Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/knqD2Ha_mIK6TeaUs6rdEtXjm7Y.roa
File: knqD2Ha_mIK6TeaUs6rdEtXjm7Y.roa (raw, json)
Hash identifier: IG4vqFBPbvWgHsxQujBWqMW5v3cVtaifoxJ+vZ5e8BU=
Subject key identifier: 92:7A:83:D8:76:BF:98:82:BA:4D:E6:94:B3:AA:DD:12:D5:E3:9B:B6
Certificate issuer: /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial: 0194266C02E9146DD03A5D8730D9A4641F9A
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/knqD2Ha_mIK6TeaUs6rdEtXjm7Y.roa
Signing time: Thu 02 Jan 2025 09:50:00 +0000
ROA not before: Thu 02 Jan 2025 09:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51430
IP address blocks: 176.67.83.0/24 maxlen: 24
2a05:e9c0:2200::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:02:e9:14:6d:d0:3a:5d:87:30:d9:a4:64:1f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Validity
Not Before: Jan 2 09:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=927a83d876bf9882ba4de694b3aadd12d5e39bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e1:e8:46:aa:4e:ea:22:a6:26:df:0e:a1:b3:
cf:87:1d:22:d8:c2:4f:0d:7b:27:27:65:fb:b4:cc:
c8:5a:ae:02:88:c7:1e:62:50:58:55:9b:fe:8b:1f:
f9:a6:e5:d3:56:38:e5:20:39:4c:41:20:5f:57:64:
d0:22:6c:6e:60:7a:aa:e3:33:2f:e6:67:4e:7e:1f:
c3:fc:fd:77:bb:8e:ca:c9:1d:99:45:f9:ca:5a:6c:
58:c1:e7:61:aa:b7:e0:7b:68:2e:a1:f4:fe:6b:e5:
c6:47:9a:8c:04:7a:ad:58:65:28:aa:a8:d4:59:4f:
f9:fb:91:6d:fe:bf:0b:da:05:30:6b:05:42:3e:fb:
89:52:8e:6c:7f:f6:bd:e5:30:43:0c:ea:97:b3:dc:
39:5a:b6:05:48:57:e7:ec:66:7d:92:88:37:96:3f:
b9:62:0b:e9:ec:c8:6f:f6:ea:b0:82:21:6e:71:ff:
0b:70:23:38:37:8b:21:e5:27:ae:c8:82:88:d8:62:
c9:9c:71:8f:d8:7b:ba:3a:49:47:7a:97:af:f2:71:
1a:16:bd:be:f1:0a:93:ea:42:e6:3d:d0:4c:63:56:
01:c8:47:da:94:ef:15:da:ec:c9:f5:87:fb:c3:74:
76:e9:2a:55:03:bc:2a:43:45:f1:93:65:13:42:4e:
2c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7A:83:D8:76:BF:98:82:BA:4D:E6:94:B3:AA:DD:12:D5:E3:9B:B6
X509v3 Authority Key Identifier:
keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/knqD2Ha_mIK6TeaUs6rdEtXjm7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.83.0/24
IPv6:
2a05:e9c0:2200::/40
Signature Algorithm: sha256WithRSAEncryption
66:a0:1a:1b:0b:0f:d5:7e:79:13:98:28:47:df:d6:54:a0:a8:
c1:f7:e5:f5:63:93:80:6c:a5:24:2b:85:13:1a:48:13:b1:ac:
68:c5:c9:5f:58:e9:76:1a:37:85:31:ae:df:fe:33:0d:50:bb:
bc:29:a5:83:0d:fb:bb:8b:b8:86:89:df:ea:47:9c:4e:1d:bf:
8f:52:b4:6e:96:dd:73:6a:93:e2:ec:0f:73:87:1d:5b:fd:c3:
46:5f:da:d7:18:5b:45:df:44:1a:1f:9b:cc:8a:8f:e8:39:2d:
98:c2:9a:32:e7:50:eb:30:dd:42:2f:8b:4e:29:66:f6:50:f7:
fc:f1:5b:ec:31:ac:dd:f8:8c:fe:0d:43:0d:0b:8f:12:f4:92:
71:88:07:d6:a8:8b:ee:7a:44:a8:f4:f2:a0:e5:c0:b0:70:e1:
84:cb:01:c2:43:7f:fd:d8:af:05:ae:3c:8f:df:74:86:e9:96:
59:8f:bd:b4:be:e3:20:f3:ba:48:a1:5b:92:fd:04:37:15:7d:
31:dd:be:4a:e3:7a:a6:c2:3e:1a:9a:16:da:39:4a:ce:a4:4a:
10:3f:63:2d:91:29:c6:27:30:6b:96:70:09:d4:b3:74:c6:09:
a1:11:61:7c:33:2d:32:20:dd:86:67:e9:9e:a5:5b:82:08:69:
88:b4:e0:48
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQmbALpFG3QOl2HMNmkZB+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjUwMTAyMDk1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjdhODNkODc2YmY5ODgyYmE0ZGU2OTRiM2FhZGQxMmQ1ZTM5YmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveHoRqpO6iKmJt8OobPPhx0i2MJP
DXsnJ2X7tMzIWq4CiMceYlBYVZv+ix/5puXTVjjlIDlMQSBfV2TQImxuYHqq4zMv
5mdOfh/D/P13u47KyR2ZRfnKWmxYwedhqrfge2guofT+a+XGR5qMBHqtWGUoqqjU
WU/5+5Ft/r8L2gUwawVCPvuJUo5sf/a95TBDDOqXs9w5WrYFSFfn7GZ9kog3lj+5
Ygvp7Mhv9uqwgiFucf8LcCM4N4sh5SeuyIKI2GLJnHGP2Hu6OklHepev8nEaFr2+
8QqT6kLmPdBMY1YByEfalO8V2uzJ9Yf7w3R26SpVA7wqQ0Xxk2UTQk4s/wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJJ6g9h2v5iCuk3mlLOq3RLV45u2MB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEva25xRDJIYV9tSUs2VGVhVXM2cmRFdFhqbTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAsENTMA4E
AgACMAgDBgAqBenAIjANBgkqhkiG9w0BAQsFAAOCAQEAZqAaGwsP1X55E5goR9/W
VKCowffl9WOTgGylJCuFExpIE7GsaMXJX1jpdho3hTGu3/4zDVC7vCmlgw37u4u4
honf6kecTh2/j1K0bpbdc2qT4uwPc4cdW/3DRl/a1xhbRd9EGh+bzIqP6DktmMKa
MudQ6zDdQi+LTilm9lD3/PFb7DGs3fiM/g1DDQuPEvSScYgH1qiL7npEqPTyoOXA
sHDhhMsBwkN//divBa48j990humWWY+9tL7jIPO6SKFbkv0ENxV9Md2+SuN6psI+
GpoW2jlKzqRKED9jLZEpxicwa5ZwCdSzdMYJoRFhfDMtMiDdhmfpnqVbgghpiLTg
SA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:37 2025 by rpki-client