Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5e9df7-1c88-4449-93da-b6427395d29f/1/K3KyZfEtYbTHdXEOghKoXhk1m_8.roa
File: K3KyZfEtYbTHdXEOghKoXhk1m_8.roa (raw, json)
Hash identifier: dTX42V4AaNdh3/aam3z5j/mByurbzoPSaCPKTtCXu0o=
Subject key identifier: 2B:72:B2:65:F1:2D:61:B4:C7:75:71:0E:82:12:A8:5E:19:35:9B:FF
Certificate issuer: /CN=a3742347c73e7b3d500f60fb650b82a01c21f749
Certificate serial: 019420D65EF8A28D7ED17CC7D5E5AD093982
Authority key identifier: A3:74:23:47:C7:3E:7B:3D:50:0F:60:FB:65:0B:82:A0:1C:21:F7:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3QjR8c-ez1QD2D7ZQuCoBwh90k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e9df7-1c88-4449-93da-b6427395d29f/1/K3KyZfEtYbTHdXEOghKoXhk1m_8.roa
Signing time: Wed 01 Jan 2025 07:48:27 +0000
ROA not before: Wed 01 Jan 2025 07:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205376
IP address blocks: 194.45.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5e:f8:a2:8d:7e:d1:7c:c7:d5:e5:ad:09:39:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3742347c73e7b3d500f60fb650b82a01c21f749
Validity
Not Before: Jan 1 07:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b72b265f12d61b4c775710e8212a85e19359bff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b6:da:43:62:82:dd:80:f7:af:fd:07:3a:48:
9e:83:99:fc:c9:2a:cc:9a:30:07:3c:51:2a:33:66:
91:71:7d:75:50:f2:f6:fe:de:d8:5c:08:5d:67:ad:
ad:fc:f1:df:60:08:f3:f4:c2:09:38:d0:3c:d6:04:
8b:f8:db:24:e2:53:43:a3:5f:c6:07:ba:63:eb:f8:
e0:c9:bd:a9:e4:25:13:91:68:aa:41:dd:21:d5:81:
37:0e:30:45:e4:2b:4a:2f:04:21:f5:c9:92:df:4b:
ab:80:18:09:81:2c:f3:da:26:39:af:d0:a2:71:6d:
17:19:cc:be:8a:95:05:9a:1a:8a:e4:f4:4f:72:27:
86:07:60:d0:3f:c4:c7:85:5d:5b:73:a0:c4:15:2f:
91:9a:6f:78:7f:a9:2d:58:0e:0f:f6:c5:41:74:2c:
11:2c:d8:0a:f2:b6:2b:d1:00:07:dc:b9:8e:6e:d8:
23:5b:72:43:21:f8:4d:40:14:e8:5a:23:19:a3:82:
06:24:5c:d0:11:73:24:97:fb:94:ea:c0:cf:ad:9d:
95:95:0d:c0:0d:a8:78:fa:33:ad:ce:44:2e:49:d3:
c6:17:f6:c2:a0:11:07:b2:e7:3a:a0:b3:28:35:cf:
67:22:01:c6:e2:f7:0c:a5:9e:19:b3:46:23:57:55:
40:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:72:B2:65:F1:2D:61:B4:C7:75:71:0E:82:12:A8:5E:19:35:9B:FF
X509v3 Authority Key Identifier:
keyid:A3:74:23:47:C7:3E:7B:3D:50:0F:60:FB:65:0B:82:A0:1C:21:F7:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3QjR8c-ez1QD2D7ZQuCoBwh90k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e9df7-1c88-4449-93da-b6427395d29f/1/K3KyZfEtYbTHdXEOghKoXhk1m_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e9df7-1c88-4449-93da-b6427395d29f/1/o3QjR8c-ez1QD2D7ZQuCoBwh90k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.45.71.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:d1:25:b3:82:73:64:b6:4d:f4:14:39:69:22:80:d8:56:80:
f9:32:4b:96:9a:c4:38:8b:04:a0:4c:dd:42:a1:06:14:da:3c:
bd:0a:61:47:ee:6c:ba:94:ef:bc:9d:7d:fa:11:e4:94:36:31:
cc:b0:39:ad:5c:1d:48:13:03:ac:5a:49:d6:8b:e1:26:fa:45:
fe:2e:b7:30:0d:85:ff:38:1a:5e:7b:7f:e1:f6:7f:65:14:84:
67:5f:88:3c:a5:ca:db:ca:65:87:54:5e:7e:59:9d:13:f3:37:
08:32:41:f0:6a:92:b9:44:a1:2a:b8:c5:1f:23:6d:b3:d7:a4:
70:9a:7e:d8:11:a0:d2:4f:5f:d8:aa:3c:ef:1c:52:4b:42:65:
e0:78:c9:9f:b7:40:80:a7:30:dd:47:71:0a:8f:00:93:01:89:
49:7f:f0:9a:6d:db:ee:76:f6:8b:76:84:4b:f6:6f:cb:2a:ac:
9c:20:c4:e1:a7:2a:28:9f:45:71:54:0a:20:a3:f6:f9:93:ef:
71:55:a2:a4:da:cc:11:63:53:49:20:9c:82:a8:ec:6b:85:7a:
ec:0a:17:9c:f0:f6:f2:c3:21:2d:e1:6d:22:7a:c3:7a:50:34:
d1:24:c0:13:20:7a:e4:a8:ab:7d:73:c4:65:f5:88:3f:90:03:
b3:c4:d9:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1l74oo1+0XzH1eWtCTmCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzQyMzQ3YzczZTdiM2Q1MDBmNjBmYjY1MGI4MmEwMWMy
MWY3NDkwHhcNMjUwMTAxMDc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjcyYjI2NWYxMmQ2MWI0Yzc3NTcxMGU4MjEyYTg1ZTE5MzU5YmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbbaQ2KC3YD3r/0HOkieg5n8ySrM
mjAHPFEqM2aRcX11UPL2/t7YXAhdZ62t/PHfYAjz9MIJONA81gSL+Nsk4lNDo1/G
B7pj6/jgyb2p5CUTkWiqQd0h1YE3DjBF5CtKLwQh9cmS30urgBgJgSzz2iY5r9Ci
cW0XGcy+ipUFmhqK5PRPcieGB2DQP8THhV1bc6DEFS+Rmm94f6ktWA4P9sVBdCwR
LNgK8rYr0QAH3LmObtgjW3JDIfhNQBToWiMZo4IGJFzQEXMkl/uU6sDPrZ2VlQ3A
Dah4+jOtzkQuSdPGF/bCoBEHsuc6oLMoNc9nIgHG4vcMpZ4Zs0YjV1VAfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCtysmXxLWG0x3VxDoISqF4ZNZv/MB8GA1UdIwQY
MBaAFKN0I0fHPns9UA9g+2ULgqAcIfdJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNRalI4Yy1lejFRRDJEN1pRdUNvQndoOTBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81ZTlkZjctMWM4OC00NDQ5LTkzZGEt
YjY0MjczOTVkMjlmLzEvSzNLeVpmRXRZYlRIZFhFT2doS29YaGsxbV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81ZTlkZjctMWM4OC00NDQ5LTkzZGEtYjY0MjczOTVkMjlm
LzEvbzNRalI4Yy1lejFRRDJEN1pRdUNvQndoOTBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwi1HMA0G
CSqGSIb3DQEBCwUAA4IBAQCi0SWzgnNktk30FDlpIoDYVoD5MkuWmsQ4iwSgTN1C
oQYU2jy9CmFH7my6lO+8nX36EeSUNjHMsDmtXB1IEwOsWknWi+Em+kX+LrcwDYX/
OBpee3/h9n9lFIRnX4g8pcrbymWHVF5+WZ0T8zcIMkHwapK5RKEquMUfI22z16Rw
mn7YEaDST1/YqjzvHFJLQmXgeMmft0CApzDdR3EKjwCTAYlJf/CabdvudvaLdoRL
9m/LKqycIMThpyoon0VxVAogo/b5k+9xVaKk2swRY1NJIJyCqOxrhXrsChec8Pby
wyEt4W0iesN6UDTRJMATIHrkqKt9c8Rl9Yg/kAOzxNlO
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:07:56 2025 by rpki-client