Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5d837f-dfbe-4c6d-b585-ab8823c0ba2d/1/K-rNEDRKbJFNsZ86udQGAFpaJmw.roa
File: K-rNEDRKbJFNsZ86udQGAFpaJmw.roa (raw, json)
Hash identifier: Xup3sS1IfesbSYDacyddUH2GvVISClP/VpdFE+s1Ukw=
Subject key identifier: 2B:EA:CD:10:34:4A:6C:91:4D:B1:9F:3A:B9:D4:06:00:5A:5A:26:6C
Certificate issuer: /CN=070de218d58c51137f102ff19f49d30cbcd6d5ee
Certificate serial: 01856DAF5699BFB1F8E9741290489ADC52BC
Authority key identifier: 07:0D:E2:18:D5:8C:51:13:7F:10:2F:F1:9F:49:D3:0C:BC:D6:D5:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bw3iGNWMURN_EC_xn0nTDLzW1e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5d837f-dfbe-4c6d-b585-ab8823c0ba2d/1/K-rNEDRKbJFNsZ86udQGAFpaJmw.roa
Signing time: Sun 01 Jan 2023 14:14:45 +0000
ROA not before: Sun 01 Jan 2023 14:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50964
IP address blocks: 194.59.39.0/24 maxlen: 24
91.205.76.0/22 maxlen: 22
194.59.38.0/24 maxlen: 24
194.59.36.0/24 maxlen: 24
194.59.36.0/22 maxlen: 22
194.59.37.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:56:99:bf:b1:f8:e9:74:12:90:48:9a:dc:52:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=070de218d58c51137f102ff19f49d30cbcd6d5ee
Validity
Not Before: Jan 1 14:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2beacd10344a6c914db19f3ab9d406005a5a266c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9a:01:67:6f:0e:c5:14:39:d0:c0:09:c1:72:
72:d9:9a:39:ae:34:2e:55:21:63:c9:35:32:22:8f:
78:45:b4:30:95:12:1f:a2:01:eb:7c:cf:08:5f:14:
78:74:8f:a2:58:42:38:c0:d4:19:f0:a1:f3:61:5f:
d2:9d:a6:29:76:7e:0f:f7:3c:bb:49:33:fd:5a:a8:
5d:5e:dc:76:3e:0a:e3:35:9d:a4:7a:ba:73:65:10:
dc:cd:a9:13:50:8a:0c:15:06:87:24:41:4b:32:ce:
15:a1:19:dc:d9:93:fa:18:ca:68:93:3e:1b:b7:87:
c0:8f:59:27:52:bd:d4:a9:98:40:7c:7a:3d:e6:be:
6a:3b:3a:e6:25:33:98:c0:5d:be:0b:89:73:e3:3d:
28:92:e3:6b:30:61:90:c3:92:9b:ba:f6:72:4e:cb:
87:22:d9:96:be:34:08:62:34:25:23:1a:6f:72:cb:
c5:46:c1:70:44:dd:12:75:25:86:b5:0c:cf:59:91:
bc:c1:8b:22:7f:ff:8b:8c:14:d8:fe:3b:18:8b:19:
12:d0:47:5d:2c:3c:b0:76:57:59:9d:ad:72:fa:3d:
7b:bd:52:b4:41:0b:75:0b:b3:9b:2d:8d:76:46:93:
1c:cf:bf:26:5e:10:0c:a0:b1:08:f7:00:94:9c:fe:
9d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:EA:CD:10:34:4A:6C:91:4D:B1:9F:3A:B9:D4:06:00:5A:5A:26:6C
X509v3 Authority Key Identifier:
keyid:07:0D:E2:18:D5:8C:51:13:7F:10:2F:F1:9F:49:D3:0C:BC:D6:D5:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bw3iGNWMURN_EC_xn0nTDLzW1e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5d837f-dfbe-4c6d-b585-ab8823c0ba2d/1/K-rNEDRKbJFNsZ86udQGAFpaJmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5d837f-dfbe-4c6d-b585-ab8823c0ba2d/1/Bw3iGNWMURN_EC_xn0nTDLzW1e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.76.0/22
194.59.36.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:0a:76:47:15:dd:ba:49:f3:26:96:59:28:a3:66:4e:b4:b5:
65:cb:25:39:f5:ca:0e:b1:9e:c7:92:b5:ef:62:59:58:97:d8:
d2:b0:7a:42:ff:b5:1d:a2:ea:55:a9:2a:a9:9c:b3:bf:a8:b8:
75:5d:b8:cd:30:97:bc:81:f4:47:fd:1f:f5:00:0a:db:44:9c:
89:e9:a3:2e:8c:cc:85:45:c6:f4:01:2e:8a:8c:fb:a2:68:fb:
0d:eb:0f:89:1c:aa:ee:97:b9:58:ea:92:87:09:0a:6f:5f:53:
57:95:1a:b4:7c:16:72:64:3d:b9:0c:ae:c9:f8:fe:55:de:a3:
d5:24:b6:2e:7d:0d:81:d2:4b:eb:eb:12:f1:fb:97:59:6d:39:
b3:8b:37:3b:96:a9:7c:42:be:ff:ba:9b:7f:dc:a1:35:ad:0e:
f2:bc:29:8f:b3:6a:da:49:97:bf:1a:db:3d:0c:ed:e8:50:b4:
68:4d:76:c3:f6:ee:9c:9e:ae:1f:1e:98:5a:70:b1:d8:88:a6:
fd:0b:23:b2:84:69:71:67:bb:90:5f:28:4a:ac:29:42:1a:ce:
03:b5:0a:9e:8e:83:5e:84:4d:95:d9:57:09:6d:ad:dd:ed:7e:
bd:66:be:68:25:1e:61:49:df:50:2f:1b:26:4b:d7:ae:d4:98:
35:4a:d9:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtr1aZv7H46XQSkEia3FK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MGRlMjE4ZDU4YzUxMTM3ZjEwMmZmMTlmNDlkMzBjYmNk
NmQ1ZWUwHhcNMjMwMTAxMTQxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmVhY2QxMDM0NGE2YzkxNGRiMTlmM2FiOWQ0MDYwMDVhNWEyNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5oBZ28OxRQ50MAJwXJy2Zo5rjQu
VSFjyTUyIo94RbQwlRIfogHrfM8IXxR4dI+iWEI4wNQZ8KHzYV/SnaYpdn4P9zy7
STP9WqhdXtx2PgrjNZ2kerpzZRDczakTUIoMFQaHJEFLMs4VoRnc2ZP6GMpokz4b
t4fAj1knUr3UqZhAfHo95r5qOzrmJTOYwF2+C4lz4z0okuNrMGGQw5KbuvZyTsuH
ItmWvjQIYjQlIxpvcsvFRsFwRN0SdSWGtQzPWZG8wYsif/+LjBTY/jsYixkS0Edd
LDywdldZna1y+j17vVK0QQt1C7ObLY12RpMcz78mXhAMoLEI9wCUnP6dBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCvqzRA0SmyRTbGfOrnUBgBaWiZsMB8GA1UdIwQY
MBaAFAcN4hjVjFETfxAv8Z9J0wy81tXuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnczaUdOV01VUk5fRUNfeG4wblRETHpXMWU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81ZDgzN2YtZGZiZS00YzZkLWI1ODUt
YWI4ODIzYzBiYTJkLzEvSy1yTkVEUktiSkZOc1o4NnVkUUdBRnBhSm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81ZDgzN2YtZGZiZS00YzZkLWI1ODUtYWI4ODIzYzBiYTJk
LzEvQnczaUdOV01VUk5fRUNfeG4wblRETHpXMWU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW81MAwQC
wjskMA0GCSqGSIb3DQEBCwUAA4IBAQDDCnZHFd26SfMmllkoo2ZOtLVlyyU59coO
sZ7HkrXvYllYl9jSsHpC/7UdoupVqSqpnLO/qLh1XbjNMJe8gfRH/R/1AArbRJyJ
6aMujMyFRcb0AS6KjPuiaPsN6w+JHKrul7lY6pKHCQpvX1NXlRq0fBZyZD25DK7J
+P5V3qPVJLYufQ2B0kvr6xLx+5dZbTmzizc7lql8Qr7/upt/3KE1rQ7yvCmPs2ra
SZe/Gts9DO3oULRoTXbD9u6cnq4fHphacLHYiKb9CyOyhGlxZ7uQXyhKrClCGs4D
tQqejoNehE2V2VcJba3d7X69Zr5oJR5hSd9QLxsmS9eu1Jg1Stms
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:52:15 2025 by rpki-client