Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/KX2FVoJMwagFqXSqm7WmM6GiAdc.roa
File: KX2FVoJMwagFqXSqm7WmM6GiAdc.roa (raw, json)
Hash identifier: kL6N1Ap9alUNCwv0399F2Foe8bxiyXhyi55mwtllJAY=
Subject key identifier: 29:7D:85:56:82:4C:C1:A8:05:A9:74:AA:9B:B5:A6:33:A1:A2:01:D7
Certificate issuer: /CN=1ddc53d1de7a2ef7eb2b90c80915544140042488
Certificate serial: 019426D97A722179F5DCBEAA116DB942ADCB
Authority key identifier: 1D:DC:53:D1:DE:7A:2E:F7:EB:2B:90:C8:09:15:54:41:40:04:24:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HdxT0d56LvfrK5DICRVUQUAEJIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/KX2FVoJMwagFqXSqm7WmM6GiAdc.roa
Signing time: Thu 02 Jan 2025 11:49:34 +0000
ROA not before: Thu 02 Jan 2025 11:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205954
IP address blocks: 130.193.69.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:7a:72:21:79:f5:dc:be:aa:11:6d:b9:42:ad:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ddc53d1de7a2ef7eb2b90c80915544140042488
Validity
Not Before: Jan 2 11:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=297d8556824cc1a805a974aa9bb5a633a1a201d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7f:ed:1e:65:5e:83:2e:bb:67:ca:b9:db:55:
1d:3f:89:06:82:96:6d:7f:13:bc:94:ac:79:94:4a:
50:0b:35:bd:3c:06:75:8b:96:28:77:5b:38:fa:60:
55:23:4d:ed:4f:6b:13:6e:d0:44:e7:00:0f:48:72:
ee:8b:fa:19:74:d4:58:1a:a2:75:3b:e4:46:b3:10:
7f:07:fa:35:6a:f6:5d:0d:fc:4c:bf:ee:dc:bc:f2:
1d:ce:07:54:30:41:f3:1d:e4:8a:8f:af:58:e8:a2:
28:33:1c:1b:a7:c4:33:03:36:c5:bd:a6:d6:db:2a:
e6:c6:9b:97:dc:13:ef:e6:9e:aa:b2:1a:22:0a:22:
3f:0b:90:4f:f5:b8:2a:d8:1c:58:17:1b:6b:a8:c3:
47:32:9e:ff:8c:f0:f3:53:15:20:27:17:b1:7a:cb:
83:1b:e5:f5:09:9f:6f:13:bb:36:8c:5b:fb:70:2e:
bf:f3:ba:30:a6:72:b0:ae:8c:1c:30:93:cb:7f:32:
23:68:d5:b4:43:29:b5:d0:ce:17:c6:43:b6:76:60:
0f:03:45:31:92:6f:5a:0a:99:78:61:58:da:d5:b2:
06:05:0f:cd:60:27:28:c8:b1:5c:bc:cd:0d:c3:46:
43:3c:1a:1d:e8:23:5e:06:2e:61:65:21:03:b2:11:
33:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:7D:85:56:82:4C:C1:A8:05:A9:74:AA:9B:B5:A6:33:A1:A2:01:D7
X509v3 Authority Key Identifier:
keyid:1D:DC:53:D1:DE:7A:2E:F7:EB:2B:90:C8:09:15:54:41:40:04:24:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdxT0d56LvfrK5DICRVUQUAEJIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/KX2FVoJMwagFqXSqm7WmM6GiAdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/HdxT0d56LvfrK5DICRVUQUAEJIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.69.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:e7:e8:95:77:9a:a5:2f:d8:a1:80:51:22:49:f9:c0:1c:d1:
34:94:aa:77:5f:3c:aa:35:6b:6d:07:63:9b:b0:7d:73:5a:af:
ec:5f:a1:f0:9a:89:de:0d:01:65:00:19:f7:fa:71:da:e5:98:
9b:2d:06:d4:ee:a9:05:ff:6e:f8:20:4c:65:0a:76:db:7f:c2:
e7:5e:be:39:89:06:2c:30:c2:ce:51:ed:a7:d7:bf:c6:f9:a7:
1f:1f:4a:be:45:60:70:bf:8a:85:db:94:83:ce:9d:62:10:8e:
aa:32:2c:5d:e5:95:23:46:27:86:01:ad:6a:fd:fd:75:9a:60:
67:29:45:2b:9b:a8:b6:d2:71:7a:7f:d0:11:c9:5d:4b:bf:99:
bb:c1:e9:3f:b0:13:52:a5:40:51:23:ea:86:25:8e:d5:7e:ea:
ce:6e:d5:0c:1e:77:e4:7f:e8:b9:5d:df:ea:cf:bf:92:ab:59:
55:18:ca:65:5a:83:33:94:b2:61:92:d8:cc:98:55:39:fc:14:
b1:c9:c1:d2:cf:6b:bc:14:a8:80:63:fb:92:20:31:a8:8a:7c:
c8:dc:62:5d:64:43:fd:c2:f5:5c:2f:6f:4c:b5:38:0d:83:3a:
35:12:6b:f1:d9:03:db:5e:bc:05:11:b3:18:18:cf:6b:8f:98:
3e:47:79:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2XpyIXn13L6qEW25Qq3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZGM1M2QxZGU3YTJlZjdlYjJiOTBjODA5MTU1NDQxNDAw
NDI0ODgwHhcNMjUwMTAyMTE0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTdkODU1NjgyNGNjMWE4MDVhOTc0YWE5YmI1YTYzM2ExYTIwMWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiX/tHmVegy67Z8q521UdP4kGgpZt
fxO8lKx5lEpQCzW9PAZ1i5Yod1s4+mBVI03tT2sTbtBE5wAPSHLui/oZdNRYGqJ1
O+RGsxB/B/o1avZdDfxMv+7cvPIdzgdUMEHzHeSKj69Y6KIoMxwbp8QzAzbFvabW
2yrmxpuX3BPv5p6qshoiCiI/C5BP9bgq2BxYFxtrqMNHMp7/jPDzUxUgJxexesuD
G+X1CZ9vE7s2jFv7cC6/87owpnKwrowcMJPLfzIjaNW0Qym10M4XxkO2dmAPA0Ux
km9aCpl4YVja1bIGBQ/NYCcoyLFcvM0Nw0ZDPBod6CNeBi5hZSEDshEzfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCl9hVaCTMGoBal0qpu1pjOhogHXMB8GA1UdIwQY
MBaAFB3cU9Heei736yuQyAkVVEFABCSIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGR4VDBkNTZMdmZySzVESUNSVlVRVUFFSklnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy81NTc0MTQtZDk5My00Y2JmLTgxODEt
NDg2NzFmYjdkMzgwLzEvS1gyRlZvSk13YWdGcVhTcW03V21NNkdpQWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy81NTc0MTQtZDk5My00Y2JmLTgxODEtNDg2NzFmYjdkMzgw
LzEvSGR4VDBkNTZMdmZySzVESUNSVlVRVUFFSklnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgsFFMA0G
CSqGSIb3DQEBCwUAA4IBAQDM5+iVd5qlL9ihgFEiSfnAHNE0lKp3XzyqNWttB2Ob
sH1zWq/sX6HwmoneDQFlABn3+nHa5ZibLQbU7qkF/274IExlCnbbf8LnXr45iQYs
MMLOUe2n17/G+acfH0q+RWBwv4qF25SDzp1iEI6qMixd5ZUjRieGAa1q/f11mmBn
KUUrm6i20nF6f9ARyV1Lv5m7wek/sBNSpUBRI+qGJY7VfurObtUMHnfkf+i5Xd/q
z7+Sq1lVGMplWoMzlLJhktjMmFU5/BSxycHSz2u8FKiAY/uSIDGoinzI3GJdZEP9
wvVcL29MtTgNgzo1Emvx2QPbXrwFEbMYGM9rj5g+R3mw
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:30 2025 by rpki-client