Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/1125a2-4432-483f-a00b-616d97a77bd6/1/KfdLjyj_eq_yPXtexUdPOdCkbRk.roa
File: KfdLjyj_eq_yPXtexUdPOdCkbRk.roa (raw, json)
Hash identifier: xyQf8X26s5JmDWlC5P/gH6+7gUnEGFJI6PPKMD9ofP4=
Subject key identifier: 29:F7:4B:8F:28:FF:7A:AF:F2:3D:7B:5E:C5:47:4F:39:D0:A4:6D:19
Certificate issuer: /CN=6085397f26a044caef6a6b669287331aa4d68645
Certificate serial: 01856FF947788FB639518251C1DB4BF3EBA1
Authority key identifier: 60:85:39:7F:26:A0:44:CA:EF:6A:6B:66:92:87:33:1A:A4:D6:86:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YIU5fyagRMrvamtmkoczGqTWhkU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/1125a2-4432-483f-a00b-616d97a77bd6/1/KfdLjyj_eq_yPXtexUdPOdCkbRk.roa
Signing time: Mon 02 Jan 2023 00:54:45 +0000
ROA not before: Mon 02 Jan 2023 00:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209242
IP address blocks: 185.213.240.0/24 maxlen: 24
185.213.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:47:78:8f:b6:39:51:82:51:c1:db:4b:f3:eb:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6085397f26a044caef6a6b669287331aa4d68645
Validity
Not Before: Jan 2 00:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29f74b8f28ff7aaff23d7b5ec5474f39d0a46d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7a:91:31:43:f3:0a:b7:eb:ac:6b:67:0e:15:
76:fb:48:a9:13:4f:0d:ee:ca:4e:fb:b5:67:2f:0b:
43:6f:5d:02:cf:97:78:1e:69:31:d3:e4:20:b6:74:
d2:ff:fb:97:f4:ca:85:02:05:65:d7:bf:c0:28:72:
f1:54:9f:49:01:30:a6:57:03:43:dd:16:18:0f:22:
eb:b0:97:12:37:26:c3:f1:a7:f2:5b:cd:76:d3:b9:
c9:d2:db:b5:35:94:2b:ea:d6:d4:58:87:90:6e:94:
f6:b7:3d:e9:aa:a3:b6:b2:4c:1a:8a:e0:45:5a:ca:
72:0d:9c:b7:c9:9e:20:4a:fd:45:e6:27:74:7b:78:
80:a0:af:cc:9c:5e:4b:ca:d9:95:e9:3a:72:f9:f7:
bb:cf:6c:d8:9e:7a:90:f6:03:82:7c:dd:7a:33:29:
53:0b:e3:99:21:41:12:20:f6:bd:cd:2a:2b:b2:ae:
30:54:72:15:7e:8a:8a:6d:1c:d3:2b:f6:34:54:50:
51:19:79:0c:e7:1e:74:70:f3:e3:10:e8:d4:24:08:
87:37:e5:4c:27:65:75:5a:92:dd:57:f9:26:f3:9a:
05:68:8f:e3:d5:32:41:ad:6d:c3:a9:72:38:ae:97:
57:3c:f2:bf:b9:de:f0:6d:ba:6b:11:53:32:5a:b9:
b3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F7:4B:8F:28:FF:7A:AF:F2:3D:7B:5E:C5:47:4F:39:D0:A4:6D:19
X509v3 Authority Key Identifier:
keyid:60:85:39:7F:26:A0:44:CA:EF:6A:6B:66:92:87:33:1A:A4:D6:86:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YIU5fyagRMrvamtmkoczGqTWhkU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1125a2-4432-483f-a00b-616d97a77bd6/1/KfdLjyj_eq_yPXtexUdPOdCkbRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1125a2-4432-483f-a00b-616d97a77bd6/1/YIU5fyagRMrvamtmkoczGqTWhkU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.240.0/24
185.213.243.0/24
Signature Algorithm: sha256WithRSAEncryption
86:54:2a:0c:49:50:3b:3c:cf:d2:5f:87:e0:d9:8c:37:b9:1d:
92:a0:63:b5:46:78:cb:3e:2d:59:b4:51:47:6f:da:5d:be:c8:
f4:41:87:46:60:ea:44:de:ad:59:18:39:26:b2:41:f1:27:6b:
14:b8:67:60:61:31:4d:00:c6:e1:53:8f:b2:bd:0f:87:3f:1e:
de:75:47:77:19:de:82:44:ae:ad:e3:5b:04:81:03:25:0b:81:
70:65:73:72:18:da:1e:61:67:c6:90:8c:5a:36:b7:32:ff:a9:
60:0a:06:33:ba:4a:0f:5a:70:4b:4d:7e:f3:01:08:cf:43:77:
08:8f:40:a8:07:3e:d7:d2:3e:f7:00:5a:0e:2b:66:42:ce:16:
11:05:a4:4c:2f:28:d0:b8:78:db:f8:31:8b:52:a1:e7:2a:35:
07:8d:39:51:2b:59:09:51:f2:b8:c4:1f:5c:a2:b5:bd:18:c2:
2f:b3:82:85:bb:18:83:4f:eb:18:04:3b:4a:7b:0f:9c:2b:7d:
16:a0:55:b5:0f:bc:87:dc:24:08:30:a4:25:9c:de:21:99:d9:
1d:32:26:02:b7:a4:24:ee:ef:14:78:6f:21:87:b4:8a:03:2f:
08:b1:5a:f3:30:72:49:4c:e2:a8:9f:0c:72:21:b1:eb:67:c9:
65:d9:cb:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv+Ud4j7Y5UYJRwdtL8+uhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwODUzOTdmMjZhMDQ0Y2FlZjZhNmI2NjkyODczMzFhYTRk
Njg2NDUwHhcNMjMwMTAyMDA1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWY3NGI4ZjI4ZmY3YWFmZjIzZDdiNWVjNTQ3NGYzOWQwYTQ2ZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXqRMUPzCrfrrGtnDhV2+0ipE08N
7spO+7VnLwtDb10Cz5d4Hmkx0+QgtnTS//uX9MqFAgVl17/AKHLxVJ9JATCmVwND
3RYYDyLrsJcSNybD8afyW81207nJ0tu1NZQr6tbUWIeQbpT2tz3pqqO2skwaiuBF
WspyDZy3yZ4gSv1F5id0e3iAoK/MnF5LytmV6Tpy+fe7z2zYnnqQ9gOCfN16MylT
C+OZIUESIPa9zSorsq4wVHIVfoqKbRzTK/Y0VFBRGXkM5x50cPPjEOjUJAiHN+VM
J2V1WpLdV/km85oFaI/j1TJBrW3DqXI4rpdXPPK/ud7wbbprEVMyWrmzewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCn3S48o/3qv8j17XsVHTznQpG0ZMB8GA1UdIwQY
MBaAFGCFOX8moETK72prZpKHMxqk1oZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUlVNWZ5YWdSTXJ2YW10bWtvY3pHcVRXaGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xMTI1YTItNDQzMi00ODNmLWEwMGIt
NjE2ZDk3YTc3YmQ2LzEvS2ZkTGp5al9lcV95UFh0ZXhVZFBPZENrYlJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xMTI1YTItNDQzMi00ODNmLWEwMGItNjE2ZDk3YTc3YmQ2
LzEvWUlVNWZ5YWdSTXJ2YW10bWtvY3pHcVRXaGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudXwAwQA
udXzMA0GCSqGSIb3DQEBCwUAA4IBAQCGVCoMSVA7PM/SX4fg2Yw3uR2SoGO1RnjL
Pi1ZtFFHb9pdvsj0QYdGYOpE3q1ZGDkmskHxJ2sUuGdgYTFNAMbhU4+yvQ+HPx7e
dUd3Gd6CRK6t41sEgQMlC4FwZXNyGNoeYWfGkIxaNrcy/6lgCgYzukoPWnBLTX7z
AQjPQ3cIj0CoBz7X0j73AFoOK2ZCzhYRBaRMLyjQuHjb+DGLUqHnKjUHjTlRK1kJ
UfK4xB9corW9GMIvs4KFuxiDT+sYBDtKew+cK30WoFW1D7yH3CQIMKQlnN4hmdkd
MiYCt6Qk7u8UeG8hh7SKAy8IsVrzMHJJTOKonwxyIbHrZ8ll2cu/
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:48 2025 by rpki-client