Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/kenow9ooVwL0t4IuHSVvvQIsN8M.roa
File: kenow9ooVwL0t4IuHSVvvQIsN8M.roa (raw, json)
Hash identifier: tJkXtVd1TBPTWkBnhiKcyLiHlQeoQgvy5+UbWV83vUY=
Subject key identifier: 91:E9:E8:C3:DA:28:57:02:F4:B7:82:2E:1D:25:6F:BD:02:2C:37:C3
Certificate issuer: /CN=e541a4c152b5f786d623d85c41465299cdda3389
Certificate serial: 019422FC193DC7B22A2DA51AEFE5751989E6
Authority key identifier: E5:41:A4:C1:52:B5:F7:86:D6:23:D8:5C:41:46:52:99:CD:DA:33:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5UGkwVK194bWI9hcQUZSmc3aM4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/kenow9ooVwL0t4IuHSVvvQIsN8M.roa
Signing time: Wed 01 Jan 2025 17:48:54 +0000
ROA not before: Wed 01 Jan 2025 17:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60955
IP address blocks: 31.172.112.0/20 maxlen: 20
31.172.112.0/23 maxlen: 23
31.172.114.0/24 maxlen: 24
31.172.115.0/24 maxlen: 24
31.172.116.0/22 maxlen: 22
185.22.220.0/22 maxlen: 24
193.192.40.0/23 maxlen: 23
2a04:2200::/29 maxlen: 29
2a04:2200::/32 maxlen: 32
2a04:2201::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:19:3d:c7:b2:2a:2d:a5:1a:ef:e5:75:19:89:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e541a4c152b5f786d623d85c41465299cdda3389
Validity
Not Before: Jan 1 17:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91e9e8c3da285702f4b7822e1d256fbd022c37c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cc:bf:85:b6:c9:b1:3e:a0:18:6a:62:20:82:
e7:f7:30:68:c3:12:5e:ea:0b:bf:47:54:bc:24:23:
a5:eb:d0:08:94:29:73:54:b7:14:58:0f:d0:5f:22:
7b:fe:63:81:95:27:83:4d:57:61:36:89:9a:60:31:
91:43:f5:8c:c3:92:37:4b:9e:6a:d1:04:20:02:89:
4e:92:dd:db:d3:d9:70:c1:ca:ca:09:cf:95:50:77:
f4:82:89:5c:53:a2:8a:9d:c0:20:51:3a:00:f8:84:
65:e9:b6:84:61:a9:55:d3:b3:4a:ec:a3:67:5e:54:
74:93:3a:53:25:97:db:e1:4c:d5:0d:eb:a8:38:d1:
5b:dd:f1:b6:1d:9e:4b:07:96:0e:72:9e:8a:b9:78:
b8:45:03:76:8b:97:d3:d6:17:e8:2c:32:41:56:02:
7c:eb:d3:7e:91:63:23:51:88:43:b4:e3:f2:81:a2:
91:a2:4b:89:2d:6c:fb:e4:e6:2a:f8:87:e6:95:16:
ad:15:f2:f8:fe:30:b5:b9:6a:80:aa:73:10:14:92:
60:01:d1:2c:04:2c:ce:44:ea:bd:01:7e:88:be:26:
3f:73:1b:21:b3:79:c3:64:fb:82:6c:b5:0d:07:4a:
8e:f7:28:2c:bb:44:ca:9e:4f:86:8e:20:e1:bd:19:
bc:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E9:E8:C3:DA:28:57:02:F4:B7:82:2E:1D:25:6F:BD:02:2C:37:C3
X509v3 Authority Key Identifier:
keyid:E5:41:A4:C1:52:B5:F7:86:D6:23:D8:5C:41:46:52:99:CD:DA:33:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UGkwVK194bWI9hcQUZSmc3aM4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/kenow9ooVwL0t4IuHSVvvQIsN8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5UGkwVK194bWI9hcQUZSmc3aM4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.112.0/20
185.22.220.0/22
193.192.40.0/23
IPv6:
2a04:2200::/29
Signature Algorithm: sha256WithRSAEncryption
30:ba:44:01:f5:e2:3e:97:07:75:50:71:3f:37:22:7f:f4:b3:
99:fc:3f:8a:ed:de:5e:6f:64:be:e0:58:37:98:ee:4c:17:94:
79:5c:63:5d:5d:06:7b:fc:f5:09:21:ff:db:8e:8a:19:34:1e:
85:b5:94:c8:be:ec:a0:52:cd:64:d4:9c:eb:7c:e2:0f:f9:dd:
3d:1d:73:94:89:a8:9e:23:f4:df:92:a2:f8:fd:ea:99:e9:cb:
0e:6c:68:a7:c6:6e:26:c9:01:4f:da:9c:bb:5c:36:31:6e:6e:
fc:77:43:50:e8:6d:80:92:61:7b:13:1b:37:a6:b1:5e:95:3a:
8f:03:7b:14:da:fe:9f:dc:e3:fb:0a:bb:53:11:5d:2c:79:61:
20:51:e2:f1:74:aa:4b:45:d9:6e:2f:d1:04:b3:1f:7d:01:97:
87:53:f1:bc:bb:96:92:eb:6b:91:d4:35:76:d3:f1:9e:88:12:
39:04:d4:68:64:0d:87:93:7a:06:95:34:ec:92:c1:4c:48:43:
4e:8f:14:4d:a3:74:6c:a8:6c:e7:7f:74:f2:83:2b:64:a5:e7:
0e:85:93:33:5a:6d:7e:71:ca:51:d1:24:ef:09:10:06:7f:8c:
7c:46:e6:73:18:54:07:18:06:45:cd:3f:4a:bf:dd:5e:c1:a9:
9a:d8:f4:ec
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQi/Bk9x7IqLaUa7+V1GYnmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NDFhNGMxNTJiNWY3ODZkNjIzZDg1YzQxNDY1Mjk5Y2Rk
YTMzODkwHhcNMjUwMTAxMTc0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWU5ZThjM2RhMjg1NzAyZjRiNzgyMmUxZDI1NmZiZDAyMmMzN2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8y/hbbJsT6gGGpiIILn9zBowxJe
6gu/R1S8JCOl69AIlClzVLcUWA/QXyJ7/mOBlSeDTVdhNomaYDGRQ/WMw5I3S55q
0QQgAolOkt3b09lwwcrKCc+VUHf0golcU6KKncAgUToA+IRl6baEYalV07NK7KNn
XlR0kzpTJZfb4UzVDeuoONFb3fG2HZ5LB5YOcp6KuXi4RQN2i5fT1hfoLDJBVgJ8
69N+kWMjUYhDtOPygaKRokuJLWz75OYq+IfmlRatFfL4/jC1uWqAqnMQFJJgAdEs
BCzOROq9AX6IviY/cxshs3nDZPuCbLUNB0qO9ygsu0TKnk+GjiDhvRm83QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJHp6MPaKFcC9LeCLh0lb70CLDfDMB8GA1UdIwQY
MBaAFOVBpMFStfeG1iPYXEFGUpnN2jOJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVVHa3dWSzE5NGJXSTloY1FVWlNtYzNhTTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kNzEyNjktNGI1Ni00NTcyLWE3MTEt
ZDg0ZWNiMjUwNWM0LzEva2Vub3c5b29Wd0wwdDRJdUhTVnZ2UUlzTjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kNzEyNjktNGI1Ni00NTcyLWE3MTEtZDg0ZWNiMjUwNWM0
LzEvNVVHa3dWSzE5NGJXSTloY1FVWlNtYzNhTTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEH6xwAwQC
uRbcAwQBwcAoMA0EAgACMAcDBQMqBCIAMA0GCSqGSIb3DQEBCwUAA4IBAQAwukQB
9eI+lwd1UHE/NyJ/9LOZ/D+K7d5eb2S+4Fg3mO5MF5R5XGNdXQZ7/PUJIf/bjooZ
NB6FtZTIvuygUs1k1JzrfOIP+d09HXOUiaieI/TfkqL4/eqZ6csObGinxm4myQFP
2py7XDYxbm78d0NQ6G2AkmF7Exs3prFelTqPA3sU2v6f3OP7CrtTEV0seWEgUeLx
dKpLRdluL9EEsx99AZeHU/G8u5aS62uR1DV20/GeiBI5BNRoZA2Hk3oGlTTsksFM
SENOjxRNo3RsqGznf3TygytkpecOhZMzWm1+ccpR0STvCRAGf4x8RuZzGFQHGAZF
zT9Kv91ewama2PTs
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:46:41 2025 by rpki-client