Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Kdfw-nZdLiZqyNlSl07Ct2ghnUg.roa
File: Kdfw-nZdLiZqyNlSl07Ct2ghnUg.roa (raw, json)
Hash identifier: CZ+tuiRFR+pIMj0PzG8I9vK0g0dSrB9Lv8ZmdDKj6eI=
Subject key identifier: 29:D7:F0:FA:76:5D:2E:26:6A:C8:D9:52:97:4E:C2:B7:68:21:9D:48
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019368AEE443ACDF6A4745FA2DDFEABE83DA
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Kdfw-nZdLiZqyNlSl07Ct2ghnUg.roa
Signing time: Tue 26 Nov 2024 13:35:12 +0000
ROA not before: Tue 26 Nov 2024 13:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36620
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:ae:e4:43:ac:df:6a:47:45:fa:2d:df:ea:be:83:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Nov 26 13:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29d7f0fa765d2e266ac8d952974ec2b768219d48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8e:4a:8b:43:1c:c0:99:76:e0:fe:a7:c2:be:
c9:3b:7f:62:30:9d:a3:8b:7c:8f:76:33:d9:06:5f:
cd:bb:e5:48:a7:7c:62:6d:c8:d8:90:4b:ce:8b:90:
41:50:22:18:db:d3:f9:8d:0c:dc:55:30:ce:dd:c0:
ef:a2:1f:87:31:09:e4:52:f3:c1:1d:3b:97:93:b6:
8e:4b:7e:2f:58:aa:8e:27:c3:4f:7c:6d:6e:0a:59:
bb:e3:b3:fc:a4:41:9f:eb:77:ab:e0:b3:ba:db:25:
7f:36:9c:fb:ac:2a:da:e1:38:05:b5:66:ca:80:66:
e5:97:3c:e0:4e:e7:ac:5d:62:db:94:61:35:ba:dd:
9c:ef:24:e2:26:87:68:89:b0:38:18:e6:d9:32:46:
0e:90:ce:55:09:46:53:17:39:b1:7d:65:fe:58:36:
c4:42:68:c2:9b:67:9e:0a:ca:05:e3:17:e5:31:db:
a0:c2:7e:7e:cc:e5:0f:3f:0e:2b:9a:52:36:25:58:
ec:fd:07:73:06:19:56:c0:d6:db:82:b1:b3:57:80:
1f:7d:16:1d:ca:3b:37:60:d9:95:fc:4e:78:a9:f6:
5c:c9:2f:07:1a:0e:42:12:b6:96:67:40:60:17:1c:
5d:b7:b0:6f:95:25:94:e6:1d:b7:ad:2b:41:0c:08:
66:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D7:F0:FA:76:5D:2E:26:6A:C8:D9:52:97:4E:C2:B7:68:21:9D:48
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Kdfw-nZdLiZqyNlSl07Ct2ghnUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
0a:80:ed:59:8e:00:6f:83:91:9a:66:d2:1e:48:e2:26:96:03:
8d:f6:96:9e:24:6f:c3:c4:b2:2f:ab:f0:4f:55:44:50:7e:87:
9e:bc:f1:16:b6:17:f4:0e:37:0f:1d:d2:dc:d6:18:a0:0d:be:
cf:10:a4:1a:65:80:c6:29:43:ab:a4:57:c2:56:b9:82:a4:67:
db:b5:5c:e5:5b:91:17:dc:19:84:ae:da:6a:b2:fd:33:8b:c1:
fd:b2:81:39:f3:1d:0c:a3:51:e8:13:be:ec:d5:37:d7:ed:b8:
10:5e:96:14:bb:c2:3d:57:03:0e:5f:4d:bc:d5:bd:03:ff:4b:
57:cd:35:36:1e:d3:22:1b:d2:72:05:f3:68:a0:0a:05:fd:01:
54:31:1b:38:df:52:cd:8b:79:a7:1c:62:41:26:1d:8e:8a:40:
f4:4c:0f:1b:84:2d:cf:88:da:22:0d:89:51:eb:58:64:c1:a9:
77:07:e4:a1:cc:0b:4e:4f:b3:85:87:c5:fd:81:bf:17:9b:cf:
45:e5:c4:42:4e:9c:60:28:d9:b6:61:8f:17:9c:63:19:64:18:
66:9f:d2:9c:8b:d8:24:81:86:84:33:04:2d:80:0b:8a:8e:04:
90:ae:c8:ee:57:e6:e4:20:ce:46:c7:4c:bb:7f:50:bf:e6:82:
23:11:30:54
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNoruRDrN9qR0X6Ld/qvoPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ3ZjBmYTc2NWQyZTI2NmFjOGQ5NTI5NzRlYzJiNzY4MjE5ZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI5Ki0McwJl24P6nwr7JO39iMJ2j
i3yPdjPZBl/Nu+VIp3xibcjYkEvOi5BBUCIY29P5jQzcVTDO3cDvoh+HMQnkUvPB
HTuXk7aOS34vWKqOJ8NPfG1uClm747P8pEGf63er4LO62yV/Npz7rCra4TgFtWbK
gGbllzzgTuesXWLblGE1ut2c7yTiJodoibA4GObZMkYOkM5VCUZTFzmxfWX+WDbE
QmjCm2eeCsoF4xflMdugwn5+zOUPPw4rmlI2JVjs/QdzBhlWwNbbgrGzV4AffRYd
yjs3YNmV/E54qfZcyS8HGg5CEraWZ0BgFxxdt7BvlSWU5h23rStBDAhmpQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCnX8Pp2XS4masjZUpdOwrdoIZ1IMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvS2Rmdy1uWmRMaVpxeU5sU2wwN0N0MmdoblVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAAqA7VmOAG+DkZpm0h5I4iaWA432lp4k
b8PEsi+r8E9VRFB+h5688Ra2F/QONw8d0tzWGKANvs8QpBplgMYpQ6ukV8JWuYKk
Z9u1XOVbkRfcGYSu2mqy/TOLwf2ygTnzHQyjUegTvuzVN9ftuBBelhS7wj1XAw5f
TbzVvQP/S1fNNTYe0yIb0nIF82igCgX9AVQxGzjfUs2LeaccYkEmHY6KQPRMDxuE
Lc+I2iINiVHrWGTBqXcH5KHMC05Ps4WHxf2Bvxebz0XlxEJOnGAo2bZhjxecYxlk
GGaf0pyL2CSBhoQzBC2AC4qOBJCuyO5X5uQgzkbHTLt/UL/mgiMRMFQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:42 2025 by rpki-client