Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/KkqNZ54Qewj5mCBLo3rtzCSFt7g.roa
File: KkqNZ54Qewj5mCBLo3rtzCSFt7g.roa (raw, json)
Hash identifier: Rbv/KvRW9C13yYdCBXyUxqLUAuWNRC3szrxFy+NiiA8=
Subject key identifier: 2A:4A:8D:67:9E:10:7B:08:F9:98:20:4B:A3:7A:ED:CC:24:85:B7:B8
Certificate issuer: /CN=88e719f426793b1e9063771460abd311a3dff116
Certificate serial: 019423D718DEC52F267217AC8C9E4EC632E3
Authority key identifier: 88:E7:19:F4:26:79:3B:1E:90:63:77:14:60:AB:D3:11:A3:DF:F1:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/KkqNZ54Qewj5mCBLo3rtzCSFt7g.roa
Signing time: Wed 01 Jan 2025 21:48:06 +0000
ROA not before: Wed 01 Jan 2025 21:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62528
IP address blocks: 185.134.183.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:18:de:c5:2f:26:72:17:ac:8c:9e:4e:c6:32:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88e719f426793b1e9063771460abd311a3dff116
Validity
Not Before: Jan 1 21:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a4a8d679e107b08f998204ba37aedcc2485b7b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d2:8e:af:84:a1:4a:08:ca:fa:44:b4:a8:a9:
3e:79:f2:2c:6e:ea:1e:b9:66:c6:0c:6c:36:0f:42:
24:40:d9:22:15:4c:46:54:e8:57:0b:a4:89:a5:49:
7a:6d:b6:91:08:d6:99:e9:11:a8:d2:c6:00:ea:68:
1f:28:6e:8e:78:0f:ec:9f:8b:99:88:6d:ac:de:6c:
31:27:07:39:12:e7:01:72:d0:fa:0d:df:12:fe:30:
e2:f2:15:08:98:49:ad:8c:50:96:5b:8d:5f:0a:e3:
2e:f4:2c:0f:cd:7c:d6:1f:d5:01:2b:33:e0:40:9e:
59:00:d6:94:15:4a:fe:99:33:d1:7c:aa:92:be:65:
53:69:6f:4b:46:a1:06:93:a9:35:a7:0b:0a:c1:c6:
bd:f6:9c:a2:4a:5d:48:36:ed:dd:6b:3d:e1:c3:6b:
64:bb:11:0a:67:29:19:a9:0f:23:53:d4:b0:5d:8b:
0e:78:3c:ec:5a:bc:8b:90:a4:bc:29:2a:fb:66:fa:
fa:b4:e2:02:c5:81:36:26:cc:62:8f:14:80:b9:05:
67:e3:48:0c:ef:0f:6c:8e:33:b4:bc:29:b4:09:3f:
df:e5:18:58:d3:cf:8b:98:8d:cc:35:4f:2f:54:df:
84:d0:b9:bb:16:d0:4f:0b:db:4b:02:4c:4b:2f:de:
2f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:4A:8D:67:9E:10:7B:08:F9:98:20:4B:A3:7A:ED:CC:24:85:B7:B8
X509v3 Authority Key Identifier:
keyid:88:E7:19:F4:26:79:3B:1E:90:63:77:14:60:AB:D3:11:A3:DF:F1:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/KkqNZ54Qewj5mCBLo3rtzCSFt7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.183.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:ad:de:9b:e5:8a:79:62:0e:fc:c0:f6:d8:b3:54:3d:39:dc:
78:ff:bb:ab:29:5a:17:05:37:50:9a:7d:1d:60:69:5d:65:b8:
64:2a:96:b0:01:2f:e0:fe:15:34:bd:46:4c:72:1a:dc:bd:8e:
29:cb:e5:32:9a:4e:eb:1e:c3:81:c3:a3:5b:8f:fb:ad:17:07:
5a:c6:0b:63:29:83:91:6b:70:81:ba:00:b6:bd:4a:88:25:9b:
4b:13:f6:a5:cd:94:ee:8d:35:51:bc:f8:68:9b:c3:08:fd:cc:
26:89:57:ed:5a:47:3b:c2:dd:51:ee:f7:f7:90:79:92:87:f8:
e6:ac:e7:5b:78:bc:35:33:44:39:38:76:82:f6:58:57:bb:f5:
42:4b:3d:c9:b8:e4:43:60:45:67:46:f6:6b:f0:90:2e:72:6b:
fc:ab:ec:96:10:34:8d:1c:11:40:63:8f:91:a5:34:a0:59:27:
67:6d:91:2b:f3:df:a2:80:73:b7:30:af:64:f7:7b:91:be:3e:
1b:19:cf:6e:9f:07:d4:da:01:52:bb:07:37:02:05:4d:f7:48:
28:a9:d1:6d:f9:ac:58:27:dc:e6:c7:69:51:57:1c:ac:9c:5e:
fb:38:2d:22:6c:3f:fa:be:19:d3:89:4f:c8:bb:53:7c:02:11:
9b:4b:f9:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1xjexS8mchesjJ5OxjLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTcxOWY0MjY3OTNiMWU5MDYzNzcxNDYwYWJkMzExYTNk
ZmYxMTYwHhcNMjUwMTAxMjE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTRhOGQ2NzllMTA3YjA4Zjk5ODIwNGJhMzdhZWRjYzI0ODViN2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotKOr4ShSgjK+kS0qKk+efIsbuoe
uWbGDGw2D0IkQNkiFUxGVOhXC6SJpUl6bbaRCNaZ6RGo0sYA6mgfKG6OeA/sn4uZ
iG2s3mwxJwc5EucBctD6Dd8S/jDi8hUImEmtjFCWW41fCuMu9CwPzXzWH9UBKzPg
QJ5ZANaUFUr+mTPRfKqSvmVTaW9LRqEGk6k1pwsKwca99pyiSl1INu3daz3hw2tk
uxEKZykZqQ8jU9SwXYsOeDzsWryLkKS8KSr7Zvr6tOICxYE2JsxijxSAuQVn40gM
7w9sjjO0vCm0CT/f5RhY08+LmI3MNU8vVN+E0Lm7FtBPC9tLAkxLL94vEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpKjWeeEHsI+ZggS6N67cwkhbe4MB8GA1UdIwQY
MBaAFIjnGfQmeTsekGN3FGCr0xGj3/EWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9jWjlDWjVPeDZRWTNjVVlLdlRFYVBmOFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wMGQ0NWQtNWU0OC00NThkLTkyZjct
YWU1MmUxNTZiNzdlLzEvS2txTlo1NFFld2o1bUNCTG8zcnR6Q1NGdDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wMGQ0NWQtNWU0OC00NThkLTkyZjctYWU1MmUxNTZiNzdl
LzEvaU9jWjlDWjVPeDZRWTNjVVlLdlRFYVBmOFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYa3MA0G
CSqGSIb3DQEBCwUAA4IBAQBOrd6b5Yp5Yg78wPbYs1Q9Odx4/7urKVoXBTdQmn0d
YGldZbhkKpawAS/g/hU0vUZMchrcvY4py+Uymk7rHsOBw6Nbj/utFwdaxgtjKYOR
a3CBugC2vUqIJZtLE/alzZTujTVRvPhom8MI/cwmiVftWkc7wt1R7vf3kHmSh/jm
rOdbeLw1M0Q5OHaC9lhXu/VCSz3JuORDYEVnRvZr8JAucmv8q+yWEDSNHBFAY4+R
pTSgWSdnbZEr89+igHO3MK9k93uRvj4bGc9unwfU2gFSuwc3AgVN90goqdFt+axY
J9zmx2lRVxysnF77OC0ibD/6vhnTiU/Iu1N8AhGbS/nc
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:42:48 2025 by rpki-client