Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/KnUOYk5bdwDOyPRpWUFQ6FTo7gs.roa
File: KnUOYk5bdwDOyPRpWUFQ6FTo7gs.roa (raw, json)
Hash identifier: oV64n7K/Nu3TxpzkL+waUqCMMUTsVFeqTi3s1yY0Zn0=
Subject key identifier: 2A:75:0E:62:4E:5B:77:00:CE:C8:F4:69:59:41:50:E8:54:E8:EE:0B
Certificate issuer: /CN=68a7c2c84ffa4934cf0f73ef1a1a1a3378731826
Certificate serial: 0194266C3E2633AC612FA525E0EF41262D0B
Authority key identifier: 68:A7:C2:C8:4F:FA:49:34:CF:0F:73:EF:1A:1A:1A:33:78:73:18:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKfCyE_6STTPD3PvGhoaM3hzGCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/KnUOYk5bdwDOyPRpWUFQ6FTo7gs.roa
Signing time: Thu 02 Jan 2025 09:50:15 +0000
ROA not before: Thu 02 Jan 2025 09:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 194.169.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3e:26:33:ac:61:2f:a5:25:e0:ef:41:26:2d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a7c2c84ffa4934cf0f73ef1a1a1a3378731826
Validity
Not Before: Jan 2 09:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a750e624e5b7700cec8f469594150e854e8ee0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:97:ba:cb:9e:4d:76:bb:5e:14:89:f2:1b:90:
f5:23:f9:47:42:ac:f7:f0:cd:02:a0:5d:de:01:11:
ef:c8:40:6a:a7:16:74:95:4a:00:5f:fe:83:87:c8:
01:64:2a:e6:ba:e2:33:6a:52:79:21:69:ce:e0:cc:
99:66:e4:3b:77:09:1d:2c:2d:95:5d:db:f4:37:75:
0c:26:2d:ae:a7:4f:8f:48:82:14:3d:2c:4f:93:d5:
d1:cb:e4:dd:49:c6:74:b3:f5:52:23:81:22:66:cf:
15:33:27:0f:d8:c1:62:22:4f:ec:0b:48:a5:2e:43:
dd:ad:f6:71:c6:cc:bf:68:73:77:19:d6:56:ce:c9:
9a:0f:fb:14:f8:84:55:2c:09:3d:33:7c:c4:29:4f:
14:ed:f2:4e:29:06:99:21:04:c2:8b:8f:f7:f7:6b:
c2:9a:ec:3e:ff:1b:a4:66:67:5b:b5:4a:b4:6b:75:
ae:00:dc:bf:3d:a7:2a:8c:44:fb:0d:df:b2:04:f3:
88:6c:49:fe:06:13:3f:45:f9:0e:09:91:c1:e5:b0:
43:a3:63:5c:cb:bb:91:d6:dc:72:41:11:03:43:b0:
27:53:bb:cf:5e:b0:a1:99:59:c2:01:12:4d:ef:b4:
63:ec:53:43:d8:ba:f6:a0:40:e1:68:85:c6:15:5f:
d9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:75:0E:62:4E:5B:77:00:CE:C8:F4:69:59:41:50:E8:54:E8:EE:0B
X509v3 Authority Key Identifier:
keyid:68:A7:C2:C8:4F:FA:49:34:CF:0F:73:EF:1A:1A:1A:33:78:73:18:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKfCyE_6STTPD3PvGhoaM3hzGCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/KnUOYk5bdwDOyPRpWUFQ6FTo7gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.219.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:bc:9e:7b:98:c5:13:5f:21:b1:db:04:d6:53:41:69:99:de:
b6:36:68:ef:96:47:35:47:8e:3f:82:ec:0c:9d:9a:14:aa:36:
7d:73:74:e8:60:8b:ed:b3:d1:ce:d5:c4:86:36:f0:2b:20:3d:
12:17:e0:0f:b5:bd:ae:4f:c7:e5:c8:5c:7a:b4:32:a8:e2:6b:
bd:72:36:af:6f:08:90:ec:bf:4d:e4:46:fc:3f:c9:95:eb:4b:
52:88:da:a8:8a:ce:09:dc:2e:54:3c:1b:bf:f8:01:3d:aa:ac:
80:d4:ae:e3:4a:a3:e7:65:bd:26:8e:78:ad:58:22:61:c8:d2:
35:f5:c0:1b:55:7f:b0:ee:85:9c:35:96:d8:a3:8b:d3:36:48:
3b:ec:5d:15:47:d4:16:eb:f9:cf:89:cd:bb:e9:46:8f:07:2d:
58:35:4b:ab:2b:2a:8d:2e:35:1a:17:08:e6:69:5d:5f:78:2b:
a9:b6:87:42:db:98:d1:92:b4:28:8b:e2:8f:87:30:24:37:91:
d1:89:74:ae:42:b3:0e:21:9b:6f:22:d4:d9:a8:e5:bb:e4:2f:
6b:02:e5:c3:76:29:7e:f3:ec:88:81:59:69:72:96:1b:36:38:
49:1c:21:ec:aa:fa:13:a3:e8:ab:85:58:0c:43:dd:66:6f:e8:
d7:04:59:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbD4mM6xhL6Ul4O9BJi0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTdjMmM4NGZmYTQ5MzRjZjBmNzNlZjFhMWExYTMzNzg3
MzE4MjYwHhcNMjUwMTAyMDk1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTc1MGU2MjRlNWI3NzAwY2VjOGY0Njk1OTQxNTBlODU0ZThlZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZe6y55NdrteFInyG5D1I/lHQqz3
8M0CoF3eARHvyEBqpxZ0lUoAX/6Dh8gBZCrmuuIzalJ5IWnO4MyZZuQ7dwkdLC2V
Xdv0N3UMJi2up0+PSIIUPSxPk9XRy+TdScZ0s/VSI4EiZs8VMycP2MFiIk/sC0il
LkPdrfZxxsy/aHN3GdZWzsmaD/sU+IRVLAk9M3zEKU8U7fJOKQaZIQTCi4/392vC
muw+/xukZmdbtUq0a3WuANy/PacqjET7Dd+yBPOIbEn+BhM/RfkOCZHB5bBDo2Nc
y7uR1txyQREDQ7AnU7vPXrChmVnCARJN77Rj7FND2Lr2oEDhaIXGFV/ZxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCp1DmJOW3cAzsj0aVlBUOhU6O4LMB8GA1UdIwQY
MBaAFGinwshP+kk0zw9z7xoaGjN4cxgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtmQ3lFXzZTVFRQRDNQdkdob2FNM2h6R0NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mZTQ1NWQtZjZjZS00MzZjLTgzMjct
ZGI2ZGRiNGE0NGU1LzEvS25VT1lrNWJkd0RPeVBScFdVRlE2RlRvN2dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mZTQ1NWQtZjZjZS00MzZjLTgzMjctZGI2ZGRiNGE0NGU1
LzEvYUtmQ3lFXzZTVFRQRDNQdkdob2FNM2h6R0NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqnbMA0G
CSqGSIb3DQEBCwUAA4IBAQA8vJ57mMUTXyGx2wTWU0Fpmd62Nmjvlkc1R44/guwM
nZoUqjZ9c3ToYIvts9HO1cSGNvArID0SF+APtb2uT8flyFx6tDKo4mu9cjavbwiQ
7L9N5Eb8P8mV60tSiNqois4J3C5UPBu/+AE9qqyA1K7jSqPnZb0mjnitWCJhyNI1
9cAbVX+w7oWcNZbYo4vTNkg77F0VR9QW6/nPic276UaPBy1YNUurKyqNLjUaFwjm
aV1feCuptodC25jRkrQoi+KPhzAkN5HRiXSuQrMOIZtvItTZqOW75C9rAuXDdil+
8+yIgVlpcpYbNjhJHCHsqvoTo+irhVgMQ91mb+jXBFkQ
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:03:32 2025 by rpki-client