Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/kES3a_NmTCIqnMJDYdktZEAui6g.roa
File: kES3a_NmTCIqnMJDYdktZEAui6g.roa (raw, json)
Hash identifier: oWDzOnsZ0P67iTYQElx7vSfgd2r2XhuMUt+O6nZknyU=
Subject key identifier: 90:44:B7:6B:F3:66:4C:22:2A:9C:C2:43:61:D9:2D:64:40:2E:8B:A8
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 019422203731E8B30ECAF73527D515F65CFD
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/kES3a_NmTCIqnMJDYdktZEAui6g.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31712
IP address blocks: 195.153.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:37:31:e8:b3:0e:ca:f7:35:27:d5:15:f6:5c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9044b76bf3664c222a9cc24361d92d64402e8ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a7:f1:2e:db:15:2f:5a:2f:b9:5b:fa:40:32:
a0:c7:ac:8c:b2:f0:e9:4c:26:c2:37:24:76:2c:06:
07:62:6a:8d:3f:9b:58:11:38:7d:4b:a4:de:3d:ef:
77:1a:c7:b0:28:76:20:15:b3:80:2f:4e:1a:71:ce:
14:a8:4b:b7:98:44:03:f8:d0:63:7a:43:a0:5b:98:
b9:28:1e:03:e2:bc:e3:18:a7:c9:da:24:f6:dc:6e:
62:a3:d2:72:45:97:2f:fd:77:ba:23:72:d2:a6:eb:
14:83:e1:1c:b9:a6:34:08:46:9e:d8:01:3e:9e:a0:
9b:15:80:09:51:63:87:ea:94:5f:a2:71:bd:dd:c6:
2d:83:d0:82:bc:58:18:62:72:dc:6b:ab:06:00:02:
c0:57:a6:1d:5d:44:28:16:80:06:0b:a4:08:28:10:
d4:45:19:3d:4f:9b:bd:8a:d3:5e:d0:b1:22:0e:ff:
f6:3f:b3:5c:f1:54:88:36:76:c9:ed:46:3a:45:8f:
41:15:fb:72:40:f2:e5:da:a4:67:94:d4:b1:59:66:
74:19:10:35:df:d0:2f:3e:20:30:5a:64:38:0b:a5:
5d:a3:cb:47:1a:c3:d0:95:5f:ae:cd:76:48:ce:06:
26:74:27:ac:05:ed:49:92:9f:e3:c2:b3:68:96:55:
a2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:44:B7:6B:F3:66:4C:22:2A:9C:C2:43:61:D9:2D:64:40:2E:8B:A8
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/kES3a_NmTCIqnMJDYdktZEAui6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.153.19.0/24
Signature Algorithm: sha256WithRSAEncryption
14:fa:d2:9e:8c:4a:44:0e:9e:9a:0f:0e:50:8b:8a:60:09:23:
f8:36:8b:da:a0:67:d3:02:39:c8:ca:db:37:8a:26:1e:30:4a:
59:b5:8c:42:20:ba:8d:4d:ee:bc:19:f6:05:59:e9:80:a8:96:
87:3f:ec:4b:d3:8a:f3:6c:70:5c:8d:ad:c8:90:97:30:55:0f:
63:d0:b8:4c:bf:54:6e:ba:17:6d:a1:eb:c5:8c:16:e9:b6:03:
94:3a:30:fe:fa:86:65:ab:4e:13:01:2d:0d:85:b1:5d:f6:b1:
fc:4a:cb:98:44:35:b8:93:ea:ea:98:98:1c:d1:f9:0c:9e:58:
16:2e:39:c6:28:a4:8c:ca:4f:01:6d:23:06:0f:7c:ec:f8:16:
99:d0:98:df:f1:81:4e:09:b7:3c:c7:08:09:f6:42:10:39:37:
4a:77:5b:f6:d9:4b:08:24:ed:8c:9d:86:d7:ed:bf:20:66:5f:
8d:cb:6a:aa:d8:5d:42:30:3a:2e:d8:af:25:18:51:3d:e4:84:
58:1c:a3:4f:77:63:c7:e0:e1:82:45:19:09:17:24:89:c5:9b:
8b:98:14:09:fe:ef:e1:6b:f1:94:24:7b:51:0f:94:5d:7e:a4:
10:52:08:30:17:a4:ea:c6:6f:5a:bd:a7:39:f4:f0:b4:03:d9:
f0:14:0a:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIDcx6LMOyvc1J9UV9lz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDQ0Yjc2YmYzNjY0YzIyMmE5Y2MyNDM2MWQ5MmQ2NDQwMmU4YmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6fxLtsVL1ovuVv6QDKgx6yMsvDp
TCbCNyR2LAYHYmqNP5tYETh9S6TePe93GsewKHYgFbOAL04acc4UqEu3mEQD+NBj
ekOgW5i5KB4D4rzjGKfJ2iT23G5io9JyRZcv/Xe6I3LSpusUg+EcuaY0CEae2AE+
nqCbFYAJUWOH6pRfonG93cYtg9CCvFgYYnLca6sGAALAV6YdXUQoFoAGC6QIKBDU
RRk9T5u9itNe0LEiDv/2P7Nc8VSINnbJ7UY6RY9BFftyQPLl2qRnlNSxWWZ0GRA1
39AvPiAwWmQ4C6Vdo8tHGsPQlV+uzXZIzgYmdCesBe1Jkp/jwrNollWi0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJBEt2vzZkwiKpzCQ2HZLWRALouoMB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEva0VTM2FfTm1UQ0lxbk1KRFlka3RaRUF1aTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5kTMA0G
CSqGSIb3DQEBCwUAA4IBAQAU+tKejEpEDp6aDw5Qi4pgCSP4NovaoGfTAjnIyts3
iiYeMEpZtYxCILqNTe68GfYFWemAqJaHP+xL04rzbHBcja3IkJcwVQ9j0LhMv1Ru
uhdtoevFjBbptgOUOjD++oZlq04TAS0NhbFd9rH8SsuYRDW4k+rqmJgc0fkMnlgW
LjnGKKSMyk8BbSMGD3zs+BaZ0Jjf8YFOCbc8xwgJ9kIQOTdKd1v22UsIJO2MnYbX
7b8gZl+Ny2qq2F1CMDou2K8lGFE95IRYHKNPd2PH4OGCRRkJFySJxZuLmBQJ/u/h
a/GUJHtRD5RdfqQQUggwF6Tqxm9avac59PC0A9nwFAo+
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:21:17 2025 by rpki-client