Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/efc26d-a835-469c-8a14-bc43b309e2c6/1/KXfrmgPP8fcEfYejgQW3QQw_ymM.roa
File: KXfrmgPP8fcEfYejgQW3QQw_ymM.roa (raw, json)
Hash identifier: phoTlq09IxR7hrTTEXCOamcl0ceryREvLrM8pa7hLUs=
Subject key identifier: 29:77:EB:9A:03:CF:F1:F7:04:7D:87:A3:81:05:B7:41:0C:3F:CA:63
Certificate issuer: /CN=22a96d3f69323d08b4ccb995294ad50b421e6b0d
Certificate serial: 018B91A20554F80DFD69406496D958F34929
Authority key identifier: 22:A9:6D:3F:69:32:3D:08:B4:CC:B9:95:29:4A:D5:0B:42:1E:6B:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqltP2kyPQi0zLmVKUrVC0Ieaw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/efc26d-a835-469c-8a14-bc43b309e2c6/1/KXfrmgPP8fcEfYejgQW3QQw_ymM.roa
Signing time: Thu 02 Nov 2023 20:03:16 +0000
ROA not before: Thu 02 Nov 2023 20:03:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47689
IP address blocks: 64.187.208.0/23 maxlen: 23
91.193.114.0/24 maxlen: 24
2a06:a340::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:91:a2:05:54:f8:0d:fd:69:40:64:96:d9:58:f3:49:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a96d3f69323d08b4ccb995294ad50b421e6b0d
Validity
Not Before: Nov 2 20:03:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2977eb9a03cff1f7047d87a38105b7410c3fca63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:83:c6:e6:09:3b:fd:4a:70:ba:61:3e:ec:22:
8a:6d:67:e8:e0:b8:2e:0a:c4:8f:bc:ff:fc:88:5b:
cc:47:9a:f2:54:96:6a:55:ac:48:48:b8:cf:f2:cb:
39:19:14:a4:dc:4a:f8:dc:6b:7a:6e:4f:19:73:83:
92:f4:64:78:66:ca:eb:db:01:29:d5:d7:98:d7:dd:
8e:21:4a:48:63:d7:14:70:3a:cd:98:41:5b:da:8d:
d6:d9:18:05:cf:8f:01:12:d1:9a:07:a3:4b:fd:81:
46:f5:99:90:b9:e4:22:f7:84:3a:15:dd:94:98:2c:
0c:69:c4:ff:f8:c6:21:51:4e:9a:67:de:7e:b9:58:
42:3c:69:9b:fa:e9:4c:3b:35:43:f8:11:91:16:f2:
ad:eb:50:bc:56:80:cb:6e:9c:93:19:7a:d9:f0:b9:
e8:ee:19:14:f3:bb:41:1e:0d:17:20:dd:4f:45:5b:
e6:ce:ef:a5:f5:84:a0:10:d6:30:18:3f:54:b7:ed:
cb:06:c9:64:66:c3:38:d9:78:e4:63:74:e3:18:9d:
b9:16:37:5f:ba:bc:1e:cc:73:20:e9:82:7e:5a:79:
4f:3d:93:e4:46:b7:ec:cc:b1:c3:51:df:c3:57:a4:
d8:b7:22:f1:56:30:bc:d7:ff:c3:0e:19:01:c9:e6:
8a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:77:EB:9A:03:CF:F1:F7:04:7D:87:A3:81:05:B7:41:0C:3F:CA:63
X509v3 Authority Key Identifier:
keyid:22:A9:6D:3F:69:32:3D:08:B4:CC:B9:95:29:4A:D5:0B:42:1E:6B:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqltP2kyPQi0zLmVKUrVC0Ieaw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/efc26d-a835-469c-8a14-bc43b309e2c6/1/KXfrmgPP8fcEfYejgQW3QQw_ymM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/efc26d-a835-469c-8a14-bc43b309e2c6/1/IqltP2kyPQi0zLmVKUrVC0Ieaw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.187.208.0/23
91.193.114.0/24
IPv6:
2a06:a340::/32
Signature Algorithm: sha256WithRSAEncryption
0d:f9:a4:1b:96:aa:73:1c:c7:f0:50:c2:7d:76:dc:5a:24:c2:
c1:a7:e0:e2:0b:af:38:16:53:98:ac:5a:5a:83:40:f4:e2:df:
0a:57:d3:21:b6:3b:b8:8b:d4:21:e2:d1:cb:79:8a:b2:06:10:
22:28:14:c3:9a:14:28:36:a1:c5:17:f2:a9:b0:db:a5:fd:23:
2a:0a:e8:01:89:fd:5f:fe:b9:89:7d:0d:80:d6:ca:0b:a1:15:
f5:ee:ce:8a:c4:a9:fc:6b:2c:8c:77:e0:3d:48:ff:d4:87:9c:
d5:db:1d:06:11:23:bc:84:c1:67:a6:21:5e:a4:74:ca:9c:17:
1d:4c:5b:90:fc:47:8f:7c:0d:71:ad:ea:94:13:83:49:b4:c4:
de:97:37:cd:ac:26:2b:c8:80:a7:18:e3:d2:08:20:16:15:16:
14:24:87:7c:44:40:12:30:29:bc:36:64:ab:b5:bb:90:bf:bc:
db:77:7f:ac:94:b2:5f:b7:e3:c0:e6:83:e3:f8:5a:77:8d:73:
8f:7e:65:84:9f:da:51:7f:9d:34:18:63:6d:1a:61:52:96:69:
d5:c6:57:61:4e:b0:6c:30:a8:20:6d:6d:5b:04:f0:a4:d6:e5:
4a:32:e3:5c:eb:11:cb:86:21:d7:98:3d:da:b5:16:70:d1:97:
86:20:5a:fa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuRogVU+A39aUBkltlY80kpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTk2ZDNmNjkzMjNkMDhiNGNjYjk5NTI5NGFkNTBiNDIx
ZTZiMGQwHhcNMjMxMTAyMjAwMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTc3ZWI5YTAzY2ZmMWY3MDQ3ZDg3YTM4MTA1Yjc0MTBjM2ZjYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYPG5gk7/UpwumE+7CKKbWfo4Lgu
CsSPvP/8iFvMR5ryVJZqVaxISLjP8ss5GRSk3Er43Gt6bk8Zc4OS9GR4Zsrr2wEp
1deY192OIUpIY9cUcDrNmEFb2o3W2RgFz48BEtGaB6NL/YFG9ZmQueQi94Q6Fd2U
mCwMacT/+MYhUU6aZ95+uVhCPGmb+ulMOzVD+BGRFvKt61C8VoDLbpyTGXrZ8Lno
7hkU87tBHg0XIN1PRVvmzu+l9YSgENYwGD9Ut+3LBslkZsM42XjkY3TjGJ25Fjdf
urwezHMg6YJ+WnlPPZPkRrfszLHDUd/DV6TYtyLxVjC81//DDhkByeaKlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCl365oDz/H3BH2Ho4EFt0EMP8pjMB8GA1UdIwQY
MBaAFCKpbT9pMj0ItMy5lSlK1QtCHmsNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFsdFAya3lQUWkwekxtVktVclZDMEllYXcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9lZmMyNmQtYTgzNS00NjljLThhMTQt
YmM0M2IzMDllMmM2LzEvS1hmcm1nUFA4ZmNFZlllamdRVzNRUXdfeW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9lZmMyNmQtYTgzNS00NjljLThhMTQtYmM0M2IzMDllMmM2
LzEvSXFsdFAya3lQUWkwekxtVktVclZDMEllYXcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBQLvQAwQA
W8FyMA0EAgACMAcDBQAqBqNAMA0GCSqGSIb3DQEBCwUAA4IBAQAN+aQblqpzHMfw
UMJ9dtxaJMLBp+DiC684FlOYrFpag0D04t8KV9Mhtju4i9Qh4tHLeYqyBhAiKBTD
mhQoNqHFF/KpsNul/SMqCugBif1f/rmJfQ2A1soLoRX17s6KxKn8ayyMd+A9SP/U
h5zV2x0GESO8hMFnpiFepHTKnBcdTFuQ/EePfA1xreqUE4NJtMTelzfNrCYryICn
GOPSCCAWFRYUJId8REASMCm8NmSrtbuQv7zbd3+slLJft+PA5oPj+Fp3jXOPfmWE
n9pRf500GGNtGmFSlmnVxldhTrBsMKggbW1bBPCk1uVKMuNc6xHLhiHXmD3atRZw
0ZeGIFr6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:50 2025 by rpki-client