Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/dea22b-0587-4a2c-a7f5-a6f0f8637cc0/1/kLw-IGxkiDhDSvB4tBua5bwGZOU.roa
File: kLw-IGxkiDhDSvB4tBua5bwGZOU.roa (raw, json)
Hash identifier: CHnXQ8/qVoUQnj5/cwnNZ//Yslms78vLOtfwiyLvtwQ=
Subject key identifier: 90:BC:3E:20:6C:64:88:38:43:4A:F0:78:B4:1B:9A:E5:BC:06:64:E5
Certificate issuer: /CN=41b502a16de3458db7e830591f2841fd9483c69a
Certificate serial: 09ACBDE0
Authority key identifier: 41:B5:02:A1:6D:E3:45:8D:B7:E8:30:59:1F:28:41:FD:94:83:C6:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QbUCoW3jRY236DBZHyhB_ZSDxpo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/dea22b-0587-4a2c-a7f5-a6f0f8637cc0/1/kLw-IGxkiDhDSvB4tBua5bwGZOU.roa
Signing time: Sat 01 Jan 2022 12:54:34 +0000
ROA not before: Sat 01 Jan 2022 12:54:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60233
IP address blocks: 185.47.252.0/22 maxlen: 24
185.34.64.0/23 maxlen: 24
2a04:5f80::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162315744 (0x9acbde0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41b502a16de3458db7e830591f2841fd9483c69a
Validity
Not Before: Jan 1 12:54:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90bc3e206c648838434af078b41b9ae5bc0664e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:eb:45:3b:b3:34:6f:1a:c4:03:ac:e0:ff:4e:
3b:db:97:da:d3:f1:da:1f:f9:f2:77:27:d3:1f:aa:
52:a1:72:38:03:ac:c3:15:61:ca:87:e0:d1:f2:db:
58:66:d4:9b:96:dd:7b:1d:67:6b:9f:53:f9:6e:50:
7b:48:5b:e8:40:04:b1:3e:3d:21:ee:d7:bd:3d:ac:
2a:87:94:21:43:2b:67:be:01:f2:f1:90:f1:61:26:
3d:06:ce:7a:27:11:c7:e2:5a:29:1b:76:d6:17:cd:
92:71:e6:f5:0a:32:07:5f:86:f1:8a:2a:a6:40:dd:
81:ef:d6:62:ff:fb:c5:5f:b9:10:b5:f9:69:51:43:
f2:b0:33:c8:02:6e:09:cd:93:91:1c:cb:34:69:75:
fb:5d:fe:fe:f2:9e:b5:1d:7e:35:1b:33:14:aa:d5:
a1:43:9e:34:d6:4b:21:4c:29:28:53:1a:ad:d0:8f:
49:8b:dc:30:78:af:70:1a:44:a8:4f:f9:5f:e4:18:
ea:4f:f9:9a:3e:f4:d8:e3:9a:92:53:8d:fa:aa:36:
43:26:2b:b0:be:2a:73:cc:6e:ac:dc:7e:85:72:59:
68:b7:d8:ca:f4:97:da:c7:cc:45:02:b1:80:71:e1:
60:2f:7e:85:5b:03:e2:69:48:18:82:f0:bf:86:04:
b4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BC:3E:20:6C:64:88:38:43:4A:F0:78:B4:1B:9A:E5:BC:06:64:E5
X509v3 Authority Key Identifier:
keyid:41:B5:02:A1:6D:E3:45:8D:B7:E8:30:59:1F:28:41:FD:94:83:C6:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QbUCoW3jRY236DBZHyhB_ZSDxpo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/dea22b-0587-4a2c-a7f5-a6f0f8637cc0/1/kLw-IGxkiDhDSvB4tBua5bwGZOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/dea22b-0587-4a2c-a7f5-a6f0f8637cc0/1/QbUCoW3jRY236DBZHyhB_ZSDxpo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.64.0/23
185.47.252.0/22
IPv6:
2a04:5f80::/29
Signature Algorithm: sha256WithRSAEncryption
51:39:67:8c:d5:e5:7e:bd:ee:0d:a8:1d:a6:ea:3e:3d:70:23:
fd:cb:d2:0f:a4:08:90:26:0e:8b:9d:b0:46:27:d4:4f:07:91:
1f:19:c0:b0:41:d0:6f:e0:79:20:25:0e:04:9d:b6:c9:26:ab:
07:45:b6:87:bb:6c:05:e2:54:c5:8b:89:8f:17:a0:5b:bf:d8:
a9:fe:4a:56:45:68:af:c1:1d:f1:c6:0b:a4:8e:aa:f8:a1:79:
2d:ee:89:a0:d4:b8:67:1a:94:1d:b0:41:09:be:18:d6:0b:1b:
1d:f9:5b:b4:ac:4b:ec:94:92:b0:1f:a7:e5:be:6d:74:01:b1:
8d:c2:08:56:fe:a9:63:f7:10:39:40:83:47:fe:a6:7e:79:9f:
72:e5:06:7f:55:b1:d8:ed:29:6a:0e:3d:ac:0a:28:2a:63:6d:
46:dc:6a:37:23:52:56:4c:35:37:0b:fb:20:92:76:f7:47:e8:
7c:ff:c2:89:5e:1c:52:8a:65:9c:71:b2:a8:7f:a7:e5:da:86:
69:8d:be:64:98:b9:32:62:41:f2:c9:46:59:bc:94:52:07:d2:
85:13:c2:bc:7e:f8:76:7f:02:f3:cf:c3:dd:8d:e7:90:47:41:
91:22:2b:14:d3:81:07:7d:83:c8:7a:0c:24:58:d6:3a:24:ec:
e6:25:78:73
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECay94DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWI1MDJhMTZkZTM0NThkYjdlODMwNTkxZjI4NDFmZDk0ODNjNjlhMB4XDTIyMDEw
MTEyNTQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTBiYzNlMjA2YzY0
ODgzODQzNGFmMDc4YjQxYjlhZTViYzA2NjRlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDrRTuzNG8axAOs4P9OO9uX2tPx2h/58ncn0x+qUqFyOAOs
wxVhyofg0fLbWGbUm5bdex1na59T+W5Qe0hb6EAEsT49Ie7XvT2sKoeUIUMrZ74B
8vGQ8WEmPQbOeicRx+JaKRt21hfNknHm9QoyB1+G8YoqpkDdge/WYv/7xV+5ELX5
aVFD8rAzyAJuCc2TkRzLNGl1+13+/vKetR1+NRszFKrVoUOeNNZLIUwpKFMardCP
SYvcMHivcBpEqE/5X+QY6k/5mj702OOaklON+qo2QyYrsL4qc8xurNx+hXJZaLfY
yvSX2sfMRQKxgHHhYC9+hVsD4mlIGILwv4YEtKMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSQvD4gbGSIOENK8Hi0G5rlvAZk5TAfBgNVHSMEGDAWgBRBtQKhbeNFjbfo
MFkfKEH9lIPGmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FiVUNvVzNqUlkyMzZEQlpIeWhCX1pTRHhwby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvZGVhMjJiLTA1ODctNGEyYy1hN2Y1LWE2ZjBmODYzN2NjMC8x
L2tMdy1JR3hraURoRFN2QjR0QnVhNWJ3R1pPVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
ZGVhMjJiLTA1ODctNGEyYy1hN2Y1LWE2ZjBmODYzN2NjMC8xL1FiVUNvVzNqUlky
MzZEQlpIeWhCX1pTRHhwby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAbkiQAMEArkv/DANBAIAAjAHAwUD
KgRfgDANBgkqhkiG9w0BAQsFAAOCAQEAUTlnjNXlfr3uDagdpuo+PXAj/cvSD6QI
kCYOi52wRifUTweRHxnAsEHQb+B5ICUOBJ22ySarB0W2h7tsBeJUxYuJjxegW7/Y
qf5KVkVor8Ed8cYLpI6q+KF5Le6JoNS4ZxqUHbBBCb4Y1gsbHflbtKxL7JSSsB+n
5b5tdAGxjcIIVv6pY/cQOUCDR/6mfnmfcuUGf1Wx2O0pag49rAooKmNtRtxqNyNS
Vkw1Nwv7IJJ290fofP/CiV4cUoplnHGyqH+n5dqGaY2+ZJi5MmJB8slGWbyUUgfS
hRPCvH74dn8C88/D3Y3nkEdBkSIrFNOBB32DyHoMJFjWOiTs5iV4cw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:41 2025 by rpki-client