Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/KcuMI0SBvL5BPuYJm6BH3vJKAQ0.roa
File: KcuMI0SBvL5BPuYJm6BH3vJKAQ0.roa (raw, json)
Hash identifier: s0e2eWUrZQW14pJCqfjgMZ+ViTFNuU9345bizVg0sKY=
Subject key identifier: 29:CB:8C:23:44:81:BC:BE:41:3E:E6:09:9B:A0:47:DE:F2:4A:01:0D
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 0194221F89E3D961C147404AD4A50EBF4761
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/KcuMI0SBvL5BPuYJm6BH3vJKAQ0.roa
Signing time: Wed 01 Jan 2025 13:47:59 +0000
ROA not before: Wed 01 Jan 2025 13:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 81.19.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:89:e3:d9:61:c1:47:40:4a:d4:a5:0e:bf:47:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Jan 1 13:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29cb8c234481bcbe413ee6099ba047def24a010d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b0:80:e8:d6:02:b5:47:7c:b4:34:6d:2d:ee:
74:a4:df:30:19:42:51:c9:ad:da:bc:e4:3a:37:8e:
ae:92:66:76:3d:ac:67:3e:4e:4b:6f:7b:8e:72:5a:
5a:76:a9:71:18:9a:eb:b0:38:00:7d:37:7b:82:c4:
69:22:40:70:24:27:0b:5a:20:cb:c7:f9:32:7a:d6:
01:4b:5a:d6:26:1f:5a:0b:e3:4b:78:16:94:ad:e1:
2a:fa:c4:6e:fa:25:0b:af:b0:06:32:ab:12:38:84:
47:b6:b2:bc:5c:40:2a:7e:04:03:86:f2:10:46:02:
28:94:22:1b:c8:c8:45:76:8c:66:5e:c7:47:8d:da:
61:ff:42:27:28:7e:a6:e8:5a:cc:1d:66:d4:65:44:
43:51:25:c0:03:f1:a1:3a:51:7e:50:04:5a:7d:52:
1d:93:31:ac:29:76:9d:11:35:85:b0:5e:d5:db:30:
27:70:30:23:c5:de:98:26:10:31:e9:dc:b6:48:8f:
86:40:8b:df:db:5d:0b:ad:d2:49:64:7d:aa:ee:b9:
bd:b2:16:27:74:ee:0e:c5:a9:c3:17:ba:2e:bf:0f:
ca:bd:a4:4b:66:8c:7c:c1:d5:5c:44:c1:66:c4:6e:
94:38:6b:7b:bf:c9:7d:c5:eb:78:c9:04:a6:a8:a7:
7b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:CB:8C:23:44:81:BC:BE:41:3E:E6:09:9B:A0:47:DE:F2:4A:01:0D
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/KcuMI0SBvL5BPuYJm6BH3vJKAQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.137.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:bb:53:31:36:9f:37:ca:97:2b:10:25:b1:58:d4:fb:aa:31:
e8:7c:5c:51:24:fc:cf:9b:3d:87:20:a2:4e:9f:a8:fe:9f:6e:
aa:fc:5f:c0:49:ce:00:a3:86:2d:ff:51:5c:cd:31:82:ec:71:
c2:76:74:52:eb:0c:a4:c0:37:7d:2e:ec:8f:89:f0:d3:3e:9e:
18:43:d5:de:3c:9a:40:2d:1a:29:b2:65:a3:58:00:fc:cb:2d:
85:bf:87:fe:e2:0c:18:a5:d7:ab:2c:e4:bb:ba:67:ad:d3:28:
fb:0e:03:57:28:bb:86:f2:44:de:7c:19:eb:08:40:68:f0:fb:
41:d7:77:c2:5d:e7:b8:ac:1a:4f:1c:2f:75:5e:e6:c5:55:38:
8d:a1:57:2a:c2:f6:b1:39:93:22:54:f3:bf:89:8a:86:e2:2f:
22:d2:d2:36:cf:b4:b7:06:31:ff:a8:14:22:05:b3:17:b6:7c:
a2:5d:67:fd:92:92:5d:c4:fc:87:10:66:68:ad:9b:b3:5f:77:
88:66:da:ef:14:cc:41:7c:e2:fb:be:5e:fe:04:23:21:99:51:
5c:82:37:12:b1:0e:77:49:0f:34:52:40:2e:ff:5a:5c:88:2c:
1c:0a:47:45:71:f7:28:cc:0b:16:09:73:84:52:4b:39:9b:21:
fa:ad:c1:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4nj2WHBR0BK1KUOv0dhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2U5NjQwYTNlZjJmZWExOTM3NGFkOGY5OWY0MjNkN2Fh
N2M3NmIwHhcNMjUwMTAxMTM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWNiOGMyMzQ0ODFiY2JlNDEzZWU2MDk5YmEwNDdkZWYyNGEwMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrCA6NYCtUd8tDRtLe50pN8wGUJR
ya3avOQ6N46ukmZ2PaxnPk5Lb3uOclpadqlxGJrrsDgAfTd7gsRpIkBwJCcLWiDL
x/kyetYBS1rWJh9aC+NLeBaUreEq+sRu+iULr7AGMqsSOIRHtrK8XEAqfgQDhvIQ
RgIolCIbyMhFdoxmXsdHjdph/0InKH6m6FrMHWbUZURDUSXAA/GhOlF+UARafVId
kzGsKXadETWFsF7V2zAncDAjxd6YJhAx6dy2SI+GQIvf210LrdJJZH2q7rm9shYn
dO4OxanDF7ouvw/KvaRLZox8wdVcRMFmxG6UOGt7v8l9xet4yQSmqKd7awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnLjCNEgby+QT7mCZugR97ySgENMB8GA1UdIwQY
MBaAFKTOlkCj7y/qGTdK2PmfQj16p8drMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQt
MjgzZmU1NGE2ZjJmLzEvS2N1TUkwU0J2TDVCUHVZSm02QkgzdkpLQVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQtMjgzZmU1NGE2ZjJm
LzEvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUROJMA0G
CSqGSIb3DQEBCwUAA4IBAQA7u1MxNp83ypcrECWxWNT7qjHofFxRJPzPmz2HIKJO
n6j+n26q/F/ASc4Ao4Yt/1FczTGC7HHCdnRS6wykwDd9LuyPifDTPp4YQ9XePJpA
LRopsmWjWAD8yy2Fv4f+4gwYpderLOS7umet0yj7DgNXKLuG8kTefBnrCEBo8PtB
13fCXee4rBpPHC91XubFVTiNoVcqwvaxOZMiVPO/iYqG4i8i0tI2z7S3BjH/qBQi
BbMXtnyiXWf9kpJdxPyHEGZorZuzX3eIZtrvFMxBfOL7vl7+BCMhmVFcgjcSsQ53
SQ80UkAu/1pciCwcCkdFcfcozAsWCXOEUks5myH6rcHG
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:10:37 2025 by rpki-client