Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/Kt2ksaxPkIjtDoeyg1P8yernNDc.roa
File: Kt2ksaxPkIjtDoeyg1P8yernNDc.roa (raw, json)
Hash identifier: wfAd3vob2ra8znve71igmwtD5TyA3SG1S1RzxivWZj8=
Subject key identifier: 2A:DD:A4:B1:AC:4F:90:88:ED:0E:87:B2:83:53:FC:C9:EA:E7:34:37
Certificate issuer: /CN=8f137200c9ea1560a3f42fd7e100ed28411416bc
Certificate serial: 019422FB90C57C2D5DD1342C4CDFDF645276
Authority key identifier: 8F:13:72:00:C9:EA:15:60:A3:F4:2F:D7:E1:00:ED:28:41:14:16:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jxNyAMnqFWCj9C_X4QDtKEEUFrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/Kt2ksaxPkIjtDoeyg1P8yernNDc.roa
Signing time: Wed 01 Jan 2025 17:48:19 +0000
ROA not before: Wed 01 Jan 2025 17:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199114
IP address blocks: 91.198.18.0/24 maxlen: 24
194.37.84.0/24 maxlen: 24
194.37.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:90:c5:7c:2d:5d:d1:34:2c:4c:df:df:64:52:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f137200c9ea1560a3f42fd7e100ed28411416bc
Validity
Not Before: Jan 1 17:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2adda4b1ac4f9088ed0e87b28353fcc9eae73437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:86:68:c8:7e:b1:da:13:2b:98:1b:bc:f3:17:
4a:63:f0:1d:f4:7a:1c:bf:e0:7d:4e:87:6c:5c:50:
31:c6:1f:6d:69:b4:84:d3:1a:d7:3d:31:cf:40:37:
00:c3:c3:04:84:0a:8e:39:17:af:5e:11:73:d4:e7:
d8:07:ef:27:45:ac:33:e7:0e:4e:80:0b:80:2c:99:
c1:ab:b5:45:6d:16:36:d1:d4:8d:b2:3b:a8:f2:b9:
7f:eb:10:f1:3a:3d:38:d2:06:15:12:e2:d9:ac:20:
4f:29:9a:c7:e8:c1:c5:31:07:59:b1:74:8f:89:f1:
9c:c7:b6:a8:15:b2:2f:e8:c3:20:9d:6a:96:92:53:
ce:df:fd:53:12:dc:55:10:11:5e:b1:d9:d9:02:5a:
cd:f3:2e:20:e7:b1:6e:5c:68:24:6f:0b:4b:43:49:
0a:4d:f5:ba:9e:97:b2:a2:67:6c:63:5b:55:af:7e:
df:24:98:c5:40:e6:20:7b:f8:eb:40:b7:53:ed:4c:
73:35:b6:c8:b0:74:6d:f3:9b:23:6c:93:98:18:b2:
15:57:e5:d5:d0:04:33:73:d7:bf:e3:e7:6a:4b:00:
4d:8b:51:dd:41:46:ea:b0:19:ae:fb:fd:2b:db:8f:
c8:f1:6c:d0:03:bf:51:82:69:9c:4f:e0:4f:35:52:
b2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DD:A4:B1:AC:4F:90:88:ED:0E:87:B2:83:53:FC:C9:EA:E7:34:37
X509v3 Authority Key Identifier:
keyid:8F:13:72:00:C9:EA:15:60:A3:F4:2F:D7:E1:00:ED:28:41:14:16:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxNyAMnqFWCj9C_X4QDtKEEUFrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/Kt2ksaxPkIjtDoeyg1P8yernNDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/jxNyAMnqFWCj9C_X4QDtKEEUFrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.18.0/24
194.37.84.0/24
194.37.86.0/24
Signature Algorithm: sha256WithRSAEncryption
72:8f:6d:ef:35:3b:b1:a2:f1:6a:b4:4f:e3:b9:3f:a3:6d:ca:
62:25:5c:73:5a:a6:f7:67:10:93:16:44:2b:8d:2f:2d:e8:28:
b6:cc:ae:f5:19:43:07:6c:55:0a:45:65:cf:65:db:46:e3:37:
b2:89:73:0e:3d:04:3d:4f:20:39:2b:aa:a1:07:0c:c3:59:bd:
ce:af:d8:2e:c7:f2:b5:39:77:a0:3b:07:db:d1:5e:5d:b7:ee:
3d:f6:70:ab:c1:88:79:08:cb:49:cf:84:70:cd:79:96:11:fd:
94:6c:89:96:9a:27:20:14:60:82:34:9d:08:bb:3d:e7:9b:ee:
99:12:c9:d8:fe:fe:5e:77:33:87:fe:66:24:2c:36:7a:c9:fc:
26:4c:13:0b:bb:12:01:6f:c9:5c:5f:07:ff:ec:36:15:c3:09:
10:4d:e3:69:f6:a2:d4:a0:d1:dc:34:4e:c6:5a:25:bd:5d:5e:
ec:46:a4:33:04:54:73:1b:2e:2c:10:a5:5b:60:22:b4:02:a5:
9f:ac:5f:5d:fc:b0:7d:32:a4:4e:87:1f:ba:00:f2:41:a3:26:
d0:e9:c9:86:77:a2:d7:b0:13:03:0f:40:53:46:92:0f:7f:10:
8e:7f:55:1a:6a:1c:4b:91:f6:8d:b1:cb:b8:ed:3d:e2:84:08:
e1:b0:40:c3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi+5DFfC1d0TQsTN/fZFJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMTM3MjAwYzllYTE1NjBhM2Y0MmZkN2UxMDBlZDI4NDEx
NDE2YmMwHhcNMjUwMTAxMTc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWRkYTRiMWFjNGY5MDg4ZWQwZTg3YjI4MzUzZmNjOWVhZTczNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIZoyH6x2hMrmBu88xdKY/Ad9Hoc
v+B9TodsXFAxxh9tabSE0xrXPTHPQDcAw8MEhAqOORevXhFz1OfYB+8nRawz5w5O
gAuALJnBq7VFbRY20dSNsjuo8rl/6xDxOj040gYVEuLZrCBPKZrH6MHFMQdZsXSP
ifGcx7aoFbIv6MMgnWqWklPO3/1TEtxVEBFesdnZAlrN8y4g57FuXGgkbwtLQ0kK
TfW6npeyomdsY1tVr37fJJjFQOYge/jrQLdT7UxzNbbIsHRt85sjbJOYGLIVV+XV
0AQzc9e/4+dqSwBNi1HdQUbqsBmu+/0r24/I8WzQA79RgmmcT+BPNVKymwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCrdpLGsT5CI7Q6HsoNT/Mnq5zQ3MB8GA1UdIwQY
MBaAFI8TcgDJ6hVgo/Qv1+EA7ShBFBa8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanhOeUFNbnFGV0NqOUNfWDRRRHRLRUVVRnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kZGJiYWItNWVkYy00YTE0LWIwZTct
ZWI4MDIyMWU1MzhkLzEvS3Qya3NheFBrSWp0RG9leWcxUDh5ZXJuTkRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kZGJiYWItNWVkYy00YTE0LWIwZTctZWI4MDIyMWU1Mzhk
LzEvanhOeUFNbnFGV0NqOUNfWDRRRHRLRUVVRnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8YSAwQA
wiVUAwQAwiVWMA0GCSqGSIb3DQEBCwUAA4IBAQByj23vNTuxovFqtE/juT+jbcpi
JVxzWqb3ZxCTFkQrjS8t6Ci2zK71GUMHbFUKRWXPZdtG4zeyiXMOPQQ9TyA5K6qh
BwzDWb3Or9gux/K1OXegOwfb0V5dt+499nCrwYh5CMtJz4RwzXmWEf2UbImWmicg
FGCCNJ0Iuz3nm+6ZEsnY/v5edzOH/mYkLDZ6yfwmTBMLuxIBb8lcXwf/7DYVwwkQ
TeNp9qLUoNHcNE7GWiW9XV7sRqQzBFRzGy4sEKVbYCK0AqWfrF9d/LB9MqROhx+6
APJBoybQ6cmGd6LXsBMDD0BTRpIPfxCOf1UaahxLkfaNscu47T3ihAjhsEDD
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:44:48 2025 by rpki-client