Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/K2KWy_mQsUZWaTV8PEcejmLAT60.roa
File: K2KWy_mQsUZWaTV8PEcejmLAT60.roa (raw, json)
Hash identifier: FhNLHASlAsa9lHin4H7G9Yhw6Aqeoa1NtYO8tRdr6rw=
Subject key identifier: 2B:62:96:CB:F9:90:B1:46:56:69:35:7C:3C:47:1E:8E:62:C0:4F:AD
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0194221FCB7C781520534DA0CE97D8DB8E88
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/K2KWy_mQsUZWaTV8PEcejmLAT60.roa
Signing time: Wed 01 Jan 2025 13:48:16 +0000
ROA not before: Wed 01 Jan 2025 13:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201472
IP address blocks: 89.174.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:cb:7c:78:15:20:53:4d:a0:ce:97:d8:db:8e:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 13:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b6296cbf990b1465669357c3c471e8e62c04fad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:49:6e:5d:c0:af:98:13:0a:6e:2c:72:3e:73:
96:47:2e:89:85:e8:63:16:34:c6:38:4d:35:4a:d0:
d4:dd:8b:0f:21:00:bf:94:c7:77:51:b1:b9:7f:cd:
07:12:e2:e7:d4:8e:31:65:71:a4:ac:71:ab:74:63:
30:5a:77:ff:fb:3a:da:0d:85:ec:a3:c7:d0:c2:96:
7c:cd:2d:59:df:e3:71:a7:29:5d:34:c5:f8:7a:5d:
09:8c:61:2c:4c:01:c2:8a:02:f8:4a:b5:1c:76:86:
90:ad:9c:3b:87:d9:c4:07:6f:5f:4d:67:de:7a:75:
c0:4a:a4:6f:5c:53:48:c7:5b:cb:ba:32:d5:31:00:
c7:21:3f:ea:2f:5a:d6:db:e7:5a:41:b2:bf:82:ad:
f0:f7:f4:3b:5e:f4:cc:ba:50:0d:55:66:88:c4:82:
ee:2f:17:aa:4d:03:70:60:61:5b:70:81:71:ad:1a:
20:76:31:5f:6f:ab:43:80:ad:93:44:5f:f1:86:13:
1b:65:2a:fd:ae:36:35:d4:2c:28:20:a9:30:52:89:
06:e0:a4:11:6e:71:14:12:1a:92:3a:3d:8e:90:76:
23:00:90:1a:49:00:5c:69:3c:e2:19:5b:94:c5:a4:
46:39:2c:cd:2b:f2:7f:ef:d8:80:bb:58:fe:58:72:
b7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:62:96:CB:F9:90:B1:46:56:69:35:7C:3C:47:1E:8E:62:C0:4F:AD
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/K2KWy_mQsUZWaTV8PEcejmLAT60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.174.181.0/24
Signature Algorithm: sha256WithRSAEncryption
33:c0:90:24:7a:f3:01:65:59:3d:9b:f4:a0:92:8b:bf:cd:dd:
40:92:51:5f:70:b7:4c:80:8e:3d:ad:f6:da:86:41:8a:1d:12:
ba:f9:d0:a6:11:34:4d:af:2d:fe:2d:e2:f3:76:7d:f6:ad:a8:
85:f7:d8:f6:60:52:de:26:61:ca:50:72:c9:26:f2:53:4f:95:
5f:84:f2:10:f5:26:13:e8:94:b5:39:2c:61:9b:2c:3a:46:9a:
e8:34:ed:c7:df:a5:8b:39:26:67:96:52:61:42:d8:10:a4:b5:
5d:0e:b5:5d:ca:96:b2:3c:dc:ad:20:19:1a:37:a0:a9:aa:bf:
53:61:bc:b5:27:fe:98:ec:0c:b9:50:76:f9:a0:af:4c:37:a0:
43:d0:8b:eb:ef:8e:6a:b5:42:1a:2a:f8:e1:18:e6:8d:03:69:
a9:ed:ae:97:5c:f1:bd:e4:10:13:91:23:7f:11:29:c9:77:a2:
76:76:1d:bb:7b:aa:ee:81:97:db:1d:81:bc:e1:1e:a2:f7:5a:
83:a8:79:b2:25:4c:9f:69:8e:e8:31:fe:63:7b:20:d4:fd:c0:
ac:50:02:f1:72:82:74:bd:5f:90:69:ac:cb:43:c5:48:c2:0a:
78:7a:3e:aa:12:01:ec:5e:84:7b:1f:47:be:e0:51:e5:0e:3b:
fc:66:7c:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH8t8eBUgU02gzpfY246IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjUwMTAxMTM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjYyOTZjYmY5OTBiMTQ2NTY2OTM1N2MzYzQ3MWU4ZTYyYzA0ZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUluXcCvmBMKbixyPnOWRy6Jhehj
FjTGOE01StDU3YsPIQC/lMd3UbG5f80HEuLn1I4xZXGkrHGrdGMwWnf/+zraDYXs
o8fQwpZ8zS1Z3+NxpyldNMX4el0JjGEsTAHCigL4SrUcdoaQrZw7h9nEB29fTWfe
enXASqRvXFNIx1vLujLVMQDHIT/qL1rW2+daQbK/gq3w9/Q7XvTMulANVWaIxILu
LxeqTQNwYGFbcIFxrRogdjFfb6tDgK2TRF/xhhMbZSr9rjY11CwoIKkwUokG4KQR
bnEUEhqSOj2OkHYjAJAaSQBcaTziGVuUxaRGOSzNK/J/79iAu1j+WHK3OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCtilsv5kLFGVmk1fDxHHo5iwE+tMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvSzJLV3lfbVFzVVpXYVRWOFBFY2VqbUxBVDYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWa61MA0G
CSqGSIb3DQEBCwUAA4IBAQAzwJAkevMBZVk9m/Sgkou/zd1AklFfcLdMgI49rfba
hkGKHRK6+dCmETRNry3+LeLzdn32raiF99j2YFLeJmHKUHLJJvJTT5VfhPIQ9SYT
6JS1OSxhmyw6RproNO3H36WLOSZnllJhQtgQpLVdDrVdypayPNytIBkaN6Cpqr9T
Yby1J/6Y7Ay5UHb5oK9MN6BD0Ivr745qtUIaKvjhGOaNA2mp7a6XXPG95BATkSN/
ESnJd6J2dh27e6rugZfbHYG84R6i91qDqHmyJUyfaY7oMf5jeyDU/cCsUALxcoJ0
vV+QaazLQ8VIwgp4ej6qEgHsXoR7H0e+4FHlDjv8Znzz
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:49 2025 by rpki-client on console.sobornost.net