:e2:1e:4b:33:a4:61:c9:a3:17:13:0d:38:e1:fe:b2:73:c9:
c3:20:ce:e1:f8:e4:45:8a:80:06:8a:ba:be:fe:1f:d0:b4:e0:
65:8e:07:81:b7:10:bd:ae:a3:a8:1d:b6:6f:44:2c:58:d2:22:
44:c0:f5:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaAEnZD0G6OEPv06mOxqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZDk0M2E0MWNlMjdlN2I3YmNmZGZmNjlhODljM2UzMzdl
YTYzYjUwHhcNMjUwMTAxMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODI1OWEwYTc2Mzc2ODQxYzg4MGFlN2M0NzcxZjgxNDc2YWE1MzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/v719MTICaNj0zu7UAsUbO2wASP
OWXwrd61Tp25nUy299XsW0UkbN4ENfZq+P+OuuoeqypyDIJO8qOSjUuWgb7Dn7cQ
mNKpWh8+enRmL6QyFVXqmnqsvgIM8LrXRLctMFNc30bSE2NwfcmMeRNFFRp5bZKA
j9dGTGdTMNB7rgoIRWjd+Z20QCfuhzunt9Xpo8M1pH86CZ1Z7VNpO4s8q6zMV3IT
RfP6e3d3jEw0YCPEtE6qo03eqw4+iU/egq2AaGm8JsFnQiDhFzA9jZcZhig19jrP
R7urKkkfMb2Fim04NP/gC4US4SMJk+L+4Lz4t8dnKxfp+FZxuuLPcARIwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCglmgp2N2hByICufEdx+BR2qlMeMB8GA1UdIwQY
MBaAFFrZQ6Qc4n57e8/f9pqJw+M36mO1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3RsRHBCemlmbnQ3ejlfMm1vbkQ0emZxWTdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8yMWI3Y2UtMmVjNi00NzllLThhNGQt
ODRmOTA1OTM5MTNjLzEvS0NXYUNuWTNhRUhJZ0s1OFIzSDRGSGFxVXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8yMWI3Y2UtMmVjNi00NzllLThhNGQtODRmOTA1OTM5MTNj
LzEvV3RsRHBCemlmbnQ3ejlfMm1vbkQ0emZxWTdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwn/0MA0E
AgACMAcDBQAqB8+AMA0GCSqGSIb3DQEBCwUAA4IBAQCNoJfiuLsYXcW/6YVe3phq
B14dkli7D5HDFqUYU+UQPrrICfXU3NqcawDQ4+xdsMcTbgaC79dwFFNofr4cLnLk
GjmShW1rr92/76m2SDPqlFBtZNc7+hsVDT0VWfyf9OzblQZWEWXbAK0WhTTszxbK
ExU6tx02wwFF9yyaWWKFMBVaNr2Ya8dhfJhjMGWFwK1+pPsg4la7zWJ4EKY9FoHC
26QUlVUJaD46bDBZYEA77628E9T1EvHhrzZN/TziuVhCwNyWWBf64h5LM6RhyaMX
Ew044f6yc8nDIM7h+ORFioAGirq+/h/QtOBljgeBtxC9rqOoHbZvRCxY0iJEwPW9
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:06 2025 by rpki-client on console.sobornost.net