Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/kVNrAhx0gbdNgq30vaY4pm1RCtk.roa
File: kVNrAhx0gbdNgq30vaY4pm1RCtk.roa (raw, json)
Hash identifier: NUy29jEpNtSfcKrcSjOdiib1+hFI8QF6IOH9Al7gG0Q=
Subject key identifier: 91:53:6B:02:1C:74:81:B7:4D:82:AD:F4:BD:A6:38:A6:6D:51:0A:D9
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 019422FBCE5A640B25B8FB4280153182D76B
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/kVNrAhx0gbdNgq30vaY4pm1RCtk.roa
Signing time: Wed 01 Jan 2025 17:48:35 +0000
ROA not before: Wed 01 Jan 2025 17:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212219
IP address blocks: 176.96.129.0/24 maxlen: 24
176.96.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:ce:5a:64:0b:25:b8:fb:42:80:15:31:82:d7:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 17:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91536b021c7481b74d82adf4bda638a66d510ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7e:b3:ce:c0:ef:cb:de:aa:aa:7d:6a:11:bf:
0e:08:15:31:d3:df:5f:94:73:fa:df:18:23:2f:c1:
8b:21:86:e1:a8:fa:ca:36:f1:3e:cd:03:b1:6a:f8:
a0:aa:49:45:07:27:85:c7:61:66:a3:a2:72:6d:be:
c3:73:9a:fd:a5:58:f2:e3:8c:8a:94:9f:70:d4:e1:
76:7c:76:7b:77:4c:6b:34:3b:a5:c4:ba:71:44:9e:
66:6c:f5:04:ca:34:e4:b3:36:35:56:00:df:c5:4b:
9d:27:28:52:e2:70:e8:bf:8f:1f:d2:a5:52:7c:64:
48:bc:fc:be:a5:08:d2:bc:e2:5c:cc:a7:88:b6:f3:
cb:13:ec:08:71:d2:a8:29:77:23:5d:40:f1:cd:a9:
a7:2c:03:88:fa:bc:2b:57:b3:a9:b7:db:34:73:a2:
6b:41:01:e0:ba:27:13:ec:0e:84:30:4b:c4:d8:18:
d5:6c:31:65:0b:59:6e:62:3b:8d:fc:c3:15:fe:27:
8e:aa:30:6c:75:3c:7a:f7:a0:43:52:ce:42:17:4b:
a6:ac:2d:2e:83:e9:40:7e:e0:95:3c:76:30:68:48:
6b:ae:3b:c0:63:3f:a7:0c:59:ce:72:76:e2:28:76:
3d:d4:10:1a:30:12:74:a7:a8:a6:33:75:83:6d:dc:
31:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:53:6B:02:1C:74:81:B7:4D:82:AD:F4:BD:A6:38:A6:6D:51:0A:D9
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/kVNrAhx0gbdNgq30vaY4pm1RCtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.96.129.0/24
176.96.131.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:cb:5f:cd:98:c5:8c:03:32:c5:97:26:38:57:21:25:f6:cd:
16:96:cb:5e:fa:02:74:a8:65:01:56:93:5a:10:41:10:9f:bb:
1e:de:a4:16:b9:d1:64:81:e6:ae:54:73:63:b8:e2:d7:70:f4:
dd:24:58:b9:c8:6f:9b:0f:4f:15:57:37:29:ad:94:2d:43:d1:
e9:4c:6f:86:fe:f8:66:3c:ad:bb:b7:ac:31:9c:04:82:c9:20:
e1:84:7b:fc:5f:f6:7b:53:a7:24:3f:0d:b7:27:19:29:bd:67:
46:58:1a:ff:f2:0b:24:44:25:32:4c:69:b8:fe:0d:db:13:99:
56:91:a7:a8:a9:25:90:cd:95:cb:f7:76:0e:3a:6d:85:71:9e:
73:ad:89:86:46:31:20:d3:dd:03:cd:10:29:3c:7a:32:b7:32:
49:19:30:9f:d6:c3:92:5a:0b:d0:47:e0:28:c5:7e:a0:7c:7c:
fc:35:e0:27:3e:19:11:d7:eb:b6:b0:fb:99:c4:35:9e:d5:1a:
c6:b1:d1:f2:27:72:69:a5:47:15:0f:bf:7c:41:3b:36:aa:13:
a6:35:59:aa:6d:b0:c7:2f:b2:11:bb:eb:4a:3b:4f:a3:24:e4:
08:db:28:cc:e4:d5:f1:4f:3b:8c:38:ff:b6:ee:3a:28:cf:20:
ab:36:c6:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+85aZAsluPtCgBUxgtdrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjUwMTAxMTc0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTUzNmIwMjFjNzQ4MWI3NGQ4MmFkZjRiZGE2MzhhNjZkNTEwYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2H6zzsDvy96qqn1qEb8OCBUx099f
lHP63xgjL8GLIYbhqPrKNvE+zQOxavigqklFByeFx2Fmo6Jybb7Dc5r9pVjy44yK
lJ9w1OF2fHZ7d0xrNDulxLpxRJ5mbPUEyjTkszY1VgDfxUudJyhS4nDov48f0qVS
fGRIvPy+pQjSvOJczKeItvPLE+wIcdKoKXcjXUDxzamnLAOI+rwrV7Opt9s0c6Jr
QQHguicT7A6EMEvE2BjVbDFlC1luYjuN/MMV/ieOqjBsdTx696BDUs5CF0umrC0u
g+lAfuCVPHYwaEhrrjvAYz+nDFnOcnbiKHY91BAaMBJ0p6imM3WDbdwxOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJFTawIcdIG3TYKt9L2mOKZtUQrZMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEva1ZOckFoeDBnYmROZ3EzMHZhWTRwbTFSQ3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsGCBAwQA
sGCDMA0GCSqGSIb3DQEBCwUAA4IBAQAay1/NmMWMAzLFlyY4VyEl9s0Wlste+gJ0
qGUBVpNaEEEQn7se3qQWudFkgeauVHNjuOLXcPTdJFi5yG+bD08VVzcprZQtQ9Hp
TG+G/vhmPK27t6wxnASCySDhhHv8X/Z7U6ckPw23JxkpvWdGWBr/8gskRCUyTGm4
/g3bE5lWkaeoqSWQzZXL93YOOm2FcZ5zrYmGRjEg090DzRApPHoytzJJGTCf1sOS
WgvQR+AoxX6gfHz8NeAnPhkR1+u2sPuZxDWe1RrGsdHyJ3JppUcVD798QTs2qhOm
NVmqbbDHL7IRu+tKO0+jJOQI2yjM5NXxTzuMOP+27joozyCrNsYU
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:29:16 2025 by rpki-client