Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/32e776-8f36-4d16-956a-5af958ceaf6e/1/kjcDWuGIuX0pVG6bb41NnKIPOqs.roa
File: kjcDWuGIuX0pVG6bb41NnKIPOqs.roa (raw, json)
Hash identifier: YFnfiVE6rUbpB2uXyovY7NmRfmouuM77f2tO5i352qM=
Subject key identifier: 92:37:03:5A:E1:88:B9:7D:29:54:6E:9B:6F:8D:4D:9C:A2:0F:3A:AB
Certificate issuer: /CN=4b8d822165e7f01f722c973967f7554605240802
Certificate serial: 0194258FA4AB3AE93A3299474D76EE8D59EA
Authority key identifier: 4B:8D:82:21:65:E7:F0:1F:72:2C:97:39:67:F7:55:46:05:24:08:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S42CIWXn8B9yLJc5Z_dVRgUkCAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/32e776-8f36-4d16-956a-5af958ceaf6e/1/kjcDWuGIuX0pVG6bb41NnKIPOqs.roa
Signing time: Thu 02 Jan 2025 05:49:18 +0000
ROA not before: Thu 02 Jan 2025 05:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397423
IP address blocks: 185.251.144.0/22 maxlen: 22
190.102.100.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a4:ab:3a:e9:3a:32:99:47:4d:76:ee:8d:59:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b8d822165e7f01f722c973967f7554605240802
Validity
Not Before: Jan 2 05:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9237035ae188b97d29546e9b6f8d4d9ca20f3aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:cb:8d:af:e2:38:97:61:92:92:64:ce:50:7e:
bc:05:b3:b4:46:76:9f:c0:54:72:34:28:82:89:8a:
8b:05:e9:36:1e:40:73:17:88:6d:19:bf:58:94:f5:
f4:49:0f:5f:82:df:03:e9:b0:7f:71:20:eb:9d:4c:
b4:ea:f4:ff:c0:c2:15:e5:b7:80:69:d1:e5:97:10:
85:45:c4:3b:ba:a7:d4:4c:7b:32:d4:6f:5a:0e:44:
c7:27:3d:5a:28:5a:f1:67:3a:81:60:11:21:ee:59:
93:0f:a0:2d:05:7b:32:c2:02:03:b5:c7:cd:41:ed:
de:37:0e:2b:62:d9:bf:1f:78:86:df:57:a2:ed:4a:
fc:cf:b9:bf:b0:10:cd:60:83:23:50:0c:8f:b7:90:
44:ac:e2:f6:b0:a9:e9:b2:41:e4:92:5f:d5:e2:f3:
47:58:71:07:1a:4e:4a:10:ab:81:12:7d:28:ef:27:
8e:c4:3c:0c:5c:c9:b5:df:02:50:c6:9b:1b:69:14:
f5:10:30:88:5d:46:3c:19:de:1e:f5:91:ee:07:59:
6b:d8:96:46:e7:90:58:4c:18:13:f4:25:41:cd:21:
38:e7:f3:2c:9c:82:73:33:a5:82:23:78:df:23:58:
40:1f:9c:c0:25:fc:ac:35:8e:74:83:51:35:51:65:
50:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:37:03:5A:E1:88:B9:7D:29:54:6E:9B:6F:8D:4D:9C:A2:0F:3A:AB
X509v3 Authority Key Identifier:
keyid:4B:8D:82:21:65:E7:F0:1F:72:2C:97:39:67:F7:55:46:05:24:08:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S42CIWXn8B9yLJc5Z_dVRgUkCAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/32e776-8f36-4d16-956a-5af958ceaf6e/1/kjcDWuGIuX0pVG6bb41NnKIPOqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/32e776-8f36-4d16-956a-5af958ceaf6e/1/S42CIWXn8B9yLJc5Z_dVRgUkCAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.144.0/22
190.102.100.0/22
Signature Algorithm: sha256WithRSAEncryption
61:46:3d:b2:cf:68:67:45:9a:a4:2c:a3:0d:00:a1:09:68:fb:
e9:b3:3b:c1:41:53:37:32:4d:29:e4:ac:d9:95:fb:8f:ae:d2:
6b:4d:0d:57:c8:9f:63:42:c1:9f:33:61:34:29:be:1a:40:1e:
2b:04:58:fc:c4:16:9f:18:49:9a:27:02:f7:a8:6b:0c:30:44:
0b:cb:aa:07:fa:a7:35:26:3e:71:d9:db:c2:0f:1f:06:21:fc:
65:5f:6f:05:0d:97:ed:6c:06:38:2a:e7:5e:28:27:c4:9f:14:
f3:44:a1:3a:37:a7:20:01:bd:d7:21:16:03:56:c4:5b:e0:11:
a3:b9:ef:e7:e7:13:f1:82:a3:74:4f:13:17:fb:49:be:82:aa:
49:df:44:65:8d:07:da:94:a0:39:9a:6a:4b:fb:18:b5:99:1c:
7d:9e:c0:1e:f9:ed:09:de:47:43:1e:d0:06:07:9e:d2:c7:23:
48:f2:04:57:91:80:32:4a:8a:5e:b1:f0:f1:44:43:51:c3:26:
ff:8f:8a:5a:0d:02:e5:1d:10:85:6b:0a:e5:9e:56:fa:da:8d:
03:4b:0a:d9:21:93:ae:61:57:36:3f:50:24:8a:05:8d:7a:de:
55:76:67:38:73:62:67:32:2a:2b:b1:77:a6:47:f1:16:f9:88:
ed:98:69:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj6SrOuk6MplHTXbujVnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOGQ4MjIxNjVlN2YwMWY3MjJjOTczOTY3Zjc1NTQ2MDUy
NDA4MDIwHhcNMjUwMTAyMDU0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjM3MDM1YWUxODhiOTdkMjk1NDZlOWI2ZjhkNGQ5Y2EyMGYzYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcuNr+I4l2GSkmTOUH68BbO0Rnaf
wFRyNCiCiYqLBek2HkBzF4htGb9YlPX0SQ9fgt8D6bB/cSDrnUy06vT/wMIV5beA
adHllxCFRcQ7uqfUTHsy1G9aDkTHJz1aKFrxZzqBYBEh7lmTD6AtBXsywgIDtcfN
Qe3eNw4rYtm/H3iG31ei7Ur8z7m/sBDNYIMjUAyPt5BErOL2sKnpskHkkl/V4vNH
WHEHGk5KEKuBEn0o7yeOxDwMXMm13wJQxpsbaRT1EDCIXUY8Gd4e9ZHuB1lr2JZG
55BYTBgT9CVBzSE45/MsnIJzM6WCI3jfI1hAH5zAJfysNY50g1E1UWVQlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJI3A1rhiLl9KVRum2+NTZyiDzqrMB8GA1UdIwQY
MBaAFEuNgiFl5/AfciyXOWf3VUYFJAgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzQyQ0lXWG44Qjl5TEpjNVpfZFZSZ1VrQ0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zMmU3NzYtOGYzNi00ZDE2LTk1NmEt
NWFmOTU4Y2VhZjZlLzEva2pjRFd1R0l1WDBwVkc2YmI0MU5uS0lQT3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zMmU3NzYtOGYzNi00ZDE2LTk1NmEtNWFmOTU4Y2VhZjZl
LzEvUzQyQ0lXWG44Qjl5TEpjNVpfZFZSZ1VrQ0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCufuQAwQC
vmZkMA0GCSqGSIb3DQEBCwUAA4IBAQBhRj2yz2hnRZqkLKMNAKEJaPvpszvBQVM3
Mk0p5KzZlfuPrtJrTQ1XyJ9jQsGfM2E0Kb4aQB4rBFj8xBafGEmaJwL3qGsMMEQL
y6oH+qc1Jj5x2dvCDx8GIfxlX28FDZftbAY4KudeKCfEnxTzRKE6N6cgAb3XIRYD
VsRb4BGjue/n5xPxgqN0TxMX+0m+gqpJ30RljQfalKA5mmpL+xi1mRx9nsAe+e0J
3kdDHtAGB57SxyNI8gRXkYAySopesfDxRENRwyb/j4paDQLlHRCFawrlnlb62o0D
SwrZIZOuYVc2P1AkigWNet5Vdmc4c2JnMiorsXemR/EW+YjtmGkK
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:53:00 2025 by rpki-client