Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/jkh_FFhFNHENA3gIbYhebQVvuBM.roa
File: jkh_FFhFNHENA3gIbYhebQVvuBM.roa (raw, json)
Hash identifier: cA2VhsNT4DoSkMtREZkBzaZ4CHPg5DwGT95fVOvu/Ok=
Subject key identifier: 8E:48:7F:14:58:45:34:71:0D:03:78:08:6D:88:5E:6D:05:6F:B8:13
Certificate issuer: /CN=82b136e6820d94f03b1c5d71eee3d4b22191528f
Certificate serial: 019421B1B24901A3A60B0E97A0875A0BFC10
Authority key identifier: 82:B1:36:E6:82:0D:94:F0:3B:1C:5D:71:EE:E3:D4:B2:21:91:52:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grE25oINlPA7HF1x7uPUsiGRUo8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/jkh_FFhFNHENA3gIbYhebQVvuBM.roa
Signing time: Wed 01 Jan 2025 11:48:01 +0000
ROA not before: Wed 01 Jan 2025 11:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20670
IP address blocks: 31.131.168.0/21 maxlen: 21
45.93.228.0/22 maxlen: 22
91.210.76.0/22 maxlen: 22
185.37.32.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:b2:49:01:a3:a6:0b:0e:97:a0:87:5a:0b:fc:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b136e6820d94f03b1c5d71eee3d4b22191528f
Validity
Not Before: Jan 1 11:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e487f14584534710d0378086d885e6d056fb813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3d:21:0b:f8:ea:70:b7:c7:12:1c:bc:f7:d9:
48:0e:84:ec:2f:60:23:52:34:06:85:f1:1e:08:31:
24:dd:d0:83:35:92:e1:31:8f:98:81:26:7e:a2:c7:
9b:3f:87:be:be:9f:7b:83:7f:4b:2a:c7:1c:d5:7f:
8c:80:bb:45:c8:e1:57:89:e3:6a:2a:82:be:c3:d2:
a0:03:f4:68:60:1b:ea:75:36:02:2a:40:d8:96:e1:
7b:07:41:05:3e:58:dd:f0:31:f2:36:de:c6:3a:30:
ce:90:2b:c0:48:45:6a:5f:68:f4:e0:94:68:aa:47:
73:b8:5b:6c:88:cd:ce:04:56:20:42:ba:c2:dd:83:
7d:e3:83:14:a1:06:0f:51:c4:d7:e9:95:1b:e8:87:
5c:7c:72:d3:aa:69:00:72:28:ae:c2:0d:ec:c4:f4:
db:d3:27:91:97:0e:45:17:a8:f5:68:77:31:fd:07:
72:c8:b6:88:1e:8b:3c:79:a1:77:77:67:cd:03:73:
e5:03:2e:69:71:3a:da:2c:77:92:9b:a3:91:69:72:
67:37:7d:60:00:32:68:2c:39:03:f0:0f:9f:d3:bf:
bb:b6:d4:a9:ce:f1:03:ef:16:62:b8:79:33:67:d8:
cc:64:83:2d:32:6e:ec:63:31:42:0b:6f:07:e5:45:
f0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:48:7F:14:58:45:34:71:0D:03:78:08:6D:88:5E:6D:05:6F:B8:13
X509v3 Authority Key Identifier:
keyid:82:B1:36:E6:82:0D:94:F0:3B:1C:5D:71:EE:E3:D4:B2:21:91:52:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grE25oINlPA7HF1x7uPUsiGRUo8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/jkh_FFhFNHENA3gIbYhebQVvuBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/grE25oINlPA7HF1x7uPUsiGRUo8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.168.0/21
45.93.228.0/22
91.210.76.0/22
185.37.32.0/22
Signature Algorithm: sha256WithRSAEncryption
27:d9:e1:31:b6:94:34:29:da:8b:8c:bc:58:2b:72:2d:8e:92:
35:53:9e:18:34:ac:f9:50:be:42:93:a6:ba:b9:9d:39:34:9c:
df:1e:cd:80:68:c2:05:86:61:37:f3:30:cf:d9:3c:74:24:b2:
12:26:67:2f:e4:f9:17:f2:e8:d7:65:27:0c:04:1a:c1:12:80:
e4:d6:93:ae:76:35:39:a3:41:e7:ec:b8:81:ee:a4:6d:4a:b7:
c9:6c:d7:a6:2d:58:09:c9:84:b2:39:4c:29:63:f6:1e:99:db:
04:23:03:07:4c:f2:dd:44:39:a4:06:92:8b:14:95:19:9c:eb:
c9:1c:94:76:27:3a:a6:8f:f9:e5:ac:1e:01:d2:d6:92:76:91:
3e:4b:f3:03:82:fa:34:db:ad:ca:ce:43:ad:43:55:d1:37:dc:
c5:34:69:2d:ee:4b:3d:a5:41:9c:5a:15:b9:4d:7a:96:f3:3b:
6b:06:03:e8:40:7d:79:fe:7a:bf:fa:b3:45:2a:5d:df:2f:40:
2c:b0:61:d9:58:85:e2:ce:b0:9a:07:cf:54:8f:c4:80:96:95:
e1:47:73:d5:32:89:b4:ae:ca:23:11:5b:81:05:44:2c:5e:5d:
44:08:a8:bf:98:e8:02:3a:91:ae:c7:0a:11:20:eb:60:26:72:
10:23:0d:29
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhsbJJAaOmCw6XoIdaC/wQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjEzNmU2ODIwZDk0ZjAzYjFjNWQ3MWVlZTNkNGIyMjE5
MTUyOGYwHhcNMjUwMTAxMTE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTQ4N2YxNDU4NDUzNDcxMGQwMzc4MDg2ZDg4NWU2ZDA1NmZiODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj0hC/jqcLfHEhy899lIDoTsL2Aj
UjQGhfEeCDEk3dCDNZLhMY+YgSZ+osebP4e+vp97g39LKscc1X+MgLtFyOFXieNq
KoK+w9KgA/RoYBvqdTYCKkDYluF7B0EFPljd8DHyNt7GOjDOkCvASEVqX2j04JRo
qkdzuFtsiM3OBFYgQrrC3YN944MUoQYPUcTX6ZUb6IdcfHLTqmkAciiuwg3sxPTb
0yeRlw5FF6j1aHcx/QdyyLaIHos8eaF3d2fNA3PlAy5pcTraLHeSm6ORaXJnN31g
ADJoLDkD8A+f07+7ttSpzvED7xZiuHkzZ9jMZIMtMm7sYzFCC28H5UXwvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI5IfxRYRTRxDQN4CG2IXm0Fb7gTMB8GA1UdIwQY
MBaAFIKxNuaCDZTwOxxdce7j1LIhkVKPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JFMjVvSU5sUEE3SEYxeDd1UFVzaUdSVW84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yMjExMmUtNGUxMy00M2QwLTllYjEt
MGRhM2NhYTkxNDI5LzEvamtoX0ZGaEZOSEVOQTNnSWJZaGViUVZ2dUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yMjExMmUtNGUxMy00M2QwLTllYjEtMGRhM2NhYTkxNDI5
LzEvZ3JFMjVvSU5sUEE3SEYxeDd1UFVzaUdSVW84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDH4OoAwQC
LV3kAwQCW9JMAwQCuSUgMA0GCSqGSIb3DQEBCwUAA4IBAQAn2eExtpQ0KdqLjLxY
K3ItjpI1U54YNKz5UL5Ck6a6uZ05NJzfHs2AaMIFhmE38zDP2Tx0JLISJmcv5PkX
8ujXZScMBBrBEoDk1pOudjU5o0Hn7LiB7qRtSrfJbNemLVgJyYSyOUwpY/YemdsE
IwMHTPLdRDmkBpKLFJUZnOvJHJR2Jzqmj/nlrB4B0taSdpE+S/MDgvo0263KzkOt
Q1XRN9zFNGkt7ks9pUGcWhW5TXqW8ztrBgPoQH15/nq/+rNFKl3fL0AssGHZWIXi
zrCaB89Uj8SAlpXhR3PVMom0rsojEVuBBUQsXl1ECKi/mOgCOpGuxwoRIOtgJnIQ
Iw0p
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:15:27 2025 by rpki-client