Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/fb78ad-918e-44c2-9501-024ad4fb3708/1/KhThgn0FLgtxgLmV5WuQd88UjJs.roa
File: KhThgn0FLgtxgLmV5WuQd88UjJs.roa (raw, json)
Hash identifier: UVyvP36EKpZylxYZtY94LC7cB1Xoy48Pim7visCwDUs=
Subject key identifier: 2A:14:E1:82:7D:05:2E:0B:71:80:B9:95:E5:6B:90:77:CF:14:8C:9B
Certificate issuer: /CN=ac328756dece8f29f97f41b81a087db524e159b7
Certificate serial: 019421B163101646F98A2E0A2FD059E7E359
Authority key identifier: AC:32:87:56:DE:CE:8F:29:F9:7F:41:B8:1A:08:7D:B5:24:E1:59:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rDKHVt7Ojyn5f0G4Ggh9tSThWbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/fb78ad-918e-44c2-9501-024ad4fb3708/1/KhThgn0FLgtxgLmV5WuQd88UjJs.roa
Signing time: Wed 01 Jan 2025 11:47:40 +0000
ROA not before: Wed 01 Jan 2025 11:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212130
IP address blocks: 193.163.149.0/24 maxlen: 24
2a10:af80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:63:10:16:46:f9:8a:2e:0a:2f:d0:59:e7:e3:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac328756dece8f29f97f41b81a087db524e159b7
Validity
Not Before: Jan 1 11:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a14e1827d052e0b7180b995e56b9077cf148c9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c5:bf:2d:1f:a0:63:f6:32:dd:88:97:e1:e6:
69:85:c0:8a:48:04:d4:19:63:00:8b:6d:0e:39:bf:
3d:56:ee:d7:44:4f:1c:20:29:db:b7:f6:d3:39:2b:
60:71:5a:cf:28:83:4f:48:6d:f1:89:a2:62:73:ae:
c3:89:3d:d6:ed:d9:bf:46:20:e6:da:80:a4:ed:bd:
27:be:29:27:4a:7f:8f:e6:3b:8d:5d:8d:c9:27:f9:
a0:ef:20:c9:36:ba:a4:bd:07:90:78:7b:a9:a3:bf:
9f:3c:fe:67:42:36:5b:ee:a8:02:bd:03:31:f9:bf:
2c:eb:83:06:7f:96:e7:d1:e1:73:10:48:37:29:cc:
51:e5:71:85:19:6f:c1:e7:5d:2f:11:05:7e:67:52:
c1:f2:4b:03:d8:27:e9:bb:2c:14:07:3d:60:c0:ee:
6f:83:f9:14:a9:68:e7:ec:27:30:8d:93:3b:cc:b4:
31:91:4c:d0:68:8e:3a:17:44:f1:fa:8e:54:1b:cb:
ab:39:5b:6a:36:a2:a7:1b:21:15:6b:30:84:51:c6:
d7:ef:d7:6e:fe:1b:ac:d4:16:e2:d5:79:d6:d2:3d:
02:9d:0e:4c:b1:43:29:d3:75:73:96:e5:f6:0d:9a:
2f:5c:19:d7:b8:cc:3d:31:3a:4e:ff:9d:8f:ca:23:
9f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:14:E1:82:7D:05:2E:0B:71:80:B9:95:E5:6B:90:77:CF:14:8C:9B
X509v3 Authority Key Identifier:
keyid:AC:32:87:56:DE:CE:8F:29:F9:7F:41:B8:1A:08:7D:B5:24:E1:59:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rDKHVt7Ojyn5f0G4Ggh9tSThWbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/fb78ad-918e-44c2-9501-024ad4fb3708/1/KhThgn0FLgtxgLmV5WuQd88UjJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/fb78ad-918e-44c2-9501-024ad4fb3708/1/rDKHVt7Ojyn5f0G4Ggh9tSThWbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.149.0/24
IPv6:
2a10:af80::/32
Signature Algorithm: sha256WithRSAEncryption
3a:f8:ed:e6:22:4a:41:93:d9:ce:67:02:12:1a:56:36:46:a6:
26:d6:90:03:31:00:21:21:17:94:28:44:00:99:f6:e9:a0:d8:
55:54:9a:bc:9f:80:a7:54:f9:4e:d5:76:00:0a:ca:c5:6c:74:
d4:6a:b5:92:56:88:95:e6:82:d8:f6:81:ef:99:ab:7f:25:d0:
2f:eb:72:0e:ae:f6:46:d1:12:90:2a:27:9e:e3:f5:cf:1e:4d:
53:ab:cd:d0:9e:d3:71:1d:06:d3:37:60:c3:e1:dc:73:56:7f:
94:0d:89:3e:39:d4:ed:82:1e:0e:e3:39:19:45:e7:e3:f8:3c:
95:7c:ec:a1:e5:87:38:c6:7d:90:d2:19:78:52:2b:f1:63:a7:
b1:2c:1c:40:41:22:a9:5e:a9:5b:04:c6:1c:84:84:72:01:a0:
63:16:e7:8d:e2:46:05:bc:04:de:34:ad:91:72:68:77:b5:de:
89:b5:74:eb:42:1d:0b:14:02:3a:9b:05:06:8b:72:03:b8:dc:
0c:66:10:01:39:0a:35:7e:6f:4f:21:16:6e:17:5e:2b:1d:5c:
4c:05:c4:fb:a8:1d:88:47:62:85:7e:73:ee:64:85:df:f0:4f:
3f:30:f9:cf:5f:a0:37:ad:09:29:25:eb:2d:b2:eb:c2:00:7d:
3a:70:6c:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsWMQFkb5ii4KL9BZ5+NZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMzI4NzU2ZGVjZThmMjlmOTdmNDFiODFhMDg3ZGI1MjRl
MTU5YjcwHhcNMjUwMTAxMTE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE0ZTE4MjdkMDUyZTBiNzE4MGI5OTVlNTZiOTA3N2NmMTQ4YzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8W/LR+gY/Yy3YiX4eZphcCKSATU
GWMAi20OOb89Vu7XRE8cICnbt/bTOStgcVrPKINPSG3xiaJic67DiT3W7dm/RiDm
2oCk7b0nviknSn+P5juNXY3JJ/mg7yDJNrqkvQeQeHupo7+fPP5nQjZb7qgCvQMx
+b8s64MGf5bn0eFzEEg3KcxR5XGFGW/B510vEQV+Z1LB8ksD2CfpuywUBz1gwO5v
g/kUqWjn7CcwjZM7zLQxkUzQaI46F0Tx+o5UG8urOVtqNqKnGyEVazCEUcbX79du
/hus1Bbi1XnW0j0CnQ5MsUMp03VzluX2DZovXBnXuMw9MTpO/52PyiOfZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCoU4YJ9BS4LcYC5leVrkHfPFIybMB8GA1UdIwQY
MBaAFKwyh1bezo8p+X9BuBoIfbUk4Vm3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckRLSFZ0N09qeW41ZjBHNEdnaDl0U1RoV2JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mYjc4YWQtOTE4ZS00NGMyLTk1MDEt
MDI0YWQ0ZmIzNzA4LzEvS2hUaGduMEZMZ3R4Z0xtVjVXdVFkODhVakpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mYjc4YWQtOTE4ZS00NGMyLTk1MDEtMDI0YWQ0ZmIzNzA4
LzEvckRLSFZ0N09qeW41ZjBHNEdnaDl0U1RoV2JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaOVMA0E
AgACMAcDBQAqEK+AMA0GCSqGSIb3DQEBCwUAA4IBAQA6+O3mIkpBk9nOZwISGlY2
RqYm1pADMQAhIReUKEQAmfbpoNhVVJq8n4CnVPlO1XYACsrFbHTUarWSVoiV5oLY
9oHvmat/JdAv63IOrvZG0RKQKiee4/XPHk1Tq83QntNxHQbTN2DD4dxzVn+UDYk+
OdTtgh4O4zkZRefj+DyVfOyh5Yc4xn2Q0hl4UivxY6exLBxAQSKpXqlbBMYchIRy
AaBjFueN4kYFvATeNK2Rcmh3td6JtXTrQh0LFAI6mwUGi3IDuNwMZhABOQo1fm9P
IRZuF14rHVxMBcT7qB2IR2KFfnPuZIXf8E8/MPnPX6A3rQkpJestsuvCAH06cGwm
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:13 2025 by rpki-client