Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/K5-cWJf7kTmzFiV3mE-MumP7Txo.roa
File: K5-cWJf7kTmzFiV3mE-MumP7Txo.roa (raw, json)
Hash identifier: d5nxq53iT7Tr8Pdp2k4UnWi9qs3VVT6d+if6Hmi6IVQ=
Subject key identifier: 2B:9F:9C:58:97:FB:91:39:B3:16:25:77:98:4F:8C:BA:63:FB:4F:1A
Certificate issuer: /CN=3d98a3b62d5abb1dcaf68ae23f531ee82240f203
Certificate serial: 019427482044D6EB82925FDE2CD320CA7294
Authority key identifier: 3D:98:A3:B6:2D:5A:BB:1D:CA:F6:8A:E2:3F:53:1E:E8:22:40:F2:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZijti1aux3K9oriP1Me6CJA8gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/K5-cWJf7kTmzFiV3mE-MumP7Txo.roa
Signing time: Thu 02 Jan 2025 13:50:25 +0000
ROA not before: Thu 02 Jan 2025 13:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210860
IP address blocks: 193.20.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:20:44:d6:eb:82:92:5f:de:2c:d3:20:ca:72:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d98a3b62d5abb1dcaf68ae23f531ee82240f203
Validity
Not Before: Jan 2 13:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b9f9c5897fb9139b3162577984f8cba63fb4f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d4:41:61:0f:b5:31:5e:e3:16:89:f9:73:9a:
e0:3b:70:eb:68:5c:6f:f5:01:e4:99:f2:4d:cb:38:
4a:22:2e:cf:59:d1:9f:f9:67:94:05:a5:c3:c8:c6:
a8:69:52:f1:b9:fd:f8:80:ab:df:7a:0e:bb:72:d5:
81:b1:14:f6:b4:fe:3b:6c:2a:ae:58:1a:a3:af:96:
64:96:02:49:36:94:66:c3:8a:3f:cd:ad:2d:5b:2f:
e2:4c:bb:0e:29:68:3f:7f:99:d2:cd:a7:3e:41:75:
8f:c3:4c:4f:d8:d3:e2:f5:02:d2:3c:a3:d0:1a:1f:
94:a1:98:fd:71:14:8f:93:68:5a:dc:d4:26:e2:4e:
ed:cd:8d:b6:74:63:7a:e9:22:10:60:7e:4d:63:36:
ca:5d:11:e9:de:85:e4:da:4b:f9:c9:09:ee:75:91:
38:a4:a2:2e:2f:08:af:b2:2b:22:99:12:38:0e:86:
8c:16:e1:03:a0:5c:60:8c:f0:a8:8e:1a:5d:31:39:
8d:39:be:19:1a:bc:02:16:0c:ce:de:b4:fc:f2:a9:
be:c1:ba:d3:20:26:fe:da:f3:d4:94:06:b2:ff:d0:
f4:1b:4c:c3:db:2b:fa:13:db:e1:d7:bf:1c:da:3c:
23:2e:3c:19:e6:07:d5:f6:3e:bb:dd:2c:eb:af:f3:
6a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:9F:9C:58:97:FB:91:39:B3:16:25:77:98:4F:8C:BA:63:FB:4F:1A
X509v3 Authority Key Identifier:
keyid:3D:98:A3:B6:2D:5A:BB:1D:CA:F6:8A:E2:3F:53:1E:E8:22:40:F2:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZijti1aux3K9oriP1Me6CJA8gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/K5-cWJf7kTmzFiV3mE-MumP7Txo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/PZijti1aux3K9oriP1Me6CJA8gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.20.0.0/15
Signature Algorithm: sha256WithRSAEncryption
02:d2:d5:3b:d9:5f:2e:09:78:48:52:68:b7:b7:ab:5a:a9:82:
21:be:84:29:92:2d:28:10:b8:74:fa:ac:91:70:e8:c7:38:f3:
b2:28:bd:83:d6:03:21:d1:70:64:05:db:c2:12:27:d2:ff:fb:
38:f6:e7:02:8a:ba:8f:24:8a:ab:8d:f8:ed:7e:69:a6:70:bc:
e0:2b:74:cd:ef:8b:ce:6c:d1:2d:b2:49:be:a0:d3:a7:4f:62:
b8:d8:59:7b:6f:8a:e6:02:6e:8b:e0:cf:b7:04:90:2f:87:f6:
c6:72:f2:df:f4:dc:5d:52:5e:f7:34:7e:ee:92:a0:9d:99:d9:
a6:ab:f7:45:a7:d5:bf:20:79:50:3b:8f:18:0a:b8:2d:41:ea:
dc:14:af:5d:a8:ed:64:f7:52:3b:26:19:f0:93:30:d8:d6:73:
40:22:e4:86:74:34:46:5d:bb:79:e9:0e:dc:43:70:16:b3:9f:
46:54:af:e2:e9:f5:e5:54:6a:a5:62:7b:f7:47:cc:ff:1c:04:
3d:7a:a5:e4:68:de:5f:ba:21:1a:68:b8:9b:e3:41:5e:b9:9f:
a0:2e:2f:a9:d9:b7:00:02:64:9f:bc:5e:e3:f1:bb:47:79:6a:
be:29:7d:63:58:10:d7:05:9a:6f:74:be:5f:3d:23:7c:a5:88:
b4:e4:a8:8e
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQnSCBE1uuCkl/eLNMgynKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOThhM2I2MmQ1YWJiMWRjYWY2OGFlMjNmNTMxZWU4MjI0
MGYyMDMwHhcNMjUwMTAyMTM1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjlmOWM1ODk3ZmI5MTM5YjMxNjI1Nzc5ODRmOGNiYTYzZmI0ZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39RBYQ+1MV7jFon5c5rgO3DraFxv
9QHkmfJNyzhKIi7PWdGf+WeUBaXDyMaoaVLxuf34gKvfeg67ctWBsRT2tP47bCqu
WBqjr5ZklgJJNpRmw4o/za0tWy/iTLsOKWg/f5nSzac+QXWPw0xP2NPi9QLSPKPQ
Gh+UoZj9cRSPk2ha3NQm4k7tzY22dGN66SIQYH5NYzbKXRHp3oXk2kv5yQnudZE4
pKIuLwivsisimRI4DoaMFuEDoFxgjPCojhpdMTmNOb4ZGrwCFgzO3rT88qm+wbrT
ICb+2vPUlAay/9D0G0zD2yv6E9vh178c2jwjLjwZ5gfV9j673Szrr/NqVwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFCufnFiX+5E5sxYld5hPjLpj+08aMB8GA1UdIwQY
MBaAFD2Yo7YtWrsdyvaK4j9THugiQPIDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFppanRpMWF1eDNLOW9yaVAxTWU2Q0pBOGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hYzVmZGYtNWI2Ni00ODUwLTk2M2Et
ZjliNzNiM2UzZWVlLzEvSzUtY1dKZjdrVG16RmlWM21FLU11bVA3VHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9hYzVmZGYtNWI2Ni00ODUwLTk2M2EtZjliNzNiM2UzZWVl
LzEvUFppanRpMWF1eDNLOW9yaVAxTWU2Q0pBOGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBwRQwDQYJ
KoZIhvcNAQELBQADggEBAALS1TvZXy4JeEhSaLe3q1qpgiG+hCmSLSgQuHT6rJFw
6Mc487IovYPWAyHRcGQF28ISJ9L/+zj25wKKuo8kiquN+O1+aaZwvOArdM3vi85s
0S2ySb6g06dPYrjYWXtviuYCbovgz7cEkC+H9sZy8t/03F1SXvc0fu6SoJ2Z2aar
90Wn1b8geVA7jxgKuC1B6twUr12o7WT3UjsmGfCTMNjWc0Ai5IZ0NEZdu3npDtxD
cBazn0ZUr+Lp9eVUaqVie/dHzP8cBD16peRo3l+6IRpouJvjQV65n6AuL6nZtwAC
ZJ+8XuPxu0d5ar4pfWNYENcFmm90vl89I3yliLTkqI4=
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:47:01 2025 by rpki-client