Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/KfO5I4Cw1MaFsOF7zxOfQ4tIIJA.roa
File: KfO5I4Cw1MaFsOF7zxOfQ4tIIJA.roa (raw, json)
Hash identifier: 4CuGd2v/2n5Lf/n++Esai12zLsblsU9sM0Lw5FSyTzA=
Subject key identifier: 29:F3:B9:23:80:B0:D4:C6:85:B0:E1:7B:CF:13:9F:43:8B:48:20:90
Certificate issuer: /CN=6a17de1887fcfa9244b931d96da82678c0147663
Certificate serial: 0194258F5DDDE3F8437B0DDFBCB50058F2D9
Authority key identifier: 6A:17:DE:18:87:FC:FA:92:44:B9:31:D9:6D:A8:26:78:C0:14:76:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ahfeGIf8-pJEuTHZbagmeMAUdmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/KfO5I4Cw1MaFsOF7zxOfQ4tIIJA.roa
Signing time: Thu 02 Jan 2025 05:49:00 +0000
ROA not before: Thu 02 Jan 2025 05:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35361
IP address blocks: 85.119.88.0/21 maxlen: 21
89.239.0.0/19 maxlen: 19
2a02:4000::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:5d:dd:e3:f8:43:7b:0d:df:bc:b5:00:58:f2:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a17de1887fcfa9244b931d96da82678c0147663
Validity
Not Before: Jan 2 05:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29f3b92380b0d4c685b0e17bcf139f438b482090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e7:8c:54:e7:16:94:2e:5a:53:48:36:fd:b8:
b4:2b:b1:19:de:73:14:76:af:2c:c8:52:fd:bb:6f:
ba:e8:4b:fb:1b:15:7a:47:da:3d:b4:1a:d1:50:38:
81:34:53:8d:ae:36:a1:ed:b5:26:ef:db:0e:dc:ae:
05:02:bb:e7:a9:47:19:6c:60:94:ed:6c:53:00:0c:
39:ca:4c:98:45:5e:57:0b:40:82:f3:df:fe:f5:e5:
ec:41:26:b7:aa:03:53:c8:b3:b0:a1:25:6c:05:b1:
10:db:ba:96:1c:79:76:68:f9:59:dc:36:a0:bf:a9:
d7:b6:49:0e:12:64:50:ea:13:bb:d6:af:4c:25:8d:
cf:55:55:d3:2b:c5:44:10:48:58:a7:38:de:6b:df:
f2:1d:b8:83:38:3e:91:08:d9:e3:b4:71:eb:db:3c:
df:cf:f5:bc:fe:1f:88:d1:ec:43:8d:d5:58:da:4f:
c5:fa:6f:e0:13:ff:b5:cf:32:bc:59:40:b5:3a:4e:
00:7c:21:52:37:69:5b:9a:8e:f4:f5:d2:f3:fa:0a:
39:27:91:b0:62:7e:ed:47:36:fd:e8:24:f5:e3:80:
a6:f6:28:17:f6:d5:52:4b:cb:25:c6:be:bb:b7:64:
88:25:51:1f:d4:fa:a9:17:ae:5f:24:25:53:c4:88:
f7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F3:B9:23:80:B0:D4:C6:85:B0:E1:7B:CF:13:9F:43:8B:48:20:90
X509v3 Authority Key Identifier:
keyid:6A:17:DE:18:87:FC:FA:92:44:B9:31:D9:6D:A8:26:78:C0:14:76:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ahfeGIf8-pJEuTHZbagmeMAUdmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/KfO5I4Cw1MaFsOF7zxOfQ4tIIJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/ahfeGIf8-pJEuTHZbagmeMAUdmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.88.0/21
89.239.0.0/19
IPv6:
2a02:4000::/32
Signature Algorithm: sha256WithRSAEncryption
6c:60:f9:97:4c:a6:ac:fa:16:fa:77:8d:1d:8e:2e:dd:b7:df:
a5:6e:78:2b:e1:51:d3:e2:db:39:26:a1:b2:98:8e:96:01:1a:
27:18:97:0f:0b:03:c1:a2:5d:76:63:1e:09:a1:86:7c:b4:d8:
7e:5d:ed:ac:92:97:6b:4d:6d:dd:7c:a4:ce:ad:d9:2f:ee:30:
c2:03:fa:f7:0d:5b:89:c3:84:16:5e:ea:f7:82:7a:ab:a1:d1:
62:35:d1:1b:6b:a5:4e:8e:f4:1e:60:92:c8:b1:1f:12:9c:ea:
60:2d:82:87:f0:37:3a:35:27:29:e2:d9:05:fa:e0:c2:81:15:
09:08:52:03:db:32:59:d3:1a:c9:90:38:36:78:24:9d:e7:5a:
ab:b9:c9:7b:a3:88:10:1d:01:55:98:c1:47:01:ed:63:86:30:
fc:95:0b:27:71:06:29:94:9e:64:2c:b9:83:6c:47:17:e0:8f:
56:18:d0:9d:1e:82:70:d6:c5:42:6d:72:c2:fb:98:b2:27:94:
5e:b8:75:0b:03:dd:c9:6c:f4:ae:8f:84:7b:94:16:48:ae:bb:
ae:15:86:36:ff:99:17:c0:f7:ae:5a:a5:fd:50:10:d7:fd:22:
59:5a:96:86:c2:24:28:11:14:b0:e6:6a:84:5f:24:e2:4d:33:
56:86:eb:98
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlj13d4/hDew3fvLUAWPLZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMTdkZTE4ODdmY2ZhOTI0NGI5MzFkOTZkYTgyNjc4YzAx
NDc2NjMwHhcNMjUwMTAyMDU0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWYzYjkyMzgwYjBkNGM2ODViMGUxN2JjZjEzOWY0MzhiNDgyMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2eeMVOcWlC5aU0g2/bi0K7EZ3nMU
dq8syFL9u2+66Ev7GxV6R9o9tBrRUDiBNFONrjah7bUm79sO3K4FArvnqUcZbGCU
7WxTAAw5ykyYRV5XC0CC89/+9eXsQSa3qgNTyLOwoSVsBbEQ27qWHHl2aPlZ3Dag
v6nXtkkOEmRQ6hO71q9MJY3PVVXTK8VEEEhYpzjea9/yHbiDOD6RCNnjtHHr2zzf
z/W8/h+I0exDjdVY2k/F+m/gE/+1zzK8WUC1Ok4AfCFSN2lbmo709dLz+go5J5Gw
Yn7tRzb96CT144Cm9igX9tVSS8slxr67t2SIJVEf1PqpF65fJCVTxIj3EQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCnzuSOAsNTGhbDhe88Tn0OLSCCQMB8GA1UdIwQY
MBaAFGoX3hiH/PqSRLkx2W2oJnjAFHZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWhmZUdJZjgtcEpFdVRIWmJhZ21lTUFVZG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lYzI1YmQtMjE5ZS00ZDAyLWE1MzIt
MDc5OWE1MmE2Mzg3LzEvS2ZPNUk0Q3cxTWFGc09GN3p4T2ZRNHRJSUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lYzI1YmQtMjE5ZS00ZDAyLWE1MzItMDc5OWE1MmE2Mzg3
LzEvYWhmZUdJZjgtcEpFdVRIWmJhZ21lTUFVZG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDVXdYAwQF
We8AMA0EAgACMAcDBQAqAkAAMA0GCSqGSIb3DQEBCwUAA4IBAQBsYPmXTKas+hb6
d40dji7dt9+lbngr4VHT4ts5JqGymI6WARonGJcPCwPBol12Yx4JoYZ8tNh+Xe2s
kpdrTW3dfKTOrdkv7jDCA/r3DVuJw4QWXur3gnqrodFiNdEba6VOjvQeYJLIsR8S
nOpgLYKH8Dc6NScp4tkF+uDCgRUJCFID2zJZ0xrJkDg2eCSd51qrucl7o4gQHQFV
mMFHAe1jhjD8lQsncQYplJ5kLLmDbEcX4I9WGNCdHoJw1sVCbXLC+5iyJ5ReuHUL
A93JbPSuj4R7lBZIrruuFYY2/5kXwPeuWqX9UBDX/SJZWpaGwiQoERSw5mqEXyTi
TTNWhuuY
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:56:29 2025 by rpki-client