Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/KidN7PJCXFwqwby4fVpHaeAhpFY.roa
File: KidN7PJCXFwqwby4fVpHaeAhpFY.roa (raw, json)
Hash identifier: rFMoYmqrD8lR5TajeeUqUicyuRT28K2jKIN4IFZHnsU=
Subject key identifier: 2A:27:4D:EC:F2:42:5C:5C:2A:C1:BC:B8:7D:5A:47:69:E0:21:A4:56
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 019423D6ECA41B8B6DFA7B8AAB0CB64B03CF
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/KidN7PJCXFwqwby4fVpHaeAhpFY.roa
Signing time: Wed 01 Jan 2025 21:47:55 +0000
ROA not before: Wed 01 Jan 2025 21:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206185
IP address blocks: 194.126.164.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ec:a4:1b:8b:6d:fa:7b:8a:ab:0c:b6:4b:03:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jan 1 21:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a274decf2425c5c2ac1bcb87d5a4769e021a456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6f:b0:70:41:4c:11:11:c3:54:ee:1d:64:11:
3a:66:94:0d:17:7c:15:4a:4c:0d:b8:ab:93:09:06:
d3:1a:8e:1d:53:97:7f:b8:0a:1e:e1:f5:40:af:fe:
af:25:c1:03:83:6b:f3:42:19:9b:92:34:89:86:d9:
dc:f9:56:77:2c:dd:ff:92:8d:96:d1:d4:7d:e4:a9:
b6:a9:82:c0:a5:6a:17:c9:72:8c:27:49:63:46:65:
ff:a1:91:ff:0c:17:1e:50:d1:ae:50:b9:80:5d:8c:
a6:82:b1:58:cc:66:ae:3d:97:19:3c:97:2c:19:8b:
d1:01:92:90:1b:ec:0b:44:a9:a8:53:5c:f8:42:6a:
e8:05:df:b3:5d:e9:6e:fb:fd:9e:50:f7:46:81:14:
fe:9a:a0:37:39:b2:6b:1d:fc:1c:41:27:3a:53:3c:
dd:f6:80:f5:94:38:eb:e4:1d:af:b5:2f:24:c2:d8:
d8:94:49:5c:75:61:9b:68:88:9e:de:7c:0b:2b:60:
a2:de:c1:6c:5c:ce:22:e3:c3:8e:47:5d:b1:33:73:
a9:7a:13:c8:e0:4e:4d:f1:eb:ce:85:31:12:32:9c:
02:8c:c9:a0:40:e6:3c:41:91:7e:7a:60:26:71:3e:
e9:aa:a1:4d:ec:83:8b:40:c8:4e:7e:2a:a1:2d:31:
08:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:27:4D:EC:F2:42:5C:5C:2A:C1:BC:B8:7D:5A:47:69:E0:21:A4:56
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/KidN7PJCXFwqwby4fVpHaeAhpFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.164.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:dd:8d:99:d3:49:7c:5c:76:da:2c:e6:c4:33:1d:4f:c1:b2:
78:9e:ef:b6:70:fa:27:e0:81:bc:d6:f3:42:e7:72:d8:c3:46:
cc:53:d0:1b:21:d3:ff:c0:1f:f7:02:f7:3a:ff:b6:c5:c7:3b:
30:3b:6e:07:38:99:33:e6:c5:b5:e4:32:1f:dc:40:08:ad:87:
1e:ae:6b:7b:c7:c5:2a:6b:6f:43:e5:1a:dc:73:11:b7:32:2b:
02:6a:44:02:2e:20:f1:c7:34:5c:56:18:3d:8e:13:a0:c1:b2:
46:88:59:8e:7f:ee:3f:53:ec:a6:15:ad:e7:24:90:33:e9:ff:
a4:f3:6e:5e:06:e6:e4:ef:75:ad:ad:b3:62:04:cb:f9:32:84:
52:c1:ad:88:75:97:ea:d5:74:38:7a:eb:3c:68:f2:63:63:51:
5c:41:58:55:65:dc:49:46:a3:30:2d:da:8f:6a:65:fe:c9:7a:
97:68:5a:90:bf:d3:70:70:82:af:35:8b:c3:d9:1b:eb:65:83:
e9:df:b4:93:48:e9:c1:a0:10:64:6b:1a:2e:a8:50:e2:c4:61:
5a:51:b5:41:fe:1a:68:a4:d7:70:63:b7:1f:25:d6:ff:a0:e5:
09:85:7b:0d:06:dd:1e:8e:46:13:5f:1a:9d:eb:1d:e8:fe:c5:
67:c2:d8:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1uykG4tt+nuKqwy2SwPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjUwMTAxMjE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTI3NGRlY2YyNDI1YzVjMmFjMWJjYjg3ZDVhNDc2OWUwMjFhNDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1G+wcEFMERHDVO4dZBE6ZpQNF3wV
SkwNuKuTCQbTGo4dU5d/uAoe4fVAr/6vJcEDg2vzQhmbkjSJhtnc+VZ3LN3/ko2W
0dR95Km2qYLApWoXyXKMJ0ljRmX/oZH/DBceUNGuULmAXYymgrFYzGauPZcZPJcs
GYvRAZKQG+wLRKmoU1z4QmroBd+zXelu+/2eUPdGgRT+mqA3ObJrHfwcQSc6Uzzd
9oD1lDjr5B2vtS8kwtjYlElcdWGbaIie3nwLK2Ci3sFsXM4i48OOR12xM3OpehPI
4E5N8evOhTESMpwCjMmgQOY8QZF+emAmcT7pqqFN7IOLQMhOfiqhLTEIZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFConTezyQlxcKsG8uH1aR2ngIaRWMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvS2lkTjdQSkNYRndxd2J5NGZWcEhhZUFocEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwn6kMA0G
CSqGSIb3DQEBCwUAA4IBAQCL3Y2Z00l8XHbaLObEMx1PwbJ4nu+2cPon4IG81vNC
53LYw0bMU9AbIdP/wB/3Avc6/7bFxzswO24HOJkz5sW15DIf3EAIrYcermt7x8Uq
a29D5RrccxG3MisCakQCLiDxxzRcVhg9jhOgwbJGiFmOf+4/U+ymFa3nJJAz6f+k
825eBubk73WtrbNiBMv5MoRSwa2IdZfq1XQ4eus8aPJjY1FcQVhVZdxJRqMwLdqP
amX+yXqXaFqQv9NwcIKvNYvD2RvrZYPp37STSOnBoBBkaxouqFDixGFaUbVB/hpo
pNdwY7cfJdb/oOUJhXsNBt0ejkYTXxqd6x3o/sVnwtjU
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:38 2025 by rpki-client