Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/Kn_2eJGh3EcHDuB-OJ8l3E2w8hE.roa
File: Kn_2eJGh3EcHDuB-OJ8l3E2w8hE.roa (raw, json)
Hash identifier: kQ83aGfbv2Iq481MBuTu7pjTHv3tFZPurvWLoY3PlVA=
Subject key identifier: 2A:7F:F6:78:91:A1:DC:47:07:0E:E0:7E:38:9F:25:DC:4D:B0:F2:11
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 019422FC4359CCFBB1786E064AEE6DD9FA81
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/Kn_2eJGh3EcHDuB-OJ8l3E2w8hE.roa
Signing time: Wed 01 Jan 2025 17:49:05 +0000
ROA not before: Wed 01 Jan 2025 17:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212719
IP address blocks: 94.188.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:43:59:cc:fb:b1:78:6e:06:4a:ee:6d:d9:fa:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Jan 1 17:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a7ff67891a1dc47070ee07e389f25dc4db0f211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3c:44:06:af:52:ab:55:26:72:9e:f6:ee:c3:
b6:93:6d:57:9e:96:a6:1f:1a:f2:a0:00:a6:69:78:
e7:e5:d5:b5:1a:d3:0a:6d:79:7e:0f:d1:ab:94:7e:
7c:68:db:a2:1d:e5:b9:3d:da:06:0c:84:83:44:11:
e6:da:3c:4c:a9:89:34:08:fc:60:cb:b8:1a:89:82:
de:38:34:d8:1c:70:10:64:9d:aa:54:99:75:60:00:
41:66:68:9a:1b:42:a7:4c:62:de:6e:ed:b4:8f:db:
8b:41:1b:ba:38:93:08:ab:d5:92:00:93:8b:d6:87:
ce:35:17:64:6e:2e:58:42:1d:05:ad:dc:50:8e:27:
0e:4a:3d:c8:43:d1:d7:91:c5:4e:35:49:95:95:83:
6c:00:1b:d9:34:13:42:e5:35:4f:05:b0:2b:93:5d:
38:ce:9e:ce:71:83:79:98:36:59:17:0d:2d:dc:e2:
46:02:ea:06:ac:d9:58:fb:70:bd:71:b9:98:45:27:
25:c2:84:df:2a:5c:2a:6f:02:4c:cb:ab:65:1b:c8:
6f:27:75:75:d0:25:2b:68:40:b4:ef:a3:9b:bc:b2:
14:59:ec:cf:84:2c:aa:24:be:34:54:d7:18:35:28:
81:d0:27:7e:b0:1e:1a:17:43:ed:d1:2d:91:14:b2:
09:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7F:F6:78:91:A1:DC:47:07:0E:E0:7E:38:9F:25:DC:4D:B0:F2:11
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/Kn_2eJGh3EcHDuB-OJ8l3E2w8hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.250.0/24
Signature Algorithm: sha256WithRSAEncryption
85:46:ea:e0:95:5e:48:11:33:1f:ae:58:cf:57:9b:d5:33:d7:
95:8d:e4:1b:68:55:1e:00:c3:23:7c:6f:f6:9d:87:28:da:a0:
a2:3b:82:59:36:ca:a2:ca:52:dc:d5:29:1c:8d:c8:1b:e1:25:
7d:ad:63:a0:05:f3:7b:1e:18:27:01:3c:5d:23:f2:e6:8f:85:
15:c1:09:e0:d5:c7:3d:b3:45:b1:ff:0e:5a:86:ce:a2:20:1b:
e0:d3:bd:1e:c9:13:f9:44:84:13:46:4b:e5:cb:ee:17:35:5d:
c1:ea:5d:e6:d9:ed:cb:7d:d1:34:86:fe:32:19:05:1b:46:b5:
88:9f:c3:12:a4:aa:0b:a3:b2:ec:07:50:e8:00:10:00:35:24:
82:47:e3:01:35:15:d5:8e:8c:32:95:f5:c2:e6:0d:e9:e0:09:
70:37:fe:3c:e2:0e:7e:2a:2b:bb:e1:e1:ba:e4:72:24:f5:30:
43:e2:3e:bf:6c:08:da:89:59:96:44:4d:c4:60:3a:fe:a0:1f:
86:3f:0e:c3:24:04:53:ba:8d:30:82:71:7f:8f:5c:c3:35:88:
ee:04:0b:3b:47:a3:fe:fa:6e:78:6a:74:4d:a9:03:19:a3:ba:
c7:59:e5:d1:2f:84:bf:25:03:1b:61:e6:39:12:39:77:79:10:
ca:f9:cc:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/ENZzPuxeG4GSu5t2fqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjUwMTAxMTc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdmZjY3ODkxYTFkYzQ3MDcwZWUwN2UzODlmMjVkYzRkYjBmMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjxEBq9Sq1Umcp727sO2k21Xnpam
HxryoACmaXjn5dW1GtMKbXl+D9GrlH58aNuiHeW5PdoGDISDRBHm2jxMqYk0CPxg
y7gaiYLeODTYHHAQZJ2qVJl1YABBZmiaG0KnTGLebu20j9uLQRu6OJMIq9WSAJOL
1ofONRdkbi5YQh0FrdxQjicOSj3IQ9HXkcVONUmVlYNsABvZNBNC5TVPBbArk104
zp7OcYN5mDZZFw0t3OJGAuoGrNlY+3C9cbmYRSclwoTfKlwqbwJMy6tlG8hvJ3V1
0CUraEC076ObvLIUWezPhCyqJL40VNcYNSiB0Cd+sB4aF0Pt0S2RFLIJbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCp/9niRodxHBw7gfjifJdxNsPIRMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvS25fMmVKR2gzRWNIRHVCLU9KOGwzRTJ3OGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrz6MA0G
CSqGSIb3DQEBCwUAA4IBAQCFRurglV5IETMfrljPV5vVM9eVjeQbaFUeAMMjfG/2
nYco2qCiO4JZNsqiylLc1Skcjcgb4SV9rWOgBfN7HhgnATxdI/Lmj4UVwQng1cc9
s0Wx/w5ahs6iIBvg070eyRP5RIQTRkvly+4XNV3B6l3m2e3LfdE0hv4yGQUbRrWI
n8MSpKoLo7LsB1DoABAANSSCR+MBNRXVjowylfXC5g3p4AlwN/484g5+Kiu74eG6
5HIk9TBD4j6/bAjaiVmWRE3EYDr+oB+GPw7DJARTuo0wgnF/j1zDNYjuBAs7R6P+
+m54anRNqQMZo7rHWeXRL4S/JQMbYeY5Ejl3eRDK+cwk
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:42 2025 by rpki-client