Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8be1f1-1033-4772-b2f1-28491036231b/1/KvPropQyOjcBfJiHUroQzBvjPrk.roa
File: KvPropQyOjcBfJiHUroQzBvjPrk.roa (raw, json)
Hash identifier: NCsrFgjEEcB/5k+Hy+YgANqbzOGsPzeGCHsnpVRP7Wo=
Subject key identifier: 2A:F3:EB:A2:94:32:3A:37:01:7C:98:87:52:BA:10:CC:1B:E3:3E:B9
Certificate issuer: /CN=2564be81ecbc14d874027bf23b9dec3f7f2080eb
Certificate serial: 0188298AADC4493BB26DF0B3DF04A89E5837
Authority key identifier: 25:64:BE:81:EC:BC:14:D8:74:02:7B:F2:3B:9D:EC:3F:7F:20:80:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JWS-gey8FNh0AnvyO53sP38ggOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8be1f1-1033-4772-b2f1-28491036231b/1/KvPropQyOjcBfJiHUroQzBvjPrk.roa
Signing time: Wed 17 May 2023 11:48:54 +0000
ROA not before: Wed 17 May 2023 11:48:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205134
IP address blocks: 91.216.171.0/25 maxlen: 25
91.216.171.128/25 maxlen: 25
2a12:d9c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:29:8a:ad:c4:49:3b:b2:6d:f0:b3:df:04:a8:9e:58:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2564be81ecbc14d874027bf23b9dec3f7f2080eb
Validity
Not Before: May 17 11:48:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2af3eba294323a37017c988752ba10cc1be33eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9d:74:ae:12:53:a8:55:2a:99:38:25:47:24:
67:25:20:d3:5e:8a:60:2c:a9:13:5e:ec:e0:a2:62:
86:5b:62:0d:95:f9:02:3e:69:c0:6d:0c:4e:0f:ec:
1d:a0:ed:24:0b:49:b7:ad:82:16:bd:5c:f1:d2:a8:
8a:61:b4:95:d1:1d:29:fd:d7:c2:0f:24:db:b7:71:
e4:6c:3f:34:17:d5:fe:d3:26:1d:41:1f:1b:8e:dd:
0c:16:16:85:b7:55:b0:ab:cb:86:6f:bd:74:4f:50:
c5:83:c7:a9:eb:12:85:2f:fb:ba:df:6a:30:74:91:
84:d2:84:f5:01:1e:1f:43:9b:53:f7:67:6a:89:41:
d8:d4:45:57:c9:45:73:4b:05:f8:f4:37:6d:74:4d:
b5:41:32:71:9c:a6:e4:76:f6:f5:e1:8e:db:72:1e:
d7:4f:c1:3c:48:a9:b8:c6:81:a7:5e:3d:a3:47:46:
f1:c6:63:b6:8a:f1:e1:ea:25:37:da:f9:ba:a5:27:
9d:6f:cf:0d:ba:80:5b:96:4b:04:bf:10:3b:f6:66:
91:36:f7:3a:bd:23:59:60:52:d0:3a:6a:2c:32:9e:
84:ac:ed:eb:8b:a7:18:9c:9c:f4:e9:a0:db:00:42:
53:02:2b:96:1c:bb:eb:c3:0e:c3:54:f3:8d:b1:b1:
8c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F3:EB:A2:94:32:3A:37:01:7C:98:87:52:BA:10:CC:1B:E3:3E:B9
X509v3 Authority Key Identifier:
keyid:25:64:BE:81:EC:BC:14:D8:74:02:7B:F2:3B:9D:EC:3F:7F:20:80:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JWS-gey8FNh0AnvyO53sP38ggOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8be1f1-1033-4772-b2f1-28491036231b/1/KvPropQyOjcBfJiHUroQzBvjPrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8be1f1-1033-4772-b2f1-28491036231b/1/JWS-gey8FNh0AnvyO53sP38ggOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.171.0/24
IPv6:
2a12:d9c0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:a7:e2:86:80:e7:16:1b:df:0d:14:10:e7:cb:9e:70:2b:ad:
7c:5a:96:11:7e:bc:49:30:f3:2d:ec:d9:1d:f3:b8:43:48:4a:
e9:43:94:6a:08:c8:95:91:53:e9:47:fd:35:4e:8a:43:0d:db:
c8:80:1d:dc:8d:3e:a6:e6:1a:58:af:22:51:81:a7:0a:58:68:
77:a9:9f:4e:ce:6b:ca:f9:d3:06:2c:a9:02:bd:1f:54:99:63:
57:4d:01:d8:9f:9d:32:96:f5:44:a3:4a:1b:d9:ec:bd:23:2a:
d4:b6:0b:79:2f:b8:1c:6c:5e:64:a5:1b:81:90:07:d7:29:e7:
51:6f:f4:cb:18:95:e6:2a:24:89:7c:b1:9e:16:be:1e:db:48:
b4:4c:3b:7a:da:87:3e:db:6b:46:f7:04:96:68:89:f3:31:3c:
4f:70:91:46:a1:8b:9e:2d:d2:50:74:d4:23:ab:bf:94:ad:66:
7a:f0:c3:fc:4f:fc:50:5c:10:a8:a1:35:10:b0:c6:31:1e:f9:
1d:d6:90:b7:f5:89:3b:b5:30:0e:c7:cf:ec:3b:d3:10:18:90:
f0:0a:72:2d:f6:a1:4c:37:dd:65:91:d4:39:2c:5b:95:cf:b8:
24:a9:46:e8:01:e6:e3:ed:af:8e:b5:b7:e3:f4:17:14:71:e4:
ab:11:d0:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYgpiq3ESTuybfCz3wSonlg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NjRiZTgxZWNiYzE0ZDg3NDAyN2JmMjNiOWRlYzNmN2Yy
MDgwZWIwHhcNMjMwNTE3MTE0ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWYzZWJhMjk0MzIzYTM3MDE3Yzk4ODc1MmJhMTBjYzFiZTMzZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZ10rhJTqFUqmTglRyRnJSDTXopg
LKkTXuzgomKGW2INlfkCPmnAbQxOD+wdoO0kC0m3rYIWvVzx0qiKYbSV0R0p/dfC
DyTbt3HkbD80F9X+0yYdQR8bjt0MFhaFt1Wwq8uGb710T1DFg8ep6xKFL/u632ow
dJGE0oT1AR4fQ5tT92dqiUHY1EVXyUVzSwX49DdtdE21QTJxnKbkdvb14Y7bch7X
T8E8SKm4xoGnXj2jR0bxxmO2ivHh6iU32vm6pSedb88NuoBblksEvxA79maRNvc6
vSNZYFLQOmosMp6ErO3ri6cYnJz06aDbAEJTAiuWHLvrww7DVPONsbGMPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCrz66KUMjo3AXyYh1K6EMwb4z65MB8GA1UdIwQY
MBaAFCVkvoHsvBTYdAJ78jud7D9/IIDrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSldTLWdleThGTmgwQW52eU81M3NQMzhnZ09zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84YmUxZjEtMTAzMy00NzcyLWIyZjEt
Mjg0OTEwMzYyMzFiLzEvS3ZQcm9wUXlPamNCZkppSFVyb1F6QnZqUHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84YmUxZjEtMTAzMy00NzcyLWIyZjEtMjg0OTEwMzYyMzFi
LzEvSldTLWdleThGTmgwQW52eU81M3NQMzhnZ09zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9irMA0E
AgACMAcDBQMqEtnAMA0GCSqGSIb3DQEBCwUAA4IBAQC3p+KGgOcWG98NFBDny55w
K618WpYRfrxJMPMt7Nkd87hDSErpQ5RqCMiVkVPpR/01TopDDdvIgB3cjT6m5hpY
ryJRgacKWGh3qZ9OzmvK+dMGLKkCvR9UmWNXTQHYn50ylvVEo0ob2ey9IyrUtgt5
L7gcbF5kpRuBkAfXKedRb/TLGJXmKiSJfLGeFr4e20i0TDt62oc+22tG9wSWaInz
MTxPcJFGoYueLdJQdNQjq7+UrWZ68MP8T/xQXBCooTUQsMYxHvkd1pC39Yk7tTAO
x8/sO9MQGJDwCnIt9qFMN91lkdQ5LFuVz7gkqUboAebj7a+Otbfj9BcUceSrEdDg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:47 2024 by rpki-client on console-fra.rpki-client.org