Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/kTAZ1eq_4NqZeUF8WiyBjLmzzOM.roa
File: kTAZ1eq_4NqZeUF8WiyBjLmzzOM.roa (raw, json)
Hash identifier: FbN3ktB3aIhk7lj6tCA82i2iYB31YzcLrswYNQRr2fk=
Subject key identifier: 91:30:19:D5:EA:BF:E0:DA:99:79:41:7C:5A:2C:81:8C:B9:B3:CC:E3
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 0194244562CDFEC196C7CF25C24165EA171A
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/kTAZ1eq_4NqZeUF8WiyBjLmzzOM.roa
Signing time: Wed 01 Jan 2025 23:48:34 +0000
ROA not before: Wed 01 Jan 2025 23:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35264
IP address blocks: 194.224.168.0/24 maxlen: 24
195.235.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:62:cd:fe:c1:96:c7:cf:25:c2:41:65:ea:17:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 1 23:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=913019d5eabfe0da9979417c5a2c818cb9b3cce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:48:43:0a:5c:87:59:1d:96:4a:12:ca:34:4b:
ec:a3:e7:df:26:4f:15:2e:15:5d:ea:1e:01:2e:76:
18:58:c0:cb:2d:65:31:c2:bb:a3:79:9d:0c:ca:da:
fa:46:89:7c:94:91:67:67:0b:97:5c:8c:0e:c6:2a:
c2:9c:7a:b9:a3:7c:35:72:21:7b:9f:e4:01:12:27:
77:04:c0:3c:ea:a5:d6:d9:71:85:ab:86:0d:bb:0d:
6b:56:30:fa:66:32:52:12:42:6e:43:4f:b9:c2:d8:
ca:46:8a:07:62:40:6d:cd:7a:c6:f4:54:05:f6:23:
4f:8c:47:6f:11:0f:1c:a9:c0:4b:b9:59:1b:a4:3b:
c0:64:13:2a:88:22:5d:ee:92:7e:dc:8d:70:38:49:
6c:4b:fd:83:a0:68:76:0f:38:d1:cc:32:f3:17:df:
41:90:0f:72:4a:b0:95:6c:ce:1c:1d:23:f1:82:b8:
54:70:74:70:55:64:c9:9d:42:65:f1:07:c9:58:c7:
70:70:97:78:5a:ac:be:b5:68:e7:29:7e:12:fa:3c:
0e:4c:ea:6b:1f:9b:de:a5:2f:63:65:52:05:e3:81:
be:58:a3:58:6d:f7:e8:78:fa:24:27:57:c5:14:8b:
45:41:aa:66:80:8d:9c:da:35:3c:5e:d6:54:6e:b3:
ee:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:30:19:D5:EA:BF:E0:DA:99:79:41:7C:5A:2C:81:8C:B9:B3:CC:E3
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/kTAZ1eq_4NqZeUF8WiyBjLmzzOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.224.168.0/24
195.235.112.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:4c:c5:d5:1a:8d:1c:ed:74:7d:97:bb:08:b7:36:75:66:35:
5a:08:33:66:4b:55:44:64:1d:87:f9:3a:b0:c0:60:6b:0b:11:
ec:d8:6b:78:1b:35:dd:e6:e2:7c:e5:da:2a:15:a2:69:88:0d:
55:10:2c:a8:63:2b:a8:cb:b8:39:57:e1:ae:0d:0c:0c:c2:a0:
cf:ac:c1:b2:fc:f3:fe:0e:97:e9:44:71:b1:8f:2d:46:a8:cd:
1f:14:f9:1b:0b:a7:08:25:47:13:0d:01:52:c5:6e:7a:37:f7:
5e:fc:26:a1:08:cf:73:cd:81:24:d2:fe:52:bf:fb:16:ee:b9:
51:e1:43:a0:f3:82:5d:32:4e:99:78:2f:61:c1:f3:c8:65:fe:
81:ee:e7:90:0d:94:93:35:eb:e6:8f:b0:18:ae:7d:ed:c9:a8:
02:71:82:17:1b:62:6f:7f:34:48:11:95:45:fa:25:58:4d:f0:
9e:b4:d9:f5:5d:06:da:7b:10:f5:43:8c:6c:38:33:3d:71:ef:
ee:5f:ee:2e:ad:57:8b:4f:dd:38:f2:aa:a3:08:9d:5f:d3:a8:
02:5a:9c:76:c9:aa:fd:ab:2f:40:08:dc:a2:dd:98:fe:57:d5:
bd:49:11:33:2b:7b:f3:ef:8d:83:d6:d3:11:d4:b3:9e:2e:eb:
37:06:95:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRWLN/sGWx88lwkFl6hcaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjUwMTAxMjM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTMwMTlkNWVhYmZlMGRhOTk3OTQxN2M1YTJjODE4Y2I5YjNjY2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUhDClyHWR2WShLKNEvso+ffJk8V
LhVd6h4BLnYYWMDLLWUxwrujeZ0Mytr6Rol8lJFnZwuXXIwOxirCnHq5o3w1ciF7
n+QBEid3BMA86qXW2XGFq4YNuw1rVjD6ZjJSEkJuQ0+5wtjKRooHYkBtzXrG9FQF
9iNPjEdvEQ8cqcBLuVkbpDvAZBMqiCJd7pJ+3I1wOElsS/2DoGh2DzjRzDLzF99B
kA9ySrCVbM4cHSPxgrhUcHRwVWTJnUJl8QfJWMdwcJd4Wqy+tWjnKX4S+jwOTOpr
H5vepS9jZVIF44G+WKNYbffoePokJ1fFFItFQapmgI2c2jU8XtZUbrPuMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJEwGdXqv+DamXlBfFosgYy5s8zjMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEva1RBWjFlcV80TnFaZVVGOFdpeUJqTG16ek9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwuCoAwQA
w+twMA0GCSqGSIb3DQEBCwUAA4IBAQCgTMXVGo0c7XR9l7sItzZ1ZjVaCDNmS1VE
ZB2H+TqwwGBrCxHs2Gt4GzXd5uJ85doqFaJpiA1VECyoYyuoy7g5V+GuDQwMwqDP
rMGy/PP+DpfpRHGxjy1GqM0fFPkbC6cIJUcTDQFSxW56N/de/CahCM9zzYEk0v5S
v/sW7rlR4UOg84JdMk6ZeC9hwfPIZf6B7ueQDZSTNevmj7AYrn3tyagCcYIXG2Jv
fzRIEZVF+iVYTfCetNn1XQbaexD1Q4xsODM9ce/uX+4urVeLT9048qqjCJ1f06gC
Wpx2yar9qy9ACNyi3Zj+V9W9SREzK3vz742D1tMR1LOeLus3BpXa
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:31:18 2025 by rpki-client