Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/KntaM8lbcY4c01Dw4SaSSX2lodw.roa
File: KntaM8lbcY4c01Dw4SaSSX2lodw.roa (raw, json)
Hash identifier: cLp1SD6XtpquL0QHMFnM+17dWoMSgXrVeFdbvQlKhQM=
Subject key identifier: 2A:7B:5A:33:C9:5B:71:8E:1C:D3:50:F0:E1:26:92:49:7D:A5:A1:DC
Certificate issuer: /CN=c3fb403a241883e58fced52d39d80eabd52bb36f
Certificate serial: 019425FDE150B962AD51591073923D922F13
Authority key identifier: C3:FB:40:3A:24:18:83:E5:8F:CE:D5:2D:39:D8:0E:AB:D5:2B:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w_tAOiQYg-WPztUtOdgOq9Urs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/KntaM8lbcY4c01Dw4SaSSX2lodw.roa
Signing time: Thu 02 Jan 2025 07:49:42 +0000
ROA not before: Thu 02 Jan 2025 07:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 194.44.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:e1:50:b9:62:ad:51:59:10:73:92:3d:92:2f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3fb403a241883e58fced52d39d80eabd52bb36f
Validity
Not Before: Jan 2 07:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a7b5a33c95b718e1cd350f0e12692497da5a1dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7d:39:5b:bb:e4:67:2b:15:45:d6:a1:27:a5:
ac:77:ea:cc:f6:b5:69:c7:74:fd:5a:f0:4a:2a:af:
1a:79:d4:61:70:46:23:ea:42:cf:32:f0:db:7c:93:
7c:f1:08:7c:2d:e7:30:06:da:3b:8f:f8:51:7e:7c:
bf:10:8a:b3:9d:b4:f4:95:83:99:4d:c4:76:9a:c4:
a4:2f:f1:0e:91:fc:55:9a:af:17:aa:19:f1:e5:5e:
65:08:a9:d4:50:97:48:81:0b:82:1d:22:ab:0d:da:
30:41:9d:53:87:76:09:0a:52:5f:bf:51:24:26:8b:
f4:02:04:42:85:bf:b7:9c:bd:5d:d2:c7:60:ba:f8:
58:a9:b3:17:5b:7b:99:44:92:4f:58:ab:c6:42:1c:
cc:f9:9d:41:c8:ec:1d:f3:b8:9d:f1:74:12:4f:32:
d5:ab:e8:39:fe:0d:de:28:2e:29:a9:7f:e4:8c:a5:
f9:68:23:c7:e6:61:75:1c:40:70:83:2e:5a:59:b1:
a7:0f:7f:74:bb:97:d8:95:15:af:95:35:55:94:84:
c3:fe:57:24:c4:fc:4b:d3:57:49:27:eb:72:0f:f2:
96:2b:32:3f:fa:b4:33:cb:3b:38:98:0a:38:f0:fc:
64:62:41:fa:86:51:ae:e0:6a:71:27:ab:1b:91:f3:
19:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7B:5A:33:C9:5B:71:8E:1C:D3:50:F0:E1:26:92:49:7D:A5:A1:DC
X509v3 Authority Key Identifier:
keyid:C3:FB:40:3A:24:18:83:E5:8F:CE:D5:2D:39:D8:0E:AB:D5:2B:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w_tAOiQYg-WPztUtOdgOq9Urs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/KntaM8lbcY4c01Dw4SaSSX2lodw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/w_tAOiQYg-WPztUtOdgOq9Urs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.44.235.0/24
Signature Algorithm: sha256WithRSAEncryption
01:41:12:99:55:36:09:df:d9:6c:15:2a:f8:75:8f:37:cb:2d:
f4:ff:bd:2f:33:5e:c1:2e:49:69:39:a6:0c:ea:24:7b:6f:05:
15:8d:95:26:40:3a:4d:41:92:35:22:a5:fb:76:66:5e:6f:c8:
3b:75:fc:68:18:7a:14:14:77:aa:58:f6:70:d6:c0:d7:90:55:
c8:80:7a:bf:45:89:0c:53:40:2b:a5:78:60:38:d0:b7:33:67:
35:4a:e8:c0:e4:f7:cb:dd:fa:f2:54:d1:24:a5:50:71:21:c6:
e4:5e:a4:25:c1:3f:69:be:82:24:4f:fe:7b:53:88:8e:c1:ed:
ff:31:0a:8f:f4:7c:28:be:68:ba:37:ac:bd:17:36:3f:5f:75:
c3:67:6a:4d:fe:26:41:a6:70:1c:9d:55:40:24:2d:56:23:de:
b2:8b:8f:9b:75:13:67:ff:88:05:23:d4:9f:e4:31:6e:58:20:
b4:c7:41:e9:48:d9:a7:23:6a:28:e1:21:09:ea:f2:28:37:2c:
a1:55:9d:87:64:60:95:bd:e0:9b:42:1c:61:bc:14:f4:e2:dd:
3c:55:94:d5:43:e3:42:21:0d:97:9e:55:f2:ef:43:b4:31:66:
8b:09:88:0b:15:18:76:c6:2f:ea:fd:73:8f:c1:cd:bf:1e:ef:
5a:22:c3:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/eFQuWKtUVkQc5I9ki8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZmI0MDNhMjQxODgzZTU4ZmNlZDUyZDM5ZDgwZWFiZDUy
YmIzNmYwHhcNMjUwMTAyMDc0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdiNWEzM2M5NWI3MThlMWNkMzUwZjBlMTI2OTI0OTdkYTVhMWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX05W7vkZysVRdahJ6Wsd+rM9rVp
x3T9WvBKKq8aedRhcEYj6kLPMvDbfJN88Qh8LecwBto7j/hRfny/EIqznbT0lYOZ
TcR2msSkL/EOkfxVmq8Xqhnx5V5lCKnUUJdIgQuCHSKrDdowQZ1Th3YJClJfv1Ek
Jov0AgRChb+3nL1d0sdguvhYqbMXW3uZRJJPWKvGQhzM+Z1ByOwd87id8XQSTzLV
q+g5/g3eKC4pqX/kjKX5aCPH5mF1HEBwgy5aWbGnD390u5fYlRWvlTVVlITD/lck
xPxL01dJJ+tyD/KWKzI/+rQzyzs4mAo48PxkYkH6hlGu4GpxJ6sbkfMZewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCp7WjPJW3GOHNNQ8OEmkkl9paHcMB8GA1UdIwQY
MBaAFMP7QDokGIPlj87VLTnYDqvVK7NvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd190QU9pUVlnLVdQenRVdE9kZ09xOVVyczI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80ZGM2MjUtN2MxYy00ZGFjLTg5OWUt
YTlhNzc5MDI2ZjBhLzEvS250YU04bGJjWTRjMDFEdzRTYVNTWDJsb2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC80ZGM2MjUtN2MxYy00ZGFjLTg5OWUtYTlhNzc5MDI2ZjBh
LzEvd190QU9pUVlnLVdQenRVdE9kZ09xOVVyczI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwizrMA0G
CSqGSIb3DQEBCwUAA4IBAQABQRKZVTYJ39lsFSr4dY83yy30/70vM17BLklpOaYM
6iR7bwUVjZUmQDpNQZI1IqX7dmZeb8g7dfxoGHoUFHeqWPZw1sDXkFXIgHq/RYkM
U0ArpXhgONC3M2c1SujA5PfL3fryVNEkpVBxIcbkXqQlwT9pvoIkT/57U4iOwe3/
MQqP9Hwovmi6N6y9FzY/X3XDZ2pN/iZBpnAcnVVAJC1WI96yi4+bdRNn/4gFI9Sf
5DFuWCC0x0HpSNmnI2oo4SEJ6vIoNyyhVZ2HZGCVveCbQhxhvBT04t08VZTVQ+NC
IQ2XnlXy70O0MWaLCYgLFRh2xi/q/XOPwc2/Hu9aIsNf
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:38:18 2025 by rpki-client