Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/kk5advkZ9bQlJz7_JieFntTO3XU.roa
File: kk5advkZ9bQlJz7_JieFntTO3XU.roa (raw, json)
Hash identifier: xJpBT/CXUplkBX0hZLz371z7UUD8JtQHYo5kzyS6wEg=
Subject key identifier: 92:4E:5A:76:F9:19:F5:B4:25:27:3E:FF:26:27:85:9E:D4:CE:DD:75
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01944A64C561760F723F860A1856D5219175
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/kk5advkZ9bQlJz7_JieFntTO3XU.roa
Signing time: Thu 09 Jan 2025 09:28:25 +0000
ROA not before: Thu 09 Jan 2025 09:28:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210473
IP address blocks: 130.185.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:64:c5:61:76:0f:72:3f:86:0a:18:56:d5:21:91:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 9 09:28:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=924e5a76f919f5b425273eff2627859ed4cedd75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:57:21:9b:60:6b:0e:a3:cc:80:a2:d9:23:52:
0d:b2:3a:d1:2c:5c:e9:82:f3:ac:0e:fa:eb:b4:4a:
05:12:9c:31:2f:0a:1a:32:40:a8:77:e7:fe:91:e6:
99:75:13:3a:80:c7:a2:c2:58:04:bf:9c:50:20:20:
70:c9:2a:56:90:29:50:a7:c2:c7:3b:22:c7:32:cb:
eb:2f:a3:46:f7:cf:d4:50:cc:9d:e2:19:22:1b:2b:
51:93:55:04:b0:57:35:a6:47:13:57:41:58:a4:12:
d2:bd:47:2c:20:b6:a6:ab:46:45:a2:79:74:c5:5c:
be:04:89:fa:13:b3:d4:b2:6c:4c:60:eb:55:b3:6d:
42:59:e3:cb:1c:5c:d1:e5:3b:34:dc:cc:d0:72:34:
79:48:bd:fb:81:d8:80:74:b4:da:62:3e:04:7d:65:
b7:bf:48:fe:9d:b8:ef:01:a3:3b:5f:64:56:2c:93:
60:f6:6c:6d:62:32:60:88:79:e9:e5:c9:73:02:32:
d2:09:ed:4d:cc:f9:54:29:35:5f:c9:2f:9e:54:24:
ef:8e:cb:e5:b6:d2:51:ac:10:ef:05:cf:c5:99:4c:
a2:ba:c2:0c:e8:8f:4f:43:c7:04:38:8c:74:e6:14:
9a:b2:ea:89:54:d6:ec:43:97:b7:87:f1:ed:7c:40:
48:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:4E:5A:76:F9:19:F5:B4:25:27:3E:FF:26:27:85:9E:D4:CE:DD:75
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/kk5advkZ9bQlJz7_JieFntTO3XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.234.0/24
Signature Algorithm: sha256WithRSAEncryption
91:98:f0:af:b3:f3:14:bd:4c:4e:0a:99:b1:b0:ea:8f:60:c4:
6d:c3:b8:5d:d3:f7:43:bf:fb:a7:50:3b:0b:b5:fa:a4:e1:b6:
3e:43:6a:61:67:5e:5b:7d:e4:6a:2e:49:8d:e0:78:63:13:47:
aa:e5:f5:0c:d1:72:e4:fd:1b:ce:d1:6b:e7:d7:61:cb:98:cc:
25:7d:9d:b5:13:db:ba:74:c1:af:40:70:42:c7:02:96:d0:65:
32:b8:5a:e1:48:71:45:cd:d9:48:d2:21:28:00:c9:32:4c:ba:
ae:f7:7b:84:a2:25:3c:7a:98:73:8f:12:e9:fe:89:db:8c:ff:
5c:0f:20:b1:a4:03:f2:ab:ef:a6:43:61:b1:66:23:6c:37:3a:
7b:dc:64:ae:14:92:29:8d:a1:f7:3f:af:b5:2b:ef:ef:f7:dc:
5f:11:36:13:2f:ec:cf:7e:1a:68:b1:8a:19:71:59:77:88:1d:
d3:38:d4:dc:34:37:2e:60:09:03:10:b4:c6:5d:60:72:e2:53:
f7:bc:89:00:0e:83:e9:cf:18:e8:d6:3a:9b:1e:05:3d:6c:95:
de:82:4d:3a:22:9e:f5:52:7a:d4:47:4c:b6:a2:cb:35:3e:d7:
f2:e5:d3:b5:38:33:5c:49:16:96:c1:39:01:38:fc:00:39:b4:
a0:47:81:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRKZMVhdg9yP4YKGFbVIZF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA5MDkyODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjRlNWE3NmY5MTlmNWI0MjUyNzNlZmYyNjI3ODU5ZWQ0Y2VkZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Fchm2BrDqPMgKLZI1INsjrRLFzp
gvOsDvrrtEoFEpwxLwoaMkCod+f+keaZdRM6gMeiwlgEv5xQICBwySpWkClQp8LH
OyLHMsvrL6NG98/UUMyd4hkiGytRk1UEsFc1pkcTV0FYpBLSvUcsILamq0ZFonl0
xVy+BIn6E7PUsmxMYOtVs21CWePLHFzR5Ts03MzQcjR5SL37gdiAdLTaYj4EfWW3
v0j+nbjvAaM7X2RWLJNg9mxtYjJgiHnp5clzAjLSCe1NzPlUKTVfyS+eVCTvjsvl
ttJRrBDvBc/FmUyiusIM6I9PQ8cEOIx05hSasuqJVNbsQ5e3h/HtfEBIFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJOWnb5GfW0JSc+/yYnhZ7Uzt11MB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEva2s1YWR2a1o5YlFsSno3X0ppZUZudFRPM1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgrnqMA0G
CSqGSIb3DQEBCwUAA4IBAQCRmPCvs/MUvUxOCpmxsOqPYMRtw7hd0/dDv/unUDsL
tfqk4bY+Q2phZ15bfeRqLkmN4HhjE0eq5fUM0XLk/RvO0Wvn12HLmMwlfZ21E9u6
dMGvQHBCxwKW0GUyuFrhSHFFzdlI0iEoAMkyTLqu93uEoiU8ephzjxLp/onbjP9c
DyCxpAPyq++mQ2GxZiNsNzp73GSuFJIpjaH3P6+1K+/v99xfETYTL+zPfhposYoZ
cVl3iB3TONTcNDcuYAkDELTGXWBy4lP3vIkADoPpzxjo1jqbHgU9bJXegk06Ip71
UnrUR0y2oss1Ptfy5dO1ODNcSRaWwTkBOPwAObSgR4Hz
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:08:48 2025 by rpki-client