Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/b71d9f-f1da-400a-b485-04dbc9ac1444/1/kcWTfdAykr4V6or-J5DNrcGjkPY.roa
File: kcWTfdAykr4V6or-J5DNrcGjkPY.roa (raw, json)
Hash identifier: ogmpuXD/e22gpKD4xD0G9j8Nblm4BJXQE5obj3J5Qcg=
Subject key identifier: 91:C5:93:7D:D0:32:92:BE:15:EA:8A:FE:27:90:CD:AD:C1:A3:90:F6
Certificate issuer: /CN=ae8ed33b70be6cc20c89fbbac77a59ca3b4c0934
Certificate serial: 01942444E959AB4541790B764662020BA3C5
Authority key identifier: AE:8E:D3:3B:70:BE:6C:C2:0C:89:FB:BA:C7:7A:59:CA:3B:4C:09:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ro7TO3C-bMIMifu6x3pZyjtMCTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/b71d9f-f1da-400a-b485-04dbc9ac1444/1/kcWTfdAykr4V6or-J5DNrcGjkPY.roa
Signing time: Wed 01 Jan 2025 23:48:03 +0000
ROA not before: Wed 01 Jan 2025 23:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212451
IP address blocks: 178.213.48.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:e9:59:ab:45:41:79:0b:76:46:62:02:0b:a3:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae8ed33b70be6cc20c89fbbac77a59ca3b4c0934
Validity
Not Before: Jan 1 23:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91c5937dd03292be15ea8afe2790cdadc1a390f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0a:f8:65:6c:03:d2:ac:b8:f9:68:07:3f:8a:
69:23:1f:99:23:ac:cd:6a:b6:ea:29:69:59:1c:a7:
df:82:ef:dd:a2:42:74:42:15:5a:8a:a3:62:66:b7:
3f:1c:f1:27:24:1f:e3:68:3f:71:48:d0:95:fb:05:
58:60:8f:b2:b6:75:9d:80:73:19:66:15:73:e6:5e:
1b:0d:1a:1a:0c:60:79:17:7d:f2:a3:58:db:6e:2c:
0b:95:7f:22:f1:f4:af:29:5c:c7:04:a0:ef:6d:e1:
35:78:88:83:81:88:95:44:cd:bc:82:8d:28:5b:96:
de:33:b2:48:56:21:1d:0e:ce:72:75:63:15:41:fc:
27:e4:d5:9e:10:ce:0d:29:b8:5b:d1:a5:de:ca:a2:
f2:ee:11:17:b8:a1:30:b4:dc:16:e6:ed:5d:3e:b9:
ff:82:1c:dd:ec:2d:18:60:98:4f:87:2c:31:a4:2f:
b4:1c:f7:06:23:1a:26:72:b1:ec:66:e0:e6:8a:e7:
4a:bc:41:50:a5:60:da:2d:df:97:d0:5c:37:18:44:
55:d7:64:d8:1c:2d:99:b8:db:0a:6e:ea:3d:2f:f8:
51:60:4d:69:6c:a7:6d:f2:23:3e:a4:5c:67:46:42:
e4:2a:1e:8d:23:21:35:4f:77:d7:10:ac:35:71:59:
1c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C5:93:7D:D0:32:92:BE:15:EA:8A:FE:27:90:CD:AD:C1:A3:90:F6
X509v3 Authority Key Identifier:
keyid:AE:8E:D3:3B:70:BE:6C:C2:0C:89:FB:BA:C7:7A:59:CA:3B:4C:09:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ro7TO3C-bMIMifu6x3pZyjtMCTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b71d9f-f1da-400a-b485-04dbc9ac1444/1/kcWTfdAykr4V6or-J5DNrcGjkPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b71d9f-f1da-400a-b485-04dbc9ac1444/1/ro7TO3C-bMIMifu6x3pZyjtMCTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.213.48.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:67:b4:aa:3b:f0:df:00:69:c0:f3:51:0f:0b:02:84:f8:c7:
7b:9c:10:1f:25:87:a0:d7:cb:0d:c5:75:86:5b:8e:0b:b4:0e:
93:e1:eb:4e:4a:f9:62:50:85:80:5b:df:fa:40:6a:f2:56:bf:
76:5b:3c:46:32:6d:04:09:0b:2f:80:c2:48:c3:01:7b:da:d2:
c1:7f:aa:51:96:02:be:bb:0e:4c:86:9a:9d:5f:34:5d:83:51:
82:8d:35:d3:e1:2d:b9:9f:50:40:98:21:c8:f9:62:d5:53:91:
fd:38:91:ad:d6:80:22:18:7c:e5:bb:ce:41:48:7a:11:cc:0a:
27:44:b6:7d:bd:fd:1f:21:49:f7:b3:b9:e2:44:74:06:e3:eb:
08:1f:a5:82:ca:02:50:cb:67:4b:2f:cb:46:56:3f:d3:ae:e9:
d6:ac:33:37:06:18:b6:02:f2:ca:0f:60:60:6c:d0:5e:d4:4e:
84:47:ac:c1:55:f1:72:b8:93:33:75:1a:59:33:76:c5:e2:b6:
5f:10:05:73:aa:b0:11:26:63:3a:cf:03:53:5d:b6:93:01:f1:
da:cb:a9:8f:6f:8a:7e:7e:10:0e:a4:fd:16:81:9a:f1:0e:dc:
0e:06:b8:4a:20:bc:06:b5:f6:86:c5:ee:0d:21:8f:45:fb:52:
72:a4:03:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkROlZq0VBeQt2RmICC6PFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlOGVkMzNiNzBiZTZjYzIwYzg5ZmJiYWM3N2E1OWNhM2I0
YzA5MzQwHhcNMjUwMTAxMjM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWM1OTM3ZGQwMzI5MmJlMTVlYThhZmUyNzkwY2RhZGMxYTM5MGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAr4ZWwD0qy4+WgHP4ppIx+ZI6zN
arbqKWlZHKffgu/dokJ0QhVaiqNiZrc/HPEnJB/jaD9xSNCV+wVYYI+ytnWdgHMZ
ZhVz5l4bDRoaDGB5F33yo1jbbiwLlX8i8fSvKVzHBKDvbeE1eIiDgYiVRM28go0o
W5beM7JIViEdDs5ydWMVQfwn5NWeEM4NKbhb0aXeyqLy7hEXuKEwtNwW5u1dPrn/
ghzd7C0YYJhPhywxpC+0HPcGIxomcrHsZuDmiudKvEFQpWDaLd+X0Fw3GERV12TY
HC2ZuNsKbuo9L/hRYE1pbKdt8iM+pFxnRkLkKh6NIyE1T3fXEKw1cVkcUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHFk33QMpK+FeqK/ieQza3Bo5D2MB8GA1UdIwQY
MBaAFK6O0ztwvmzCDIn7usd6Wco7TAk0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm83VE8zQy1iTUlNaWZ1NngzcFp5anRNQ1RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9iNzFkOWYtZjFkYS00MDBhLWI0ODUt
MDRkYmM5YWMxNDQ0LzEva2NXVGZkQXlrcjRWNm9yLUo1RE5yY0dqa1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9iNzFkOWYtZjFkYS00MDBhLWI0ODUtMDRkYmM5YWMxNDQ0
LzEvcm83VE8zQy1iTUlNaWZ1NngzcFp5anRNQ1RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDstUwMA0G
CSqGSIb3DQEBCwUAA4IBAQBvZ7SqO/DfAGnA81EPCwKE+Md7nBAfJYeg18sNxXWG
W44LtA6T4etOSvliUIWAW9/6QGryVr92WzxGMm0ECQsvgMJIwwF72tLBf6pRlgK+
uw5MhpqdXzRdg1GCjTXT4S25n1BAmCHI+WLVU5H9OJGt1oAiGHzlu85BSHoRzAon
RLZ9vf0fIUn3s7niRHQG4+sIH6WCygJQy2dLL8tGVj/TrunWrDM3Bhi2AvLKD2Bg
bNBe1E6ER6zBVfFyuJMzdRpZM3bF4rZfEAVzqrARJmM6zwNTXbaTAfHay6mPb4p+
fhAOpP0WgZrxDtwOBrhKILwGtfaGxe4NIY9F+1JypAPW
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:07:19 2025 by rpki-client