Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kA1ZT3A1sqzW9D54FZOG-yKElEo.roa
File: kA1ZT3A1sqzW9D54FZOG-yKElEo.roa (raw, json)
Hash identifier: xKLTgER961cgKdJIZNrr/AQ6eG3Y9y5kpBOvaIL1Wgw=
Subject key identifier: 90:0D:59:4F:70:35:B2:AC:D6:F4:3E:78:15:93:86:FB:22:84:94:4A
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427484270B2F32AC7C14BEED0A7B8FDE7
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kA1ZT3A1sqzW9D54FZOG-yKElEo.roa
Signing time: Thu 02 Jan 2025 13:50:34 +0000
ROA not before: Thu 02 Jan 2025 13:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12552
IP address blocks: 192.71.200.0/24 maxlen: 24
193.181.71.0/24 maxlen: 24
193.182.6.0/24 maxlen: 24
193.182.156.0/24 maxlen: 24
193.182.159.0/24 maxlen: 24
194.14.242.0/24 maxlen: 24
194.103.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:42:70:b2:f3:2a:c7:c1:4b:ee:d0:a7:b8:fd:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=900d594f7035b2acd6f43e78159386fb2284944a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:af:3b:c0:3d:19:6e:ef:27:4f:81:c6:cb:a1:
58:bb:88:19:0b:f6:98:07:16:45:38:84:fc:4a:0f:
80:34:38:9d:5b:18:cf:5c:3b:31:7a:8e:36:e4:d3:
f5:09:7c:09:f0:65:f3:94:09:15:ae:8b:69:14:62:
4b:cb:c7:a1:01:55:e6:20:9a:db:40:d5:b9:06:8d:
f8:1f:94:c5:a5:c5:3a:28:df:94:43:a6:4a:b3:cc:
64:f4:3b:fe:87:f3:7b:13:d3:c6:31:8b:20:07:f3:
55:99:12:93:08:e0:a2:a1:12:1d:5f:0a:a9:a3:da:
7b:1e:2d:0e:6a:7f:d3:af:ba:b2:58:dd:ee:f6:d7:
a6:c5:7e:dd:ac:a0:6b:d2:b2:1f:22:7f:25:59:c7:
f4:5b:da:6b:08:71:e3:8e:9b:01:ce:b6:23:c6:93:
1b:29:8d:1a:b8:d3:a4:6f:84:4f:d5:bf:a7:23:8c:
c6:d6:29:f3:59:da:2b:e9:64:10:ec:fd:12:74:27:
eb:bd:af:39:dd:33:47:3f:fe:d8:8a:b9:1f:f4:e6:
0c:ea:30:97:48:02:64:bb:37:7e:f2:63:20:c3:8a:
bb:13:09:44:54:46:84:04:5e:ef:25:d3:fb:b7:83:
a3:e3:8c:7f:5b:ca:4b:a8:9f:42:77:be:14:cd:41:
be:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0D:59:4F:70:35:B2:AC:D6:F4:3E:78:15:93:86:FB:22:84:94:4A
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kA1ZT3A1sqzW9D54FZOG-yKElEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.200.0/24
193.181.71.0/24
193.182.6.0/24
193.182.156.0/24
193.182.159.0/24
194.14.242.0/24
194.103.248.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:c5:90:20:15:6c:d0:d1:04:63:1d:8a:ca:b9:16:a9:7d:54:
4b:93:d1:38:5b:4f:c8:f7:32:53:d3:38:96:09:ab:fb:97:83:
49:4a:fb:70:f3:8b:61:50:e5:77:f9:5a:25:db:ce:0a:08:a7:
43:4a:17:73:d3:fc:9d:15:17:c1:20:b9:c6:a8:40:33:51:91:
6d:81:4a:1d:0c:6f:0f:77:84:93:31:03:dc:20:65:01:7c:e8:
0e:9f:15:4e:b5:e8:e1:ad:93:c6:2f:76:19:7c:f3:58:6d:8e:
af:d9:1f:d5:1e:79:4d:6a:f0:b7:79:3d:18:6e:f3:5f:f4:40:
ca:93:b3:d1:6a:f1:11:96:bf:86:e8:0c:28:f2:6a:8e:f7:c8:
ef:a2:5b:67:32:45:b0:5f:12:61:48:82:58:d8:a8:c2:f2:01:
f3:d9:44:e0:44:07:75:5c:55:63:81:6f:41:dc:7a:13:22:39:
6f:6c:9f:8c:b3:1a:5b:b3:1a:68:b3:97:9b:54:62:cb:af:32:
7e:ef:f4:f4:2c:34:24:f1:a9:08:95:3e:95:76:f1:4b:e5:d3:
b5:2b:c1:ac:72:f0:41:c1:12:ff:5d:3a:00:a7:26:85:2c:77:
6c:1c:33:c6:22:71:c2:66:ba:41:4f:aa:ad:bb:bf:16:ba:77:
e7:e4:b5:52
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQnSEJwsvMqx8FL7tCnuP3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBkNTk0ZjcwMzViMmFjZDZmNDNlNzgxNTkzODZmYjIyODQ5NDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq87wD0Zbu8nT4HGy6FYu4gZC/aY
BxZFOIT8Sg+ANDidWxjPXDsxeo425NP1CXwJ8GXzlAkVrotpFGJLy8ehAVXmIJrb
QNW5Bo34H5TFpcU6KN+UQ6ZKs8xk9Dv+h/N7E9PGMYsgB/NVmRKTCOCioRIdXwqp
o9p7Hi0Oan/Tr7qyWN3u9temxX7drKBr0rIfIn8lWcf0W9prCHHjjpsBzrYjxpMb
KY0auNOkb4RP1b+nI4zG1inzWdor6WQQ7P0SdCfrva853TNHP/7Yirkf9OYM6jCX
SAJkuzd+8mMgw4q7EwlEVEaEBF7vJdP7t4Oj44x/W8pLqJ9Cd74UzUG++wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJANWU9wNbKs1vQ+eBWThvsihJRKMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEva0ExWlQzQTFzcXpXOUQ1NEZaT0cteUtFbEVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwEfIAwQA
wbVHAwQAwbYGAwQAwbacAwQAwbafAwQAwg7yAwQAwmf4MA0GCSqGSIb3DQEBCwUA
A4IBAQBtxZAgFWzQ0QRjHYrKuRapfVRLk9E4W0/I9zJT0ziWCav7l4NJSvtw84th
UOV3+Vol284KCKdDShdz0/ydFRfBILnGqEAzUZFtgUodDG8Pd4STMQPcIGUBfOgO
nxVOtejhrZPGL3YZfPNYbY6v2R/VHnlNavC3eT0YbvNf9EDKk7PRavERlr+G6Awo
8mqO98jvoltnMkWwXxJhSIJY2KjC8gHz2UTgRAd1XFVjgW9B3HoTIjlvbJ+Msxpb
sxpos5ebVGLLrzJ+7/T0LDQk8akIlT6VdvFL5dO1K8GscvBBwRL/XToApyaFLHds
HDPGInHCZrpBT6qtu78Wunfn5LVS
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:42 2025 by rpki-client