Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/8c4e3c-340c-4551-9f5e-decdd88d0e2e/1/KjlgRTU1xspBLi-8Bc6p3R_JZGY.roa
File: KjlgRTU1xspBLi-8Bc6p3R_JZGY.roa (raw, json)
Hash identifier: QyNcbnKKU1kgy4UI1kt8Y0wWeqRyWY6JjfSa7fKlv98=
Subject key identifier: 2A:39:60:45:35:35:C6:CA:41:2E:2F:BC:05:CE:A9:DD:1F:C9:64:66
Certificate issuer: /CN=715fc32ac75b8bf5c6142fa5f3fb56cb0fa853eb
Certificate serial: 01856E8B15AC02406F1B5219E219E808A9B2
Authority key identifier: 71:5F:C3:2A:C7:5B:8B:F5:C6:14:2F:A5:F3:FB:56:CB:0F:A8:53:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cV_DKsdbi_XGFC-l8_tWyw-oU-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/8c4e3c-340c-4551-9f5e-decdd88d0e2e/1/KjlgRTU1xspBLi-8Bc6p3R_JZGY.roa
Signing time: Sun 01 Jan 2023 18:14:46 +0000
ROA not before: Sun 01 Jan 2023 18:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 141677
IP address blocks: 91.229.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:15:ac:02:40:6f:1b:52:19:e2:19:e8:08:a9:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=715fc32ac75b8bf5c6142fa5f3fb56cb0fa853eb
Validity
Not Before: Jan 1 18:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a3960453535c6ca412e2fbc05cea9dd1fc96466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9d:af:e1:a7:5f:c5:78:77:3e:96:09:69:97:
d7:c6:2c:91:40:54:da:06:80:1e:0c:45:ae:df:21:
64:d1:66:37:88:a4:12:94:fa:4b:83:15:17:cb:a6:
ef:f9:32:d1:e6:7b:24:12:b7:a8:9a:36:86:ff:f5:
7b:da:19:fc:99:30:1d:7e:b1:07:70:9e:e6:43:f5:
8a:a1:b8:86:a9:50:79:4e:cf:17:3c:fa:1a:c2:a5:
67:b3:bf:6c:f8:55:b5:fb:8e:6b:9a:49:fc:b2:43:
b8:04:cc:41:d6:24:4b:2f:fc:0c:21:37:a2:0a:24:
97:de:68:4f:ac:54:5a:8b:52:56:23:11:d9:3f:29:
23:95:ba:96:70:4c:07:ec:86:ff:89:c7:3d:6d:8d:
63:dd:48:d0:dc:2b:96:63:c7:2b:67:6a:4b:77:bc:
19:57:7e:4c:54:e2:33:03:0a:d2:57:f8:46:5c:52:
51:4a:31:b4:64:4b:f4:74:eb:41:63:c1:99:31:c8:
ae:63:83:33:3a:b9:a2:d2:83:3f:8b:a0:68:84:84:
eb:ac:06:c3:17:37:65:15:9d:f1:20:7e:bd:78:ca:
14:d2:ff:73:52:61:bb:91:70:a8:09:84:cc:9a:0e:
e5:e7:5f:00:16:3b:a5:42:a4:dd:81:a8:12:17:03:
95:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:39:60:45:35:35:C6:CA:41:2E:2F:BC:05:CE:A9:DD:1F:C9:64:66
X509v3 Authority Key Identifier:
keyid:71:5F:C3:2A:C7:5B:8B:F5:C6:14:2F:A5:F3:FB:56:CB:0F:A8:53:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cV_DKsdbi_XGFC-l8_tWyw-oU-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8c4e3c-340c-4551-9f5e-decdd88d0e2e/1/KjlgRTU1xspBLi-8Bc6p3R_JZGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8c4e3c-340c-4551-9f5e-decdd88d0e2e/1/cV_DKsdbi_XGFC-l8_tWyw-oU-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.114.0/24
Signature Algorithm: sha256WithRSAEncryption
02:ef:54:17:92:17:50:67:52:5f:a0:03:4e:75:83:77:35:78:
09:a2:38:f8:c1:6c:36:5b:7d:09:a9:17:a2:1f:40:05:d2:6f:
68:7a:2a:17:f2:3c:e5:27:ef:77:86:52:94:90:b8:6b:26:f1:
83:01:56:49:86:6c:f7:d5:f6:1c:5a:1d:a0:97:95:62:a3:0c:
01:76:13:20:2a:63:aa:d7:bf:6e:2c:e0:aa:fc:db:ee:2a:bc:
2a:af:69:b4:17:00:17:5d:ea:36:13:a4:0d:2a:af:a3:f3:c2:
37:dd:3a:d1:e3:34:1a:d9:10:33:6d:2a:ae:09:1b:83:13:1c:
58:22:49:15:07:a7:0a:92:d4:2d:e2:69:7f:57:20:6a:f1:e2:
9b:6d:6c:95:ee:7f:e6:c6:a0:1f:6a:08:eb:68:67:f7:35:1e:
a5:a5:85:95:82:ec:77:ab:f9:25:72:0c:2e:ed:91:21:ef:0a:
55:61:e9:34:9c:c8:cd:a8:50:36:74:42:eb:e7:8f:8d:c1:88:
aa:ea:16:20:8f:dc:11:ce:01:5c:71:d7:8f:c4:e0:9c:c2:8e:
83:78:62:b4:72:34:9e:c0:eb:93:85:69:3f:c4:12:c5:d3:1d:
19:9b:fb:1d:8e:c2:c3:f5:f6:c3:c7:cc:b9:46:28:e0:8e:9a:
76:d2:9c:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuixWsAkBvG1IZ4hnoCKmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNWZjMzJhYzc1YjhiZjVjNjE0MmZhNWYzZmI1NmNiMGZh
ODUzZWIwHhcNMjMwMTAxMTgxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTM5NjA0NTM1MzVjNmNhNDEyZTJmYmMwNWNlYTlkZDFmYzk2NDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJ2v4adfxXh3PpYJaZfXxiyRQFTa
BoAeDEWu3yFk0WY3iKQSlPpLgxUXy6bv+TLR5nskEreomjaG//V72hn8mTAdfrEH
cJ7mQ/WKobiGqVB5Ts8XPPoawqVns79s+FW1+45rmkn8skO4BMxB1iRLL/wMITei
CiSX3mhPrFRai1JWIxHZPykjlbqWcEwH7Ib/icc9bY1j3UjQ3CuWY8crZ2pLd7wZ
V35MVOIzAwrSV/hGXFJRSjG0ZEv0dOtBY8GZMciuY4MzOrmi0oM/i6BohITrrAbD
FzdlFZ3xIH69eMoU0v9zUmG7kXCoCYTMmg7l518AFjulQqTdgagSFwOVewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCo5YEU1NcbKQS4vvAXOqd0fyWRmMB8GA1UdIwQY
MBaAFHFfwyrHW4v1xhQvpfP7VssPqFPrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1ZfREtzZGJpX1hHRkMtbDhfdFd5dy1vVS1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84YzRlM2MtMzQwYy00NTUxLTlmNWUt
ZGVjZGQ4OGQwZTJlLzEvS2psZ1JUVTF4c3BCTGktOEJjNnAzUl9KWkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84YzRlM2MtMzQwYy00NTUxLTlmNWUtZGVjZGQ4OGQwZTJl
LzEvY1ZfREtzZGJpX1hHRkMtbDhfdFd5dy1vVS1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+VyMA0G
CSqGSIb3DQEBCwUAA4IBAQAC71QXkhdQZ1JfoANOdYN3NXgJojj4wWw2W30JqRei
H0AF0m9oeioX8jzlJ+93hlKUkLhrJvGDAVZJhmz31fYcWh2gl5ViowwBdhMgKmOq
179uLOCq/NvuKrwqr2m0FwAXXeo2E6QNKq+j88I33TrR4zQa2RAzbSquCRuDExxY
IkkVB6cKktQt4ml/VyBq8eKbbWyV7n/mxqAfagjraGf3NR6lpYWVgux3q/klcgwu
7ZEh7wpVYek0nMjNqFA2dELr54+NwYiq6hYgj9wRzgFccdePxOCcwo6DeGK0cjSe
wOuThWk/xBLF0x0Zm/sdjsLD9fbDx8y5Rijgjpp20pxY
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:31 2025 by rpki-client