Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/0c6181-218f-400a-bb70-8c523a5bba78/1/kkts0LAJgV8FKzhVvhfU6qpl47g.roa
File: kkts0LAJgV8FKzhVvhfU6qpl47g.roa (raw, json)
Hash identifier: BwAkSfoe7dBZj+3QP1g2LSE08T2ewWsUf0QmdlkTQ/w=
Subject key identifier: 92:4B:6C:D0:B0:09:81:5F:05:2B:38:55:BE:17:D4:EA:AA:65:E3:B8
Certificate issuer: /CN=cb8e6c5a928ba48ca72f707bb794de49d70a0e77
Certificate serial: 01941F8C750097650B860A566AEB279A3CA9
Authority key identifier: CB:8E:6C:5A:92:8B:A4:8C:A7:2F:70:7B:B7:94:DE:49:D7:0A:0E:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y45sWpKLpIynL3B7t5TeSdcKDnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/0c6181-218f-400a-bb70-8c523a5bba78/1/kkts0LAJgV8FKzhVvhfU6qpl47g.roa
Signing time: Wed 01 Jan 2025 01:48:06 +0000
ROA not before: Wed 01 Jan 2025 01:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15576
IP address blocks: 85.118.216.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:75:00:97:65:0b:86:0a:56:6a:eb:27:9a:3c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb8e6c5a928ba48ca72f707bb794de49d70a0e77
Validity
Not Before: Jan 1 01:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=924b6cd0b009815f052b3855be17d4eaaa65e3b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b4:f3:29:f2:1a:7f:17:49:ae:49:30:37:7f:
77:5f:b5:ab:96:5e:3e:50:13:0d:bb:d7:ea:8e:3f:
e4:23:ac:7e:75:55:33:7f:3a:8b:00:45:60:25:c7:
7e:59:24:11:58:ed:98:91:d0:56:b7:f6:51:f9:c7:
4b:a8:93:01:1a:5f:99:e2:a4:c3:fd:c2:86:28:c8:
62:26:1a:b3:39:31:72:98:0c:53:d0:42:eb:6b:76:
c3:3c:b5:3f:19:74:f1:9b:a6:c2:c7:b9:d2:c8:e1:
97:f4:28:cf:c0:a8:38:08:6d:79:fa:e1:bc:eb:bf:
02:06:22:0b:d4:6f:4a:4a:59:0c:db:b7:04:38:b8:
ae:38:3a:5c:8e:c4:8b:7a:32:83:a5:18:2c:cd:3c:
8b:0d:a2:26:a2:d3:dd:ec:23:33:25:e0:64:ea:93:
da:d5:ab:70:c2:63:77:2c:df:c0:4e:4f:ae:25:01:
fd:81:64:44:d5:74:4b:e9:b1:32:56:6b:50:3e:de:
ae:1d:49:b5:e2:e8:58:18:15:dc:a5:1e:dc:17:f0:
1e:0a:dd:12:98:ab:48:2f:f5:da:c4:6e:a5:40:08:
3d:21:f9:58:d2:f9:7c:c4:60:09:47:db:d1:7f:ea:
1c:93:49:bb:ef:0c:b5:bb:c0:d7:cd:7c:70:df:c5:
44:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:4B:6C:D0:B0:09:81:5F:05:2B:38:55:BE:17:D4:EA:AA:65:E3:B8
X509v3 Authority Key Identifier:
keyid:CB:8E:6C:5A:92:8B:A4:8C:A7:2F:70:7B:B7:94:DE:49:D7:0A:0E:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y45sWpKLpIynL3B7t5TeSdcKDnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/0c6181-218f-400a-bb70-8c523a5bba78/1/kkts0LAJgV8FKzhVvhfU6qpl47g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/0c6181-218f-400a-bb70-8c523a5bba78/1/y45sWpKLpIynL3B7t5TeSdcKDnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.216.0/21
Signature Algorithm: sha256WithRSAEncryption
4b:95:98:8a:b5:97:cf:d0:0c:7f:85:1c:a8:93:8f:07:e5:82:
08:43:91:ab:84:8f:bd:bb:c1:3a:f9:2b:f9:ae:2a:51:59:f4:
e8:a0:18:1d:5a:24:bb:71:61:36:6d:09:29:42:9d:e5:3a:c0:
e7:fc:ac:9c:7a:05:b2:53:15:4d:0b:d8:5b:3d:e9:00:61:dd:
3c:37:ad:0f:08:bd:8f:78:67:0d:5c:50:3d:5f:ca:15:40:29:
5f:c3:57:b5:da:60:76:ed:38:d0:da:7d:25:26:ca:2e:0f:4e:
db:44:c0:b1:1a:58:41:9f:f8:b9:5d:a7:6e:36:24:dc:92:49:
b3:5c:f2:f6:40:fa:8b:7c:ab:84:ae:13:1c:da:13:7c:6a:9d:
f6:10:76:bb:19:36:58:d9:b7:07:28:bd:ac:66:cb:bd:61:4c:
85:4f:ca:49:c2:21:9f:4f:68:c9:7c:25:cb:17:45:be:ed:cb:
6c:fc:b8:98:95:92:0c:0e:2c:03:94:8d:91:39:12:d9:d2:39:
fc:bc:a3:64:ad:74:19:b8:a2:82:05:05:c5:1e:ad:f2:30:ee:
16:25:02:b4:db:2d:9f:5c:eb:f4:4b:e0:d9:80:51:30:aa:31:
96:e5:e4:49:be:aa:16:7a:65:0d:ce:8e:55:44:28:85:35:de:
f4:8e:1d:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjHUAl2ULhgpWausnmjypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOGU2YzVhOTI4YmE0OGNhNzJmNzA3YmI3OTRkZTQ5ZDcw
YTBlNzcwHhcNMjUwMTAxMDE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjRiNmNkMGIwMDk4MTVmMDUyYjM4NTViZTE3ZDRlYWFhNjVlM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7TzKfIafxdJrkkwN393X7Wrll4+
UBMNu9fqjj/kI6x+dVUzfzqLAEVgJcd+WSQRWO2YkdBWt/ZR+cdLqJMBGl+Z4qTD
/cKGKMhiJhqzOTFymAxT0ELra3bDPLU/GXTxm6bCx7nSyOGX9CjPwKg4CG15+uG8
678CBiIL1G9KSlkM27cEOLiuODpcjsSLejKDpRgszTyLDaImotPd7CMzJeBk6pPa
1atwwmN3LN/ATk+uJQH9gWRE1XRL6bEyVmtQPt6uHUm14uhYGBXcpR7cF/AeCt0S
mKtIL/XaxG6lQAg9IflY0vl8xGAJR9vRf+ock0m77wy1u8DXzXxw38VErQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJLbNCwCYFfBSs4Vb4X1OqqZeO4MB8GA1UdIwQY
MBaAFMuObFqSi6SMpy9we7eU3knXCg53MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTQ1c1dwS0xwSXluTDNCN3Q1VGVTZGNLRG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8wYzYxODEtMjE4Zi00MDBhLWJiNzAt
OGM1MjNhNWJiYTc4LzEva2t0czBMQUpnVjhGS3poVnZoZlU2cXBsNDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8wYzYxODEtMjE4Zi00MDBhLWJiNzAtOGM1MjNhNWJiYTc4
LzEveTQ1c1dwS0xwSXluTDNCN3Q1VGVTZGNLRG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVXbYMA0G
CSqGSIb3DQEBCwUAA4IBAQBLlZiKtZfP0Ax/hRyok48H5YIIQ5GrhI+9u8E6+Sv5
ripRWfTooBgdWiS7cWE2bQkpQp3lOsDn/KycegWyUxVNC9hbPekAYd08N60PCL2P
eGcNXFA9X8oVQClfw1e12mB27TjQ2n0lJsouD07bRMCxGlhBn/i5XaduNiTckkmz
XPL2QPqLfKuErhMc2hN8ap32EHa7GTZY2bcHKL2sZsu9YUyFT8pJwiGfT2jJfCXL
F0W+7cts/LiYlZIMDiwDlI2RORLZ0jn8vKNkrXQZuKKCBQXFHq3yMO4WJQK02y2f
XOv0S+DZgFEwqjGW5eRJvqoWemUNzo5VRCiFNd70jh2t
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:18:40 2025 by rpki-client