Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/5e43b0-8f0e-469c-b9b9-86f5d0a11949/1/kjwnML0mSPBrVonITqtrTUWVW-U.roa
File: kjwnML0mSPBrVonITqtrTUWVW-U.roa (raw, json)
Hash identifier: +gir3l/WZlaa1zrGjWAyGJFwWfxqHFLzZc0IFiaqV1o=
Subject key identifier: 92:3C:27:30:BD:26:48:F0:6B:56:89:C8:4E:AB:6B:4D:45:95:5B:E5
Certificate issuer: /CN=4bea1b1297dbc3f4b81d910c2476ec81fc3e969b
Certificate serial: 01941F8C18A33EB66ECE7B403B59FC1BD170
Authority key identifier: 4B:EA:1B:12:97:DB:C3:F4:B8:1D:91:0C:24:76:EC:81:FC:3E:96:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-obEpfbw_S4HZEMJHbsgfw-lps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/5e43b0-8f0e-469c-b9b9-86f5d0a11949/1/kjwnML0mSPBrVonITqtrTUWVW-U.roa
Signing time: Wed 01 Jan 2025 01:47:42 +0000
ROA not before: Wed 01 Jan 2025 01:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198167
IP address blocks: 185.138.220.0/23 maxlen: 23
185.138.222.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:18:a3:3e:b6:6e:ce:7b:40:3b:59:fc:1b:d1:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bea1b1297dbc3f4b81d910c2476ec81fc3e969b
Validity
Not Before: Jan 1 01:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=923c2730bd2648f06b5689c84eab6b4d45955be5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:74:08:30:6e:16:73:7c:b8:a8:b2:5f:a5:cc:
5a:68:d9:55:bc:e4:18:60:d0:5a:23:3b:ab:a2:5a:
15:5b:99:9d:fa:16:fd:2f:6a:33:51:3a:80:79:05:
20:03:84:c3:3a:9e:8d:ee:d0:4d:c1:e5:94:b9:e7:
50:93:1a:e9:33:51:a4:a5:f4:37:08:47:40:ff:0c:
e2:dd:9f:42:e2:3f:8f:7f:7e:ee:c6:de:01:5a:be:
06:52:59:3d:2d:b4:52:05:b9:27:bd:06:ee:e1:bb:
72:7c:ac:16:46:f4:46:06:54:33:f3:50:0a:cd:1c:
13:5d:e5:5d:da:54:e2:87:22:10:da:3d:94:2e:b6:
2c:db:bf:a3:cf:5f:32:3b:07:e3:31:11:06:35:97:
99:0d:cc:92:be:90:1c:74:aa:d3:9e:29:f6:57:0b:
12:bb:38:7a:16:21:2e:4b:88:76:c8:0d:e2:b7:72:
35:86:93:82:b2:78:a1:44:50:35:59:61:70:36:a2:
2d:72:93:ae:68:32:3f:55:36:a7:81:e6:d7:8c:32:
af:81:42:ef:49:73:68:2d:bc:11:50:98:d4:ca:20:
58:78:94:f9:6d:f9:2c:3c:9f:bf:c5:d6:0d:d2:90:
08:f0:fe:15:ae:da:84:ea:fc:29:6c:82:56:79:a8:
76:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:3C:27:30:BD:26:48:F0:6B:56:89:C8:4E:AB:6B:4D:45:95:5B:E5
X509v3 Authority Key Identifier:
keyid:4B:EA:1B:12:97:DB:C3:F4:B8:1D:91:0C:24:76:EC:81:FC:3E:96:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-obEpfbw_S4HZEMJHbsgfw-lps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5e43b0-8f0e-469c-b9b9-86f5d0a11949/1/kjwnML0mSPBrVonITqtrTUWVW-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5e43b0-8f0e-469c-b9b9-86f5d0a11949/1/S-obEpfbw_S4HZEMJHbsgfw-lps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.220.0/22
Signature Algorithm: sha256WithRSAEncryption
00:b9:d0:00:95:cf:53:c5:6c:bf:43:3f:5c:49:05:b6:8f:e1:
74:14:e7:54:36:66:67:44:97:0f:b6:5f:fd:c7:6a:ca:db:48:
ae:8a:88:0b:e3:15:0c:ec:04:32:22:a4:21:0c:a7:c9:87:29:
e2:c2:cd:f7:d5:64:0f:c0:c5:26:27:fa:33:aa:a4:07:81:30:
c0:f5:f0:4d:bd:38:5d:47:1a:cf:7f:11:cc:09:0c:34:fb:a3:
d1:91:9b:d8:8b:d8:83:ab:50:ab:58:69:6b:d9:28:f3:22:b6:
a8:f7:82:50:ac:d6:b3:b9:db:38:65:b0:a1:ee:ac:34:5a:de:
37:b4:7a:e6:ba:a9:e6:47:c2:c0:84:42:22:83:2e:88:f7:1e:
bd:5e:cc:d5:04:cd:83:59:99:c4:d0:24:41:fd:31:72:ba:13:
24:b6:81:d2:c9:a2:84:76:a3:9d:cb:27:a4:39:4a:24:db:0f:
ae:6f:de:c2:4d:3c:7d:26:16:bb:d0:4c:8e:da:ba:0f:7f:c4:
83:03:26:4f:bf:d4:c7:36:7d:ae:22:c2:13:13:14:1f:82:24:
e4:0b:21:c2:5a:4e:ac:46:cd:9b:17:80:bc:2d:de:73:77:3c:
cc:50:5e:4d:2e:ed:21:ad:58:6c:f6:c1:da:ee:d8:95:3b:71:
6a:38:a3:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjBijPrZuzntAO1n8G9FwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZWExYjEyOTdkYmMzZjRiODFkOTEwYzI0NzZlYzgxZmMz
ZTk2OWIwHhcNMjUwMTAxMDE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjNjMjczMGJkMjY0OGYwNmI1Njg5Yzg0ZWFiNmI0ZDQ1OTU1YmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHQIMG4Wc3y4qLJfpcxaaNlVvOQY
YNBaIzuroloVW5md+hb9L2ozUTqAeQUgA4TDOp6N7tBNweWUuedQkxrpM1GkpfQ3
CEdA/wzi3Z9C4j+Pf37uxt4BWr4GUlk9LbRSBbknvQbu4btyfKwWRvRGBlQz81AK
zRwTXeVd2lTihyIQ2j2ULrYs27+jz18yOwfjMREGNZeZDcySvpAcdKrTnin2VwsS
uzh6FiEuS4h2yA3it3I1hpOCsnihRFA1WWFwNqItcpOuaDI/VTangebXjDKvgULv
SXNoLbwRUJjUyiBYeJT5bfksPJ+/xdYN0pAI8P4VrtqE6vwpbIJWeah2kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJI8JzC9Jkjwa1aJyE6ra01FlVvlMB8GA1UdIwQY
MBaAFEvqGxKX28P0uB2RDCR27IH8PpabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy1vYkVwZmJ3X1M0SFpFTUpIYnNnZnctbHBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81ZTQzYjAtOGYwZS00NjljLWI5Yjkt
ODZmNWQwYTExOTQ5LzEva2p3bk1MMG1TUEJyVm9uSVRxdHJUVVdWVy1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81ZTQzYjAtOGYwZS00NjljLWI5YjktODZmNWQwYTExOTQ5
LzEvUy1vYkVwZmJ3X1M0SFpFTUpIYnNnZnctbHBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYrcMA0G
CSqGSIb3DQEBCwUAA4IBAQAAudAAlc9TxWy/Qz9cSQW2j+F0FOdUNmZnRJcPtl/9
x2rK20iuiogL4xUM7AQyIqQhDKfJhyniws331WQPwMUmJ/ozqqQHgTDA9fBNvThd
RxrPfxHMCQw0+6PRkZvYi9iDq1CrWGlr2SjzIrao94JQrNazuds4ZbCh7qw0Wt43
tHrmuqnmR8LAhEIigy6I9x69XszVBM2DWZnE0CRB/TFyuhMktoHSyaKEdqOdyyek
OUok2w+ub97CTTx9Jha70EyO2roPf8SDAyZPv9THNn2uIsITExQfgiTkCyHCWk6s
Rs2bF4C8Ld5zdzzMUF5NLu0hrVhs9sHa7tiVO3FqOKOS
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:22:40 2025 by rpki-client