Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/KzjctOa14cx15kop0FBq-VbqiyY.roa
File: KzjctOa14cx15kop0FBq-VbqiyY.roa (raw, json)
Hash identifier: i3V6QGjGukXCS3OgmHXN1YZgtf6ClyPIX5J1fwFjurQ=
Subject key identifier: 2B:38:DC:B4:E6:B5:E1:CC:75:E6:4A:29:D0:50:6A:F9:56:EA:8B:26
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019422201B7F054423E9CA110B519EA76D3E
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/KzjctOa14cx15kop0FBq-VbqiyY.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210542
IP address blocks: 14.102.226.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1b:7f:05:44:23:e9:ca:11:0b:51:9e:a7:6d:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b38dcb4e6b5e1cc75e64a29d0506af956ea8b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4b:bc:1c:53:78:1d:cf:84:07:67:73:f0:a3:
c6:37:f0:e0:12:e3:37:fe:82:64:e1:19:f7:c9:14:
56:bc:8d:d1:58:26:05:23:b9:d7:41:51:7e:ff:fe:
e2:2d:08:57:52:fb:f4:29:74:32:95:93:df:33:87:
ea:f0:b2:3d:d7:bd:bc:23:67:6d:c6:5d:60:24:7c:
fa:e1:51:8b:99:4e:5e:b8:89:d7:a8:c8:2d:ca:c1:
f8:ca:1c:ea:07:bd:ef:bb:c3:fc:73:01:be:33:3b:
a5:76:38:c9:0e:6a:29:c6:22:d4:31:25:31:9b:e9:
2f:8f:b9:19:2e:5b:5a:c0:2f:40:ee:c8:76:52:8e:
3c:21:8f:9b:6d:37:66:87:be:a2:26:be:3c:d9:46:
3f:a0:e6:5a:01:75:bd:f0:91:4f:85:18:a7:a0:e8:
53:59:60:60:11:b2:c0:ca:22:e2:f1:00:12:53:06:
3b:b2:83:93:16:8e:e7:8a:07:9e:2b:ed:9f:cf:85:
18:c4:f3:be:9a:46:4c:30:f8:31:ce:a9:7f:d4:b4:
29:db:81:63:2a:39:9a:8e:25:6c:c5:5b:6f:37:f7:
6e:ee:b0:7e:b6:b2:5e:24:c2:34:ed:99:e0:d2:0e:
82:8f:df:fa:fc:b4:2c:74:b2:08:0e:61:d9:a3:49:
45:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:38:DC:B4:E6:B5:E1:CC:75:E6:4A:29:D0:50:6A:F9:56:EA:8B:26
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/KzjctOa14cx15kop0FBq-VbqiyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
Signature Algorithm: sha256WithRSAEncryption
cd:33:37:1b:04:24:4d:92:cb:2e:71:8a:37:26:e4:86:df:3e:
a0:2a:c0:f8:9c:96:c1:1f:f8:cb:31:6a:77:83:6a:11:6e:0a:
bb:63:37:27:fa:82:70:95:cf:06:98:5a:03:72:1f:cb:bf:47:
12:17:a5:c6:36:75:e9:4d:a7:c6:d0:0a:dd:61:d6:16:35:56:
e7:b7:33:41:58:a5:4e:09:3e:ca:7e:5c:16:7b:f5:0f:ec:70:
0e:4e:77:ff:66:d7:36:a9:ef:db:57:41:9b:3f:3d:ed:dd:da:
39:77:e9:af:6f:c7:03:4a:a1:d1:7b:69:53:57:c0:ef:db:a5:
bd:ab:a0:33:62:a1:47:f0:35:49:8b:7e:53:b9:d8:a6:18:a3:
d3:1f:36:b0:d9:62:78:b4:ed:3f:08:2f:8a:50:11:4a:4e:30:
6d:b4:d1:bf:6d:d4:ce:fe:d7:bd:50:62:c3:c7:7b:a6:f8:d4:
14:9f:fa:23:3e:ff:32:42:df:11:ed:15:4e:95:b1:02:26:ad:
60:07:bb:44:d2:99:ef:00:0b:6f:1c:53:c7:a3:e2:45:23:18:
e6:1f:09:9f:7a:71:eb:fb:fb:67:02:05:e5:03:d3:c6:b3:62:
b9:f5:25:c9:d8:36:1b:5a:ea:b2:de:ea:ce:3a:bf:b4:39:a4:
2a:59:9f:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBt/BUQj6coRC1Gep20+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjM4ZGNiNGU2YjVlMWNjNzVlNjRhMjlkMDUwNmFmOTU2ZWE4YjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUu8HFN4Hc+EB2dz8KPGN/DgEuM3
/oJk4Rn3yRRWvI3RWCYFI7nXQVF+//7iLQhXUvv0KXQylZPfM4fq8LI91728I2dt
xl1gJHz64VGLmU5euInXqMgtysH4yhzqB73vu8P8cwG+MzuldjjJDmopxiLUMSUx
m+kvj7kZLltawC9A7sh2Uo48IY+bbTdmh76iJr482UY/oOZaAXW98JFPhRinoOhT
WWBgEbLAyiLi8QASUwY7soOTFo7nigeeK+2fz4UYxPO+mkZMMPgxzql/1LQp24Fj
KjmajiVsxVtvN/du7rB+trJeJMI07Zng0g6Cj9/6/LQsdLIIDmHZo0lFqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCs43LTmteHMdeZKKdBQavlW6osmMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvS3pqY3RPYTE0Y3gxNWtvcDBGQnEtVmJxaXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBDmbiMA0G
CSqGSIb3DQEBCwUAA4IBAQDNMzcbBCRNkssucYo3JuSG3z6gKsD4nJbBH/jLMWp3
g2oRbgq7Yzcn+oJwlc8GmFoDch/Lv0cSF6XGNnXpTafG0ArdYdYWNVbntzNBWKVO
CT7KflwWe/UP7HAOTnf/Ztc2qe/bV0GbPz3t3do5d+mvb8cDSqHRe2lTV8Dv26W9
q6AzYqFH8DVJi35TudimGKPTHzaw2WJ4tO0/CC+KUBFKTjBttNG/bdTO/te9UGLD
x3um+NQUn/ojPv8yQt8R7RVOlbECJq1gB7tE0pnvAAtvHFPHo+JFIxjmHwmfenHr
+/tnAgXlA9PGs2K59SXJ2DYbWuqy3urOOr+0OaQqWZ+9
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:18 2025 by rpki-client