Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/KzF73ZDClLIDJNEss_LTct-OfM8.roa
File: KzF73ZDClLIDJNEss_LTct-OfM8.roa (raw, json)
Hash identifier: wwo2QpmL0Z2erUnFb3zClo3RLAqbKfXbEV8WvH+eqCo=
Subject key identifier: 2B:31:7B:DD:90:C2:94:B2:03:24:D1:2C:B3:F2:D3:72:DF:8E:7C:CF
Certificate issuer: /CN=7ee053cb9cb4f41c1e4773e7f16e84bb57522033
Certificate serial: 01941F8C63701E1549CD0488A07911D646EF
Authority key identifier: 7E:E0:53:CB:9C:B4:F4:1C:1E:47:73:E7:F1:6E:84:BB:57:52:20:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fuBTy5y09BweR3Pn8W6Eu1dSIDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/KzF73ZDClLIDJNEss_LTct-OfM8.roa
Signing time: Wed 01 Jan 2025 01:48:01 +0000
ROA not before: Wed 01 Jan 2025 01:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50673
IP address blocks: 88.218.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:63:70:1e:15:49:cd:04:88:a0:79:11:d6:46:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ee053cb9cb4f41c1e4773e7f16e84bb57522033
Validity
Not Before: Jan 1 01:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b317bdd90c294b20324d12cb3f2d372df8e7ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:19:db:72:f0:e5:96:48:2e:92:41:76:0c:1b:
d7:5e:49:10:5e:23:ab:44:aa:74:13:67:f1:7b:4a:
c7:b3:a9:16:7c:92:02:7f:66:30:38:41:1a:6b:a7:
4d:cd:00:7b:bb:46:41:b4:5c:cb:8f:6a:00:0d:19:
d6:d9:79:c9:21:97:e7:be:a3:05:37:b3:c6:92:f4:
bf:61:58:a3:47:2f:bc:99:c9:6b:e1:8c:19:18:7a:
2e:1c:cc:47:38:e2:85:76:95:05:c6:73:e1:b0:d0:
88:1c:bb:7e:fd:56:7b:ac:0d:0c:31:4d:96:4c:41:
c9:ce:0a:17:e5:14:29:21:95:bd:88:da:6c:58:59:
b7:c7:d0:82:63:c9:ae:2a:93:ae:ca:d8:29:55:1e:
17:46:a5:eb:1a:1b:ed:18:c4:1b:2c:f9:4a:80:74:
bc:33:8f:18:5f:3e:5b:d6:a1:0e:2a:2e:c0:92:b9:
b2:dc:56:b4:76:aa:de:38:01:40:b8:44:65:23:d1:
00:e3:fe:ed:21:02:a2:89:8b:26:d0:a1:89:12:17:
6f:94:48:5f:a0:c3:19:70:67:e7:8f:62:90:b5:74:
b3:1e:c7:2d:8b:4d:0b:18:14:b7:ab:0c:f5:40:53:
be:8d:2e:18:12:10:59:04:98:2f:22:77:08:4d:70:
a0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:31:7B:DD:90:C2:94:B2:03:24:D1:2C:B3:F2:D3:72:DF:8E:7C:CF
X509v3 Authority Key Identifier:
keyid:7E:E0:53:CB:9C:B4:F4:1C:1E:47:73:E7:F1:6E:84:BB:57:52:20:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fuBTy5y09BweR3Pn8W6Eu1dSIDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/KzF73ZDClLIDJNEss_LTct-OfM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/fuBTy5y09BweR3Pn8W6Eu1dSIDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.17.0/24
Signature Algorithm: sha256WithRSAEncryption
90:f9:da:89:be:00:d2:56:ed:41:9c:6d:03:cf:91:7f:b3:67:
99:e0:e1:63:49:19:02:ce:40:d3:51:39:89:92:42:11:67:91:
39:8b:3f:48:16:34:52:b3:d5:09:74:22:33:c4:5e:51:eb:21:
78:ee:72:33:a7:07:ea:1e:63:35:4b:4e:da:4a:d3:7c:fe:16:
14:63:ee:59:40:2a:af:ce:7c:79:54:c7:d9:d2:7e:46:5f:69:
a0:59:d1:7e:7f:8f:4d:cb:83:80:5f:10:5b:cb:02:9f:3a:7f:
62:d7:e0:fe:a5:e2:f9:e6:54:57:26:86:dc:4b:ba:10:0a:dc:
4e:5c:d1:47:87:c4:a5:d3:da:57:97:89:fa:b7:f4:35:f7:f3:
98:4b:c8:ef:bb:53:3e:43:ae:a4:a8:03:6a:60:19:94:8a:c4:
0d:99:48:b7:d5:ae:3f:90:c7:63:2a:49:b7:b2:25:a5:a3:6f:
f8:86:d2:77:e4:b0:1d:f1:c4:1d:b3:1c:b3:8c:8e:91:ae:9e:
a3:48:fb:fc:83:e2:07:6d:c9:88:b1:4d:35:e1:d5:90:9a:e5:
94:92:00:ff:a3:8b:99:ae:67:c2:54:1a:0b:c9:3e:97:67:c7:
8e:68:4b:b3:d9:d6:ce:be:7f:bb:61:64:21:b4:ac:0a:7a:5e:
ed:d6:03:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjGNwHhVJzQSIoHkR1kbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZTA1M2NiOWNiNGY0MWMxZTQ3NzNlN2YxNmU4NGJiNTc1
MjIwMzMwHhcNMjUwMTAxMDE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjMxN2JkZDkwYzI5NGIyMDMyNGQxMmNiM2YyZDM3MmRmOGU3Y2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBnbcvDllkgukkF2DBvXXkkQXiOr
RKp0E2fxe0rHs6kWfJICf2YwOEEaa6dNzQB7u0ZBtFzLj2oADRnW2XnJIZfnvqMF
N7PGkvS/YVijRy+8mclr4YwZGHouHMxHOOKFdpUFxnPhsNCIHLt+/VZ7rA0MMU2W
TEHJzgoX5RQpIZW9iNpsWFm3x9CCY8muKpOuytgpVR4XRqXrGhvtGMQbLPlKgHS8
M48YXz5b1qEOKi7Akrmy3Fa0dqreOAFAuERlI9EA4/7tIQKiiYsm0KGJEhdvlEhf
oMMZcGfnj2KQtXSzHscti00LGBS3qwz1QFO+jS4YEhBZBJgvIncITXCgAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsxe92QwpSyAyTRLLPy03LfjnzPMB8GA1UdIwQY
MBaAFH7gU8uctPQcHkdz5/FuhLtXUiAzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnVCVHk1eTA5QndlUjNQbjhXNkV1MWRTSURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8wNjAwYTQtMTQ2NC00YTdjLWFmNTYt
MThlODZmMGIxZDgxLzEvS3pGNzNaRENsTElESk5Fc3NfTFRjdC1PZk04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8wNjAwYTQtMTQ2NC00YTdjLWFmNTYtMThlODZmMGIxZDgx
LzEvZnVCVHk1eTA5QndlUjNQbjhXNkV1MWRTSURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNoRMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ+dqJvgDSVu1BnG0Dz5F/s2eZ4OFjSRkCzkDTUTmJ
kkIRZ5E5iz9IFjRSs9UJdCIzxF5R6yF47nIzpwfqHmM1S07aStN8/hYUY+5ZQCqv
znx5VMfZ0n5GX2mgWdF+f49Ny4OAXxBbywKfOn9i1+D+peL55lRXJobcS7oQCtxO
XNFHh8Sl09pXl4n6t/Q19/OYS8jvu1M+Q66kqANqYBmUisQNmUi31a4/kMdjKkm3
siWlo2/4htJ35LAd8cQdsxyzjI6Rrp6jSPv8g+IHbcmIsU014dWQmuWUkgD/o4uZ
rmfCVBoLyT6XZ8eOaEuz2dbOvn+7YWQhtKwKel7t1gOS
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:26:19 2025 by rpki-client