Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/6db52b-ce95-4a3b-a963-484c24ed52ae/1/kRRyntHrTlPfNI1V6oBow0OpBLY.roa
File: kRRyntHrTlPfNI1V6oBow0OpBLY.roa (raw, json)
Hash identifier: q5liCSBH8X6z3sOlULnloO9qcxJlyotWu7rz7CpE7ik=
Subject key identifier: 91:14:72:9E:D1:EB:4E:53:DF:34:8D:55:EA:80:68:C3:43:A9:04:B6
Certificate issuer: /CN=f4ba7c145898b8ae3d2b3a1c71c50ab19a93f647
Certificate serial: 01856D4ADD0237A40C23CD3AD696DE33B7CF
Authority key identifier: F4:BA:7C:14:58:98:B8:AE:3D:2B:3A:1C:71:C5:0A:B1:9A:93:F6:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Lp8FFiYuK49KzocccUKsZqT9kc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/6db52b-ce95-4a3b-a963-484c24ed52ae/1/kRRyntHrTlPfNI1V6oBow0OpBLY.roa
Signing time: Sun 01 Jan 2023 12:25:00 +0000
ROA not before: Sun 01 Jan 2023 12:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 185.94.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:dd:02:37:a4:0c:23:cd:3a:d6:96:de:33:b7:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4ba7c145898b8ae3d2b3a1c71c50ab19a93f647
Validity
Not Before: Jan 1 12:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9114729ed1eb4e53df348d55ea8068c343a904b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8a:35:0a:26:0b:96:0d:a8:3e:ed:4a:fb:c7:
a9:af:9c:01:6a:17:b4:7d:b9:46:d4:05:dc:ff:c8:
f2:c2:98:98:24:7f:3d:ea:57:59:72:ef:75:eb:87:
e2:93:75:e8:dc:33:0d:7f:61:e3:61:a0:23:9e:bb:
be:dd:2b:6c:71:a6:42:ce:72:4f:cc:ec:a0:32:19:
d8:21:b0:6f:ba:e0:47:fd:28:b0:c1:26:fd:6e:b1:
4c:1e:0a:44:5f:d9:ec:e1:6f:8a:bf:96:fb:80:e3:
c9:aa:ab:ab:23:c3:4c:57:1d:85:8f:f9:89:6b:83:
74:38:a5:5a:23:7e:36:76:88:e2:eb:61:32:3b:e8:
8e:85:a6:49:b6:f0:cc:6d:63:c9:be:35:b8:c8:2e:
44:29:5d:3c:9e:97:8d:e3:7c:f4:d1:1e:cd:8d:1b:
18:f9:b5:96:75:c2:10:ba:30:15:ad:20:e7:c9:be:
23:c8:6a:fe:3a:de:6a:db:47:de:26:5c:3d:98:5b:
1a:ea:1d:98:c4:4a:84:65:bc:93:0a:4e:e8:05:62:
d7:1c:93:15:76:68:a5:53:38:2b:cd:75:da:f2:27:
80:3c:72:68:ec:72:ab:8b:1e:17:1a:2d:b6:d7:7e:
fa:b3:6e:22:a8:5f:61:f3:3f:d2:24:62:ec:50:c4:
b6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:14:72:9E:D1:EB:4E:53:DF:34:8D:55:EA:80:68:C3:43:A9:04:B6
X509v3 Authority Key Identifier:
keyid:F4:BA:7C:14:58:98:B8:AE:3D:2B:3A:1C:71:C5:0A:B1:9A:93:F6:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Lp8FFiYuK49KzocccUKsZqT9kc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6db52b-ce95-4a3b-a963-484c24ed52ae/1/kRRyntHrTlPfNI1V6oBow0OpBLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6db52b-ce95-4a3b-a963-484c24ed52ae/1/9Lp8FFiYuK49KzocccUKsZqT9kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.64.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:4f:4b:30:32:69:7b:e7:bd:86:e9:17:f2:92:53:4d:33:14:
ff:ab:31:e2:7f:68:b0:40:81:fe:f2:01:db:50:8a:e6:77:a5:
8b:79:25:2a:71:06:a2:24:8d:1f:38:df:87:4b:c1:b7:46:88:
ec:3a:85:39:ab:41:fb:9e:a8:3e:07:c7:21:0c:7b:59:d8:a6:
9a:8c:79:54:3c:35:9c:b7:af:30:23:0f:3f:9b:e1:7c:b6:3d:
0d:95:04:09:1d:63:7c:87:65:82:5d:35:e8:21:07:36:3f:9e:
6b:bb:07:3d:3d:cd:64:27:2c:b5:f0:70:10:c8:91:78:3a:eb:
a7:9f:79:73:f2:34:eb:9e:e2:7b:2e:4e:d8:cc:94:a2:9f:bc:
84:9e:cd:b8:8c:0f:d6:de:e9:29:9b:30:63:bd:18:e8:2c:94:
50:89:98:c2:51:b6:db:81:88:38:fa:3b:07:8d:36:76:18:b9:
07:4f:84:fc:1e:dd:4d:21:c6:0a:f6:0e:f6:d6:08:49:ea:bf:
f5:f7:4c:40:42:02:f8:9a:f6:b1:d1:b1:39:25:40:41:cc:d4:
b0:48:55:76:f2:a6:24:ff:de:65:78:a4:7a:ce:ea:54:10:c1:
08:ba:35:d6:3e:73:4f:d9:f6:c2:98:74:1b:fd:34:2a:fb:fc:
51:1a:cc:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSt0CN6QMI8061pbeM7fPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YmE3YzE0NTg5OGI4YWUzZDJiM2ExYzcxYzUwYWIxOWE5
M2Y2NDcwHhcNMjMwMTAxMTIyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTE0NzI5ZWQxZWI0ZTUzZGYzNDhkNTVlYTgwNjhjMzQzYTkwNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoo1CiYLlg2oPu1K+8epr5wBahe0
fblG1AXc/8jywpiYJH896ldZcu9164fik3Xo3DMNf2HjYaAjnru+3StscaZCznJP
zOygMhnYIbBvuuBH/SiwwSb9brFMHgpEX9ns4W+Kv5b7gOPJqqurI8NMVx2Fj/mJ
a4N0OKVaI342doji62EyO+iOhaZJtvDMbWPJvjW4yC5EKV08npeN43z00R7NjRsY
+bWWdcIQujAVrSDnyb4jyGr+Ot5q20feJlw9mFsa6h2YxEqEZbyTCk7oBWLXHJMV
dmilUzgrzXXa8ieAPHJo7HKrix4XGi221376s24iqF9h8z/SJGLsUMS2iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEUcp7R605T3zSNVeqAaMNDqQS2MB8GA1UdIwQY
MBaAFPS6fBRYmLiuPSs6HHHFCrGak/ZHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxwOEZGaVl1SzQ5S3pvY2NjVUtzWnFUOWtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC82ZGI1MmItY2U5NS00YTNiLWE5NjMt
NDg0YzI0ZWQ1MmFlLzEva1JSeW50SHJUbFBmTkkxVjZvQm93ME9wQkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC82ZGI1MmItY2U5NS00YTNiLWE5NjMtNDg0YzI0ZWQ1MmFl
LzEvOUxwOEZGaVl1SzQ5S3pvY2NjVUtzWnFUOWtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuV5AMA0G
CSqGSIb3DQEBCwUAA4IBAQBbT0swMml7572G6RfyklNNMxT/qzHif2iwQIH+8gHb
UIrmd6WLeSUqcQaiJI0fON+HS8G3RojsOoU5q0H7nqg+B8chDHtZ2KaajHlUPDWc
t68wIw8/m+F8tj0NlQQJHWN8h2WCXTXoIQc2P55ruwc9Pc1kJyy18HAQyJF4Ouun
n3lz8jTrnuJ7Lk7YzJSin7yEns24jA/W3ukpmzBjvRjoLJRQiZjCUbbbgYg4+jsH
jTZ2GLkHT4T8Ht1NIcYK9g721ghJ6r/190xAQgL4mvax0bE5JUBBzNSwSFV28qYk
/95leKR6zupUEMEIujXWPnNP2fbCmHQb/TQq+/xRGsz1
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:28:02 2025 by rpki-client