Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/kwjmGqQ4mv8FjfAdkGnsuf4wnOA.roa
File: kwjmGqQ4mv8FjfAdkGnsuf4wnOA.roa (raw, json)
Hash identifier: VWlBMBrFm2Tvrm5/6iJMAKobmPutaGrBQh5gSXrSjbQ=
Subject key identifier: 93:08:E6:1A:A4:38:9A:FF:05:8D:F0:1D:90:69:EC:B9:FE:30:9C:E0
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 0194221F95CD086DBB19235DF96416186589
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/kwjmGqQ4mv8FjfAdkGnsuf4wnOA.roa
Signing time: Wed 01 Jan 2025 13:48:02 +0000
ROA not before: Wed 01 Jan 2025 13:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21100
IP address blocks: 91.90.192.0/24 maxlen: 24
91.90.194.0/24 maxlen: 24
91.223.123.0/24 maxlen: 24
185.198.164.0/22 maxlen: 22
195.245.112.0/23 maxlen: 23
2001:67c:2f5c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:95:cd:08:6d:bb:19:23:5d:f9:64:16:18:65:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Jan 1 13:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9308e61aa4389aff058df01d9069ecb9fe309ce0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:85:ed:a6:d7:29:0d:95:8c:b6:24:59:09:61:
ec:3e:15:97:43:f5:26:1f:3c:32:00:c7:ce:25:d3:
b9:79:02:66:c7:20:ac:b0:26:bb:e2:9b:0e:04:68:
d2:ad:80:c0:ff:26:3d:12:d5:f2:7a:4a:2a:87:3a:
92:ff:12:ee:8c:d2:89:35:4c:f6:cf:e6:c1:73:59:
cb:2e:cb:1f:45:84:a4:9f:b1:55:9f:06:44:0b:f2:
b7:b0:7e:60:ee:ff:0b:04:7d:25:d9:23:7b:36:75:
bd:fb:dc:10:2c:22:e8:76:b3:96:36:78:71:34:64:
89:99:b3:e5:cd:73:a0:de:70:c9:c9:71:d2:42:2d:
5a:44:66:30:fa:96:a9:b5:4d:13:f8:79:49:a9:a4:
11:c1:e9:ea:75:34:f1:16:64:ae:50:31:c5:98:fd:
ce:1b:17:b4:08:72:a9:7a:82:ab:67:00:67:87:22:
21:ef:e5:a0:dd:9a:20:91:3d:9e:95:b3:05:20:af:
ca:9d:06:99:0a:69:7f:21:0c:49:a4:cd:39:9a:5d:
fe:c7:de:59:b5:2f:24:3a:60:ef:14:ef:c2:a5:6d:
9d:1a:3f:05:de:4a:ae:e1:64:80:91:3d:ca:e4:57:
75:30:18:01:43:47:20:d2:d3:24:9c:a5:73:63:2c:
90:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:08:E6:1A:A4:38:9A:FF:05:8D:F0:1D:90:69:EC:B9:FE:30:9C:E0
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/kwjmGqQ4mv8FjfAdkGnsuf4wnOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.192.0/24
91.90.194.0/24
91.223.123.0/24
185.198.164.0/22
195.245.112.0/23
IPv6:
2001:67c:2f5c::/48
Signature Algorithm: sha256WithRSAEncryption
b3:f0:76:f8:f2:47:f3:27:61:93:11:47:71:16:88:3b:86:ab:
f9:83:31:2c:c9:b3:80:5d:46:78:84:c5:b9:c4:1e:fe:18:51:
49:35:d1:e1:8f:5c:19:c3:0e:2b:e6:4e:be:3b:3e:03:3e:a5:
7c:c9:0f:fa:ca:89:65:ad:b6:28:2f:1f:01:47:6b:a1:90:4e:
83:a1:f0:8d:55:3e:4f:f7:09:60:b7:8d:7e:db:de:15:cb:30:
01:8e:1f:54:47:17:44:07:ce:16:4d:90:e1:90:7b:dd:0f:1d:
53:79:6d:58:27:24:36:50:54:f3:51:45:b8:87:52:4f:96:b6:
5f:07:aa:94:e6:e3:b7:49:bd:7f:ee:a7:1a:1b:34:bf:19:f8:
83:68:77:f5:46:46:1a:54:8d:1e:16:cd:ab:c7:3e:38:a7:fb:
15:7d:d7:3e:a4:52:7a:7b:b8:46:95:50:5f:c0:14:e1:dc:fa:
f1:ef:4f:4d:4a:29:8b:89:63:af:d7:ec:6d:24:e1:20:4b:27:
68:68:00:b9:11:77:f6:59:1f:3f:87:13:8a:49:0d:83:e7:c8:
d8:c7:a4:6e:9f:26:60:36:12:cf:35:63:6e:d3:c5:19:d2:cf:
0c:42:35:e3:a4:73:45:78:0c:c8:30:4f:53:7e:a1:2b:60:d1:
a3:c9:00:0f
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQiH5XNCG27GSNd+WQWGGWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjUwMTAxMTM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzA4ZTYxYWE0Mzg5YWZmMDU4ZGYwMWQ5MDY5ZWNiOWZlMzA5Y2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIXtptcpDZWMtiRZCWHsPhWXQ/Um
HzwyAMfOJdO5eQJmxyCssCa74psOBGjSrYDA/yY9EtXyekoqhzqS/xLujNKJNUz2
z+bBc1nLLssfRYSkn7FVnwZEC/K3sH5g7v8LBH0l2SN7NnW9+9wQLCLodrOWNnhx
NGSJmbPlzXOg3nDJyXHSQi1aRGYw+paptU0T+HlJqaQRwenqdTTxFmSuUDHFmP3O
Gxe0CHKpeoKrZwBnhyIh7+Wg3ZogkT2elbMFIK/KnQaZCml/IQxJpM05ml3+x95Z
tS8kOmDvFO/CpW2dGj8F3kqu4WSAkT3K5Fd1MBgBQ0cg0tMknKVzYyyQWQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJMI5hqkOJr/BY3wHZBp7Ln+MJzgMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEva3dqbUdxUTRtdjhGamZBZGtHbnN1ZjR3bk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW1rAAwQA
W1rCAwQAW997AwQCucakAwQBw/VwMA8EAgACMAkDBwAgAQZ8L1wwDQYJKoZIhvcN
AQELBQADggEBALPwdvjyR/MnYZMRR3EWiDuGq/mDMSzJs4BdRniExbnEHv4YUUk1
0eGPXBnDDivmTr47PgM+pXzJD/rKiWWttigvHwFHa6GQToOh8I1VPk/3CWC3jX7b
3hXLMAGOH1RHF0QHzhZNkOGQe90PHVN5bVgnJDZQVPNRRbiHUk+Wtl8HqpTm47dJ
vX/upxobNL8Z+INod/VGRhpUjR4WzavHPjin+xV91z6kUnp7uEaVUF/AFOHc+vHv
T01KKYuJY6/X7G0k4SBLJ2hoALkRd/ZZHz+HE4pJDYPnyNjHpG6fJmA2Es81Y27T
xRnSzwxCNeOkc0V4DMgwT1N+oStg0aPJAA8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:56:50 2025 by rpki-client