Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/KRSzUBxyLebIHKF4Pc56YInJ7G4.roa
File: KRSzUBxyLebIHKF4Pc56YInJ7G4.roa (raw, json)
Hash identifier: bYjIh5qsMD47j13Dp6UvpgvAJLXcSZU6nC4Ef8AfKgY=
Subject key identifier: 29:14:B3:50:1C:72:2D:E6:C8:1C:A1:78:3D:CE:7A:60:89:C9:EC:6E
Certificate issuer: /CN=e5de0de73e73874bbc66738805d373cab833b7a5
Certificate serial: 01941F8C8555B6189CAE321BCF6D0D278C85
Authority key identifier: E5:DE:0D:E7:3E:73:87:4B:BC:66:73:88:05:D3:73:CA:B8:33:B7:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/KRSzUBxyLebIHKF4Pc56YInJ7G4.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.137.156.0/24 maxlen: 24
2a10:a100::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:85:55:b6:18:9c:ae:32:1b:cf:6d:0d:27:8c:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5de0de73e73874bbc66738805d373cab833b7a5
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2914b3501c722de6c81ca1783dce7a6089c9ec6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:40:5b:42:d0:18:8e:c4:72:93:47:09:3f:b4:
d6:47:6c:b8:d2:6e:d2:c7:5a:f3:f8:b5:2b:bf:fb:
1f:f4:b4:a2:5a:be:1c:8e:c3:d2:a9:02:43:31:3c:
14:ba:92:6f:55:2b:48:08:e2:90:35:64:e2:2e:9f:
42:3d:98:d9:14:17:ff:59:1d:7c:9e:0e:55:ab:70:
67:14:3e:5d:7a:68:45:41:87:ff:33:f1:d7:05:b8:
14:26:0b:34:53:2f:d2:9b:71:42:8e:5e:d8:9c:6f:
4b:12:4a:69:52:76:f2:da:97:29:d3:30:dc:a8:32:
76:30:a0:69:b1:3c:d8:57:29:2b:38:7d:60:ca:fb:
74:a2:8e:23:dd:48:fb:6d:5f:e0:e6:bd:20:b6:b8:
ed:c0:ab:82:45:09:6c:18:bc:5c:d3:c8:28:f0:0a:
12:4a:f9:37:3f:83:0b:08:ff:c3:f4:02:18:06:73:
1f:26:c2:43:fc:e9:15:72:f1:90:b4:2f:be:d7:7a:
a9:1b:a1:84:43:84:f8:c1:3c:54:7c:21:5d:89:d9:
14:b6:95:87:38:84:a8:10:58:72:d6:91:a6:83:14:
fc:de:a9:20:85:e0:ad:b5:c2:2d:a1:ef:3c:85:b3:
74:7f:5d:c6:c1:de:6b:34:ad:8b:cc:7b:3d:42:56:
16:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:14:B3:50:1C:72:2D:E6:C8:1C:A1:78:3D:CE:7A:60:89:C9:EC:6E
X509v3 Authority Key Identifier:
keyid:E5:DE:0D:E7:3E:73:87:4B:BC:66:73:88:05:D3:73:CA:B8:33:B7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/KRSzUBxyLebIHKF4Pc56YInJ7G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.156.0/24
IPv6:
2a10:a100::/40
Signature Algorithm: sha256WithRSAEncryption
35:70:33:6a:73:b5:15:58:85:ec:c5:1c:95:0c:4e:40:11:7b:
a8:e2:79:02:3b:5a:ce:34:ed:f1:93:14:71:4c:df:51:81:5e:
88:e7:46:65:98:f1:5f:bb:e1:df:00:0a:fb:03:f1:cb:3f:e2:
0c:7f:98:bb:89:a1:59:22:4e:35:5e:84:07:ed:25:82:af:e3:
66:4e:68:60:04:92:cc:c8:5e:df:56:a9:6b:bd:d5:8d:49:ba:
cd:54:04:44:98:a2:52:d8:5b:ba:d0:98:f0:be:4e:d5:18:4c:
93:87:ad:67:55:41:21:38:93:ce:96:5c:3a:62:c4:87:57:1f:
f2:23:da:4d:6f:82:10:bd:05:7e:6b:bf:6e:f2:b6:83:cd:74:
ea:af:1e:65:11:d8:8a:16:ee:b8:f4:7d:8e:9f:9b:0f:58:af:
49:9e:96:5a:a2:64:b0:c3:8b:83:2f:00:74:1a:f1:ae:6b:72:
7c:fa:60:22:c6:74:56:93:f9:6c:49:88:da:97:fe:82:3b:0a:
96:d3:f6:29:06:c6:0d:d1:b8:dc:f9:22:bc:c5:c7:47:e3:30:
7b:5d:2b:45:1b:6f:67:a7:81:85:05:60:71:b1:12:e7:bd:d2:
25:22:66:45:f5:d7:75:ee:89:9b:21:97:31:73:f9:bb:3e:2f:
5c:5f:8e:06
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQfjIVVthicrjIbz20NJ4yFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZGUwZGU3M2U3Mzg3NGJiYzY2NzM4ODA1ZDM3M2NhYjgz
M2I3YTUwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTE0YjM1MDFjNzIyZGU2YzgxY2ExNzgzZGNlN2E2MDg5YzllYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kBbQtAYjsRyk0cJP7TWR2y40m7S
x1rz+LUrv/sf9LSiWr4cjsPSqQJDMTwUupJvVStICOKQNWTiLp9CPZjZFBf/WR18
ng5Vq3BnFD5demhFQYf/M/HXBbgUJgs0Uy/Sm3FCjl7YnG9LEkppUnby2pcp0zDc
qDJ2MKBpsTzYVykrOH1gyvt0oo4j3Uj7bV/g5r0gtrjtwKuCRQlsGLxc08go8AoS
Svk3P4MLCP/D9AIYBnMfJsJD/OkVcvGQtC++13qpG6GEQ4T4wTxUfCFdidkUtpWH
OISoEFhy1pGmgxT83qkgheCttcItoe88hbN0f13Gwd5rNK2LzHs9QlYWsQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCkUs1Acci3myByheD3OemCJyexuMB8GA1UdIwQY
MBaAFOXeDec+c4dLvGZziAXTc8q4M7elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWQ0TjV6NXpoMHU4Wm5PSUJkTnp5cmd6dDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81NWI5ZDctZjcwMy00NWZlLThiNjMt
MTA1MzRjNjdiYmI4LzEvS1JTelVCeHlMZWJJSEtGNFBjNTZZSW5KN0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81NWI5ZDctZjcwMy00NWZlLThiNjMtMTA1MzRjNjdiYmI4
LzEvNWQ0TjV6NXpoMHU4Wm5PSUJkTnp5cmd6dDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuYmcMA4E
AgACMAgDBgAqEKEAADANBgkqhkiG9w0BAQsFAAOCAQEANXAzanO1FViF7MUclQxO
QBF7qOJ5AjtazjTt8ZMUcUzfUYFeiOdGZZjxX7vh3wAK+wPxyz/iDH+Yu4mhWSJO
NV6EB+0lgq/jZk5oYASSzMhe31apa73VjUm6zVQERJiiUthbutCY8L5O1RhMk4et
Z1VBITiTzpZcOmLEh1cf8iPaTW+CEL0Ffmu/bvK2g8106q8eZRHYihbuuPR9jp+b
D1ivSZ6WWqJksMOLgy8AdBrxrmtyfPpgIsZ0VpP5bEmI2pf+gjsKltP2KQbGDdG4
3PkivMXHR+Mwe10rRRtvZ6eBhQVgcbES573SJSJmRfXXde6JmyGXMXP5uz4vXF+O
Bg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:43 2025 by rpki-client