Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/3d259d-9183-40a0-92a1-2b2a6e27f96f/1/ceTKZ_Kbl5fdTbjM1BoGVl6TegM.roa
File: ceTKZ_Kbl5fdTbjM1BoGVl6TegM.roa (raw, json)
Hash identifier: DR/tSwdyZFDYwu3nLD2VKueV4ylVlrU59jgXrK70o90=
Subject key identifier: 71:E4:CA:67:F2:9B:97:97:DD:4D:B8:CC:D4:1A:06:56:5E:93:7A:03
Certificate issuer: /CN=d5a193671dc59d76fc311db2d6689a3c88299094
Certificate serial: 01941FFA3DA7E2A68F144745B7454B2D6360
Authority key identifier: D5:A1:93:67:1D:C5:9D:76:FC:31:1D:B2:D6:68:9A:3C:88:29:90:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1aGTZx3FnXb8MR2y1miaPIgpkJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/3d259d-9183-40a0-92a1-2b2a6e27f96f/1/ceTKZ_Kbl5fdTbjM1BoGVl6TegM.roa
Signing time: Wed 01 Jan 2025 03:48:01 +0000
ROA not before: Wed 01 Jan 2025 03:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31027
IP address blocks: 193.186.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:3d:a7:e2:a6:8f:14:47:45:b7:45:4b:2d:63:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5a193671dc59d76fc311db2d6689a3c88299094
Validity
Not Before: Jan 1 03:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71e4ca67f29b9797dd4db8ccd41a06565e937a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ce:c8:58:ee:63:23:e6:ae:50:03:fb:fe:cd:
a9:a6:db:72:d0:4a:95:0a:2c:ce:e7:5f:4f:aa:4b:
c6:f9:7b:ab:80:ad:75:81:47:e2:38:ac:13:df:79:
80:11:d9:00:2c:2b:a2:ad:8c:5e:99:b2:89:52:4c:
9b:95:75:15:a6:87:e0:16:2f:e8:a7:f2:f8:97:88:
a1:17:7b:d5:a2:b5:2f:79:73:ba:55:41:21:d8:14:
80:08:2c:ac:bb:da:91:d4:0a:df:45:34:d9:d6:48:
e5:2f:56:90:f6:d2:b6:e2:54:0e:fc:2f:62:d9:49:
78:ee:0a:4d:1d:d0:6a:db:4f:93:35:8e:6b:75:0d:
cf:a3:94:4f:50:e5:c1:86:e1:1d:37:3a:f5:68:a1:
6e:96:d1:7c:e5:77:8f:73:65:6d:08:46:bd:89:0c:
9a:53:cc:75:5e:df:aa:73:c1:66:1c:97:39:d2:84:
e5:44:79:da:c2:08:4b:5d:6d:30:11:4e:be:c9:df:
d1:84:87:85:f6:f5:48:d4:31:67:ff:10:bf:36:f4:
d9:5e:7c:af:82:b3:b7:0b:b0:f0:f3:e3:31:db:02:
39:c1:f0:5f:7b:5f:dc:96:85:41:ac:2d:9c:88:32:
22:1c:12:af:73:bc:3f:1b:fa:bc:2b:3d:ee:95:26:
87:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:E4:CA:67:F2:9B:97:97:DD:4D:B8:CC:D4:1A:06:56:5E:93:7A:03
X509v3 Authority Key Identifier:
keyid:D5:A1:93:67:1D:C5:9D:76:FC:31:1D:B2:D6:68:9A:3C:88:29:90:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1aGTZx3FnXb8MR2y1miaPIgpkJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3d259d-9183-40a0-92a1-2b2a6e27f96f/1/ceTKZ_Kbl5fdTbjM1BoGVl6TegM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3d259d-9183-40a0-92a1-2b2a6e27f96f/1/1aGTZx3FnXb8MR2y1miaPIgpkJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.35.0/24
Signature Algorithm: sha256WithRSAEncryption
82:34:28:12:9e:01:11:96:30:af:f4:00:d7:a0:4b:82:28:e0:
fb:66:b2:d9:bb:08:a4:56:48:de:a9:1b:1f:2d:c3:fc:a3:7a:
e9:f4:83:d6:fc:64:07:b5:ff:d5:95:49:44:b8:7b:0f:30:c3:
db:6e:85:b6:8c:a7:aa:57:63:b8:ee:f5:d0:52:6c:01:10:b9:
6f:94:9c:c7:ad:2c:b3:72:f3:52:ee:53:cd:9c:06:7a:74:19:
b0:8f:b4:3c:8f:e5:ba:5e:21:7e:e4:e1:db:83:99:63:f9:28:
e3:b6:00:95:8c:0c:78:e8:ae:17:3d:71:bc:4e:cd:33:29:b8:
d6:c5:d6:87:45:47:33:15:bb:e2:66:ff:1a:4b:f7:4d:26:d8:
24:11:cd:5e:6d:65:51:02:04:30:d1:7e:9f:3f:e5:14:8b:a5:
c4:5a:30:32:23:4f:25:87:ea:03:20:81:20:1d:36:b1:b3:66:
fd:d4:92:3b:0e:72:4a:68:e9:23:68:5e:f8:4d:60:32:be:4c:
14:d6:50:dc:72:86:fd:26:dd:ed:e7:9d:60:c9:21:cf:89:1e:
1d:2d:b0:ec:2a:2b:ad:0f:26:7e:19:46:ad:ec:e8:c0:71:09:
9c:0a:ba:88:e1:85:a2:6d:bd:c6:21:5a:01:a0:13:42:a5:55:
ae:df:1b:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+j2n4qaPFEdFt0VLLWNgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YTE5MzY3MWRjNTlkNzZmYzMxMWRiMmQ2Njg5YTNjODgy
OTkwOTQwHhcNMjUwMTAxMDM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWU0Y2E2N2YyOWI5Nzk3ZGQ0ZGI4Y2NkNDFhMDY1NjVlOTM3YTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4s7IWO5jI+auUAP7/s2pptty0EqV
CizO519PqkvG+XurgK11gUfiOKwT33mAEdkALCuirYxembKJUkyblXUVpofgFi/o
p/L4l4ihF3vVorUveXO6VUEh2BSACCysu9qR1ArfRTTZ1kjlL1aQ9tK24lQO/C9i
2Ul47gpNHdBq20+TNY5rdQ3Po5RPUOXBhuEdNzr1aKFultF85XePc2VtCEa9iQya
U8x1Xt+qc8FmHJc50oTlRHnawghLXW0wEU6+yd/RhIeF9vVI1DFn/xC/NvTZXnyv
grO3C7Dw8+Mx2wI5wfBfe1/cloVBrC2ciDIiHBKvc7w/G/q8Kz3ulSaH3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHHkymfym5eX3U24zNQaBlZek3oDMB8GA1UdIwQY
MBaAFNWhk2cdxZ12/DEdstZomjyIKZCUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWFHVFp4M0ZuWGI4TVIyeTFtaWFQSWdwa0pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zZDI1OWQtOTE4My00MGEwLTkyYTEt
MmIyYTZlMjdmOTZmLzEvY2VUS1pfS2JsNWZkVGJqTTFCb0dWbDZUZWdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zZDI1OWQtOTE4My00MGEwLTkyYTEtMmIyYTZlMjdmOTZm
LzEvMWFHVFp4M0ZuWGI4TVIyeTFtaWFQSWdwa0pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbojMA0G
CSqGSIb3DQEBCwUAA4IBAQCCNCgSngERljCv9ADXoEuCKOD7ZrLZuwikVkjeqRsf
LcP8o3rp9IPW/GQHtf/VlUlEuHsPMMPbboW2jKeqV2O47vXQUmwBELlvlJzHrSyz
cvNS7lPNnAZ6dBmwj7Q8j+W6XiF+5OHbg5lj+SjjtgCVjAx46K4XPXG8Ts0zKbjW
xdaHRUczFbviZv8aS/dNJtgkEc1ebWVRAgQw0X6fP+UUi6XEWjAyI08lh+oDIIEg
HTaxs2b91JI7DnJKaOkjaF74TWAyvkwU1lDccob9Jt3t551gySHPiR4dLbDsKiut
DyZ+GUat7OjAcQmcCrqI4YWibb3GIVoBoBNCpVWu3xvM
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:34:09 2025 by rpki-client