Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/KflzERF-Jvc-rzV7E-WgeBFfSNg.roa
File: KflzERF-Jvc-rzV7E-WgeBFfSNg.roa (raw, json)
Hash identifier: Un55cWKTu6K3kipXwsJhmsxUlhLzapnmwYdbZcCL0uQ=
Subject key identifier: 29:F9:73:11:11:7E:26:F7:3E:AF:35:7B:13:E5:A0:78:11:5F:48:D8
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0193FEA7A31C6700537182C1C072D1C3BCDA
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/KflzERF-Jvc-rzV7E-WgeBFfSNg.roa
Signing time: Wed 25 Dec 2024 16:30:19 +0000
ROA not before: Wed 25 Dec 2024 16:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209982
IP address blocks: 91.239.59.0/24 maxlen: 24
194.35.52.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fe:a7:a3:1c:67:00:53:71:82:c1:c0:72:d1:c3:bc:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 25 16:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29f97311117e26f73eaf357b13e5a078115f48d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:03:78:7a:61:64:c5:c7:72:70:fe:4b:7d:e1:
a0:41:0c:c6:90:c2:a4:1a:7e:bf:0a:5c:b9:83:5c:
28:6c:75:0e:3f:02:5f:22:16:e5:bb:3b:4b:55:e9:
63:d7:79:d3:31:d2:4d:55:7c:0e:39:51:9e:31:ee:
5a:c7:4e:e6:50:c9:7d:d9:0f:53:6f:fc:78:09:0f:
b0:3d:87:16:68:09:68:42:3f:b1:1f:31:33:87:70:
5c:bd:63:1d:a4:cb:a6:f0:f9:a4:92:85:2e:21:39:
cb:18:1f:32:06:91:ee:82:96:ae:ba:3c:7c:c7:ec:
43:02:fa:d5:3e:e3:74:2e:d9:08:0e:94:51:ad:01:
15:bb:36:04:ae:f3:2a:db:2e:2c:6d:10:d6:d6:a5:
9f:36:53:32:a9:63:52:d3:78:c3:d7:8a:1a:71:35:
29:67:3c:22:d4:6b:c3:ba:20:36:c3:48:a2:fa:64:
14:db:4b:67:09:f5:56:e6:da:70:1c:9b:05:e1:2f:
e4:08:7f:78:29:db:a4:64:3c:10:af:b2:34:c5:df:
b6:d0:c9:26:e6:39:af:7b:42:cc:4d:00:b3:71:2a:
bb:c2:7d:73:71:58:64:37:de:1d:a8:90:e3:73:89:
85:d1:cd:0b:9a:1d:42:46:b5:3c:48:43:da:eb:85:
d8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F9:73:11:11:7E:26:F7:3E:AF:35:7B:13:E5:A0:78:11:5F:48:D8
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/KflzERF-Jvc-rzV7E-WgeBFfSNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.59.0/24
194.35.52.0/22
Signature Algorithm: sha256WithRSAEncryption
97:a4:2f:26:24:5e:13:57:e3:15:e6:ef:4a:d1:30:ee:5e:3d:
7b:5c:d2:9e:84:6d:e4:51:67:36:ab:d2:8c:51:5c:86:01:60:
ee:67:96:ff:85:91:af:63:66:b6:2e:d4:10:85:a8:6a:90:aa:
dd:97:ab:a0:9b:a1:5e:bb:07:e3:03:dd:dd:64:54:48:f7:48:
c9:9e:da:58:21:86:b1:1c:85:8e:0c:f9:30:3a:04:14:1e:c7:
5a:bf:d2:a9:f4:10:cf:0b:86:f9:3d:5b:c3:2a:5a:1f:e1:7c:
8b:af:6c:10:07:f9:e8:91:1b:59:c6:15:14:4d:43:ba:fb:2b:
37:1f:c4:b0:65:30:d1:52:95:3c:b8:33:30:de:df:24:8b:2e:
66:07:e3:40:49:fd:77:a4:6b:c4:1f:6d:26:68:e7:37:0f:39:
21:ea:87:ec:60:e8:91:74:e3:96:27:ee:7e:e4:06:d4:4d:13:
e0:6c:84:04:ec:00:e2:78:bd:3c:09:1d:a4:e0:ab:75:ac:b1:
e1:c7:a8:33:5d:31:7b:fe:b3:76:9e:72:0a:49:6e:9a:44:b2:
a4:5b:3d:43:c0:4c:35:d0:0a:ed:12:49:d6:79:91:6e:17:3c:
26:78:4f:ee:e7:3f:fc:d7:05:db:3b:31:34:ac:e7:8a:2e:43:
39:84:9a:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZP+p6McZwBTcYLBwHLRw7zaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQxMjI1MTYzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWY5NzMxMTExN2UyNmY3M2VhZjM1N2IxM2U1YTA3ODExNWY0OGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gN4emFkxcdycP5LfeGgQQzGkMKk
Gn6/Cly5g1wobHUOPwJfIhbluztLVelj13nTMdJNVXwOOVGeMe5ax07mUMl92Q9T
b/x4CQ+wPYcWaAloQj+xHzEzh3BcvWMdpMum8PmkkoUuITnLGB8yBpHugpauujx8
x+xDAvrVPuN0LtkIDpRRrQEVuzYErvMq2y4sbRDW1qWfNlMyqWNS03jD14oacTUp
Zzwi1GvDuiA2w0ii+mQU20tnCfVW5tpwHJsF4S/kCH94KdukZDwQr7I0xd+20Mkm
5jmve0LMTQCzcSq7wn1zcVhkN94dqJDjc4mF0c0Lmh1CRrU8SEPa64XYawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCn5cxERfib3Pq81exPloHgRX0jYMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvS2ZsekVSRi1KdmMtcnpWN0UtV2dlQkZmU05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+87AwQC
wiM0MA0GCSqGSIb3DQEBCwUAA4IBAQCXpC8mJF4TV+MV5u9K0TDuXj17XNKehG3k
UWc2q9KMUVyGAWDuZ5b/hZGvY2a2LtQQhahqkKrdl6ugm6FeuwfjA93dZFRI90jJ
ntpYIYaxHIWODPkwOgQUHsdav9Kp9BDPC4b5PVvDKlof4XyLr2wQB/nokRtZxhUU
TUO6+ys3H8SwZTDRUpU8uDMw3t8kiy5mB+NASf13pGvEH20maOc3Dzkh6ofsYOiR
dOOWJ+5+5AbUTRPgbIQE7ADieL08CR2k4Kt1rLHhx6gzXTF7/rN2nnIKSW6aRLKk
Wz1DwEw10ArtEknWeZFuFzwmeE/u5z/81wXbOzE0rOeKLkM5hJqB
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:41:30 2025 by rpki-client