Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/414a83-4852-40b5-9168-82d2b8a5591a/1/KbwlJJtQ5IsYV5ZzFssxRvHocl4.roa
File: KbwlJJtQ5IsYV5ZzFssxRvHocl4.roa (raw, json)
Hash identifier: XmICl2JLaR1IFln4QvSv+qU0H/xZNiufgM/xLp70uXk=
Subject key identifier: 29:BC:25:24:9B:50:E4:8B:18:57:96:73:16:CB:31:46:F1:E8:72:5E
Certificate issuer: /CN=f502719c3f988e4ac4452a31295665fd92e93408
Certificate serial: 01884E8F157DC8E2C0B29EC4A68D7D0C4119
Authority key identifier: F5:02:71:9C:3F:98:8E:4A:C4:45:2A:31:29:56:65:FD:92:E9:34:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QJxnD-YjkrERSoxKVZl_ZLpNAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/414a83-4852-40b5-9168-82d2b8a5591a/1/KbwlJJtQ5IsYV5ZzFssxRvHocl4.roa
Signing time: Wed 24 May 2023 16:19:39 +0000
ROA not before: Wed 24 May 2023 16:19:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198193
IP address blocks: 185.206.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4e:8f:15:7d:c8:e2:c0:b2:9e:c4:a6:8d:7d:0c:41:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f502719c3f988e4ac4452a31295665fd92e93408
Validity
Not Before: May 24 16:19:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29bc25249b50e48b1857967316cb3146f1e8725e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:55:88:b0:18:66:a0:93:5b:20:ad:69:d0:12:
15:90:80:da:81:58:65:2e:06:f8:6f:b1:a2:13:15:
fe:72:51:69:6b:19:67:e8:6d:d5:74:4b:bf:ae:80:
5e:0a:7a:1e:59:c8:fb:23:aa:1f:a8:0c:9c:43:0b:
d4:54:0b:0f:02:4a:20:43:53:a8:59:7a:4b:81:42:
9b:03:29:61:04:a9:e2:58:c8:cc:99:07:cd:1b:c8:
c3:60:ce:21:62:b7:8b:ea:71:55:46:1a:ea:74:6e:
53:fa:ff:e1:1f:06:a1:94:00:34:47:f4:22:b8:b8:
e5:29:4e:ba:aa:a1:72:92:4b:3d:03:ac:38:a0:34:
a4:57:bb:1d:b4:cc:64:63:e3:fc:72:1d:06:bf:5c:
e6:fc:de:57:33:e1:59:52:08:a4:cc:29:cc:6b:96:
90:4c:01:4b:9a:ca:df:1a:3b:80:d2:ad:ca:58:44:
43:15:5a:f3:17:d7:da:6e:1a:9d:fb:bc:5a:d7:ce:
3d:9a:ad:c7:ca:91:dd:ec:9f:86:79:31:0d:f4:5d:
10:85:ff:5f:a1:62:43:49:7c:8f:b0:be:35:c7:07:
a1:9a:5e:a9:b0:ee:c0:91:98:cb:a9:96:91:41:9d:
74:d5:50:45:9c:83:9d:5a:e6:94:82:d7:32:aa:e1:
13:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:BC:25:24:9B:50:E4:8B:18:57:96:73:16:CB:31:46:F1:E8:72:5E
X509v3 Authority Key Identifier:
keyid:F5:02:71:9C:3F:98:8E:4A:C4:45:2A:31:29:56:65:FD:92:E9:34:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QJxnD-YjkrERSoxKVZl_ZLpNAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/414a83-4852-40b5-9168-82d2b8a5591a/1/KbwlJJtQ5IsYV5ZzFssxRvHocl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/414a83-4852-40b5-9168-82d2b8a5591a/1/9QJxnD-YjkrERSoxKVZl_ZLpNAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.121.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:44:67:28:b9:2b:dd:a9:84:cb:c7:d8:ef:b6:cb:24:c1:69:
8d:70:9a:ab:3c:e5:a4:1d:be:39:76:0c:df:21:73:c5:dc:f4:
20:26:e2:55:46:7a:01:ef:4a:50:c1:2c:aa:29:97:69:c5:ac:
a0:cc:4c:d3:76:18:ad:ef:26:5e:05:00:68:ca:d8:76:9f:06:
b4:34:71:c8:f8:4a:89:da:0e:fc:17:92:7b:56:bf:5d:78:1a:
9b:b1:c4:01:f8:08:0a:a2:bd:8a:e9:83:2c:bb:8d:40:0d:dc:
59:d2:4e:c1:8a:6f:7f:d7:5b:1a:a9:a0:4f:ec:87:da:f5:8d:
0b:ac:41:99:a8:f2:cb:65:0e:a2:b3:bb:dc:f4:91:5e:23:6a:
91:c2:d7:73:ec:2d:10:ee:04:92:36:01:c4:3f:93:1b:26:eb:
4c:27:c9:d5:cd:35:bc:34:5a:8c:6d:68:51:0c:00:a9:a4:90:
9c:dd:3e:80:13:21:08:ef:0b:4a:88:b4:54:58:66:0e:04:a6:
13:32:28:ec:fe:8f:55:df:18:c7:e7:5a:15:01:24:84:a7:b9:
c3:92:b9:60:ad:2b:aa:56:e2:f9:4d:d8:70:c4:18:98:c0:d7:
67:e7:cb:c1:16:e5:c4:47:d2:28:f4:47:f4:f6:31:df:02:bb:
1a:96:ae:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhOjxV9yOLAsp7Epo19DEEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MDI3MTljM2Y5ODhlNGFjNDQ1MmEzMTI5NTY2NWZkOTJl
OTM0MDgwHhcNMjMwNTI0MTYxOTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWJjMjUyNDliNTBlNDhiMTg1Nzk2NzMxNmNiMzE0NmYxZTg3MjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1WIsBhmoJNbIK1p0BIVkIDagVhl
Lgb4b7GiExX+clFpaxln6G3VdEu/roBeCnoeWcj7I6ofqAycQwvUVAsPAkogQ1Oo
WXpLgUKbAylhBKniWMjMmQfNG8jDYM4hYreL6nFVRhrqdG5T+v/hHwahlAA0R/Qi
uLjlKU66qqFykks9A6w4oDSkV7sdtMxkY+P8ch0Gv1zm/N5XM+FZUgikzCnMa5aQ
TAFLmsrfGjuA0q3KWERDFVrzF9fabhqd+7xa1849mq3HypHd7J+GeTEN9F0Qhf9f
oWJDSXyPsL41xwehml6psO7AkZjLqZaRQZ101VBFnIOdWuaUgtcyquETywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCm8JSSbUOSLGFeWcxbLMUbx6HJeMB8GA1UdIwQY
MBaAFPUCcZw/mI5KxEUqMSlWZf2S6TQIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVFKeG5ELVlqa3JFUlNveEtWWmxfWkxwTkFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80MTRhODMtNDg1Mi00MGI1LTkxNjgt
ODJkMmI4YTU1OTFhLzEvS2J3bEpKdFE1SXNZVjVaekZzc3hSdkhvY2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80MTRhODMtNDg1Mi00MGI1LTkxNjgtODJkMmI4YTU1OTFh
LzEvOVFKeG5ELVlqa3JFUlNveEtWWmxfWkxwTkFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc55MA0G
CSqGSIb3DQEBCwUAA4IBAQCbRGcouSvdqYTLx9jvtsskwWmNcJqrPOWkHb45dgzf
IXPF3PQgJuJVRnoB70pQwSyqKZdpxaygzEzTdhit7yZeBQBoyth2nwa0NHHI+EqJ
2g78F5J7Vr9deBqbscQB+AgKor2K6YMsu41ADdxZ0k7Bim9/11saqaBP7Ifa9Y0L
rEGZqPLLZQ6is7vc9JFeI2qRwtdz7C0Q7gSSNgHEP5MbJutMJ8nVzTW8NFqMbWhR
DACppJCc3T6AEyEI7wtKiLRUWGYOBKYTMijs/o9V3xjH51oVASSEp7nDkrlgrSuq
VuL5TdhwxBiYwNdn58vBFuXER9Io9Ef09jHfArsalq40
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:11:04 2025 by rpki-client