Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/kIbghkBOfoXjY46mtdWaD6ECFzI.roa
File: kIbghkBOfoXjY46mtdWaD6ECFzI.roa (raw, json)
Hash identifier: 0pGxzPrydHhKJZ3AyBjYXBgg0KwtH0VaWuahmKMYYJY=
Subject key identifier: 90:86:E0:86:40:4E:7E:85:E3:63:8E:A6:B5:D5:9A:0F:A1:02:17:32
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 019422201224135B4564539EF7346079A342
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/kIbghkBOfoXjY46mtdWaD6ECFzI.roa
Signing time: Wed 01 Jan 2025 13:48:34 +0000
ROA not before: Wed 01 Jan 2025 13:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4787
IP address blocks: 148.253.254.0/24 maxlen: 24
148.253.255.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:12:24:13:5b:45:64:53:9e:f7:34:60:79:a3:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jan 1 13:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9086e086404e7e85e3638ea6b5d59a0fa1021732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e2:ca:bd:18:72:29:3c:08:63:14:d7:b4:0e:
b8:88:7e:2b:96:fd:20:1f:b1:c7:e2:7e:ab:f3:4d:
7c:17:be:64:79:b7:8d:9e:51:20:96:90:6f:85:a6:
ba:e5:8e:65:47:41:8f:02:df:25:71:0e:4b:ec:83:
98:8a:c2:aa:d7:ef:d8:39:ff:af:89:49:3c:3b:ae:
04:d0:fa:56:44:1c:bb:4b:44:ee:7c:6f:d9:9c:93:
8e:7c:1b:a6:43:1a:ac:53:35:2d:41:23:1a:2c:89:
3e:ac:5c:1f:e0:21:35:e0:36:f1:e8:95:5e:fb:8f:
57:9e:92:25:d6:a7:f1:74:4e:45:0b:1c:a9:50:6a:
b9:2a:98:b2:38:e1:c5:65:1f:51:60:e3:86:89:81:
24:bf:04:6c:11:81:0c:09:4b:8f:11:56:de:08:ff:
f6:27:aa:0e:d7:0c:17:db:8e:f8:62:54:4f:50:98:
6d:bb:14:e6:f7:38:fa:81:9c:3f:d6:05:91:23:ff:
75:48:9f:e5:1b:26:7f:8b:62:f4:0a:30:2f:4c:50:
73:77:33:d4:76:3b:f8:25:ee:63:61:b1:da:ab:15:
d3:c3:58:e9:f5:7e:1f:93:90:f1:08:38:02:00:39:
cb:86:74:57:d5:cb:c9:6d:8c:16:9e:f4:98:be:0f:
92:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:86:E0:86:40:4E:7E:85:E3:63:8E:A6:B5:D5:9A:0F:A1:02:17:32
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/kIbghkBOfoXjY46mtdWaD6ECFzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.254.0/23
163.171.67.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:ce:4c:48:b0:a8:76:2a:74:1a:63:4d:a6:09:05:f2:29:81:
bb:a1:ca:a3:35:31:07:15:06:bf:37:99:cc:0d:89:e8:33:7d:
10:e5:6e:18:d2:ec:3f:1c:a1:f0:ff:d8:80:2d:3e:35:40:24:
ac:51:6e:b0:95:33:ea:39:5f:f3:b3:ad:fe:96:17:f2:ba:bb:
c5:f7:47:bd:f6:68:bb:f5:b1:a0:43:85:ff:a7:a6:fa:5e:0c:
5b:c4:4e:34:99:64:65:39:a6:09:07:dd:6d:c8:6c:3b:45:8e:
d9:c9:17:37:70:cd:79:80:24:7b:8d:de:ce:e0:49:04:01:9c:
6e:78:bf:de:5d:88:44:98:1b:77:0a:29:79:e8:ae:3b:d0:0d:
83:e6:aa:5c:67:7d:b9:ce:ce:8a:cc:2e:4a:b8:cb:f2:0b:71:
d8:6e:59:01:5b:60:75:b8:1d:b9:c8:e7:a3:d0:54:d9:d4:c1:
4c:b1:ce:81:2d:dd:aa:46:36:8a:a4:c4:6f:84:bc:2d:67:30:
98:e6:0b:29:a1:36:55:fb:ed:6b:0c:7a:b2:ce:44:00:f6:6f:
a9:33:40:4b:bb:ab:7f:47:06:bb:8a:3b:fe:b3:b3:34:ae:c4:
af:3e:9e:43:23:51:11:a3:b4:2e:94:43:2d:94:a9:f3:24:6b:
cd:26:bb:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiIBIkE1tFZFOe9zRgeaNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjUwMTAxMTM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDg2ZTA4NjQwNGU3ZTg1ZTM2MzhlYTZiNWQ1OWEwZmExMDIxNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuLKvRhyKTwIYxTXtA64iH4rlv0g
H7HH4n6r8018F75kebeNnlEglpBvhaa65Y5lR0GPAt8lcQ5L7IOYisKq1+/YOf+v
iUk8O64E0PpWRBy7S0TufG/ZnJOOfBumQxqsUzUtQSMaLIk+rFwf4CE14Dbx6JVe
+49XnpIl1qfxdE5FCxypUGq5KpiyOOHFZR9RYOOGiYEkvwRsEYEMCUuPEVbeCP/2
J6oO1wwX2474YlRPUJhtuxTm9zj6gZw/1gWRI/91SJ/lGyZ/i2L0CjAvTFBzdzPU
djv4Je5jYbHaqxXTw1jp9X4fk5DxCDgCADnLhnRX1cvJbYwWnvSYvg+SnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJCG4IZATn6F42OOprXVmg+hAhcyMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEva0liZ2hrQk9mb1hqWTQ2bXRkV2FENkVDRnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBlP3+AwQA
o6tDMA0GCSqGSIb3DQEBCwUAA4IBAQDSzkxIsKh2KnQaY02mCQXyKYG7ocqjNTEH
FQa/N5nMDYnoM30Q5W4Y0uw/HKHw/9iALT41QCSsUW6wlTPqOV/zs63+lhfyurvF
90e99mi79bGgQ4X/p6b6XgxbxE40mWRlOaYJB91tyGw7RY7ZyRc3cM15gCR7jd7O
4EkEAZxueL/eXYhEmBt3Cil56K470A2D5qpcZ325zs6KzC5KuMvyC3HYblkBW2B1
uB25yOej0FTZ1MFMsc6BLd2qRjaKpMRvhLwtZzCY5gspoTZV++1rDHqyzkQA9m+p
M0BLu6t/Rwa7ijv+s7M0rsSvPp5DI1ERo7QulEMtlKnzJGvNJrtH
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:13:28 2025 by rpki-client