Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/vk6LGZMNcC3KaiIa5C3dnYSKUhg.roa
File: vk6LGZMNcC3KaiIa5C3dnYSKUhg.roa (raw, json)
Hash identifier: 7Gr8EYP5E5UsMRFGLJUElOUxKJpCvyrgvk2k+QyN1AE=
Subject key identifier: BE:4E:8B:19:93:0D:70:2D:CA:6A:22:1A:E4:2D:DD:9D:84:8A:52:18
Certificate issuer: /CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Certificate serial: 019423D745603380BBBF498315B34B364A5D
Authority key identifier: 25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/vk6LGZMNcC3KaiIa5C3dnYSKUhg.roa
Signing time: Wed 01 Jan 2025 21:48:18 +0000
ROA not before: Wed 01 Jan 2025 21:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 23.90.128.0/18 maxlen: 24
104.166.128.0/18 maxlen: 24
185.207.112.0/22 maxlen: 24
192.169.96.0/19 maxlen: 24
192.169.104.0/22 maxlen: 24
193.118.32.0/19 maxlen: 24
193.118.96.0/19 maxlen: 19
199.182.232.0/21 maxlen: 24
2a0b:21c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:45:60:33:80:bb:bf:49:83:15:b3:4b:36:4a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Validity
Not Before: Jan 1 21:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be4e8b19930d702dca6a221ae42ddd9d848a5218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2d:86:75:a2:58:c5:3f:ae:b0:e0:c0:41:24:
c1:90:5d:e1:66:d2:c7:9f:35:60:02:6e:b8:fd:a7:
51:fd:0c:d7:ac:a9:cb:02:b6:1f:4a:4f:44:86:ac:
ed:28:69:58:56:4e:75:a3:ef:5d:84:6f:ab:e3:9a:
00:56:57:eb:35:29:c1:df:a7:30:a1:75:7a:f9:58:
3c:8a:5f:06:ec:38:af:15:89:21:c6:6c:48:cb:3f:
31:a7:61:fa:07:42:80:e3:d1:00:05:29:e9:53:ba:
36:c3:83:7c:0c:68:b7:9a:5e:fb:4f:44:a2:0b:50:
bf:5c:ce:1b:ec:d2:5b:67:b3:44:30:a3:99:04:d5:
b7:44:8f:61:3a:93:85:f7:6e:00:a6:62:bc:fd:6f:
13:43:3c:e1:2b:f3:06:46:3f:21:67:db:1a:a1:c3:
3f:44:d8:77:df:59:ea:42:b3:e6:71:b4:ad:b3:42:
23:af:98:a3:bf:e2:3c:03:27:89:24:ec:af:20:2a:
6a:ad:2d:b0:ca:5b:e0:97:0c:fd:b3:ed:d6:95:98:
8f:d6:18:e0:ab:ea:47:62:70:d5:ca:b1:c4:b0:1f:
5f:43:08:38:6e:62:48:f9:30:8d:b9:00:69:19:22:
f9:64:2f:68:aa:a4:d7:bb:59:a2:bb:0f:43:a4:81:
d8:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:4E:8B:19:93:0D:70:2D:CA:6A:22:1A:E4:2D:DD:9D:84:8A:52:18
X509v3 Authority Key Identifier:
keyid:25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/vk6LGZMNcC3KaiIa5C3dnYSKUhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.90.128.0/18
104.166.128.0/18
185.207.112.0/22
192.169.96.0/19
193.118.32.0/19
193.118.96.0/19
199.182.232.0/21
IPv6:
2a0b:21c0::/29
Signature Algorithm: sha256WithRSAEncryption
85:68:f9:5d:c5:93:4a:ab:e7:60:87:ac:7a:0a:7e:c6:58:3b:
e8:27:25:90:3c:b0:a6:90:83:6b:4c:4a:48:56:d0:19:1b:19:
7c:ab:5e:f5:80:f4:32:92:60:ed:28:30:23:e2:2d:a9:02:58:
f6:f5:51:3e:02:93:f8:80:3e:e7:1e:ea:ec:6d:1c:ec:fe:6a:
b7:a3:18:9d:94:4a:28:de:ab:59:e1:21:0c:8b:5d:dc:d5:f2:
0c:5c:45:4d:41:09:d4:65:90:69:4c:ae:da:8a:f1:a7:18:f5:
b1:e1:f7:c4:77:e8:7c:ce:9e:16:0b:58:4e:b5:e9:5b:e5:75:
f2:a9:86:20:df:63:d4:55:90:44:cc:5f:20:cc:b3:d0:df:28:
e9:cc:54:d7:94:c9:a2:b5:b6:da:ed:fa:02:7a:e6:7a:b9:f9:
df:b8:a1:93:5a:5a:a6:d8:d7:9b:04:7a:59:66:d4:da:c7:0f:
a5:dd:fb:43:5a:94:bb:51:e1:03:cf:1c:8f:d6:89:bb:16:a2:
ff:ee:0d:ad:a2:7e:c2:36:b1:5b:67:c1:aa:bd:a9:1f:3e:91:
a5:a1:3a:fb:f7:f5:cc:d5:21:33:59:bf:00:75:3e:01:79:72:
f3:5d:b7:19:42:56:63:e1:b5:5f:87:eb:62:80:fb:7c:20:83:
47:22:eb:f4
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQj10VgM4C7v0mDFbNLNkpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Nzc2Yzc3ZjhlYmU3MDk0Y2EwMDdhY2UxYTljMGJmZGMy
YjNhZWMwHhcNMjUwMTAxMjE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTRlOGIxOTkzMGQ3MDJkY2E2YTIyMWFlNDJkZGQ5ZDg0OGE1MjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0S2GdaJYxT+usODAQSTBkF3hZtLH
nzVgAm64/adR/QzXrKnLArYfSk9EhqztKGlYVk51o+9dhG+r45oAVlfrNSnB36cw
oXV6+Vg8il8G7DivFYkhxmxIyz8xp2H6B0KA49EABSnpU7o2w4N8DGi3ml77T0Si
C1C/XM4b7NJbZ7NEMKOZBNW3RI9hOpOF924ApmK8/W8TQzzhK/MGRj8hZ9saocM/
RNh331nqQrPmcbSts0Ijr5ijv+I8AyeJJOyvICpqrS2wylvglwz9s+3WlZiP1hjg
q+pHYnDVyrHEsB9fQwg4bmJI+TCNuQBpGSL5ZC9oqqTXu1miuw9DpIHYgwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFL5OixmTDXAtymoiGuQt3Z2EilIYMB8GA1UdIwQY
MBaAFCV3bHf46+cJTKAHrOGpwL/cKzrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQt
ZTdkYWVjMTk0YTY5LzEvdms2TEdaTU5jQzNLYWlJYTVDM2RuWVNLVWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQtZTdkYWVjMTk0YTY5
LzEvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQGF1qAAwQG
aKaAAwQCuc9wAwQFwKlgAwQFwXYgAwQFwXZgAwQDx7boMA0EAgACMAcDBQMqCyHA
MA0GCSqGSIb3DQEBCwUAA4IBAQCFaPldxZNKq+dgh6x6Cn7GWDvoJyWQPLCmkINr
TEpIVtAZGxl8q171gPQykmDtKDAj4i2pAlj29VE+ApP4gD7nHursbRzs/mq3oxid
lEoo3qtZ4SEMi13c1fIMXEVNQQnUZZBpTK7aivGnGPWx4ffEd+h8zp4WC1hOtelb
5XXyqYYg32PUVZBEzF8gzLPQ3yjpzFTXlMmitbba7foCeuZ6ufnfuKGTWlqm2Neb
BHpZZtTaxw+l3ftDWpS7UeEDzxyP1om7FqL/7g2ton7CNrFbZ8GqvakfPpGloTr7
9/XM1SEzWb8AdT4BeXLzXbcZQlZj4bVfh+tigPt8IINHIuv0
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:53:01 2025 by rpki-client