Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/kTvVn_B76BHAkt21A667VWLx85c.roa
File: kTvVn_B76BHAkt21A667VWLx85c.roa (raw, json)
Hash identifier: RlO7Fkyzwvg6DOaLdLA5nagDWX7X86stBqbWJQSamrk=
Subject key identifier: 91:3B:D5:9F:F0:7B:E8:11:C0:92:DD:B5:03:AE:BB:55:62:F1:F3:97
Certificate issuer: /CN=1f896cd3d8d1a0699da521055dfb58dc06dddf35
Certificate serial: 01942444A76BC661802E7E14B74EB981019B
Authority key identifier: 1F:89:6C:D3:D8:D1:A0:69:9D:A5:21:05:5D:FB:58:DC:06:DD:DF:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/kTvVn_B76BHAkt21A667VWLx85c.roa
Signing time: Wed 01 Jan 2025 23:47:46 +0000
ROA not before: Wed 01 Jan 2025 23:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59882
IP address blocks: 185.153.208.0/22 maxlen: 22
185.153.208.0/24 maxlen: 24
185.153.209.0/24 maxlen: 24
185.153.210.0/24 maxlen: 24
185.153.211.0/24 maxlen: 24
2a07:88c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a7:6b:c6:61:80:2e:7e:14:b7:4e:b9:81:01:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f896cd3d8d1a0699da521055dfb58dc06dddf35
Validity
Not Before: Jan 1 23:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=913bd59ff07be811c092ddb503aebb5562f1f397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f1:27:08:8e:b6:a6:59:3c:39:35:10:88:db:
91:88:9f:ad:2b:67:57:d3:28:8d:f7:8b:4b:94:23:
a8:24:4b:c4:ce:4f:10:03:bb:d1:cb:3b:35:88:f6:
c6:48:50:26:bf:7a:2b:ad:a9:14:4b:5e:e4:61:81:
2b:9f:c7:02:a9:fd:46:0a:ec:4d:f1:b0:9f:24:cc:
25:bb:15:41:57:e4:61:06:04:db:7d:fa:75:ca:8a:
b4:42:a1:18:bb:9f:6b:fe:f6:28:be:c5:17:b5:f0:
ef:da:b8:59:88:53:54:33:a0:99:b9:7e:a1:64:37:
19:5b:d2:2f:69:aa:e7:f4:e3:8d:c2:6e:59:93:13:
65:68:8a:0b:e2:4e:8b:7e:ec:a8:e8:5c:59:86:2b:
a8:f6:c9:ad:89:a8:ef:90:1c:b0:fa:1b:ce:33:88:
06:f4:62:de:68:a2:d2:75:f9:34:19:57:9f:73:3b:
c7:08:36:7c:b2:73:2c:ac:28:f0:41:29:2d:fa:60:
73:1c:f0:dd:25:92:79:34:9a:b8:1c:25:dc:90:2b:
b2:6a:57:b5:35:64:ca:2f:76:bd:74:d3:99:97:26:
19:46:09:a1:62:a1:93:22:4f:85:8d:da:ab:b4:cd:
be:7a:49:6f:3f:f3:e8:af:b4:75:d9:ff:39:49:42:
04:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3B:D5:9F:F0:7B:E8:11:C0:92:DD:B5:03:AE:BB:55:62:F1:F3:97
X509v3 Authority Key Identifier:
keyid:1F:89:6C:D3:D8:D1:A0:69:9D:A5:21:05:5D:FB:58:DC:06:DD:DF:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/kTvVn_B76BHAkt21A667VWLx85c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/H4ls09jRoGmdpSEFXftY3Abd3zU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.208.0/22
IPv6:
2a07:88c0::/29
Signature Algorithm: sha256WithRSAEncryption
79:3b:40:7c:a0:a4:16:e5:49:b1:5e:23:87:fa:f2:71:64:89:
a9:a6:c1:5b:5d:7d:c4:f5:2d:9c:28:e2:dc:0e:69:bc:91:d6:
db:52:ee:b1:c6:b1:70:32:c8:cf:a0:24:3c:28:c6:a7:52:d2:
bf:85:ff:52:34:c3:cd:35:16:56:1e:cc:e6:e6:ed:c3:13:2a:
b6:36:8d:f1:7d:a1:13:d3:39:1d:d3:fc:cf:00:e7:13:6a:6a:
ff:a3:2f:ca:4f:21:43:a2:50:53:64:a2:be:55:8d:aa:08:43:
7b:5b:31:4c:6b:3d:f6:89:d7:51:5d:20:13:cf:ff:42:77:72:
86:95:3e:39:76:27:05:43:44:2a:8c:43:c5:b9:a3:80:9d:31:
ed:81:cc:1e:4c:cb:83:9f:26:68:48:33:6f:e4:a4:3c:0c:e2:
cc:19:09:ca:13:cb:e8:b6:13:d7:a1:19:b3:b0:e3:04:60:80:
64:db:99:f8:bd:1e:97:d1:1b:cf:4b:16:46:d7:a0:9a:5f:89:
6d:05:8d:70:ae:ac:4b:b8:5a:78:46:66:7a:ea:34:dd:c0:76:
08:3b:09:5d:ba:ee:04:f0:13:0f:db:04:c2:21:4e:5e:3c:3a:
dc:2c:de:3a:ba:b4:a8:a8:8f:17:a7:31:05:cd:3b:71:8d:d1:
78:bb:ce:a2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRKdrxmGALn4Ut065gQGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmODk2Y2QzZDhkMWEwNjk5ZGE1MjEwNTVkZmI1OGRjMDZk
ZGRmMzUwHhcNMjUwMTAxMjM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTNiZDU5ZmYwN2JlODExYzA5MmRkYjUwM2FlYmI1NTYyZjFmMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fEnCI62plk8OTUQiNuRiJ+tK2dX
0yiN94tLlCOoJEvEzk8QA7vRyzs1iPbGSFAmv3orrakUS17kYYErn8cCqf1GCuxN
8bCfJMwluxVBV+RhBgTbffp1yoq0QqEYu59r/vYovsUXtfDv2rhZiFNUM6CZuX6h
ZDcZW9Ivaarn9OONwm5ZkxNlaIoL4k6Lfuyo6FxZhiuo9smtiajvkByw+hvOM4gG
9GLeaKLSdfk0GVefczvHCDZ8snMsrCjwQSkt+mBzHPDdJZJ5NJq4HCXckCuyale1
NWTKL3a9dNOZlyYZRgmhYqGTIk+FjdqrtM2+eklvP/Por7R12f85SUIEAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJE71Z/we+gRwJLdtQOuu1Vi8fOXMB8GA1UdIwQY
MBaAFB+JbNPY0aBpnaUhBV37WNwG3d81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDRsczA5alJvR21kcFNFRlhmdFkzQWJkM3pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mYWI0OWEtOTFmNC00NjBjLTgyN2It
YzMzMjc4MjJhMTM4LzEva1R2Vm5fQjc2QkhBa3QyMUE2NjdWV0x4ODVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mYWI0OWEtOTFmNC00NjBjLTgyN2ItYzMzMjc4MjJhMTM4
LzEvSDRsczA5alJvR21kcFNFRlhmdFkzQWJkM3pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZnQMA0E
AgACMAcDBQMqB4jAMA0GCSqGSIb3DQEBCwUAA4IBAQB5O0B8oKQW5UmxXiOH+vJx
ZImppsFbXX3E9S2cKOLcDmm8kdbbUu6xxrFwMsjPoCQ8KManUtK/hf9SNMPNNRZW
Hszm5u3DEyq2No3xfaET0zkd0/zPAOcTamr/oy/KTyFDolBTZKK+VY2qCEN7WzFM
az32iddRXSATz/9Cd3KGlT45dicFQ0QqjEPFuaOAnTHtgcweTMuDnyZoSDNv5KQ8
DOLMGQnKE8vothPXoRmzsOMEYIBk25n4vR6X0RvPSxZG16CaX4ltBY1wrqxLuFp4
RmZ66jTdwHYIOwlduu4E8BMP2wTCIU5ePDrcLN46urSoqI8XpzEFzTtxjdF4u86i
-----END CERTIFICATE-----
Generated at Wed Apr 9 04:11:27 2025 by rpki-client