Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/KuTf7Ax8X33VaTf1lOjRoedWwo4.roa
File: KuTf7Ax8X33VaTf1lOjRoedWwo4.roa (raw, json)
Hash identifier: QPAu8GsTOjAgilBPFkexVdii0ntH7anxIS5WJpkzbdc=
Subject key identifier: 2A:E4:DF:EC:0C:7C:5F:7D:D5:69:37:F5:94:E8:D1:A1:E7:56:C2:8E
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018D3D86F7D8D074EBC64F7F73186AEDBBB8
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/KuTf7Ax8X33VaTf1lOjRoedWwo4.roa
Signing time: Wed 24 Jan 2024 22:11:11 +0000
ROA not before: Wed 24 Jan 2024 22:11:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9087
IP address blocks: 176.221.20.0/22 maxlen: 22
176.221.30.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3d:86:f7:d8:d0:74:eb:c6:4f:7f:73:18:6a:ed:bb:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 24 22:11:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ae4dfec0c7c5f7dd56937f594e8d1a1e756c28e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:cd:29:3e:b8:80:08:b2:e7:75:a8:55:f1:66:
06:dc:b8:6b:13:86:ef:a5:42:3f:d5:c9:55:a4:65:
01:5c:36:be:e6:e2:8b:a8:6f:0b:72:b7:b4:31:91:
d4:51:2f:9e:14:ef:19:97:9c:98:48:3a:08:90:be:
ef:65:f4:33:2e:94:a4:36:f2:65:ed:60:e7:d1:35:
5d:d0:14:92:ed:9b:ac:f4:53:86:ef:97:13:7c:77:
51:f9:24:89:c8:84:54:dc:f0:9b:00:2d:10:db:02:
56:77:8f:ac:26:bb:ba:4d:cb:f6:29:89:c0:db:7d:
a2:e6:6e:62:68:5f:02:a8:44:49:3f:b8:a3:7d:25:
cb:e2:b3:d1:19:a5:f1:03:59:04:d6:c0:09:7c:da:
22:87:f8:15:79:a3:eb:c4:82:e5:b2:62:55:73:50:
4e:ea:38:d4:31:cf:ec:fd:84:d7:4f:fb:f9:a3:c6:
06:ff:41:3a:f2:dd:5b:c8:c1:04:1b:57:e2:1e:e9:
1e:ac:8d:ae:4d:5c:a8:36:fe:4b:60:51:88:38:7e:
91:21:5c:df:ec:ad:57:12:01:26:e6:34:a2:80:da:
da:5a:9b:fd:d9:51:ff:b3:bd:ae:5b:fb:1d:09:cb:
2f:0e:50:41:a5:a7:9a:60:40:6e:df:ce:af:f6:bb:
22:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E4:DF:EC:0C:7C:5F:7D:D5:69:37:F5:94:E8:D1:A1:E7:56:C2:8E
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/KuTf7Ax8X33VaTf1lOjRoedWwo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.20.0/22
176.221.30.0/23
Signature Algorithm: sha256WithRSAEncryption
96:07:e7:c9:51:6e:c1:fb:50:cf:86:68:12:5e:c3:10:15:59:
db:9c:2b:2e:8b:4e:a6:78:a3:6e:96:1b:63:9c:d2:ce:ed:44:
e9:19:23:44:b5:3e:2a:cc:d9:7c:b3:c2:81:91:48:2f:f8:d6:
20:b9:d6:f0:2e:ac:5f:f2:f6:35:b7:e6:b9:fe:2b:b2:03:1c:
01:ba:9e:6e:a4:cc:17:92:0b:e1:a1:78:5a:62:0a:fd:db:d5:
30:66:3c:f6:0c:f0:f4:8d:6f:25:c0:df:60:42:6e:c6:c6:e7:
fa:ff:e6:04:4b:3b:12:38:a0:29:ae:8c:fd:3d:c1:07:c6:08:
da:88:de:4c:49:cc:54:06:16:3d:5b:e9:83:87:46:dc:ec:84:
36:75:f3:7f:38:9e:16:f1:32:f3:5a:12:04:6d:ac:95:e5:9c:
90:0d:05:3e:41:58:2f:37:c9:91:74:4e:e6:78:9b:e3:13:c1:
f9:b3:88:ac:c2:12:df:31:27:33:2e:c0:47:36:30:b1:53:d2:
2f:65:d4:19:fb:0e:5b:55:7c:10:6a:87:e8:70:1b:ac:18:87:
e3:b9:df:8b:77:27:e0:a2:ff:1b:97:6c:14:dd:e7:7b:a6:e3:
25:4a:4b:e2:ef:23:ce:27:4a:c3:f0:c4:93:e3:80:de:a3:df:
7f:46:eb:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY09hvfY0HTrxk9/cxhq7bu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMTI0MjIxMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWU0ZGZlYzBjN2M1ZjdkZDU2OTM3ZjU5NGU4ZDFhMWU3NTZjMjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi80pPriACLLndahV8WYG3LhrE4bv
pUI/1clVpGUBXDa+5uKLqG8Lcre0MZHUUS+eFO8Zl5yYSDoIkL7vZfQzLpSkNvJl
7WDn0TVd0BSS7Zus9FOG75cTfHdR+SSJyIRU3PCbAC0Q2wJWd4+sJru6Tcv2KYnA
232i5m5iaF8CqERJP7ijfSXL4rPRGaXxA1kE1sAJfNoih/gVeaPrxILlsmJVc1BO
6jjUMc/s/YTXT/v5o8YG/0E68t1byMEEG1fiHukerI2uTVyoNv5LYFGIOH6RIVzf
7K1XEgEm5jSigNraWpv92VH/s72uW/sdCcsvDlBBpaeaYEBu386v9rsiUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCrk3+wMfF991Wk39ZTo0aHnVsKOMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvS3VUZjdBeDhYMzNWYVRmMWxPalJvZWRXd280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsN0UAwQB
sN0eMA0GCSqGSIb3DQEBCwUAA4IBAQCWB+fJUW7B+1DPhmgSXsMQFVnbnCsui06m
eKNulhtjnNLO7UTpGSNEtT4qzNl8s8KBkUgv+NYgudbwLqxf8vY1t+a5/iuyAxwB
up5upMwXkgvhoXhaYgr929UwZjz2DPD0jW8lwN9gQm7Gxuf6/+YESzsSOKAproz9
PcEHxgjaiN5MScxUBhY9W+mDh0bc7IQ2dfN/OJ4W8TLzWhIEbayV5ZyQDQU+QVgv
N8mRdE7meJvjE8H5s4iswhLfMSczLsBHNjCxU9IvZdQZ+w5bVXwQaofocBusGIfj
ud+Ldyfgov8bl2wU3ed7puMlSkvi7yPOJ0rD8MST44Deo99/Rutu
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:42 2025 by rpki-client