Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/76aee1-e220-4e22-9cb5-8fe3a0f61437/1/kCrnYti58ggrv3fVjdqQhiVhHsw.roa
File: kCrnYti58ggrv3fVjdqQhiVhHsw.roa (raw, json)
Hash identifier: +F+P0b+2Vs6/LI+O+WCqqOkrY2FqCcnWwdEJbDldqAE=
Subject key identifier: 90:2A:E7:62:D8:B9:F2:08:2B:BF:77:D5:8D:DA:90:86:25:61:1E:CC
Certificate issuer: /CN=dde36e98021264f5a8070106780be29d48a16c67
Certificate serial: 019422FB5070454CC952E1683B809805109C
Authority key identifier: DD:E3:6E:98:02:12:64:F5:A8:07:01:06:78:0B:E2:9D:48:A1:6C:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3eNumAISZPWoBwEGeAvinUihbGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/76aee1-e220-4e22-9cb5-8fe3a0f61437/1/kCrnYti58ggrv3fVjdqQhiVhHsw.roa
Signing time: Wed 01 Jan 2025 17:48:02 +0000
ROA not before: Wed 01 Jan 2025 17:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200484
IP address blocks: 1.179.120.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:50:70:45:4c:c9:52:e1:68:3b:80:98:05:10:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dde36e98021264f5a8070106780be29d48a16c67
Validity
Not Before: Jan 1 17:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=902ae762d8b9f2082bbf77d58dda908625611ecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:f1:36:91:27:19:25:c4:99:93:80:3d:1f:96:
93:d3:af:29:4d:06:92:85:7f:ac:e6:a0:08:ee:60:
c4:03:45:72:2f:71:f2:fa:be:3a:71:1d:14:7b:ae:
46:b3:55:7e:db:74:47:ba:e9:f5:05:c8:6f:38:99:
8a:c5:f3:78:c3:f0:d0:f3:0d:33:af:61:51:38:da:
9c:b7:05:23:03:c8:d8:cf:77:f3:78:50:6d:26:0d:
18:1c:6d:52:c4:e1:62:4e:8c:d7:ff:a4:cf:75:b4:
f9:64:8c:23:d4:cc:c8:fb:2f:36:a8:c8:59:ee:85:
ea:d1:ed:7b:95:0b:a9:08:15:71:d0:67:c9:5c:de:
4e:b3:85:49:ac:39:a6:0d:c1:37:ec:ac:99:0a:14:
ab:52:40:1c:3b:91:5c:0e:0e:8e:e1:40:55:8d:e7:
25:49:6c:6b:82:f9:ec:e8:1d:32:e2:e5:75:b6:e7:
33:83:e4:b1:f8:a6:1a:e5:34:f8:02:74:65:3b:94:
fe:7d:c4:90:34:0c:5b:96:4f:ba:ae:a3:0b:ff:71:
95:a4:bd:95:58:93:d6:b9:f0:51:6a:54:16:bf:7b:
5e:cb:48:90:da:f4:21:dc:e0:01:2b:4f:56:f7:ee:
35:b5:aa:b7:a1:14:31:0b:4b:c6:1d:77:3e:c9:11:
33:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:2A:E7:62:D8:B9:F2:08:2B:BF:77:D5:8D:DA:90:86:25:61:1E:CC
X509v3 Authority Key Identifier:
keyid:DD:E3:6E:98:02:12:64:F5:A8:07:01:06:78:0B:E2:9D:48:A1:6C:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3eNumAISZPWoBwEGeAvinUihbGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/76aee1-e220-4e22-9cb5-8fe3a0f61437/1/kCrnYti58ggrv3fVjdqQhiVhHsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/76aee1-e220-4e22-9cb5-8fe3a0f61437/1/3eNumAISZPWoBwEGeAvinUihbGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
1.179.120.0/21
Signature Algorithm: sha256WithRSAEncryption
24:b5:62:5e:39:fb:ee:56:37:af:8f:b2:94:a6:9b:7c:f1:84:
48:01:0d:8c:aa:0f:a6:fa:fb:a8:8a:fe:55:1f:50:63:58:4a:
56:ad:77:02:23:5d:ed:bc:04:15:af:4e:b5:58:5e:e8:54:f8:
9f:4d:e0:5e:5b:74:49:f6:2e:4f:26:74:d0:51:0b:af:ab:ee:
da:30:65:bb:a6:55:38:f1:4f:a6:95:98:b0:86:19:8a:a7:01:
cc:0a:aa:66:ce:37:4a:51:17:b3:d1:7d:eb:df:26:20:1e:40:
41:be:ec:16:ed:03:25:21:27:00:7e:f7:62:90:5c:75:cd:50:
e9:b3:81:73:0e:02:6a:e1:af:e2:2e:27:26:05:f5:15:bb:03:
7f:6e:73:48:03:b1:93:ca:61:e1:b6:d7:85:e3:a2:37:92:b0:
04:84:98:1d:97:60:58:5e:0f:29:21:87:1a:35:b0:eb:e5:0e:
d8:8b:69:76:70:f2:04:a2:94:c5:59:94:a2:41:ab:3c:1e:dc:
c3:75:10:7a:ef:38:e9:62:2f:e6:67:2b:f2:f6:7e:78:70:e0:
31:f7:fe:3d:c1:69:dd:76:91:de:fb:5f:08:12:7f:46:89:54:
b2:02:4d:6b:19:0e:77:10:b8:6c:88:ba:c9:68:57:47:a6:1a:
41:1a:d2:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+1BwRUzJUuFoO4CYBRCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZTM2ZTk4MDIxMjY0ZjVhODA3MDEwNjc4MGJlMjlkNDhh
MTZjNjcwHhcNMjUwMTAxMTc0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDJhZTc2MmQ4YjlmMjA4MmJiZjc3ZDU4ZGRhOTA4NjI1NjExZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6vE2kScZJcSZk4A9H5aT068pTQaS
hX+s5qAI7mDEA0VyL3Hy+r46cR0Ue65Gs1V+23RHuun1BchvOJmKxfN4w/DQ8w0z
r2FRONqctwUjA8jYz3fzeFBtJg0YHG1SxOFiTozX/6TPdbT5ZIwj1MzI+y82qMhZ
7oXq0e17lQupCBVx0GfJXN5Os4VJrDmmDcE37KyZChSrUkAcO5FcDg6O4UBVjecl
SWxrgvns6B0y4uV1tuczg+Sx+KYa5TT4AnRlO5T+fcSQNAxblk+6rqML/3GVpL2V
WJPWufBRalQWv3tey0iQ2vQh3OABK09W9+41taq3oRQxC0vGHXc+yREzYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAq52LYufIIK7931Y3akIYlYR7MMB8GA1UdIwQY
MBaAFN3jbpgCEmT1qAcBBngL4p1IoWxnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2VOdW1BSVNaUFdvQndFR2VBdmluVWloYkdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi83NmFlZTEtZTIyMC00ZTIyLTljYjUt
OGZlM2EwZjYxNDM3LzEva0Nybll0aTU4Z2dydjNmVmpkcVFoaVZoSHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi83NmFlZTEtZTIyMC00ZTIyLTljYjUtOGZlM2EwZjYxNDM3
LzEvM2VOdW1BSVNaUFdvQndFR2VBdmluVWloYkdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDAbN4MA0G
CSqGSIb3DQEBCwUAA4IBAQAktWJeOfvuVjevj7KUppt88YRIAQ2Mqg+m+vuoiv5V
H1BjWEpWrXcCI13tvAQVr061WF7oVPifTeBeW3RJ9i5PJnTQUQuvq+7aMGW7plU4
8U+mlZiwhhmKpwHMCqpmzjdKURez0X3r3yYgHkBBvuwW7QMlIScAfvdikFx1zVDp
s4FzDgJq4a/iLicmBfUVuwN/bnNIA7GTymHhtteF46I3krAEhJgdl2BYXg8pIYca
NbDr5Q7Yi2l2cPIEopTFWZSiQas8HtzDdRB67zjpYi/mZyvy9n54cOAx9/49wWnd
dpHe+18IEn9GiVSyAk1rGQ53ELhsiLrJaFdHphpBGtIy
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:54:55 2025 by rpki-client