Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/KhBBIepWkUpug0B64mqgsDLFPZc.roa
File: KhBBIepWkUpug0B64mqgsDLFPZc.roa (raw, json)
Hash identifier: NekHITh7qbvUL5cT5x1+6spbZNG/DddMxPVXVZ3dQb8=
Subject key identifier: 2A:10:41:21:EA:56:91:4A:6E:83:40:7A:E2:6A:A0:B0:32:C5:3D:97
Certificate issuer: /CN=881ab180cb3517186221b3999b08b83af4f66945
Certificate serial: 019425216791A7F6D657A98E2B58CDD904D0
Authority key identifier: 88:1A:B1:80:CB:35:17:18:62:21:B3:99:9B:08:B8:3A:F4:F6:69:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBqxgMs1FxhiIbOZmwi4OvT2aUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/KhBBIepWkUpug0B64mqgsDLFPZc.roa
Signing time: Thu 02 Jan 2025 03:48:53 +0000
ROA not before: Thu 02 Jan 2025 03:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215742
IP address blocks: 91.211.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:67:91:a7:f6:d6:57:a9:8e:2b:58:cd:d9:04:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881ab180cb3517186221b3999b08b83af4f66945
Validity
Not Before: Jan 2 03:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a104121ea56914a6e83407ae26aa0b032c53d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6c:a0:56:fc:b6:dc:0f:f8:29:c8:c0:da:df:
49:1a:b6:8c:78:70:48:61:de:cf:05:5d:5f:20:2c:
c5:fd:27:26:46:a4:cd:26:82:c2:0c:fa:0d:5b:1e:
c6:27:8b:7f:92:69:72:a1:2b:3e:92:e2:68:15:70:
8d:f2:60:98:e9:91:31:de:57:cc:98:5f:49:42:87:
40:86:5e:02:e1:e3:de:50:a6:02:a4:11:18:73:a0:
b4:b3:51:df:6f:c8:fc:16:8f:b4:23:c6:b7:38:7c:
2b:55:27:ec:41:2c:1d:06:59:ca:f3:1a:b1:eb:76:
d8:2b:34:e9:b2:dd:9e:61:1f:1d:f0:47:28:65:81:
53:39:86:54:d4:c1:34:9c:1e:c2:d1:d3:95:72:1f:
d8:49:e4:6c:aa:a8:7c:04:7f:29:4b:85:74:1f:a2:
79:23:d6:64:b0:c3:1e:e9:1c:22:8b:cb:0d:57:d2:
44:08:99:68:7b:8b:b0:4d:d1:4e:14:a4:38:65:ae:
50:23:14:05:75:21:9a:81:d9:b0:c1:81:83:48:8e:
aa:3c:c7:d3:01:b9:0b:98:61:e9:49:96:7f:55:d0:
5b:4f:cf:ff:57:48:85:f4:78:d2:59:a0:e7:c6:d2:
20:94:3f:27:10:54:c1:06:33:56:75:d7:f1:d9:d5:
d3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:10:41:21:EA:56:91:4A:6E:83:40:7A:E2:6A:A0:B0:32:C5:3D:97
X509v3 Authority Key Identifier:
keyid:88:1A:B1:80:CB:35:17:18:62:21:B3:99:9B:08:B8:3A:F4:F6:69:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBqxgMs1FxhiIbOZmwi4OvT2aUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/KhBBIepWkUpug0B64mqgsDLFPZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/iBqxgMs1FxhiIbOZmwi4OvT2aUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.85.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:a4:56:fb:35:4a:a6:95:06:96:a8:fd:c7:b0:75:14:fe:6e:
ed:71:f4:2b:6f:f9:a1:1b:ef:8b:d6:75:ee:f2:46:e3:f8:74:
31:ff:58:a6:1a:e8:cf:09:af:7c:07:c9:10:81:b9:f7:ce:08:
d0:e8:63:5f:42:41:b4:1e:02:d2:5a:17:5c:9b:fc:f2:62:60:
3c:5b:60:6e:16:21:52:7c:a0:5a:cd:9f:f6:d0:a6:d1:d6:bd:
6e:fa:1d:48:15:62:e2:a1:67:d2:f6:ae:94:3b:77:7f:29:16:
ca:b1:38:94:cc:81:95:60:18:3a:1c:47:b5:f7:07:9d:db:1e:
c2:41:cd:c7:ee:cb:f8:e8:e4:71:6b:d9:ef:52:2d:33:b6:d6:
3a:80:01:06:85:8e:7b:bd:ad:28:f9:f7:bc:e1:c4:2b:e9:fc:
a6:c9:e2:a1:ff:65:58:52:41:ba:ec:dc:15:1e:c3:bd:a5:e8:
48:82:cc:ac:ff:3e:3b:ce:13:62:23:0b:51:43:58:a2:2a:7c:
1f:09:68:c3:e5:af:b4:70:2f:a9:49:78:b6:65:6e:da:8d:e4:
e7:4f:36:9d:89:7b:9f:fc:7d:47:94:c5:33:d9:ab:52:84:45:
ce:94:f5:fd:17:6c:83:77:26:69:b7:fe:a2:de:8b:59:33:23:
31:0b:eb:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIWeRp/bWV6mOK1jN2QTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MWFiMTgwY2IzNTE3MTg2MjIxYjM5OTliMDhiODNhZjRm
NjY5NDUwHhcNMjUwMTAyMDM0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTEwNDEyMWVhNTY5MTRhNmU4MzQwN2FlMjZhYTBiMDMyYzUzZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmygVvy23A/4KcjA2t9JGraMeHBI
Yd7PBV1fICzF/ScmRqTNJoLCDPoNWx7GJ4t/kmlyoSs+kuJoFXCN8mCY6ZEx3lfM
mF9JQodAhl4C4ePeUKYCpBEYc6C0s1Hfb8j8Fo+0I8a3OHwrVSfsQSwdBlnK8xqx
63bYKzTpst2eYR8d8EcoZYFTOYZU1ME0nB7C0dOVch/YSeRsqqh8BH8pS4V0H6J5
I9ZksMMe6Rwii8sNV9JECJloe4uwTdFOFKQ4Za5QIxQFdSGagdmwwYGDSI6qPMfT
AbkLmGHpSZZ/VdBbT8//V0iF9HjSWaDnxtIglD8nEFTBBjNWddfx2dXTNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoQQSHqVpFKboNAeuJqoLAyxT2XMB8GA1UdIwQY
MBaAFIgasYDLNRcYYiGzmZsIuDr09mlFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJxeGdNczFGeGhpSWJPWm13aTRPdlQyYVVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jN2Y2MDEtM2ZhMi00ZGI2LWEwM2Qt
M2E2M2JmNzYzMGY1LzEvS2hCQkllcFdrVXB1ZzBCNjRtcWdzRExGUFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9jN2Y2MDEtM2ZhMi00ZGI2LWEwM2QtM2E2M2JmNzYzMGY1
LzEvaUJxeGdNczFGeGhpSWJPWm13aTRPdlQyYVVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9NVMA0G
CSqGSIb3DQEBCwUAA4IBAQBNpFb7NUqmlQaWqP3HsHUU/m7tcfQrb/mhG++L1nXu
8kbj+HQx/1imGujPCa98B8kQgbn3zgjQ6GNfQkG0HgLSWhdcm/zyYmA8W2BuFiFS
fKBazZ/20KbR1r1u+h1IFWLioWfS9q6UO3d/KRbKsTiUzIGVYBg6HEe19wed2x7C
Qc3H7sv46ORxa9nvUi0zttY6gAEGhY57va0o+fe84cQr6fymyeKh/2VYUkG67NwV
HsO9pehIgsys/z47zhNiIwtRQ1iiKnwfCWjD5a+0cC+pSXi2ZW7ajeTnTzadiXuf
/H1HlMUz2atShEXOlPX9F2yDdyZpt/6i3otZMyMxC+t4
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:52:21 2025 by rpki-client