Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/klIc4ZNVT1LwU0DQlMXIrVaVmLs.roa
File: klIc4ZNVT1LwU0DQlMXIrVaVmLs.roa (raw, json)
Hash identifier: SAEe+9HwnRAdESV5SfzzY+NYMhtlZcvtIkyW+b/wMYw=
Subject key identifier: 92:52:1C:E1:93:55:4F:52:F0:53:40:D0:94:C5:C8:AD:56:95:98:BB
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 0194AD46CFC0D971F2481A667ADC716FE37D
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/klIc4ZNVT1LwU0DQlMXIrVaVmLs.roa
Signing time: Tue 28 Jan 2025 14:18:06 +0000
ROA not before: Tue 28 Jan 2025 14:18:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213503
IP address blocks: 87.247.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:46:cf:c0:d9:71:f2:48:1a:66:7a:dc:71:6f:e3:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 28 14:18:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92521ce193554f52f05340d094c5c8ad569598bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:57:b9:88:fe:6f:64:b6:95:3d:8f:b5:b2:e3:
a0:27:32:d0:1f:a0:80:40:96:16:55:4a:fb:8c:44:
f4:c5:65:cd:e4:6d:08:36:09:2c:9b:9f:8e:62:f6:
43:59:02:3f:36:58:5e:52:df:a5:33:b0:09:d8:74:
3d:e7:c0:da:6d:d0:45:53:7c:53:53:95:8b:12:2b:
fb:70:c8:bd:82:a5:a5:45:2f:4e:a1:6d:70:50:51:
11:b4:a2:d3:8c:3a:08:88:d6:e9:20:fc:f0:2b:d7:
3f:d2:34:66:47:1a:45:77:77:9c:25:90:69:37:e2:
e6:e0:98:9c:ee:b0:4a:6e:a3:46:6a:45:ef:34:43:
88:d7:cf:ab:72:82:c3:f0:28:fa:2d:bd:cf:6d:0d:
ef:7a:c1:62:9e:79:e0:f1:a8:63:97:81:f0:17:70:
44:01:4d:07:30:31:6d:a0:45:60:10:b9:29:b0:9e:
93:54:43:35:1a:b6:27:e5:33:b9:93:5c:27:be:30:
92:0c:e5:21:96:d0:e9:ef:5f:01:d7:32:97:60:d7:
ce:93:7b:39:24:7c:ee:0c:80:80:f1:31:70:b0:28:
0e:e1:89:c2:e9:20:9f:04:07:59:b7:75:f0:69:58:
aa:5b:da:78:6a:75:e2:15:76:bd:76:f1:4a:b6:99:
6d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:52:1C:E1:93:55:4F:52:F0:53:40:D0:94:C5:C8:AD:56:95:98:BB
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/klIc4ZNVT1LwU0DQlMXIrVaVmLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.159.0/24
Signature Algorithm: sha256WithRSAEncryption
76:83:45:56:f4:e7:da:87:5d:9c:9b:46:e5:dd:f6:1a:19:dd:
36:02:e7:28:89:e1:ca:ec:11:4d:47:eb:9c:5c:53:12:b6:6f:
24:d0:ae:b6:12:64:3e:05:95:00:f8:5a:80:f5:a2:5f:8a:64:
7f:24:76:11:3d:c8:40:a0:41:37:82:18:a6:46:61:04:b7:11:
4d:e1:a4:d5:b9:9a:ae:26:a0:f7:2a:67:6b:bf:d7:c2:99:70:
ff:57:1a:3d:ef:eb:8f:2b:bb:61:60:52:c5:7f:d7:2d:ce:c8:
ed:35:fa:49:b3:5c:74:82:34:d6:c9:b7:81:40:7f:b2:ba:4d:
13:53:4c:95:53:f2:d9:2b:59:89:54:97:94:f2:d6:ee:3b:05:
33:05:5c:a0:dd:19:2d:69:30:a0:e0:59:62:17:9a:78:7a:41:
e9:64:85:b5:c4:00:b9:87:bb:cb:85:71:54:06:d9:7e:4d:a4:
14:ba:c6:66:19:a2:9d:2a:bd:a0:b8:b0:a3:06:f5:8f:b5:15:
01:36:c3:f1:a3:26:8d:b2:bf:85:58:95:06:61:90:e0:e7:a3:
5e:94:3e:a1:b6:e8:7b:1a:51:48:a5:ef:3d:0d:d6:f8:36:9e:
62:61:be:b5:ca:48:b6:fe:18:87:32:15:9a:78:27:ea:f2:9b:
ac:63:aa:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZStRs/A2XHySBpmetxxb+N9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTI4MTQxODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjUyMWNlMTkzNTU0ZjUyZjA1MzQwZDA5NGM1YzhhZDU2OTU5OGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1e5iP5vZLaVPY+1suOgJzLQH6CA
QJYWVUr7jET0xWXN5G0INgksm5+OYvZDWQI/NlheUt+lM7AJ2HQ958DabdBFU3xT
U5WLEiv7cMi9gqWlRS9OoW1wUFERtKLTjDoIiNbpIPzwK9c/0jRmRxpFd3ecJZBp
N+Lm4Jic7rBKbqNGakXvNEOI18+rcoLD8Cj6Lb3PbQ3vesFinnng8ahjl4HwF3BE
AU0HMDFtoEVgELkpsJ6TVEM1GrYn5TO5k1wnvjCSDOUhltDp718B1zKXYNfOk3s5
JHzuDICA8TFwsCgO4YnC6SCfBAdZt3XwaViqW9p4anXiFXa9dvFKtpltawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJSHOGTVU9S8FNA0JTFyK1WlZi7MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEva2xJYzRaTlZUMUx3VTBEUWxNWElyVmFWbUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/efMA0G
CSqGSIb3DQEBCwUAA4IBAQB2g0VW9Ofah12cm0bl3fYaGd02AucoieHK7BFNR+uc
XFMStm8k0K62EmQ+BZUA+FqA9aJfimR/JHYRPchAoEE3ghimRmEEtxFN4aTVuZqu
JqD3Kmdrv9fCmXD/Vxo97+uPK7thYFLFf9ctzsjtNfpJs1x0gjTWybeBQH+yuk0T
U0yVU/LZK1mJVJeU8tbuOwUzBVyg3RktaTCg4FliF5p4ekHpZIW1xAC5h7vLhXFU
Btl+TaQUusZmGaKdKr2guLCjBvWPtRUBNsPxoyaNsr+FWJUGYZDg56NelD6htuh7
GlFIpe89Ddb4Np5iYb61yki2/hiHMhWaeCfq8pusY6qv
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:53:15 2025 by rpki-client