Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/kLJ8BOzr8zys4VKGS1yOfrbwFac.roa
File: kLJ8BOzr8zys4VKGS1yOfrbwFac.roa (raw, json)
Hash identifier: LKxQ75LZpddZNZAVI+5qKmXoiAxRE0TUFxZqLlNag3M=
Subject key identifier: 90:B2:7C:04:EC:EB:F3:3C:AC:E1:52:86:4B:5C:8E:7E:B6:F0:15:A7
Certificate issuer: /CN=ff56d837fe254fa92e1f3c2f861aa1e485521746
Certificate serial: 019422201C74C3CA0F36CF0AC9B941AEC59A
Authority key identifier: FF:56:D8:37:FE:25:4F:A9:2E:1F:3C:2F:86:1A:A1:E4:85:52:17:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/kLJ8BOzr8zys4VKGS1yOfrbwFac.roa
Signing time: Wed 01 Jan 2025 13:48:37 +0000
ROA not before: Wed 01 Jan 2025 13:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21101
IP address blocks: 91.240.230.0/23 maxlen: 23
94.143.96.0/21 maxlen: 24
185.5.94.0/24 maxlen: 24
185.5.95.0/24 maxlen: 24
193.109.32.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1c:74:c3:ca:0f:36:cf:0a:c9:b9:41:ae:c5:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff56d837fe254fa92e1f3c2f861aa1e485521746
Validity
Not Before: Jan 1 13:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90b27c04ecebf33cace152864b5c8e7eb6f015a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:41:c8:bc:a8:8e:d3:6e:12:da:a1:01:45:32:
c2:6b:0d:95:45:7c:cc:19:a2:b3:4e:3b:7f:bc:d6:
04:af:f9:de:66:bc:14:43:88:4b:cf:ba:6f:fe:a7:
d2:87:8d:3d:34:40:b4:1d:3f:eb:71:d6:e6:d9:96:
17:63:7a:74:88:a8:00:eb:c5:69:d1:37:86:32:a9:
d9:d9:99:cb:59:0b:54:51:87:be:25:e8:86:6b:1f:
c7:0f:4a:bf:71:fa:3b:a0:bb:1e:61:1e:7b:8f:e9:
b4:44:5b:ac:20:09:36:f1:53:36:d4:b1:72:79:2d:
d3:7b:7b:20:08:60:18:68:ca:b7:c2:78:cd:55:d8:
fd:25:34:e4:e3:0e:f8:fd:83:41:37:ac:56:29:a6:
d6:e9:47:6a:84:43:13:37:84:c5:43:fe:09:c6:eb:
93:20:73:ba:d2:81:44:5c:bf:82:a2:65:62:de:e0:
eb:90:05:7a:81:8e:49:a6:49:a6:cf:c6:1e:c9:29:
a4:64:f5:96:a1:aa:fb:dd:e4:69:72:18:a2:4a:3f:
4a:c8:4f:91:8e:09:cd:c2:56:f8:b6:8a:f3:5e:09:
05:27:97:78:84:3f:07:15:8d:ae:20:60:a7:fc:6f:
b8:aa:0f:48:59:3f:ae:0c:1e:db:f8:b0:01:09:31:
b7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B2:7C:04:EC:EB:F3:3C:AC:E1:52:86:4B:5C:8E:7E:B6:F0:15:A7
X509v3 Authority Key Identifier:
keyid:FF:56:D8:37:FE:25:4F:A9:2E:1F:3C:2F:86:1A:A1:E4:85:52:17:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/kLJ8BOzr8zys4VKGS1yOfrbwFac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.230.0/23
94.143.96.0/21
185.5.94.0/23
193.109.32.0/21
Signature Algorithm: sha256WithRSAEncryption
57:f6:d7:be:ba:30:b7:87:c7:49:59:23:25:32:03:f9:b2:4a:
b7:4e:81:bf:0d:25:e0:aa:0b:f2:03:ea:78:38:08:85:90:92:
b2:b7:56:92:fa:2a:c4:a9:c4:4f:2f:85:91:36:23:ed:bc:23:
a6:5e:3c:28:e6:c4:25:df:e4:72:3b:a8:99:b0:79:f4:d1:f3:
f6:27:08:3d:b2:b9:1a:c4:d8:df:e5:01:39:67:49:ba:69:ff:
d8:25:b1:f0:41:ee:cf:d4:e2:e4:22:bc:17:70:b2:b5:6b:3f:
e0:d2:c0:dc:67:88:a0:e6:2e:b4:fa:b7:32:0f:8a:33:02:7e:
fd:c2:68:bd:cd:35:6a:7b:b5:1e:9c:d7:a7:fd:6c:d0:13:94:
0c:28:88:bf:96:76:7b:4a:a9:79:f7:c6:d9:e6:ac:6f:52:bd:
53:42:22:6d:bc:4d:54:68:39:88:26:07:a3:8c:a4:ec:64:4b:
58:61:ad:3d:d2:4f:96:dc:11:96:6d:bd:6e:6e:fd:17:df:2f:
7e:60:de:a6:cb:54:d8:c0:25:6b:c5:f4:24:7b:65:a9:43:09:
32:d8:8a:87:97:02:df:bc:a4:a7:c3:1a:f0:43:25:a3:6a:c4:
84:11:ee:27:78:97:c8:e1:3f:0f:a7:e0:f5:44:ce:ff:cc:38:
8d:e7:3e:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiIBx0w8oPNs8KyblBrsWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNTZkODM3ZmUyNTRmYTkyZTFmM2MyZjg2MWFhMWU0ODU1
MjE3NDYwHhcNMjUwMTAxMTM0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGIyN2MwNGVjZWJmMzNjYWNlMTUyODY0YjVjOGU3ZWI2ZjAxNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0HIvKiO024S2qEBRTLCaw2VRXzM
GaKzTjt/vNYEr/neZrwUQ4hLz7pv/qfSh409NEC0HT/rcdbm2ZYXY3p0iKgA68Vp
0TeGMqnZ2ZnLWQtUUYe+JeiGax/HD0q/cfo7oLseYR57j+m0RFusIAk28VM21LFy
eS3Te3sgCGAYaMq3wnjNVdj9JTTk4w74/YNBN6xWKabW6UdqhEMTN4TFQ/4JxuuT
IHO60oFEXL+ComVi3uDrkAV6gY5Jpkmmz8YeySmkZPWWoar73eRpchiiSj9KyE+R
jgnNwlb4torzXgkFJ5d4hD8HFY2uIGCn/G+4qg9IWT+uDB7b+LABCTG3CwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJCyfATs6/M8rOFShktcjn628BWnMB8GA1UdIwQY
MBaAFP9W2Df+JU+pLh88L4YaoeSFUhdGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzFiWU5fNGxUNmt1SHp3dmhocWg1SVZTRjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xYjM3NDktOTY3My00MTJkLWIzNDgt
NTBmYzRkNTU3ZDA4LzEva0xKOEJPenI4enlzNFZLR1MxeU9mcmJ3RmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xYjM3NDktOTY3My00MTJkLWIzNDgtNTBmYzRkNTU3ZDA4
LzEvXzFiWU5fNGxUNmt1SHp3dmhocWg1SVZTRjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW/DmAwQD
Xo9gAwQBuQVeAwQDwW0gMA0GCSqGSIb3DQEBCwUAA4IBAQBX9te+ujC3h8dJWSMl
MgP5skq3ToG/DSXgqgvyA+p4OAiFkJKyt1aS+irEqcRPL4WRNiPtvCOmXjwo5sQl
3+RyO6iZsHn00fP2Jwg9srkaxNjf5QE5Z0m6af/YJbHwQe7P1OLkIrwXcLK1az/g
0sDcZ4ig5i60+rcyD4ozAn79wmi9zTVqe7UenNen/WzQE5QMKIi/lnZ7Sql598bZ
5qxvUr1TQiJtvE1UaDmIJgejjKTsZEtYYa090k+W3BGWbb1ubv0X3y9+YN6my1TY
wCVrxfQke2WpQwky2IqHlwLfvKSnwxrwQyWjasSEEe4neJfI4T8Pp+D1RM7/zDiN
5z6q
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:32:06 2025 by rpki-client