Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KloVkGp9bnukou0jwtTcclmRE2w.roa
File: KloVkGp9bnukou0jwtTcclmRE2w.roa (raw, json)
Hash identifier: Pw+T/JQTUdh49QMHGmZW0Kjsi4A8je5EAMfPkhz1F0U=
Subject key identifier: 2A:5A:15:90:6A:7D:6E:7B:A4:A2:ED:23:C2:D4:DC:72:59:91:13:6C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019483592B1F4CDD1A403C61D69531C20465
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KloVkGp9bnukou0jwtTcclmRE2w.roa
Signing time: Mon 20 Jan 2025 10:54:06 +0000
ROA not before: Mon 20 Jan 2025 10:54:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215224
IP address blocks: 151.243.230.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:83:59:2b:1f:4c:dd:1a:40:3c:61:d6:95:31:c2:04:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 20 10:54:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a5a15906a7d6e7ba4a2ed23c2d4dc725991136c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:da:bd:33:6c:5c:b6:7d:42:94:01:ae:4d:a2:
40:b5:10:08:99:8f:b0:ca:76:c2:8e:ba:cd:eb:03:
32:c3:05:fa:8e:21:18:b7:a0:dc:4a:d6:47:e6:0a:
b9:73:b3:48:e2:05:45:e7:22:0c:15:46:1c:32:98:
44:20:40:66:64:6f:cd:06:b6:24:64:ae:73:07:09:
05:f4:60:02:0f:72:7d:2b:85:a2:4b:83:1c:3a:0e:
5f:7f:ef:db:f5:60:df:1b:48:1e:47:77:4d:a3:4f:
6b:25:a6:e2:bc:67:d4:bf:6d:6e:90:93:59:1d:0d:
20:55:d9:a3:4a:14:20:cb:0e:3b:db:21:e4:1c:b4:
6f:b2:90:a3:15:c3:26:97:ad:1b:18:f3:ad:e6:ab:
e0:df:87:7d:7b:5c:0f:af:5e:72:fd:57:9c:dd:2b:
e4:81:d0:1c:ba:51:c3:e4:e5:6a:96:93:94:92:8c:
b2:aa:14:e6:72:d7:3f:f7:ba:3e:5f:cb:fc:de:85:
8b:02:40:63:6d:c7:2e:68:66:90:86:03:a2:1d:2d:
50:bc:c4:c6:5a:a7:4f:be:65:a6:19:b8:e8:d0:e2:
28:1c:9b:35:be:cd:65:da:c6:e3:e5:3c:95:76:49:
dc:b5:9f:8c:7a:6d:cf:8a:46:dc:e2:21:fa:87:f3:
55:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:5A:15:90:6A:7D:6E:7B:A4:A2:ED:23:C2:D4:DC:72:59:91:13:6C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KloVkGp9bnukou0jwtTcclmRE2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.230.0/23
Signature Algorithm: sha256WithRSAEncryption
68:72:b7:a0:94:ff:3d:dc:61:07:ea:c1:7b:cb:f6:1f:97:6d:
37:79:3d:a0:f4:6e:f2:52:c1:cc:d0:d0:1f:1e:b6:33:e4:1a:
fe:27:fc:5d:a8:b1:a6:f6:89:08:0f:5d:a4:6a:ce:79:10:06:
52:f0:f3:cb:0e:5a:9e:4a:3f:f8:74:0e:53:b8:dd:9e:89:34:
7f:08:2c:61:88:78:1c:03:cb:75:e9:ee:1d:20:f9:07:f0:cf:
77:7a:88:6f:02:87:b4:ee:cc:f1:ce:8e:4d:b8:5a:54:90:04:
3f:88:30:09:cc:9d:ad:6a:65:6f:fc:1e:42:84:7d:73:10:89:
0e:04:e8:0e:28:cc:5d:5a:86:e3:be:d9:99:f0:be:64:bb:a6:
b8:15:dd:9d:0a:5e:39:11:ba:0e:3a:57:13:d6:c2:23:9f:4b:
a2:78:62:48:a3:43:e9:94:5c:98:16:26:45:00:4a:06:2e:96:
47:bf:ae:34:83:66:8b:32:8f:10:89:01:83:f4:e9:1e:ad:8b:
7d:ce:37:c4:bf:19:1c:96:2b:d5:ca:53:2d:9c:81:94:60:b1:
ab:13:c2:ee:7e:86:e1:76:51:72:1c:fb:60:e1:f5:d3:8b:99:
fb:ad:3e:29:86:44:f7:a3:91:d2:03:51:0d:79:75:3b:aa:fd:
ec:9d:b1:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSDWSsfTN0aQDxh1pUxwgRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTIwMTA1NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTVhMTU5MDZhN2Q2ZTdiYTRhMmVkMjNjMmQ0ZGM3MjU5OTExMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdq9M2xctn1ClAGuTaJAtRAImY+w
ynbCjrrN6wMywwX6jiEYt6DcStZH5gq5c7NI4gVF5yIMFUYcMphEIEBmZG/NBrYk
ZK5zBwkF9GACD3J9K4WiS4McOg5ff+/b9WDfG0geR3dNo09rJabivGfUv21ukJNZ
HQ0gVdmjShQgyw472yHkHLRvspCjFcMml60bGPOt5qvg34d9e1wPr15y/Vec3Svk
gdAculHD5OVqlpOUkoyyqhTmctc/97o+X8v83oWLAkBjbccuaGaQhgOiHS1QvMTG
WqdPvmWmGbjo0OIoHJs1vs1l2sbj5TyVdknctZ+Mem3Pikbc4iH6h/NV2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpaFZBqfW57pKLtI8LU3HJZkRNsMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvS2xvVmtHcDlibnVrb3Uwand0VGNjbG1SRTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBl/PmMA0G
CSqGSIb3DQEBCwUAA4IBAQBocreglP893GEH6sF7y/Yfl203eT2g9G7yUsHM0NAf
HrYz5Br+J/xdqLGm9okID12kas55EAZS8PPLDlqeSj/4dA5TuN2eiTR/CCxhiHgc
A8t16e4dIPkH8M93eohvAoe07szxzo5NuFpUkAQ/iDAJzJ2tamVv/B5ChH1zEIkO
BOgOKMxdWobjvtmZ8L5ku6a4Fd2dCl45EboOOlcT1sIjn0uieGJIo0PplFyYFiZF
AEoGLpZHv640g2aLMo8QiQGD9OkerYt9zjfEvxkclivVylMtnIGUYLGrE8Lufobh
dlFyHPtg4fXTi5n7rT4phkT3o5HSA1ENeXU7qv3snbGu
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:48:04 2025 by rpki-client