Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/kkZSypYh8F9rNNfSPrJybh1ufOA.roa
File: kkZSypYh8F9rNNfSPrJybh1ufOA.roa (raw, json)
Hash identifier: OZKYjqnuTNpwjIeUjKQ7WdVuUS4XIuXxtQYLs+UNNBw=
Subject key identifier: 92:46:52:CA:96:21:F0:5F:6B:34:D7:D2:3E:B2:72:6E:1D:6E:7C:E0
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 019425218640DAE6E05B2F1D3A2502DD26A3
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/kkZSypYh8F9rNNfSPrJybh1ufOA.roa
Signing time: Thu 02 Jan 2025 03:49:01 +0000
ROA not before: Thu 02 Jan 2025 03:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35179
IP address blocks: 213.109.46.0/24 maxlen: 24
213.109.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:86:40:da:e6:e0:5b:2f:1d:3a:25:02:dd:26:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 2 03:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=924652ca9621f05f6b34d7d23eb2726e1d6e7ce0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8e:7c:1e:63:70:95:f2:e7:6a:a4:23:00:75:
6e:ca:1c:94:81:39:be:e8:ec:e9:6f:a0:23:97:67:
51:1f:38:a5:ca:cb:37:3a:9f:c4:3e:1e:54:5e:49:
5d:a3:10:c2:7d:57:40:8c:57:7a:54:a7:6c:d1:32:
43:59:84:08:27:51:d5:9e:04:35:b0:f0:1b:b2:86:
87:f9:e1:a1:68:cc:4b:5b:df:f0:e0:7f:c1:fe:ff:
8a:23:77:68:21:28:9c:f4:a7:75:6b:37:ca:1b:13:
04:1a:b1:5e:96:19:36:b1:9c:71:01:4c:07:0a:68:
4c:9c:6c:19:e5:ee:9d:d9:d3:b7:0a:dd:f1:57:cc:
06:be:de:d4:fa:cf:e9:d5:2c:3d:bc:4d:6f:4e:e8:
a5:cf:eb:7d:4b:59:b8:36:07:14:22:39:fd:5f:dc:
bd:5e:74:1f:cc:8e:71:59:5d:ee:64:d3:88:23:51:
a8:8d:1f:1f:7f:4a:eb:40:31:02:d9:51:f5:e4:97:
f9:64:fe:6c:ba:74:e2:b0:dc:57:f1:af:d3:98:ce:
c3:16:77:4e:4a:61:8f:e1:77:22:5d:fb:eb:3b:44:
59:73:dc:7e:df:71:72:4a:52:da:1e:aa:64:ba:10:
e7:50:81:a5:13:c2:5b:01:8a:57:f6:39:81:cb:f0:
82:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:46:52:CA:96:21:F0:5F:6B:34:D7:D2:3E:B2:72:6E:1D:6E:7C:E0
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/kkZSypYh8F9rNNfSPrJybh1ufOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.46.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:6f:15:36:47:1d:2c:a5:64:54:68:2c:c7:f7:63:72:d3:fe:
bd:d7:a6:80:52:33:a2:ac:6f:e1:fb:6b:54:12:e9:ff:28:ef:
43:6a:5f:ef:1f:1c:8a:f4:03:2c:72:1f:4b:3b:42:3b:59:e5:
6a:06:08:b8:66:b9:43:bc:b0:da:44:0d:e0:f1:3b:b0:e2:67:
89:6c:87:44:69:9e:a9:87:02:0f:4b:7a:c2:52:24:43:66:65:
f2:9b:bd:76:18:17:d3:70:47:70:56:d4:18:fc:86:40:79:16:
62:26:de:4d:a0:36:a4:e4:96:65:99:98:94:91:7b:37:02:46:
39:2f:ef:02:27:63:4a:ec:7b:f4:de:fb:81:04:47:a0:20:36:
65:10:4e:85:91:a3:7f:89:59:ba:fc:5b:0b:f1:6c:4c:a3:f2:
25:d1:93:2d:23:55:48:8e:3c:84:7c:5a:5f:1d:54:49:3e:06:
29:b8:7a:cc:a0:35:f7:81:ab:02:8a:9a:2c:ce:cf:d9:bf:80:
12:f8:da:ee:99:ed:3d:85:c7:27:91:68:5e:a1:11:c0:4a:a3:
d3:8f:ae:4e:52:37:b9:79:36:49:5d:d0:23:30:3c:ab:52:73:
cb:9f:47:51:4f:81:b4:4d:19:84:cb:6f:ce:fc:ef:ca:72:29:
1d:fa:4e:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIYZA2ubgWy8dOiUC3SajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjUwMTAyMDM0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjQ2NTJjYTk2MjFmMDVmNmIzNGQ3ZDIzZWIyNzI2ZTFkNmU3Y2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtY58HmNwlfLnaqQjAHVuyhyUgTm+
6Ozpb6Ajl2dRHzilyss3Op/EPh5UXkldoxDCfVdAjFd6VKds0TJDWYQIJ1HVngQ1
sPAbsoaH+eGhaMxLW9/w4H/B/v+KI3doISic9Kd1azfKGxMEGrFelhk2sZxxAUwH
CmhMnGwZ5e6d2dO3Ct3xV8wGvt7U+s/p1Sw9vE1vTuilz+t9S1m4NgcUIjn9X9y9
XnQfzI5xWV3uZNOII1GojR8ff0rrQDEC2VH15Jf5ZP5sunTisNxX8a/TmM7DFndO
SmGP4XciXfvrO0RZc9x+33FySlLaHqpkuhDnUIGlE8JbAYpX9jmBy/CCDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJGUsqWIfBfazTX0j6ycm4dbnzgMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEva2taU3lwWWg4RjlyTk5mU1BySnliaDF1Zk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1W0uMA0G
CSqGSIb3DQEBCwUAA4IBAQCrbxU2Rx0spWRUaCzH92Ny0/6916aAUjOirG/h+2tU
Eun/KO9Dal/vHxyK9AMsch9LO0I7WeVqBgi4ZrlDvLDaRA3g8Tuw4meJbIdEaZ6p
hwIPS3rCUiRDZmXym712GBfTcEdwVtQY/IZAeRZiJt5NoDak5JZlmZiUkXs3AkY5
L+8CJ2NK7Hv03vuBBEegIDZlEE6FkaN/iVm6/FsL8WxMo/Il0ZMtI1VIjjyEfFpf
HVRJPgYpuHrMoDX3gasCiposzs/Zv4AS+Nrume09hccnkWheoRHASqPTj65OUje5
eTZJXdAjMDyrUnPLn0dRT4G0TRmEy2/O/O/Kcikd+k4V
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:01:36 2025 by rpki-client