Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/Ky4bLo9J6pOGQKNm7HdTTpVyXUQ.roa
File: Ky4bLo9J6pOGQKNm7HdTTpVyXUQ.roa (raw, json)
Hash identifier: Nz/bgREWmfO74J020d6hSSWbUR82qaNTZZa/sGleP5Q=
Subject key identifier: 2B:2E:1B:2E:8F:49:EA:93:86:40:A3:66:EC:77:53:4E:95:72:5D:44
Certificate issuer: /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial: 01942143AFF8F935AC3402D28D3BFDD9A180
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/Ky4bLo9J6pOGQKNm7HdTTpVyXUQ.roa
Signing time: Wed 01 Jan 2025 09:47:51 +0000
ROA not before: Wed 01 Jan 2025 09:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51905
IP address blocks: 84.19.112.0/21 maxlen: 24
84.19.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:af:f8:f9:35:ac:34:02:d2:8d:3b:fd:d9:a1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Validity
Not Before: Jan 1 09:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b2e1b2e8f49ea938640a366ec77534e95725d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:e7:86:fe:ab:bf:39:a6:09:c5:ee:23:9b:12:
36:e6:d4:74:4e:a6:13:7c:1d:e0:aa:0e:1d:ee:03:
d6:08:25:a9:69:e3:fc:d2:e8:ca:ac:82:43:32:62:
b8:c2:cf:20:fb:c2:6f:c4:8b:c7:d5:bd:18:4b:d7:
2c:d6:f8:07:33:22:2a:b7:c8:72:f8:47:f0:67:d3:
98:09:39:14:81:41:32:5e:24:85:07:81:96:6a:f2:
4c:e5:0b:5f:93:88:45:56:7c:b5:10:2b:36:a8:41:
a4:62:16:fe:dd:12:11:68:77:bd:3b:05:5e:08:0d:
aa:fe:56:14:9e:df:57:ff:02:a7:31:ab:b9:89:2a:
0d:87:c3:5c:c2:f5:cd:a8:67:d3:56:45:4f:7c:9d:
be:31:01:8e:fa:ba:33:e3:1b:a1:a0:6f:04:ed:88:
8d:06:8a:59:cd:eb:08:5b:1c:dc:b0:f0:52:e8:e1:
c7:dc:1f:06:07:a7:09:0b:3f:4c:04:2a:0a:c1:d5:
56:de:bd:dc:9b:f0:57:db:e1:b7:30:1a:3a:55:f2:
95:8d:30:bc:5d:3c:71:bc:1c:53:62:02:4f:4c:7e:
4f:df:ef:e4:73:2f:d7:73:d2:c4:09:d8:56:f9:df:
94:87:b2:bd:da:02:6e:f9:06:30:75:bf:f7:47:2a:
5e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:2E:1B:2E:8F:49:EA:93:86:40:A3:66:EC:77:53:4E:95:72:5D:44
X509v3 Authority Key Identifier:
keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/Ky4bLo9J6pOGQKNm7HdTTpVyXUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.19.112.0/21
Signature Algorithm: sha256WithRSAEncryption
af:63:e6:29:4b:8e:15:9c:c1:24:27:45:fb:7c:41:ba:e3:b6:
9b:eb:c3:c5:12:04:71:c6:b1:7c:28:2b:26:65:72:ca:1b:fd:
cf:c6:aa:3a:a7:1d:cd:49:54:e8:95:9d:58:6a:ca:4f:e9:ec:
54:12:52:64:d5:d0:00:78:84:01:67:3d:89:9f:0d:54:73:ca:
d0:89:d9:07:7e:59:a7:8f:a8:c3:2b:16:3d:a4:b6:0b:74:53:
f7:67:e4:3d:0a:d3:65:f3:46:3b:c7:4c:b8:68:56:35:8b:e8:
d1:9e:4c:54:e4:1c:a7:46:4a:c4:44:9d:11:7b:ab:06:b7:a1:
18:fd:0d:c7:6c:92:3f:25:69:69:e4:aa:dd:60:70:a4:0a:f9:
17:98:08:8e:c1:49:2a:d5:06:aa:35:d4:68:80:1b:4f:1e:3b:
3d:e7:26:b1:d6:59:d7:b3:53:9b:f1:ed:d6:4a:4e:7a:ab:d4:
1f:51:9a:29:62:3c:94:6a:9b:6d:6a:18:86:b8:16:ac:97:e6:
b4:3d:40:cf:98:49:68:07:e8:b0:ee:f4:7c:a6:d4:8c:fc:6d:
68:0c:f9:98:d5:a0:d6:2b:3d:87:2a:74:eb:c2:57:97:4a:25:
2c:9e:62:4b:77:ec:16:28:c0:f4:50:7d:c3:d5:be:2f:95:45:
1a:af:cb:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ6/4+TWsNALSjTv92aGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzA3ZDI5ZjU1NDNmMjFlYTMwMDliOTUyM2ZlNzFiOGYx
MzY5Y2EwHhcNMjUwMTAxMDk0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjJlMWIyZThmNDllYTkzODY0MGEzNjZlYzc3NTM0ZTk1NzI1ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5eeG/qu/OaYJxe4jmxI25tR0TqYT
fB3gqg4d7gPWCCWpaeP80ujKrIJDMmK4ws8g+8JvxIvH1b0YS9cs1vgHMyIqt8hy
+EfwZ9OYCTkUgUEyXiSFB4GWavJM5Qtfk4hFVny1ECs2qEGkYhb+3RIRaHe9OwVe
CA2q/lYUnt9X/wKnMau5iSoNh8NcwvXNqGfTVkVPfJ2+MQGO+roz4xuhoG8E7YiN
BopZzesIWxzcsPBS6OHH3B8GB6cJCz9MBCoKwdVW3r3cm/BX2+G3MBo6VfKVjTC8
XTxxvBxTYgJPTH5P3+/kcy/Xc9LECdhW+d+Uh7K92gJu+QYwdb/3RypePwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsuGy6PSeqThkCjZux3U06Vcl1EMB8GA1UdIwQY
MBaAFBYwfSn1VD8h6jAJuVI/5xuPE2nKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2Yt
NGNmZTQwZjA3YTZiLzEvS3k0YkxvOUo2cE9HUUtObTdIZFRUcFZ5WFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2YtNGNmZTQwZjA3YTZi
LzEvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVBNwMA0G
CSqGSIb3DQEBCwUAA4IBAQCvY+YpS44VnMEkJ0X7fEG647ab68PFEgRxxrF8KCsm
ZXLKG/3Pxqo6px3NSVTolZ1YaspP6exUElJk1dAAeIQBZz2Jnw1Uc8rQidkHflmn
j6jDKxY9pLYLdFP3Z+Q9CtNl80Y7x0y4aFY1i+jRnkxU5BynRkrERJ0Re6sGt6EY
/Q3HbJI/JWlp5KrdYHCkCvkXmAiOwUkq1QaqNdRogBtPHjs95yax1lnXs1Ob8e3W
Sk56q9QfUZopYjyUapttahiGuBasl+a0PUDPmEloB+iw7vR8ptSM/G1oDPmY1aDW
Kz2HKnTrwleXSiUsnmJLd+wWKMD0UH3D1b4vlUUar8s0
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:53 2025 by rpki-client