Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/KZ7yUJAU1KSd-0LBMd-sVHTitMQ.roa
File: KZ7yUJAU1KSd-0LBMd-sVHTitMQ.roa (raw, json)
Hash identifier: E55VMw1S4hzMEylWW+BWuvvbwVeIrO+MndJXorLYmAM=
Subject key identifier: 29:9E:F2:50:90:14:D4:A4:9D:FB:42:C1:31:DF:AC:54:74:E2:B4:C4
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B235F76EC4BCFC76FF71425E4AB818
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/KZ7yUJAU1KSd-0LBMd-sVHTitMQ.roa
Signing time: Wed 01 Jan 2025 11:48:34 +0000
ROA not before: Wed 01 Jan 2025 11:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206948
IP address blocks: 195.136.92.0/22 maxlen: 22
195.136.147.0/24 maxlen: 24
195.136.152.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:35:f7:6e:c4:bc:fc:76:ff:71:42:5e:4a:b8:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=299ef2509014d4a49dfb42c131dfac5474e2b4c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7f:72:7e:09:b4:7c:05:00:8d:91:ec:9f:76:
b7:37:fb:70:77:79:1d:b6:85:0f:0c:f3:9c:c0:a2:
cd:93:40:05:d1:c4:12:a6:8f:98:fe:e0:71:2b:43:
ca:89:b8:6c:24:a5:f1:92:05:c1:25:f5:b9:87:45:
ca:9b:05:9d:d7:c0:8c:3c:60:20:98:3c:86:eb:79:
1d:99:ab:cf:c4:84:91:fa:0d:73:cf:0e:74:ca:d5:
52:fa:eb:6d:4e:c5:47:d5:b8:0a:5c:ee:18:7d:4d:
b4:7f:a4:95:18:3e:ee:9d:11:a0:14:37:a9:f0:bf:
49:85:46:18:42:07:a6:80:d2:89:da:ea:3e:b8:9d:
04:dc:f0:0b:19:74:3e:9e:8e:6c:ee:85:e8:e2:5f:
a6:c2:6d:e7:50:75:18:2e:9e:d8:ab:ac:a2:c3:f4:
9c:d2:2d:76:17:35:49:24:ee:a5:3f:35:f9:c4:24:
57:1a:be:ea:09:9d:46:18:4c:40:c5:78:7e:70:78:
4e:d1:19:73:3f:39:9b:a2:c0:5c:bf:1f:e9:00:e8:
bf:bd:5c:75:4d:2b:ea:e9:e3:27:ee:26:a0:76:0b:
00:7f:16:97:a1:b2:03:3d:0e:b8:97:69:1c:fe:fb:
10:86:5e:e7:82:5f:bb:2f:3d:c5:a8:fe:7d:ca:3b:
03:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9E:F2:50:90:14:D4:A4:9D:FB:42:C1:31:DF:AC:54:74:E2:B4:C4
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/KZ7yUJAU1KSd-0LBMd-sVHTitMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.92.0/22
195.136.147.0/24
195.136.152.0/23
Signature Algorithm: sha256WithRSAEncryption
71:c1:2e:89:73:2b:18:c8:ef:cc:4f:24:da:2d:27:85:2b:2e:
48:b9:a9:07:f7:4b:8e:7b:37:50:98:86:3b:2e:97:0d:91:50:
67:a4:64:b7:b5:5f:ac:db:2d:92:42:c0:2f:e5:8a:df:77:86:
89:28:ed:f6:aa:f2:d9:b8:b8:2f:80:d1:e7:65:04:b7:b9:38:
ec:21:5a:7b:a4:47:cf:5f:43:ad:a7:59:bd:94:d0:31:69:31:
01:32:6d:57:12:9c:4d:75:86:5d:a8:16:32:72:a6:1b:4f:99:
e1:57:04:18:94:48:76:9a:33:c0:0b:4f:c1:51:9b:c9:c1:45:
33:64:fc:ea:06:f3:5a:ad:6a:01:d2:b3:72:0b:0e:d4:37:61:
1f:25:8e:40:0b:22:5c:93:e0:f7:5b:69:8f:75:5a:bc:a4:15:
63:ff:b8:7d:14:96:f3:21:f5:3b:9f:5c:4b:ec:cc:d4:03:33:
e0:ec:f8:4c:05:06:6e:0e:75:a0:ce:87:08:01:25:81:e3:6f:
9f:74:36:f2:cb:62:2d:6a:8f:c8:a1:50:23:6e:b8:78:32:bf:
21:a7:c3:27:2a:41:fd:c4:a5:1e:a4:3c:83:3e:77:78:3d:db:
cc:c6:53:c7:5d:f0:2b:eb:29:50:ef:a7:9f:e4:a1:ac:3e:74:
e5:18:49:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhsjX3bsS8/Hb/cUJeSrgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTllZjI1MDkwMTRkNGE0OWRmYjQyYzEzMWRmYWM1NDc0ZTJiNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAln9yfgm0fAUAjZHsn3a3N/twd3kd
toUPDPOcwKLNk0AF0cQSpo+Y/uBxK0PKibhsJKXxkgXBJfW5h0XKmwWd18CMPGAg
mDyG63kdmavPxISR+g1zzw50ytVS+uttTsVH1bgKXO4YfU20f6SVGD7unRGgFDep
8L9JhUYYQgemgNKJ2uo+uJ0E3PALGXQ+no5s7oXo4l+mwm3nUHUYLp7Yq6yiw/Sc
0i12FzVJJO6lPzX5xCRXGr7qCZ1GGExAxXh+cHhO0RlzPzmbosBcvx/pAOi/vVx1
TSvq6eMn7iagdgsAfxaXobIDPQ64l2kc/vsQhl7ngl+7Lz3FqP59yjsDKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCme8lCQFNSknftCwTHfrFR04rTEMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvS1o3eVVKQVUxS1NkLTBMQk1kLXNWSFRpdE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCw4hcAwQA
w4iTAwQBw4iYMA0GCSqGSIb3DQEBCwUAA4IBAQBxwS6JcysYyO/MTyTaLSeFKy5I
uakH90uOezdQmIY7LpcNkVBnpGS3tV+s2y2SQsAv5Yrfd4aJKO32qvLZuLgvgNHn
ZQS3uTjsIVp7pEfPX0Otp1m9lNAxaTEBMm1XEpxNdYZdqBYycqYbT5nhVwQYlEh2
mjPAC0/BUZvJwUUzZPzqBvNarWoB0rNyCw7UN2EfJY5ACyJck+D3W2mPdVq8pBVj
/7h9FJbzIfU7n1xL7MzUAzPg7PhMBQZuDnWgzocIASWB42+fdDbyy2Itao/IoVAj
brh4Mr8hp8MnKkH9xKUepDyDPnd4PdvMxlPHXfAr6ylQ76ef5KGsPnTlGEm3
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:05 2025 by rpki-client