Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ad6ad3-4014-4000-a400-f049839fa730/1/kWLYBV2lkiSE5J3RZk5fvmnmzB0.roa
File: kWLYBV2lkiSE5J3RZk5fvmnmzB0.roa (raw, json)
Hash identifier: fcVu1jDo+tZnVop9ajN9Wj6s2WROmvxL/2WZUAGhZDs=
Subject key identifier: 91:62:D8:05:5D:A5:92:24:84:E4:9D:D1:66:4E:5F:BE:69:E6:CC:1D
Certificate issuer: /CN=d4589bd2c0fbe7e2d8592cee687192bbb57979f7
Certificate serial: 019427477CF86B0CFCCA26BDE7F90E9847B0
Authority key identifier: D4:58:9B:D2:C0:FB:E7:E2:D8:59:2C:EE:68:71:92:BB:B5:79:79:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Fib0sD75-LYWSzuaHGSu7V5efc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ad6ad3-4014-4000-a400-f049839fa730/1/kWLYBV2lkiSE5J3RZk5fvmnmzB0.roa
Signing time: Thu 02 Jan 2025 13:49:43 +0000
ROA not before: Thu 02 Jan 2025 13:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61396
IP address blocks: 91.197.156.0/22 maxlen: 22
91.197.156.0/23 maxlen: 23
91.197.158.0/23 maxlen: 23
91.247.32.0/22 maxlen: 22
91.247.32.0/23 maxlen: 23
91.247.34.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:7c:f8:6b:0c:fc:ca:26:bd:e7:f9:0e:98:47:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4589bd2c0fbe7e2d8592cee687192bbb57979f7
Validity
Not Before: Jan 2 13:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9162d8055da5922484e49dd1664e5fbe69e6cc1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:3d:cf:fb:99:da:11:f6:5c:51:86:05:3d:3c:
a9:86:0c:45:06:ba:7b:36:b8:cc:64:3f:cf:c6:08:
0a:f1:a1:1a:40:a5:3a:c3:56:66:55:5f:fb:b6:33:
b4:4c:79:4e:44:1b:51:e6:86:a2:2a:41:f2:3f:0d:
2c:fd:3b:6a:35:4a:a8:2f:68:b0:12:28:3e:88:f7:
fb:0a:f3:cc:ba:5c:0d:59:a0:d2:27:ad:64:40:69:
9c:41:f2:64:27:9e:40:ab:70:88:9f:a2:8e:7b:d0:
f4:4b:0b:db:b9:99:d6:bc:08:9b:59:0b:7c:81:27:
7c:e2:18:5a:07:f3:36:bb:7c:c3:a6:4b:a1:86:d1:
e1:04:df:f9:c0:35:c1:f5:e0:3e:d3:eb:b3:cb:a5:
27:d1:c1:80:6c:ac:d9:47:a2:10:58:3b:7c:bc:be:
f9:25:f1:48:30:da:32:a8:f6:94:be:36:76:a6:da:
31:76:21:63:a4:1a:9b:a0:03:28:ee:ca:91:cc:6b:
3a:64:dd:8f:62:83:d4:30:68:18:04:d1:3e:7b:3e:
38:e5:8c:c6:c5:6b:fc:13:6a:a6:21:cd:02:68:c7:
82:30:de:e8:53:39:46:c5:77:4e:bd:f7:48:4d:10:
89:d4:45:92:4c:fd:c8:a2:d0:e9:bd:98:ba:ef:46:
b8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:62:D8:05:5D:A5:92:24:84:E4:9D:D1:66:4E:5F:BE:69:E6:CC:1D
X509v3 Authority Key Identifier:
keyid:D4:58:9B:D2:C0:FB:E7:E2:D8:59:2C:EE:68:71:92:BB:B5:79:79:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Fib0sD75-LYWSzuaHGSu7V5efc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ad6ad3-4014-4000-a400-f049839fa730/1/kWLYBV2lkiSE5J3RZk5fvmnmzB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ad6ad3-4014-4000-a400-f049839fa730/1/1Fib0sD75-LYWSzuaHGSu7V5efc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.156.0/22
91.247.32.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:d0:1c:d1:52:28:bc:db:cf:60:05:4e:3b:97:7d:c8:3e:7c:
a8:59:58:e2:38:df:45:c3:38:05:bb:e0:15:e6:62:a4:d1:c8:
5b:e0:7f:68:bf:b7:98:57:8b:85:16:f5:92:ec:a3:12:3b:b4:
23:02:82:30:21:dc:09:3d:29:c0:96:b0:6f:56:83:53:1c:25:
7e:7e:0f:9d:4e:76:bb:72:70:d3:93:cc:ee:b4:3e:ec:09:a6:
91:64:c3:a3:fc:ae:60:20:32:93:29:1a:29:03:b0:44:62:43:
1b:c0:e5:37:f1:26:00:9a:2e:0b:00:ca:ac:3f:12:94:7c:62:
02:f1:7e:97:02:de:65:3d:15:2c:cc:af:81:ba:de:d5:43:02:
2e:b4:77:aa:5b:e4:16:9b:fd:91:a6:20:cc:4c:65:82:e4:94:
75:60:28:c5:36:0e:59:1d:4a:8d:e7:6c:47:3d:19:b1:84:e4:
d7:c9:91:da:1b:78:b2:52:73:ca:ce:7e:b6:ec:bb:8e:6a:71:
d4:9c:e1:a4:85:b8:b2:68:40:1b:a7:bd:52:e4:23:a7:a4:64:
b9:7f:92:04:87:84:4b:fb:44:37:e1:2b:1b:a2:66:3a:ca:ef:
71:fa:f0:15:b1:20:91:51:e7:16:35:30:bf:54:d6:8e:3b:c5:
83:e7:99:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnR3z4awz8yia95/kOmEewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NTg5YmQyYzBmYmU3ZTJkODU5MmNlZTY4NzE5MmJiYjU3
OTc5ZjcwHhcNMjUwMTAyMTM0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTYyZDgwNTVkYTU5MjI0ODRlNDlkZDE2NjRlNWZiZTY5ZTZjYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1D3P+5naEfZcUYYFPTyphgxFBrp7
NrjMZD/PxggK8aEaQKU6w1ZmVV/7tjO0THlORBtR5oaiKkHyPw0s/TtqNUqoL2iw
Eig+iPf7CvPMulwNWaDSJ61kQGmcQfJkJ55Aq3CIn6KOe9D0SwvbuZnWvAibWQt8
gSd84hhaB/M2u3zDpkuhhtHhBN/5wDXB9eA+0+uzy6Un0cGAbKzZR6IQWDt8vL75
JfFIMNoyqPaUvjZ2ptoxdiFjpBqboAMo7sqRzGs6ZN2PYoPUMGgYBNE+ez445YzG
xWv8E2qmIc0CaMeCMN7oUzlGxXdOvfdITRCJ1EWSTP3IotDpvZi670a4dwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJFi2AVdpZIkhOSd0WZOX75p5swdMB8GA1UdIwQY
MBaAFNRYm9LA++fi2Fks7mhxkru1eXn3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZpYjBzRDc1LUxZV1N6dWFIR1N1N1Y1ZWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hZDZhZDMtNDAxNC00MDAwLWE0MDAt
ZjA0OTgzOWZhNzMwLzEva1dMWUJWMmxraVNFNUozUlprNWZ2bW5tekIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hZDZhZDMtNDAxNC00MDAwLWE0MDAtZjA0OTgzOWZhNzMw
LzEvMUZpYjBzRDc1LUxZV1N6dWFIR1N1N1Y1ZWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8WcAwQC
W/cgMA0GCSqGSIb3DQEBCwUAA4IBAQB60BzRUii8289gBU47l33IPnyoWVjiON9F
wzgFu+AV5mKk0chb4H9ov7eYV4uFFvWS7KMSO7QjAoIwIdwJPSnAlrBvVoNTHCV+
fg+dTna7cnDTk8zutD7sCaaRZMOj/K5gIDKTKRopA7BEYkMbwOU38SYAmi4LAMqs
PxKUfGIC8X6XAt5lPRUszK+But7VQwIutHeqW+QWm/2RpiDMTGWC5JR1YCjFNg5Z
HUqN52xHPRmxhOTXyZHaG3iyUnPKzn627LuOanHUnOGkhbiyaEAbp71S5COnpGS5
f5IEh4RL+0Q34SsbomY6yu9x+vAVsSCRUecWNTC/VNaOO8WD55li
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:48:02 2025 by rpki-client