Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/349835-9cde-473a-9a11-67d95a5f2441/1/KHfRJ2ZAJbniZHALtWy63haS-vQ.roa
File: KHfRJ2ZAJbniZHALtWy63haS-vQ.roa (raw, json)
Hash identifier: oYbGkwWtf3iMrkctKCezcTFsZ2z/wWjH5GYRfJGi7aY=
Subject key identifier: 28:77:D1:27:66:40:25:B9:E2:64:70:0B:B5:6C:BA:DE:16:92:FA:F4
Certificate issuer: /CN=dd4988b0956206cf86bb680568a247723a46a94b
Certificate serial: 018570708EE35C1F6E6450B9119516CA644F
Authority key identifier: DD:49:88:B0:95:62:06:CF:86:BB:68:05:68:A2:47:72:3A:46:A9:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3UmIsJViBs-Gu2gFaKJHcjpGqUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/349835-9cde-473a-9a11-67d95a5f2441/1/KHfRJ2ZAJbniZHALtWy63haS-vQ.roa
Signing time: Mon 02 Jan 2023 03:05:02 +0000
ROA not before: Mon 02 Jan 2023 03:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 91.242.242.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:8e:e3:5c:1f:6e:64:50:b9:11:95:16:ca:64:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd4988b0956206cf86bb680568a247723a46a94b
Validity
Not Before: Jan 2 03:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2877d127664025b9e264700bb56cbade1692faf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cc:ba:c5:99:66:c9:c8:3b:28:aa:67:32:3d:
d3:1d:23:3f:ef:38:59:81:3a:a7:2e:e3:4d:d8:d7:
cf:b3:11:06:40:c6:b8:09:40:93:bd:d1:a0:93:39:
46:e0:0e:b4:68:f8:23:13:6d:bb:18:a3:aa:02:f1:
02:e9:d0:56:fc:0a:1f:de:38:7f:4b:c1:8e:eb:60:
8d:ce:db:d1:a1:08:07:46:0d:4d:a2:f7:e3:20:59:
b5:bb:4e:12:bc:44:63:fa:47:eb:13:63:0d:37:1b:
c1:58:89:f0:31:0f:c5:7d:87:7c:66:f7:be:d3:37:
d2:7b:0a:45:d5:67:bc:83:0c:f1:dc:2d:1d:8d:6e:
85:90:f8:71:eb:69:0e:34:ec:60:9b:95:71:f9:65:
43:11:74:60:1e:d5:a0:4f:2e:34:03:7d:cd:28:ea:
29:02:6f:72:45:04:0c:70:9c:0c:2a:69:ca:01:df:
2e:eb:ba:ff:23:69:b0:41:cf:37:30:ee:8d:33:cd:
6a:97:15:21:41:2e:48:1c:b4:c2:9b:b3:92:2d:d5:
df:de:25:56:bd:d2:eb:ca:1d:43:a7:d4:84:57:eb:
d2:68:b9:a2:89:a1:8b:78:d5:ea:4c:b6:64:66:63:
5b:0c:2f:d3:97:07:a4:9c:ae:c8:dd:02:6d:4b:77:
0a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:77:D1:27:66:40:25:B9:E2:64:70:0B:B5:6C:BA:DE:16:92:FA:F4
X509v3 Authority Key Identifier:
keyid:DD:49:88:B0:95:62:06:CF:86:BB:68:05:68:A2:47:72:3A:46:A9:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3UmIsJViBs-Gu2gFaKJHcjpGqUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/349835-9cde-473a-9a11-67d95a5f2441/1/KHfRJ2ZAJbniZHALtWy63haS-vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/349835-9cde-473a-9a11-67d95a5f2441/1/3UmIsJViBs-Gu2gFaKJHcjpGqUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.242.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:db:4d:c0:d0:94:e3:98:37:80:ca:d0:09:11:3f:49:cf:43:
16:e0:f3:4d:70:8f:39:d7:73:f8:e4:f4:d4:67:17:dd:ed:db:
fe:3d:8f:af:d7:ff:72:c8:f4:ce:a7:07:2a:6a:5c:6a:67:64:
19:d4:15:f5:a2:ea:a1:6d:a3:9f:a5:57:38:a4:1d:bf:bf:ff:
ff:39:f6:5e:47:ee:6c:5f:88:ae:3f:cd:20:30:e2:d6:76:85:
ec:ee:b4:fd:df:2b:5b:0f:0c:96:4e:1f:40:d6:b4:4c:17:7c:
8e:3f:e4:01:ba:81:f9:9b:0f:ce:89:1e:3a:2f:fc:38:ad:dd:
e6:9c:16:77:3e:bd:e9:e6:6a:71:e6:78:7c:4e:cc:d1:3a:05:
f8:cb:af:61:6e:1c:a2:c9:fc:73:76:4c:7a:c4:56:6b:23:93:
a3:7f:f1:a7:58:ec:32:28:0a:c3:92:4c:e8:bd:0e:67:77:d4:
00:1b:84:ee:61:ef:d1:5b:a3:c4:e5:12:0a:f9:7d:f0:c0:bd:
6a:2e:57:4a:f5:0c:14:1c:36:f5:db:21:ec:8f:43:07:72:ea:
16:f3:da:e7:0a:f7:29:ea:8f:2b:c8:38:26:76:82:c0:45:b9:
85:1b:3c:7a:40:72:4b:d8:e7:19:4a:ee:b1:a9:74:9f:90:41:
10:91:38:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcI7jXB9uZFC5EZUWymRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNDk4OGIwOTU2MjA2Y2Y4NmJiNjgwNTY4YTI0NzcyM2E0
NmE5NGIwHhcNMjMwMTAyMDMwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODc3ZDEyNzY2NDAyNWI5ZTI2NDcwMGJiNTZjYmFkZTE2OTJmYWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8y6xZlmycg7KKpnMj3THSM/7zhZ
gTqnLuNN2NfPsxEGQMa4CUCTvdGgkzlG4A60aPgjE227GKOqAvEC6dBW/Aof3jh/
S8GO62CNztvRoQgHRg1NovfjIFm1u04SvERj+kfrE2MNNxvBWInwMQ/FfYd8Zve+
0zfSewpF1We8gwzx3C0djW6FkPhx62kONOxgm5Vx+WVDEXRgHtWgTy40A33NKOop
Am9yRQQMcJwMKmnKAd8u67r/I2mwQc83MO6NM81qlxUhQS5IHLTCm7OSLdXf3iVW
vdLryh1Dp9SEV+vSaLmiiaGLeNXqTLZkZmNbDC/TlweknK7I3QJtS3cKnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCh30SdmQCW54mRwC7Vsut4Wkvr0MB8GA1UdIwQY
MBaAFN1JiLCVYgbPhrtoBWiiR3I6RqlLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1VtSXNKVmlCcy1HdTJnRmFLSkhjanBHcVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zNDk4MzUtOWNkZS00NzNhLTlhMTEt
NjdkOTVhNWYyNDQxLzEvS0hmUkoyWkFKYm5pWkhBTHRXeTYzaGFTLXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8zNDk4MzUtOWNkZS00NzNhLTlhMTEtNjdkOTVhNWYyNDQx
LzEvM1VtSXNKVmlCcy1HdTJnRmFLSkhjanBHcVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/LyMA0G
CSqGSIb3DQEBCwUAA4IBAQB+203A0JTjmDeAytAJET9Jz0MW4PNNcI8513P45PTU
Zxfd7dv+PY+v1/9yyPTOpwcqalxqZ2QZ1BX1ouqhbaOfpVc4pB2/v///OfZeR+5s
X4iuP80gMOLWdoXs7rT93ytbDwyWTh9A1rRMF3yOP+QBuoH5mw/OiR46L/w4rd3m
nBZ3Pr3p5mpx5nh8TszROgX4y69hbhyiyfxzdkx6xFZrI5Ojf/GnWOwyKArDkkzo
vQ5nd9QAG4TuYe/RW6PE5RIK+X3wwL1qLldK9QwUHDb12yHsj0MHcuoW89rnCvcp
6o8ryDgmdoLARbmFGzx6QHJL2OcZSu6xqXSfkEEQkTi7
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:10:43 2025 by rpki-client