Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/KDjWBtfUWmvzACa57cUDNtkrdUA.roa
File: KDjWBtfUWmvzACa57cUDNtkrdUA.roa (raw, json)
Hash identifier: /glLy7mZaGaTX2OWyQgPV2Cf31NNes0oBZbekJoIYok=
Subject key identifier: 28:38:D6:06:D7:D4:5A:6B:F3:00:26:B9:ED:C5:03:36:D9:2B:75:40
Certificate issuer: /CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Certificate serial: 0194221F9F1AC83998D732C4E9ADC451CF5A
Authority key identifier: 70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/KDjWBtfUWmvzACa57cUDNtkrdUA.roa
Signing time: Wed 01 Jan 2025 13:48:05 +0000
ROA not before: Wed 01 Jan 2025 13:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 109.234.76.0/24 maxlen: 24
194.26.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9f:1a:c8:39:98:d7:32:c4:e9:ad:c4:51:cf:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Validity
Not Before: Jan 1 13:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2838d606d7d45a6bf30026b9edc50336d92b7540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2c:85:aa:a4:b1:f0:91:2d:ad:b3:4f:54:e3:
86:6e:a6:19:81:19:14:b7:5b:a8:d8:e1:b9:ce:47:
e7:52:d5:f9:b7:b9:de:f2:39:d6:c6:db:24:77:e2:
31:63:ad:0d:8c:47:c5:c2:f0:eb:e5:bb:19:e1:61:
bf:40:4f:d1:92:3e:2a:b0:64:8c:9e:b5:3b:83:d9:
4e:a0:ed:df:5f:f6:f8:24:d2:6f:08:c0:22:a6:77:
4d:e2:2e:e5:12:89:e0:a5:58:9e:26:a6:1f:a7:f4:
3a:0c:e7:84:eb:8e:2a:3b:0f:55:f5:bc:5f:f6:14:
49:30:43:ec:a3:06:33:22:a4:fd:e3:87:6a:23:93:
11:14:7b:86:da:c4:be:71:9f:ea:49:6c:62:ed:0d:
84:45:13:47:e7:14:59:0d:e9:f6:a2:b1:6a:36:35:
78:fa:54:b1:f2:84:38:55:39:e4:86:00:16:05:b3:
1e:19:e7:ae:92:63:5d:66:7a:73:e4:7b:b3:52:b9:
00:7e:06:79:2b:8b:68:8f:ea:c5:aa:cd:d4:93:72:
0c:10:69:72:cb:77:ea:7c:5a:9d:dc:e6:47:3c:01:
79:4d:10:2b:2a:79:78:94:ee:46:d7:de:62:a4:de:
80:da:39:8e:03:22:37:86:32:ff:e3:5e:b9:ee:12:
7f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:38:D6:06:D7:D4:5A:6B:F3:00:26:B9:ED:C5:03:36:D9:2B:75:40
X509v3 Authority Key Identifier:
keyid:70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/KDjWBtfUWmvzACa57cUDNtkrdUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.76.0/24
194.26.119.0/24
Signature Algorithm: sha256WithRSAEncryption
21:ad:0c:b4:b1:8c:1d:a3:89:d0:f6:fc:5c:7d:ec:84:43:47:
db:fe:5c:c7:97:d1:0e:8c:f0:e0:47:7b:d4:3b:c5:3d:dc:4c:
14:6a:04:87:b9:8c:ff:71:c7:f7:b9:d1:9c:d5:6f:28:c6:69:
14:7e:e4:df:da:ae:ef:34:86:ce:7d:93:8c:39:9d:be:57:71:
2c:4e:cb:a0:ca:33:6d:fc:ae:31:73:74:52:db:51:03:e3:48:
67:08:ea:0b:ff:0b:12:01:25:7c:92:0b:45:cd:6f:b6:fb:bc:
e7:7e:d6:dd:61:66:82:94:9f:7a:d1:5d:f2:07:bc:26:c7:7f:
45:b4:d1:ee:75:34:01:1b:37:cb:d7:08:e6:52:b4:85:78:39:
8b:77:29:9c:f9:67:7e:cb:ab:86:20:a7:df:1e:0d:ec:9f:97:
0b:ac:76:4a:92:b3:9f:32:29:0d:25:91:2c:9a:4d:97:4b:81:
39:46:e6:b6:dc:23:71:f1:61:a2:5f:db:d6:62:04:55:6d:41:
be:64:59:97:ab:fb:dd:63:6b:1a:71:20:e0:92:0c:f9:4d:60:
47:b6:6a:15:e1:67:08:c1:1c:b3:7b:d3:b3:09:83:03:10:e3:
39:21:30:4e:d6:dc:bd:8a:23:c4:3b:57:38:00:e4:93:52:dd:
23:c7:5d:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH58ayDmY1zLE6a3EUc9aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQzYWJiYjQ3OGI3NGVmMmFkZWY5YmI3YzQzMzZlMzQx
MTFkNTEwHhcNMjUwMTAxMTM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODM4ZDYwNmQ3ZDQ1YTZiZjMwMDI2YjllZGM1MDMzNmQ5MmI3NTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiyFqqSx8JEtrbNPVOOGbqYZgRkU
t1uo2OG5zkfnUtX5t7ne8jnWxtskd+IxY60NjEfFwvDr5bsZ4WG/QE/Rkj4qsGSM
nrU7g9lOoO3fX/b4JNJvCMAipndN4i7lEongpVieJqYfp/Q6DOeE644qOw9V9bxf
9hRJMEPsowYzIqT944dqI5MRFHuG2sS+cZ/qSWxi7Q2ERRNH5xRZDen2orFqNjV4
+lSx8oQ4VTnkhgAWBbMeGeeukmNdZnpz5HuzUrkAfgZ5K4toj+rFqs3Uk3IMEGly
y3fqfFqd3OZHPAF5TRArKnl4lO5G195ipN6A2jmOAyI3hjL/41657hJ/0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCg41gbX1Fpr8wAmue3FAzbZK3VAMB8GA1UdIwQY
MBaAFHBtOru0eLdO8q3vm7fEM240ER1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYt
YTQyMTNjOTNmMWY3LzEvS0RqV0J0ZlVXbXZ6QUNhNTdjVUROdGtyZFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYtYTQyMTNjOTNmMWY3
LzEvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbepMAwQA
whp3MA0GCSqGSIb3DQEBCwUAA4IBAQAhrQy0sYwdo4nQ9vxcfeyEQ0fb/lzHl9EO
jPDgR3vUO8U93EwUagSHuYz/ccf3udGc1W8oxmkUfuTf2q7vNIbOfZOMOZ2+V3Es
TsugyjNt/K4xc3RS21ED40hnCOoL/wsSASV8kgtFzW+2+7znftbdYWaClJ960V3y
B7wmx39FtNHudTQBGzfL1wjmUrSFeDmLdymc+Wd+y6uGIKffHg3sn5cLrHZKkrOf
MikNJZEsmk2XS4E5Rua23CNx8WGiX9vWYgRVbUG+ZFmXq/vdY2sacSDgkgz5TWBH
tmoV4WcIwRyze9OzCYMDEOM5ITBO1ty9iiPEO1c4AOSTUt0jx13d
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:41 2025 by rpki-client