Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/01b725-9eac-4241-b1ed-da413bff046b/1/KsWjV8vol5OhDI_SjtEwhn_uXqo.roa
File: KsWjV8vol5OhDI_SjtEwhn_uXqo.roa (raw, json)
Hash identifier: HfUjlfaUUGAoUQSVXt2ERBY8kC1/cb3wAWiZUwlyrQY=
Subject key identifier: 2A:C5:A3:57:CB:E8:97:93:A1:0C:8F:D2:8E:D1:30:86:7F:EE:5E:AA
Certificate issuer: /CN=440934d517c506412496b808b7df25ca0fd6455f
Certificate serial: 0183F0A500A6961AE7018C6D04A658DFDFF7
Authority key identifier: 44:09:34:D5:17:C5:06:41:24:96:B8:08:B7:DF:25:CA:0F:D6:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RAk01RfFBkEklrgIt98lyg_WRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/01b725-9eac-4241-b1ed-da413bff046b/1/KsWjV8vol5OhDI_SjtEwhn_uXqo.roa
Signing time: Wed 19 Oct 2022 14:28:08 +0000
ROA not before: Wed 19 Oct 2022 14:28:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30742
IP address blocks: 194.146.0.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f0:a5:00:a6:96:1a:e7:01:8c:6d:04:a6:58:df:df:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=440934d517c506412496b808b7df25ca0fd6455f
Validity
Not Before: Oct 19 14:28:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ac5a357cbe89793a10c8fd28ed130867fee5eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c7:c8:ca:c0:47:94:ac:ef:8d:47:26:eb:1a:
73:41:5f:ff:82:93:4e:23:1f:6a:57:c2:bc:65:3d:
d3:6e:5f:de:8f:49:7a:0e:62:6c:92:b6:fb:fd:b1:
29:bc:0c:53:66:55:81:1f:bd:0c:fe:62:2d:b9:97:
18:4d:0d:f4:57:c0:c2:86:d2:a7:8f:ed:c1:f8:ab:
c8:89:d3:42:79:20:ea:d7:15:0d:76:09:63:a7:58:
e1:f8:cf:ad:76:f2:bd:45:f6:40:11:67:bb:88:ac:
f6:2e:c8:f1:c4:9a:0d:6d:f2:8d:ef:68:96:65:3d:
97:8a:df:20:57:9b:46:24:8c:92:96:65:35:45:93:
d8:61:c5:92:a7:3a:eb:c7:67:4f:59:5c:44:ce:47:
e3:76:56:60:1f:84:a2:cc:2f:54:86:83:7e:96:0b:
4f:4f:0f:d2:d8:aa:ea:ac:69:06:e4:41:5f:6a:63:
9e:ba:f0:e9:40:d3:5e:e3:46:63:74:1e:48:db:15:
7e:0a:0d:9e:d9:c3:39:ce:51:e8:f2:90:99:a0:ce:
0f:f3:52:a6:40:20:b2:0d:f9:06:ab:17:f7:1d:a2:
4c:e6:7b:27:58:a4:07:e1:d8:83:f8:53:72:5c:fd:
53:95:ba:2c:a8:7c:51:3d:d4:ae:a6:0c:2c:e2:b6:
7f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C5:A3:57:CB:E8:97:93:A1:0C:8F:D2:8E:D1:30:86:7F:EE:5E:AA
X509v3 Authority Key Identifier:
keyid:44:09:34:D5:17:C5:06:41:24:96:B8:08:B7:DF:25:CA:0F:D6:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RAk01RfFBkEklrgIt98lyg_WRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/01b725-9eac-4241-b1ed-da413bff046b/1/KsWjV8vol5OhDI_SjtEwhn_uXqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/01b725-9eac-4241-b1ed-da413bff046b/1/RAk01RfFBkEklrgIt98lyg_WRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.0.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:dd:70:33:9f:68:91:c1:e2:6a:c1:ea:7e:69:d4:9b:e2:d3:
85:49:13:f3:fe:cd:41:75:ed:d3:0c:0e:9a:43:80:1e:e2:3c:
c1:f1:44:1c:b9:a4:82:f8:a1:a3:c3:93:ad:f9:39:f6:40:0d:
50:70:be:a3:23:49:55:dc:89:be:53:af:0b:5b:16:24:fe:72:
ca:4a:00:78:30:38:e8:ed:a6:e0:58:a6:00:3d:7b:0e:0c:3e:
01:61:f7:9b:3c:04:2a:6c:bc:d1:52:52:d5:6d:1f:4a:86:4f:
2f:c8:91:10:b0:10:f0:00:a9:11:13:61:8b:05:ab:29:ed:90:
71:a9:11:9d:4a:74:14:6b:10:05:47:77:c3:8c:77:d7:ec:b2:
5c:fc:e7:f9:a7:24:1d:c4:58:ce:45:da:10:26:4a:89:23:09:
ff:4b:e6:c4:cb:70:db:6d:db:ca:57:85:66:b5:03:b4:4b:f6:
28:52:04:fd:67:39:3c:f7:c0:f4:20:bd:97:e4:37:d2:4c:be:
aa:5b:3f:5a:f3:c6:1d:88:52:af:d5:bd:f2:b5:b6:0f:e9:10:
b7:26:11:51:a4:a1:ef:8e:78:25:89:06:f7:6c:f8:a1:b0:09:
4e:b6:37:bf:a1:a1:bd:1f:ed:a6:fa:a6:1d:d2:6e:90:21:e8:
22:13:15:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPwpQCmlhrnAYxtBKZY39/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MDkzNGQ1MTdjNTA2NDEyNDk2YjgwOGI3ZGYyNWNhMGZk
NjQ1NWYwHhcNMjIxMDE5MTQyODA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWM1YTM1N2NiZTg5NzkzYTEwYzhmZDI4ZWQxMzA4NjdmZWU1ZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicfIysBHlKzvjUcm6xpzQV//gpNO
Ix9qV8K8ZT3Tbl/ej0l6DmJskrb7/bEpvAxTZlWBH70M/mItuZcYTQ30V8DChtKn
j+3B+KvIidNCeSDq1xUNdgljp1jh+M+tdvK9RfZAEWe7iKz2LsjxxJoNbfKN72iW
ZT2Xit8gV5tGJIySlmU1RZPYYcWSpzrrx2dPWVxEzkfjdlZgH4SizC9UhoN+lgtP
Tw/S2KrqrGkG5EFfamOeuvDpQNNe40ZjdB5I2xV+Cg2e2cM5zlHo8pCZoM4P81Km
QCCyDfkGqxf3HaJM5nsnWKQH4diD+FNyXP1TlbosqHxRPdSupgws4rZ/awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCrFo1fL6JeToQyP0o7RMIZ/7l6qMB8GA1UdIwQY
MBaAFEQJNNUXxQZBJJa4CLffJcoP1kVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkFrMDFSZkZCa0VrbHJnSXQ5OGx5Z19XUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wMWI3MjUtOWVhYy00MjQxLWIxZWQt
ZGE0MTNiZmYwNDZiLzEvS3NXalY4dm9sNU9oRElfU2p0RXdobl91WHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wMWI3MjUtOWVhYy00MjQxLWIxZWQtZGE0MTNiZmYwNDZi
LzEvUkFrMDFSZkZCa0VrbHJnSXQ5OGx5Z19XUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpIAMA0G
CSqGSIb3DQEBCwUAA4IBAQCe3XAzn2iRweJqwep+adSb4tOFSRPz/s1Bde3TDA6a
Q4Ae4jzB8UQcuaSC+KGjw5Ot+Tn2QA1QcL6jI0lV3Im+U68LWxYk/nLKSgB4MDjo
7abgWKYAPXsODD4BYfebPAQqbLzRUlLVbR9Khk8vyJEQsBDwAKkRE2GLBasp7ZBx
qRGdSnQUaxAFR3fDjHfX7LJc/Of5pyQdxFjORdoQJkqJIwn/S+bEy3DbbdvKV4Vm
tQO0S/YoUgT9Zzk898D0IL2X5DfSTL6qWz9a88YdiFKv1b3ytbYP6RC3JhFRpKHv
jngliQb3bPihsAlOtje/oaG9H+2m+qYd0m6QIegiExVQ
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:36:16 2025 by rpki-client