Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/Kj5ZZT_QMGV8ggXHA75R7vnwc-Y.roa
File: Kj5ZZT_QMGV8ggXHA75R7vnwc-Y.roa (raw, json)
Hash identifier: p+eVg1Sb75Egr4y3obi4lrz5P3sy7D8NwnWNwRsHb70=
Subject key identifier: 2A:3E:59:65:3F:D0:30:65:7C:82:05:C7:03:BE:51:EE:F9:F0:73:E6
Certificate issuer: /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial: 019427B5B80498FBF878E9AA67866B275896
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/Kj5ZZT_QMGV8ggXHA75R7vnwc-Y.roa
Signing time: Thu 02 Jan 2025 15:50:07 +0000
ROA not before: Thu 02 Jan 2025 15:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13448
IP address blocks: 86.111.219.0/24 maxlen: 24
157.167.1.0/24 maxlen: 24
157.167.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:b8:04:98:fb:f8:78:e9:aa:67:86:6b:27:58:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Validity
Not Before: Jan 2 15:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a3e59653fd030657c8205c703be51eef9f073e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fb:6e:15:86:08:3c:e3:3e:54:a8:e5:01:27:
65:59:84:0a:0a:23:34:86:bb:92:ec:0a:8e:bd:39:
bc:c1:10:95:17:7a:ce:a8:ec:ba:86:e8:15:92:a7:
b3:13:f3:18:f1:77:05:19:d7:b6:9f:19:8b:89:77:
92:5f:35:50:03:76:49:e3:71:3f:f2:9d:29:8b:20:
cb:79:4e:35:13:a8:24:3e:fe:8c:7b:ec:67:ae:28:
ad:cf:9b:50:c6:aa:ae:87:74:73:48:c6:6c:7d:a1:
8d:06:15:8a:a8:94:e4:41:67:f2:99:04:b4:5e:84:
b3:6b:27:ce:c6:3e:dc:3b:a3:67:16:47:95:29:25:
a3:0a:22:1b:01:0a:5a:74:b4:7c:b4:d8:08:5d:87:
01:d5:b8:67:a2:21:5a:d9:1a:00:3f:82:c7:bc:99:
3b:c3:f1:86:27:96:d2:da:53:ae:d9:d4:7c:61:ab:
6a:33:32:24:ca:b1:17:a2:e4:45:83:1f:cf:f9:14:
53:6b:7d:0d:c5:8f:57:c2:c7:3b:f9:1b:a3:c7:84:
67:18:0b:e6:7d:56:3e:12:b7:48:02:07:12:3c:c4:
7a:6f:98:4f:60:07:ca:36:80:19:ac:b2:ae:15:c4:
a0:8c:94:ac:f6:77:e1:86:bd:10:81:81:30:39:9e:
2f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:3E:59:65:3F:D0:30:65:7C:82:05:C7:03:BE:51:EE:F9:F0:73:E6
X509v3 Authority Key Identifier:
keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/Kj5ZZT_QMGV8ggXHA75R7vnwc-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.219.0/24
157.167.1.0/24
157.167.3.0/24
Signature Algorithm: sha256WithRSAEncryption
31:0f:5c:0a:51:a0:6b:e8:4d:f9:ad:a3:25:1c:7e:63:3f:66:
bb:71:6a:f8:6a:9a:e8:95:51:f0:e9:43:00:37:55:40:47:2b:
c0:06:d0:ca:ef:e8:8a:31:89:3d:65:bd:dd:ea:7c:4e:fe:c6:
1f:32:e4:3f:2d:83:b3:21:f5:19:44:96:33:7b:6c:9d:dd:b4:
67:14:6e:ce:32:ca:7d:d9:7e:56:0e:47:e2:1a:84:63:48:95:
57:e7:3b:7f:7d:ee:d8:29:78:0d:c0:3f:bb:8b:1a:3a:83:c3:
b0:a9:4d:82:e8:68:f4:f4:5e:ad:29:52:ab:66:c1:e7:de:58:
d2:60:c6:15:39:4b:be:8b:c8:a3:44:2e:4b:00:e1:2b:d9:08:
a8:46:04:c6:1f:30:ed:f3:8c:9e:19:08:56:d1:1a:68:e4:23:
c3:8e:3b:26:12:a8:11:f7:d6:73:de:98:08:83:69:ad:fc:91:
88:b9:d6:9c:73:d1:1b:45:c7:2f:0b:6a:a0:57:2d:88:97:96:
8b:29:22:a0:53:f3:8f:04:c6:e0:dc:1b:bc:0e:62:82:1d:93:
95:e2:1a:87:94:9f:7e:9c:40:1b:43:08:f4:43:c5:b8:52:f7:
eb:0e:89:6b:2e:8b:a9:de:df:21:1f:28:3d:09:f2:63:43:cc:
dc:77:1d:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntbgEmPv4eOmqZ4ZrJ1iWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjUwMTAyMTU1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTNlNTk2NTNmZDAzMDY1N2M4MjA1YzcwM2JlNTFlZWY5ZjA3M2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/tuFYYIPOM+VKjlASdlWYQKCiM0
hruS7AqOvTm8wRCVF3rOqOy6hugVkqezE/MY8XcFGde2nxmLiXeSXzVQA3ZJ43E/
8p0piyDLeU41E6gkPv6Me+xnriitz5tQxqquh3RzSMZsfaGNBhWKqJTkQWfymQS0
XoSzayfOxj7cO6NnFkeVKSWjCiIbAQpadLR8tNgIXYcB1bhnoiFa2RoAP4LHvJk7
w/GGJ5bS2lOu2dR8YatqMzIkyrEXouRFgx/P+RRTa30NxY9Xwsc7+Rujx4RnGAvm
fVY+ErdIAgcSPMR6b5hPYAfKNoAZrLKuFcSgjJSs9nfhhr0QgYEwOZ4vTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCo+WWU/0DBlfIIFxwO+Ue758HPmMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEvS2o1WlpUX1FNR1Y4Z2dYSEE3NVI3dm53Yy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVm/bAwQA
nacBAwQAnacDMA0GCSqGSIb3DQEBCwUAA4IBAQAxD1wKUaBr6E35raMlHH5jP2a7
cWr4aprolVHw6UMAN1VARyvABtDK7+iKMYk9Zb3d6nxO/sYfMuQ/LYOzIfUZRJYz
e2yd3bRnFG7OMsp92X5WDkfiGoRjSJVX5zt/fe7YKXgNwD+7ixo6g8OwqU2C6Gj0
9F6tKVKrZsHn3ljSYMYVOUu+i8ijRC5LAOEr2QioRgTGHzDt84yeGQhW0Rpo5CPD
jjsmEqgR99Zz3pgIg2mt/JGIudacc9EbRccvC2qgVy2Il5aLKSKgU/OPBMbg3Bu8
DmKCHZOV4hqHlJ9+nEAbQwj0Q8W4UvfrDolrLoup3t8hHyg9CfJjQ8zcdx1u
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:42:03 2025 by rpki-client