Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/f62ad6-6f37-4ca1-86a2-68b336484ae6/1/Ktzijd4gUhD9ihrTuyC_a6GXMR8.roa
File: Ktzijd4gUhD9ihrTuyC_a6GXMR8.roa (raw, json)
Hash identifier: AnvW77VTVpseY6yXZxIoPWjASQ9phIGuVy0zXEp/Gp4=
Subject key identifier: 2A:DC:E2:8D:DE:20:52:10:FD:8A:1A:D3:BB:20:BF:6B:A1:97:31:1F
Certificate issuer: /CN=afe7b73376e4049e071afac52bfdbde1cc7085e7
Certificate serial: 01ED5B4F
Authority key identifier: AF:E7:B7:33:76:E4:04:9E:07:1A:FA:C5:2B:FD:BD:E1:CC:70:85:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-e3M3bkBJ4HGvrFK_294cxwhec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/f62ad6-6f37-4ca1-86a2-68b336484ae6/1/Ktzijd4gUhD9ihrTuyC_a6GXMR8.roa
Signing time: Sat 01 Jan 2022 07:59:10 +0000
ROA not before: Sat 01 Jan 2022 07:59:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57620
IP address blocks: 195.234.130.0/24 maxlen: 24
195.234.140.130/32 maxlen: 32
195.234.140.0/24 maxlen: 24
195.234.143.0/24 maxlen: 24
195.234.52.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32332623 (0x1ed5b4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afe7b73376e4049e071afac52bfdbde1cc7085e7
Validity
Not Before: Jan 1 07:59:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2adce28dde205210fd8a1ad3bb20bf6ba197311f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3e:4d:49:d5:4d:c4:1a:2d:02:88:95:49:2e:
1b:d8:a0:9b:8c:98:29:2a:41:86:2f:17:39:18:de:
c3:11:33:6a:22:0a:f3:bf:d4:b0:da:9f:d6:b6:c5:
5f:53:16:de:13:c8:fa:4c:73:8f:47:2d:c9:bd:28:
47:9a:f3:9d:0b:2c:b3:c5:b6:be:b6:45:2c:9f:ed:
15:00:0d:2f:45:04:99:28:47:a4:0e:48:02:b8:76:
e9:07:e8:82:f5:cf:c9:e7:15:f3:fe:ce:b3:d8:b7:
01:87:de:e8:76:53:c4:0a:51:1c:e4:97:25:0b:6b:
69:f4:a9:f5:1f:5f:13:81:20:20:25:9c:de:75:9a:
91:29:f3:58:64:ef:6d:f2:f3:11:88:f6:b4:fa:96:
b9:31:7f:7a:87:5a:aa:c6:7a:48:78:a1:25:61:c0:
26:dc:77:0d:36:dc:3a:ff:b0:b9:f3:47:1b:cc:8a:
a7:d3:53:76:b6:22:07:2a:a7:0b:1c:25:4a:85:80:
e1:8a:e0:a0:a9:68:65:be:94:e5:54:29:1c:6b:4c:
d7:3a:52:f5:b7:99:6f:68:c0:54:5d:40:60:a7:6a:
ff:01:5f:6f:fb:75:fa:80:69:19:9b:7b:b8:5b:d0:
86:03:ea:57:68:81:9b:bc:ac:8b:cf:89:46:35:b2:
94:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DC:E2:8D:DE:20:52:10:FD:8A:1A:D3:BB:20:BF:6B:A1:97:31:1F
X509v3 Authority Key Identifier:
keyid:AF:E7:B7:33:76:E4:04:9E:07:1A:FA:C5:2B:FD:BD:E1:CC:70:85:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-e3M3bkBJ4HGvrFK_294cxwhec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f62ad6-6f37-4ca1-86a2-68b336484ae6/1/Ktzijd4gUhD9ihrTuyC_a6GXMR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f62ad6-6f37-4ca1-86a2-68b336484ae6/1/r-e3M3bkBJ4HGvrFK_294cxwhec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.52.0/24
195.234.130.0/24
195.234.140.0/24
195.234.143.0/24
Signature Algorithm: sha256WithRSAEncryption
28:19:1c:9d:53:5b:8c:45:4d:be:db:00:58:b7:83:a1:ea:df:
aa:29:2d:d9:5a:be:91:7d:65:d7:f9:e2:07:66:15:d9:53:f8:
cd:62:ca:87:f4:d4:0c:00:41:f6:30:3a:c8:f5:54:92:7d:83:
04:fa:5d:fc:1b:6c:a8:07:b1:28:33:dd:b7:d9:58:2e:bd:44:
bd:e9:14:c2:e9:9b:d4:e0:f4:dd:f8:16:f6:96:3b:26:4d:b9:
81:7a:73:77:bc:58:a7:04:6a:22:7c:46:da:8c:09:66:d3:c9:
10:2d:62:30:8f:aa:b0:47:6c:46:b6:08:f5:9d:bb:ed:0b:c6:
b5:65:15:31:12:8f:de:5d:d2:5a:10:27:73:f9:d4:3a:4e:c3:
40:fa:93:b5:ef:82:b1:87:fd:1c:36:9d:c5:3d:c6:66:b7:65:
47:40:23:01:6e:c4:a0:89:5f:c0:be:86:8b:13:9d:84:bb:36:
a6:94:06:f5:e2:cb:c4:3e:ee:98:4d:a7:0a:d3:09:2f:d6:95:
38:67:66:56:78:8a:ad:a5:55:2f:19:74:60:74:e1:f3:a1:4e:
87:79:1c:55:92:e6:b7:fc:89:97:82:11:1c:bd:d5:85:cb:4e:
12:c2:1a:a2:41:0a:b1:06:c6:98:93:0f:bb:e5:88:c0:8d:30:
60:73:e6:57
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAe1bTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZmU3YjczMzc2ZTQwNDllMDcxYWZhYzUyYmZkYmRlMWNjNzA4NWU3MB4XDTIyMDEw
MTA3NTkxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFkY2UyOGRkZTIw
NTIxMGZkOGExYWQzYmIyMGJmNmJhMTk3MzExZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJQ+TUnVTcQaLQKIlUkuG9igm4yYKSpBhi8XORjewxEzaiIK
87/UsNqf1rbFX1MW3hPI+kxzj0ctyb0oR5rznQsss8W2vrZFLJ/tFQANL0UEmShH
pA5IArh26QfogvXPyecV8/7Os9i3AYfe6HZTxApRHOSXJQtrafSp9R9fE4EgICWc
3nWakSnzWGTvbfLzEYj2tPqWuTF/eodaqsZ6SHihJWHAJtx3DTbcOv+wufNHG8yK
p9NTdrYiByqnCxwlSoWA4YrgoKloZb6U5VQpHGtM1zpS9beZb2jAVF1AYKdq/wFf
b/t1+oBpGZt7uFvQhgPqV2iBm7ysi8+JRjWylN0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQq3OKN3iBSEP2KGtO7IL9roZcxHzAfBgNVHSMEGDAWgBSv57czduQEngca
+sUr/b3hzHCF5zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ItZTNNM2JrQko0SEd2ckZLXzI5NGN4d2hlYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvZjYyYWQ2LTZmMzctNGNhMS04NmEyLTY4YjMzNjQ4NGFlNi8x
L0t0emlqZDRnVWhEOWloclR1eUNfYTZHWE1SOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
ZjYyYWQ2LTZmMzctNGNhMS04NmEyLTY4YjMzNjQ4NGFlNi8xL3ItZTNNM2JrQko0
SEd2ckZLXzI5NGN4d2hlYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMPqNAMEAMPqggMEAMPqjAMEAMPq
jzANBgkqhkiG9w0BAQsFAAOCAQEAKBkcnVNbjEVNvtsAWLeDoerfqikt2Vq+kX1l
1/niB2YV2VP4zWLKh/TUDABB9jA6yPVUkn2DBPpd/BtsqAexKDPdt9lYLr1EvekU
wumb1OD03fgW9pY7Jk25gXpzd7xYpwRqInxG2owJZtPJEC1iMI+qsEdsRrYI9Z27
7QvGtWUVMRKP3l3SWhAnc/nUOk7DQPqTte+CsYf9HDadxT3GZrdlR0AjAW7EoIlf
wL6GixOdhLs2ppQG9eLLxD7umE2nCtMJL9aVOGdmVniKraVVLxl0YHTh86FOh3kc
VZLmt/yJl4IRHL3VhctOEsIaokEKsQbGmJMPu+WIwI0wYHPmVw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:21:07 2025 by rpki-client