Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/kVGua3TqFr_Xgf8QDRS8XF9R1dQ.roa
File: kVGua3TqFr_Xgf8QDRS8XF9R1dQ.roa (raw, json)
Hash identifier: T+ltwReznFEvebEpRbDX5tXHiYXC+sa7JFguF55OOfw=
Subject key identifier: 91:51:AE:6B:74:EA:16:BF:D7:81:FF:10:0D:14:BC:5C:5F:51:D5:D4
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5A58AE01D070F0870C3E013569D68
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/kVGua3TqFr_Xgf8QDRS8XF9R1dQ.roa
Signing time: Wed 01 Jan 2025 07:47:39 +0000
ROA not before: Wed 01 Jan 2025 07:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16071
IP address blocks: 212.234.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a5:8a:e0:1d:07:0f:08:70:c3:e0:13:56:9d:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9151ae6b74ea16bfd781ff100d14bc5c5f51d5d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6e:9f:2e:7e:26:ed:42:91:2f:61:d8:89:57:
cb:22:ff:17:43:f5:b9:c8:3b:fd:05:7b:31:28:e2:
42:d7:e8:95:67:b5:ce:d8:3b:8e:7f:6f:e0:b2:e0:
9d:92:89:58:73:61:2c:26:79:15:43:ba:ae:81:e2:
bf:a9:b3:79:7e:12:a7:90:aa:36:be:2b:09:46:29:
c0:6b:09:e3:1c:a7:8c:a3:ca:95:76:80:a8:dc:66:
89:9c:bb:7e:12:cc:f8:23:d5:d6:a2:26:a2:80:5d:
48:66:c3:11:89:5c:b9:64:37:05:63:2d:81:98:e3:
dc:3d:64:ef:3c:2a:4e:c4:8a:3a:01:f4:04:3d:49:
78:7e:ca:5f:b3:58:c8:94:c9:7b:15:8f:8e:75:c4:
36:fc:84:5c:57:a6:e4:62:80:2d:ff:5d:50:a2:d7:
07:a3:6a:4d:9a:a7:59:5f:6d:c9:5b:8d:af:20:9c:
0a:ff:38:db:b5:19:8b:f3:88:cd:74:9e:29:de:ff:
a0:c5:67:0b:c8:a0:80:74:f0:42:e7:b3:2f:4c:7c:
3e:11:c4:e8:78:ff:3c:07:72:6f:fb:c5:4f:35:be:
e8:c1:a2:58:26:a4:e9:4c:45:96:1d:c4:a6:a9:ed:
61:b4:ae:79:8d:cd:93:d5:c3:13:8e:2b:e2:17:29:
b8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:51:AE:6B:74:EA:16:BF:D7:81:FF:10:0D:14:BC:5C:5F:51:D5:D4
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/kVGua3TqFr_Xgf8QDRS8XF9R1dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.234.194.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:ce:ba:5e:9a:c0:ff:28:97:e9:78:b2:71:47:d1:d5:58:47:
df:af:00:35:8e:bd:c3:c7:c6:68:21:d4:cd:3c:08:8d:3a:7b:
1f:92:95:e1:9a:e8:1f:f0:3b:62:ff:db:ee:a0:4f:90:e0:8d:
1d:92:56:4c:c2:b4:41:9f:6b:69:3c:54:25:60:96:b2:5b:3b:
02:81:22:23:11:94:fe:bc:f1:98:9f:89:f9:66:9e:32:0b:3b:
ca:e5:08:37:21:63:a2:15:ce:53:f9:ab:c5:9b:82:86:28:5c:
c9:fe:2f:90:70:b3:fd:cd:d7:d4:e7:e7:61:d0:c8:3a:fd:7e:
f5:f0:73:08:ba:63:0f:aa:a5:dd:c5:34:40:f9:7a:df:aa:06:
67:31:b7:dd:e6:99:d0:63:00:e4:c5:fb:9f:f8:8f:96:73:28:
9a:0c:c6:03:92:46:d1:a3:8f:c0:ec:8c:bf:53:9f:d4:d8:b3:
9b:f8:d1:ba:a7:33:e7:4d:56:eb:01:b2:c5:3a:4e:32:1c:d2:
72:ec:a0:e9:0e:78:3a:cf:4e:52:08:c6:31:b7:dc:6e:ff:14:
7f:5a:35:df:da:b7:8f:01:e8:cf:33:e3:04:fb:02:23:ab:5b:
7c:46:90:93:d6:c0:f2:fd:b3:35:46:31:b2:fb:e3:8f:40:b8:
42:ea:a0:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1aWK4B0HDwhww+ATVp1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTUxYWU2Yjc0ZWExNmJmZDc4MWZmMTAwZDE0YmM1YzVmNTFkNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyW6fLn4m7UKRL2HYiVfLIv8XQ/W5
yDv9BXsxKOJC1+iVZ7XO2DuOf2/gsuCdkolYc2EsJnkVQ7qugeK/qbN5fhKnkKo2
visJRinAawnjHKeMo8qVdoCo3GaJnLt+Esz4I9XWoiaigF1IZsMRiVy5ZDcFYy2B
mOPcPWTvPCpOxIo6AfQEPUl4fspfs1jIlMl7FY+OdcQ2/IRcV6bkYoAt/11QotcH
o2pNmqdZX23JW42vIJwK/zjbtRmL84jNdJ4p3v+gxWcLyKCAdPBC57MvTHw+EcTo
eP88B3Jv+8VPNb7owaJYJqTpTEWWHcSmqe1htK55jc2T1cMTjiviFym4xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFRrmt06ha/14H/EA0UvFxfUdXUMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEva1ZHdWEzVHFGcl9YZ2Y4UURSUzhYRjlSMWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1OrCMA0G
CSqGSIb3DQEBCwUAA4IBAQBMzrpemsD/KJfpeLJxR9HVWEffrwA1jr3Dx8ZoIdTN
PAiNOnsfkpXhmugf8Dti/9vuoE+Q4I0dklZMwrRBn2tpPFQlYJayWzsCgSIjEZT+
vPGYn4n5Zp4yCzvK5Qg3IWOiFc5T+avFm4KGKFzJ/i+QcLP9zdfU5+dh0Mg6/X71
8HMIumMPqqXdxTRA+XrfqgZnMbfd5pnQYwDkxfuf+I+WcyiaDMYDkkbRo4/A7Iy/
U5/U2LOb+NG6pzPnTVbrAbLFOk4yHNJy7KDpDng6z05SCMYxt9xu/xR/WjXf2reP
AejPM+ME+wIjq1t8RpCT1sDy/bM1RjGy++OPQLhC6qDH
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:25:51 2025 by rpki-client