Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/466aab-a470-4344-a367-547be4cfa457/1/K2WTfNgGTgwLI8daJh2SwttMQ5w.roa
File: K2WTfNgGTgwLI8daJh2SwttMQ5w.roa (raw, json)
Hash identifier: kg2DGvsW5/IaD92YzOAMjHp8f1xtHOO7qcNliTfoKss=
Subject key identifier: 2B:65:93:7C:D8:06:4E:0C:0B:23:C7:5A:26:1D:92:C2:DB:4C:43:9C
Certificate issuer: /CN=75b795066150a1c367dabccf69c970ab0c723215
Certificate serial: 01949A2DE5E250699B62CAB87A160437D422
Authority key identifier: 75:B7:95:06:61:50:A1:C3:67:DA:BC:CF:69:C9:70:AB:0C:72:32:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dbeVBmFQocNn2rzPaclwqwxyMhU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/466aab-a470-4344-a367-547be4cfa457/1/K2WTfNgGTgwLI8daJh2SwttMQ5w.roa
Signing time: Fri 24 Jan 2025 21:18:06 +0000
ROA not before: Fri 24 Jan 2025 21:18:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44947
IP address blocks: 194.5.54.0/24 maxlen: 24
2a13:5e40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9a:2d:e5:e2:50:69:9b:62:ca:b8:7a:16:04:37:d4:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75b795066150a1c367dabccf69c970ab0c723215
Validity
Not Before: Jan 24 21:18:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b65937cd8064e0c0b23c75a261d92c2db4c439c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b2:3d:26:f7:cc:56:56:07:6d:19:be:85:50:
03:fb:29:3c:1d:a0:36:63:25:b0:50:3a:7f:58:ea:
9e:af:9e:d6:81:51:e0:7f:92:27:0b:54:0c:f3:35:
15:cb:6a:ee:51:57:79:66:26:c2:64:96:44:d0:ea:
97:56:eb:e1:96:be:5c:a5:0a:11:2a:7e:a3:80:f3:
5b:4e:b6:86:c1:aa:bd:fa:04:8d:43:2d:30:dc:bf:
b7:06:bb:c7:9a:4f:c9:ad:50:0a:a4:5a:0c:0b:ba:
0e:c2:5a:9f:93:e3:80:76:69:1a:11:2b:45:41:1e:
65:b7:e0:31:e5:14:7d:16:69:98:9b:19:62:7b:a7:
e0:d2:6f:a3:49:9b:d3:a2:b5:ab:97:71:54:fc:f3:
41:32:63:82:2c:ca:ca:12:36:b3:ac:2b:e1:34:3b:
28:38:75:ec:9d:b6:1c:8e:69:f2:3c:fe:1f:19:cc:
e1:8c:06:31:d2:49:5e:4e:dc:cb:dd:35:a0:b8:16:
77:d6:e7:1a:37:10:8d:48:6e:fa:29:b1:fd:f3:23:
9d:04:fe:04:7f:62:83:65:e3:61:fa:a9:ad:08:78:
d0:46:c5:cc:b7:4b:2b:ad:c1:cb:e1:6b:17:0d:9c:
a2:7f:62:e6:cb:5d:9f:54:3a:20:80:b1:91:2e:98:
82:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:65:93:7C:D8:06:4E:0C:0B:23:C7:5A:26:1D:92:C2:DB:4C:43:9C
X509v3 Authority Key Identifier:
keyid:75:B7:95:06:61:50:A1:C3:67:DA:BC:CF:69:C9:70:AB:0C:72:32:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbeVBmFQocNn2rzPaclwqwxyMhU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/466aab-a470-4344-a367-547be4cfa457/1/K2WTfNgGTgwLI8daJh2SwttMQ5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/466aab-a470-4344-a367-547be4cfa457/1/dbeVBmFQocNn2rzPaclwqwxyMhU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.54.0/24
IPv6:
2a13:5e40::/29
Signature Algorithm: sha256WithRSAEncryption
0a:a2:8f:b6:89:b5:90:fe:f1:43:9b:0b:c6:15:df:51:58:78:
bb:b2:0b:78:e5:d7:9c:56:83:bd:b4:5f:8e:de:b3:cb:86:a7:
d8:00:c4:64:8e:e2:e0:4e:d5:f5:03:e5:3b:cf:97:a3:6a:29:
13:99:55:ea:d8:2a:d1:c6:23:0b:6e:93:dc:c4:5e:79:ae:cf:
7a:df:26:38:75:80:18:4e:37:b1:b4:73:cd:ed:b1:e0:02:45:
4c:1b:15:88:d9:99:d1:24:c2:d7:94:83:cc:3d:37:1d:f5:1d:
08:04:c3:c6:49:da:91:2e:68:af:09:f9:eb:61:6f:84:d7:c0:
3c:04:98:e3:58:48:76:f9:3c:b2:34:08:d3:ce:21:b7:00:3e:
cb:0f:4e:af:04:a7:74:ad:19:96:4a:93:e5:3c:ac:9b:3a:a1:
7b:34:31:e6:3a:8f:b0:66:73:0b:1b:fa:86:b3:05:41:3b:e1:
96:10:36:98:71:5f:15:b9:21:14:39:b9:53:84:fc:26:4c:1c:
46:8e:51:0b:8b:75:fa:1b:83:79:a2:91:84:b3:21:b2:44:b1:
88:15:b4:88:0a:58:ab:f0:65:8e:23:be:c1:70:36:e2:27:0f:
96:9b:26:1e:b3:42:1c:d5:fe:da:77:93:3d:ba:de:6a:b3:16:
11:7f:34:98
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZSaLeXiUGmbYsq4ehYEN9QiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1Yjc5NTA2NjE1MGExYzM2N2RhYmNjZjY5Yzk3MGFiMGM3
MjMyMTUwHhcNMjUwMTI0MjExODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjY1OTM3Y2Q4MDY0ZTBjMGIyM2M3NWEyNjFkOTJjMmRiNGM0MzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrI9JvfMVlYHbRm+hVAD+yk8HaA2
YyWwUDp/WOqer57WgVHgf5InC1QM8zUVy2ruUVd5ZibCZJZE0OqXVuvhlr5cpQoR
Kn6jgPNbTraGwaq9+gSNQy0w3L+3BrvHmk/JrVAKpFoMC7oOwlqfk+OAdmkaEStF
QR5lt+Ax5RR9FmmYmxlie6fg0m+jSZvTorWrl3FU/PNBMmOCLMrKEjazrCvhNDso
OHXsnbYcjmnyPP4fGczhjAYx0kleTtzL3TWguBZ31ucaNxCNSG76KbH98yOdBP4E
f2KDZeNh+qmtCHjQRsXMt0srrcHL4WsXDZyif2Lmy12fVDoggLGRLpiC7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCtlk3zYBk4MCyPHWiYdksLbTEOcMB8GA1UdIwQY
MBaAFHW3lQZhUKHDZ9q8z2nJcKsMcjIVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGJlVkJtRlFvY05uMnJ6UGFjbHdxd3h5TWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80NjZhYWItYTQ3MC00MzQ0LWEzNjct
NTQ3YmU0Y2ZhNDU3LzEvSzJXVGZOZ0dUZ3dMSThkYUpoMlN3dHRNUTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80NjZhYWItYTQ3MC00MzQ0LWEzNjctNTQ3YmU0Y2ZhNDU3
LzEvZGJlVkJtRlFvY05uMnJ6UGFjbHdxd3h5TWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwgU2MA0E
AgACMAcDBQMqE15AMA0GCSqGSIb3DQEBCwUAA4IBAQAKoo+2ibWQ/vFDmwvGFd9R
WHi7sgt45decVoO9tF+O3rPLhqfYAMRkjuLgTtX1A+U7z5ejaikTmVXq2CrRxiML
bpPcxF55rs963yY4dYAYTjextHPN7bHgAkVMGxWI2ZnRJMLXlIPMPTcd9R0IBMPG
SdqRLmivCfnrYW+E18A8BJjjWEh2+TyyNAjTziG3AD7LD06vBKd0rRmWSpPlPKyb
OqF7NDHmOo+wZnMLG/qGswVBO+GWEDaYcV8VuSEUOblThPwmTBxGjlELi3X6G4N5
opGEsyGyRLGIFbSIClir8GWOI77BcDbiJw+WmyYes0Ic1f7ad5M9ut5qsxYRfzSY
-----END CERTIFICATE-----
Generated at Tue Apr 8 22:10:26 2025 by rpki-client