Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/kJ8USl-CuRMFXzbxSgE8sXBGngw.roa
File: kJ8USl-CuRMFXzbxSgE8sXBGngw.roa (raw, json)
Hash identifier: 2xL/58KHP5Hyj8g6eO0RiATHRjr5bChJ+dvKYUca1tI=
Subject key identifier: 90:9F:14:4A:5F:82:B9:13:05:5F:36:F1:4A:01:3C:B1:70:46:9E:0C
Certificate issuer: /CN=ba838f1ca8bdcd81c04b6b678e79be614e51b111
Certificate serial: 019426D9D7A4F5B6B1C18CFE7B9FD7CA91B6
Authority key identifier: BA:83:8F:1C:A8:BD:CD:81:C0:4B:6B:67:8E:79:BE:61:4E:51:B1:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uoOPHKi9zYHAS2tnjnm-YU5RsRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/kJ8USl-CuRMFXzbxSgE8sXBGngw.roa
Signing time: Thu 02 Jan 2025 11:49:58 +0000
ROA not before: Thu 02 Jan 2025 11:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 91.230.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d7:a4:f5:b6:b1:c1:8c:fe:7b:9f:d7:ca:91:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba838f1ca8bdcd81c04b6b678e79be614e51b111
Validity
Not Before: Jan 2 11:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=909f144a5f82b913055f36f14a013cb170469e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:06:d5:5d:91:58:4c:2f:14:27:9a:cc:75:1f:
35:1c:dc:fa:44:e5:5a:c1:5b:a0:44:6a:ce:95:2d:
5e:62:67:06:71:f8:42:93:91:4a:50:70:3b:ff:28:
bf:98:dd:4e:47:60:4d:05:b3:90:fb:c4:04:08:7e:
34:b7:d4:53:d8:7d:75:b1:23:8a:97:6b:8f:31:de:
9d:35:18:ca:ff:3b:8f:04:32:c2:59:87:82:0e:2a:
aa:fd:c6:e5:37:11:96:53:17:f8:cc:85:e3:d4:6c:
4b:71:55:b3:2c:67:59:71:fb:40:cd:df:e7:23:ee:
5a:3b:05:53:38:52:5c:62:b2:67:94:c0:81:84:ce:
af:ae:0a:62:93:f9:88:8a:bd:0e:70:45:19:4c:6b:
fa:5f:1b:e0:d8:2b:08:d8:5f:71:5b:69:fb:99:12:
e2:03:10:f7:db:56:91:46:e8:2a:2c:2a:b8:93:d4:
df:bd:5d:2b:3e:55:d3:e1:07:c2:9c:68:d5:f7:49:
0b:c8:30:ba:df:97:5f:2c:4a:c0:08:59:e9:64:4a:
6f:bc:9a:c6:d1:75:7b:c8:0e:56:9f:46:d1:23:0e:
0f:3f:4a:13:93:5d:02:ef:d4:04:aa:fc:86:b1:ad:
61:e3:ea:74:32:05:3d:9d:2d:a5:33:4a:bd:0f:80:
4b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:9F:14:4A:5F:82:B9:13:05:5F:36:F1:4A:01:3C:B1:70:46:9E:0C
X509v3 Authority Key Identifier:
keyid:BA:83:8F:1C:A8:BD:CD:81:C0:4B:6B:67:8E:79:BE:61:4E:51:B1:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uoOPHKi9zYHAS2tnjnm-YU5RsRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/kJ8USl-CuRMFXzbxSgE8sXBGngw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/uoOPHKi9zYHAS2tnjnm-YU5RsRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.249.0/24
Signature Algorithm: sha256WithRSAEncryption
56:54:47:fe:c6:f9:89:3c:92:80:71:f8:fb:2e:2f:8a:f7:4e:
79:50:45:21:09:7b:5c:9b:40:23:c7:aa:dc:10:a9:b1:85:b3:
73:42:ba:ea:18:10:84:fb:5d:7f:41:7d:9a:a6:36:b4:98:39:
9d:c5:56:8d:b2:4a:cb:b6:52:9f:2a:b0:de:37:13:f4:bf:e5:
27:38:e5:a1:48:2a:fa:0e:40:0e:39:86:79:6e:31:53:bf:4d:
6f:c6:02:8c:56:25:92:1b:49:f4:b3:9b:98:ab:49:e9:ff:12:
21:0a:8f:d6:f5:41:8d:3b:66:db:b0:8f:d9:bb:50:b8:ec:b7:
a6:93:98:ec:56:f2:c0:39:8b:8c:37:81:63:a7:35:04:e8:91:
e7:22:08:ce:80:33:71:16:53:59:8e:41:ba:ba:61:4e:4d:bf:
a5:a8:13:11:ed:97:49:a9:d5:da:50:b0:71:d2:87:09:49:2e:
47:27:77:99:d1:74:8f:d1:1b:87:06:f8:bc:63:6e:18:d2:ea:
03:7e:e2:72:37:b3:d5:23:5a:a1:1c:cd:33:c2:13:bb:83:f1:
d4:e9:1c:8f:da:e2:43:e8:8f:ca:c6:ff:cd:de:75:aa:08:a9:
58:b3:fe:35:97:07:2d:9b:5b:2e:bd:08:2f:c5:d1:09:75:9e:
52:ec:b0:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2dek9baxwYz+e5/XypG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhODM4ZjFjYThiZGNkODFjMDRiNmI2NzhlNzliZTYxNGU1
MWIxMTEwHhcNMjUwMTAyMTE0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDlmMTQ0YTVmODJiOTEzMDU1ZjM2ZjE0YTAxM2NiMTcwNDY5ZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/gbVXZFYTC8UJ5rMdR81HNz6ROVa
wVugRGrOlS1eYmcGcfhCk5FKUHA7/yi/mN1OR2BNBbOQ+8QECH40t9RT2H11sSOK
l2uPMd6dNRjK/zuPBDLCWYeCDiqq/cblNxGWUxf4zIXj1GxLcVWzLGdZcftAzd/n
I+5aOwVTOFJcYrJnlMCBhM6vrgpik/mIir0OcEUZTGv6Xxvg2CsI2F9xW2n7mRLi
AxD321aRRugqLCq4k9TfvV0rPlXT4QfCnGjV90kLyDC635dfLErACFnpZEpvvJrG
0XV7yA5Wn0bRIw4PP0oTk10C79QEqvyGsa1h4+p0MgU9nS2lM0q9D4BLRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCfFEpfgrkTBV828UoBPLFwRp4MMB8GA1UdIwQY
MBaAFLqDjxyovc2BwEtrZ455vmFOUbERMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW9PUEhLaTl6WUhBUzJ0bmpubS1ZVTVSc1JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kYjRlODgtZTU4ZC00MzQ1LTgwYzct
MDkzZWI5YTlhYThiLzEva0o4VVNsLUN1Uk1GWHpieFNnRThzWEJHbmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kYjRlODgtZTU4ZC00MzQ1LTgwYzctMDkzZWI5YTlhYThi
LzEvdW9PUEhLaTl6WUhBUzJ0bmpubS1ZVTVSc1JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+b5MA0G
CSqGSIb3DQEBCwUAA4IBAQBWVEf+xvmJPJKAcfj7Li+K9055UEUhCXtcm0Ajx6rc
EKmxhbNzQrrqGBCE+11/QX2apja0mDmdxVaNskrLtlKfKrDeNxP0v+UnOOWhSCr6
DkAOOYZ5bjFTv01vxgKMViWSG0n0s5uYq0np/xIhCo/W9UGNO2bbsI/Zu1C47Lem
k5jsVvLAOYuMN4FjpzUE6JHnIgjOgDNxFlNZjkG6umFOTb+lqBMR7ZdJqdXaULBx
0ocJSS5HJ3eZ0XSP0RuHBvi8Y24Y0uoDfuJyN7PVI1qhHM0zwhO7g/HU6RyP2uJD
6I/Kxv/N3nWqCKlYs/41lwctm1suvQgvxdEJdZ5S7LAL
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:31:41 2025 by rpki-client