Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/c60a92-8c0b-407a-b203-acbcc6cfd7e3/1/Kg5-kVb-CT-Szk4qOylrOgMLHdQ.roa
File: Kg5-kVb-CT-Szk4qOylrOgMLHdQ.roa (raw, json)
Hash identifier: 7y1Phnt9QqKkLbO9DEolnM5Y/dYlEmphmiuZ26bJCXU=
Subject key identifier: 2A:0E:7E:91:56:FE:09:3F:92:CE:4E:2A:3B:29:6B:3A:03:0B:1D:D4
Certificate issuer: /CN=ef37c4806363eaa6d343af22e038bead2e18b4f4
Certificate serial: 019421B1E88D7C32CEEE5F26549688465F53
Authority key identifier: EF:37:C4:80:63:63:EA:A6:D3:43:AF:22:E0:38:BE:AD:2E:18:B4:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7zfEgGNj6qbTQ68i4Di-rS4YtPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/c60a92-8c0b-407a-b203-acbcc6cfd7e3/1/Kg5-kVb-CT-Szk4qOylrOgMLHdQ.roa
Signing time: Wed 01 Jan 2025 11:48:15 +0000
ROA not before: Wed 01 Jan 2025 11:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198295
IP address blocks: 91.197.212.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e8:8d:7c:32:ce:ee:5f:26:54:96:88:46:5f:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef37c4806363eaa6d343af22e038bead2e18b4f4
Validity
Not Before: Jan 1 11:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a0e7e9156fe093f92ce4e2a3b296b3a030b1dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:41:b0:6e:32:84:fa:9b:85:3b:52:95:a4:70:
27:22:6c:8b:68:e7:29:4a:aa:ff:ae:5a:a5:ae:76:
e7:a7:e0:f7:d7:59:fb:93:ca:46:35:74:17:2d:ae:
ec:92:b4:e9:22:81:67:4a:2b:8c:02:20:53:8b:65:
a3:4c:13:63:ae:5f:82:da:49:3a:88:e8:41:6d:78:
37:c5:57:21:13:de:df:e6:e6:90:ca:60:e9:a1:4e:
98:98:89:c6:76:de:2d:91:7b:4f:1c:23:bc:92:e0:
53:07:52:41:16:b2:88:9f:67:f2:5c:6c:8b:4b:ea:
3f:4a:15:06:fc:6a:39:be:50:26:de:34:a7:f1:28:
1c:af:24:cc:8d:5d:b0:30:43:5f:97:43:48:5b:75:
ba:d9:c8:ba:6e:11:0a:7d:51:72:d8:77:1e:df:94:
b6:05:9f:aa:38:f5:cc:09:97:95:29:a7:6a:03:fa:
8c:65:7e:40:e9:be:d0:c3:76:4b:99:04:2b:de:36:
7c:6e:e2:aa:8d:5e:0e:5e:81:13:0f:cd:1c:d8:9f:
26:78:cb:3e:80:6a:82:8c:2e:d7:5e:ee:27:d0:bb:
8f:d4:6c:45:9d:43:e5:8a:41:d3:e2:1d:7e:0d:8c:
d9:17:de:b1:1d:4d:61:1e:85:90:de:56:79:9f:46:
72:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0E:7E:91:56:FE:09:3F:92:CE:4E:2A:3B:29:6B:3A:03:0B:1D:D4
X509v3 Authority Key Identifier:
keyid:EF:37:C4:80:63:63:EA:A6:D3:43:AF:22:E0:38:BE:AD:2E:18:B4:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7zfEgGNj6qbTQ68i4Di-rS4YtPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c60a92-8c0b-407a-b203-acbcc6cfd7e3/1/Kg5-kVb-CT-Szk4qOylrOgMLHdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c60a92-8c0b-407a-b203-acbcc6cfd7e3/1/7zfEgGNj6qbTQ68i4Di-rS4YtPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.212.0/22
Signature Algorithm: sha256WithRSAEncryption
75:11:df:41:b6:a8:de:cd:8d:e8:a5:0d:03:a3:d0:1e:ca:27:
4f:18:63:f6:4a:fe:1d:44:cb:3d:13:38:1d:6e:7b:1b:16:c7:
af:2f:4d:f3:f8:98:c5:95:54:0a:7e:a8:ce:ce:61:44:5e:0e:
e1:12:df:e4:cc:dd:14:f2:bf:e6:e1:f2:ab:10:7c:50:7c:a0:
20:aa:1e:53:9b:a3:de:76:e1:de:b4:23:78:63:33:57:0a:27:
09:9d:5a:88:0b:61:03:83:76:50:ec:b6:3b:e5:f6:ca:a5:55:
1e:a1:7e:ac:ef:73:d3:6d:b3:e2:9c:72:05:8f:c3:97:67:1e:
fb:b9:a5:36:78:04:55:4e:a2:d6:0e:14:f1:a4:2a:fa:63:60:
27:0e:c6:f0:b0:21:42:93:59:c5:85:a6:64:fb:0a:02:88:68:
db:84:c2:05:54:a2:de:ee:21:32:0f:31:30:c6:43:df:0e:26:
7b:f7:d5:e2:eb:aa:a0:d0:36:75:15:6d:0e:75:fe:00:3b:50:
8f:5a:63:56:9a:7c:50:be:e4:76:6b:78:59:00:cb:26:d6:87:
12:87:c6:eb:80:3e:6f:fa:14:16:89:98:5f:f0:8c:2e:a4:97:
7f:a4:eb:bb:34:cf:d6:23:e1:44:95:95:e6:f1:5d:ef:7c:ca:
68:6a:32:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhseiNfDLO7l8mVJaIRl9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMzdjNDgwNjM2M2VhYTZkMzQzYWYyMmUwMzhiZWFkMmUx
OGI0ZjQwHhcNMjUwMTAxMTE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBlN2U5MTU2ZmUwOTNmOTJjZTRlMmEzYjI5NmIzYTAzMGIxZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUGwbjKE+puFO1KVpHAnImyLaOcp
Sqr/rlqlrnbnp+D311n7k8pGNXQXLa7skrTpIoFnSiuMAiBTi2WjTBNjrl+C2kk6
iOhBbXg3xVchE97f5uaQymDpoU6YmInGdt4tkXtPHCO8kuBTB1JBFrKIn2fyXGyL
S+o/ShUG/Go5vlAm3jSn8SgcryTMjV2wMENfl0NIW3W62ci6bhEKfVFy2Hce35S2
BZ+qOPXMCZeVKadqA/qMZX5A6b7Qw3ZLmQQr3jZ8buKqjV4OXoETD80c2J8meMs+
gGqCjC7XXu4n0LuP1GxFnUPlikHT4h1+DYzZF96xHU1hHoWQ3lZ5n0Zy0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoOfpFW/gk/ks5OKjspazoDCx3UMB8GA1UdIwQY
MBaAFO83xIBjY+qm00OvIuA4vq0uGLT0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3pmRWdHTmo2cWJUUTY4aTREaS1yUzRZdFBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9jNjBhOTItOGMwYi00MDdhLWIyMDMt
YWNiY2M2Y2ZkN2UzLzEvS2c1LWtWYi1DVC1Tems0cU95bHJPZ01MSGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9jNjBhOTItOGMwYi00MDdhLWIyMDMtYWNiY2M2Y2ZkN2Uz
LzEvN3pmRWdHTmo2cWJUUTY4aTREaS1yUzRZdFBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8XUMA0G
CSqGSIb3DQEBCwUAA4IBAQB1Ed9BtqjezY3opQ0Do9AeyidPGGP2Sv4dRMs9Ezgd
bnsbFsevL03z+JjFlVQKfqjOzmFEXg7hEt/kzN0U8r/m4fKrEHxQfKAgqh5Tm6Pe
duHetCN4YzNXCicJnVqIC2EDg3ZQ7LY75fbKpVUeoX6s73PTbbPinHIFj8OXZx77
uaU2eARVTqLWDhTxpCr6Y2AnDsbwsCFCk1nFhaZk+woCiGjbhMIFVKLe7iEyDzEw
xkPfDiZ799Xi66qg0DZ1FW0Odf4AO1CPWmNWmnxQvuR2a3hZAMsm1ocSh8brgD5v
+hQWiZhf8IwupJd/pOu7NM/WI+FElZXm8V3vfMpoajKt
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:57:50 2025 by rpki-client