Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/KlaRPUIWw6r0tvRkqsFaUHvnhdA.roa
File: KlaRPUIWw6r0tvRkqsFaUHvnhdA.roa (raw, json)
Hash identifier: kB781ldLrskxu2G/knnOuXq7ZvSugLGcVNudJ3XJwxA=
Subject key identifier: 2A:56:91:3D:42:16:C3:AA:F4:B6:F4:64:AA:C1:5A:50:7B:E7:85:D0
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5AEE57C234C2672AC3DD06BDF9416
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/KlaRPUIWw6r0tvRkqsFaUHvnhdA.roa
Signing time: Wed 01 Jan 2025 07:47:42 +0000
ROA not before: Wed 01 Jan 2025 07:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 37173
IP address blocks: 193.251.153.0/24 maxlen: 24
193.251.218.0/23 maxlen: 24
193.251.222.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ae:e5:7c:23:4c:26:72:ac:3d:d0:6b:df:94:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a56913d4216c3aaf4b6f464aac15a507be785d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:53:cb:a3:e5:03:5b:8c:a8:f2:41:98:f7:cd:
05:f9:aa:23:17:0b:6a:b4:2e:37:b0:92:04:40:0c:
f2:f5:0f:77:11:cb:3c:2b:a4:a4:55:7d:62:89:2c:
55:14:9d:1e:39:4a:f5:4d:43:b4:6c:1f:33:d0:22:
67:37:f3:e4:64:53:b3:e0:4e:73:6d:10:c0:0a:ec:
9e:00:40:e4:59:0f:08:0c:e2:33:32:c9:19:a4:a4:
41:26:e5:39:29:97:66:1a:56:66:f4:34:6b:8d:fe:
c1:24:7f:5a:6c:3b:ae:57:77:ad:d3:25:f7:26:e8:
f2:c7:00:28:13:d1:94:c9:1a:2f:62:5d:dd:5c:87:
27:30:6c:30:2c:37:6d:4e:1f:97:0e:66:6e:32:52:
d0:e3:c4:ff:f0:15:b3:7e:47:c2:53:55:c3:f1:fe:
14:c2:7d:2f:62:64:1f:e5:c5:63:ba:29:41:2a:61:
f7:09:5b:bf:47:59:c3:a9:07:92:9b:6f:16:5f:55:
d6:b1:23:2c:95:d8:2e:09:c9:d5:73:cd:ec:58:1c:
8c:71:51:d3:3c:35:af:b5:4a:21:cb:e8:d0:dc:e3:
9c:d2:0a:49:39:d2:48:02:15:bf:4e:12:63:71:1d:
2a:67:b5:87:ca:56:92:eb:e6:0d:f0:f1:12:2c:38:
a0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:56:91:3D:42:16:C3:AA:F4:B6:F4:64:AA:C1:5A:50:7B:E7:85:D0
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/KlaRPUIWw6r0tvRkqsFaUHvnhdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.251.153.0/24
193.251.218.0/23
193.251.222.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:50:2a:fa:e1:b7:a4:db:0c:49:11:5a:37:d0:a2:2b:70:c4:
f6:49:f0:da:c8:64:a3:ff:04:a0:66:23:e8:1a:c6:f0:12:90:
f4:cd:07:b6:3b:9a:aa:e1:23:a6:5b:17:51:13:a3:b5:1a:3f:
c9:64:4f:1b:44:21:d7:59:b4:68:33:b4:4a:52:f2:eb:ec:fb:
0f:dc:e3:7c:cd:e7:c8:8c:d1:38:c9:9e:9b:32:01:de:12:78:
90:7e:55:e9:b5:74:bb:82:9e:bb:5d:93:65:43:f7:2a:31:e8:
bd:88:9d:ea:cd:d9:29:e2:c3:65:23:f6:a8:b8:25:49:c0:cf:
c5:5b:f7:fd:27:fd:9a:cf:6f:cf:a5:f6:8c:c9:64:79:a5:e7:
95:62:22:98:c0:f5:9f:2b:61:78:ca:a5:5f:17:86:82:02:fb:
0e:3b:bd:28:8f:e7:18:4b:ce:c3:b8:e7:db:26:62:2c:a1:5a:
9a:2c:5c:aa:82:83:80:d5:88:43:f4:a5:fc:8b:39:a5:bd:9d:
4c:84:64:4b:cd:4e:d3:5c:e1:b6:e3:78:04:c8:b9:b5:e6:94:
8a:98:db:0c:d2:7b:20:ba:58:da:38:63:8a:e3:c5:e5:c4:3b:
e2:96:fb:f9:a0:b2:52:76:f8:d0:a2:47:0b:68:cd:e7:ec:b9:
3b:fd:20:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQg1a7lfCNMJnKsPdBr35QWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTU2OTEzZDQyMTZjM2FhZjRiNmY0NjRhYWMxNWE1MDdiZTc4NWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01PLo+UDW4yo8kGY980F+aojFwtq
tC43sJIEQAzy9Q93Ecs8K6SkVX1iiSxVFJ0eOUr1TUO0bB8z0CJnN/PkZFOz4E5z
bRDACuyeAEDkWQ8IDOIzMskZpKRBJuU5KZdmGlZm9DRrjf7BJH9abDuuV3et0yX3
JujyxwAoE9GUyRovYl3dXIcnMGwwLDdtTh+XDmZuMlLQ48T/8BWzfkfCU1XD8f4U
wn0vYmQf5cVjuilBKmH3CVu/R1nDqQeSm28WX1XWsSMsldguCcnVc83sWByMcVHT
PDWvtUohy+jQ3OOc0gpJOdJIAhW/ThJjcR0qZ7WHylaS6+YN8PESLDignwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCpWkT1CFsOq9Lb0ZKrBWlB754XQMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvS2xhUlBVSVd3NnIwdHZSa3FzRmFVSHZuaGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwfuZAwQB
wfvaAwQBwfveMA0GCSqGSIb3DQEBCwUAA4IBAQBuUCr64bek2wxJEVo30KIrcMT2
SfDayGSj/wSgZiPoGsbwEpD0zQe2O5qq4SOmWxdRE6O1Gj/JZE8bRCHXWbRoM7RK
UvLr7PsP3ON8zefIjNE4yZ6bMgHeEniQflXptXS7gp67XZNlQ/cqMei9iJ3qzdkp
4sNlI/aouCVJwM/FW/f9J/2az2/PpfaMyWR5peeVYiKYwPWfK2F4yqVfF4aCAvsO
O70oj+cYS87DuOfbJmIsoVqaLFyqgoOA1YhD9KX8izmlvZ1MhGRLzU7TXOG243gE
yLm15pSKmNsM0nsguljaOGOK48XlxDvilvv5oLJSdvjQokcLaM3n7Lk7/SCL
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:50:09 2025 by rpki-client