Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/56f2e9-72aa-4a41-8946-182432a96dbd/1/KSXGFVryamNuJ9tAvX5j45q0288.roa
File: KSXGFVryamNuJ9tAvX5j45q0288.roa (raw, json)
Hash identifier: oHHWqrdumFHTbledjPfN55zOWOewwfVZnbPoUEcTtJo=
Subject key identifier: 29:25:C6:15:5A:F2:6A:63:6E:27:DB:40:BD:7E:63:E3:9A:B4:DB:CF
Certificate issuer: /CN=daac15b782bc32747b538dec2a222416cd684825
Certificate serial: 01941FFA2D2BD4A1C4785FF4E2CA37A50B0A
Authority key identifier: DA:AC:15:B7:82:BC:32:74:7B:53:8D:EC:2A:22:24:16:CD:68:48:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2qwVt4K8MnR7U43sKiIkFs1oSCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/56f2e9-72aa-4a41-8946-182432a96dbd/1/KSXGFVryamNuJ9tAvX5j45q0288.roa
Signing time: Wed 01 Jan 2025 03:47:56 +0000
ROA not before: Wed 01 Jan 2025 03:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216316
IP address blocks: 193.3.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2d:2b:d4:a1:c4:78:5f:f4:e2:ca:37:a5:0b:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daac15b782bc32747b538dec2a222416cd684825
Validity
Not Before: Jan 1 03:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2925c6155af26a636e27db40bd7e63e39ab4dbcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:b7:28:60:cc:4a:62:d9:6d:e2:e8:4d:46:4a:
84:ee:13:3c:b1:40:9f:59:9c:f1:b4:99:f7:88:51:
16:b3:8b:8e:b9:be:c5:04:bf:3c:b9:62:2a:71:18:
b1:be:e1:e5:6e:a1:bb:02:4a:30:b8:fd:0d:9b:2a:
fa:0d:9c:3c:af:59:d3:ce:e5:5b:f4:5d:d9:b4:7a:
f4:7b:d0:c7:9b:4d:19:57:a6:66:ce:27:c6:f6:ce:
61:5e:d5:9a:a7:86:5c:d6:e6:cc:c2:38:67:72:48:
e0:34:5e:a9:9e:0d:7c:ba:f4:3b:6c:ab:74:fe:ed:
db:b9:9d:a9:79:07:4c:59:51:21:dd:7f:a4:3c:c1:
ca:34:21:50:61:bc:a1:a0:5a:e7:4c:3f:bf:29:6f:
02:10:72:49:77:3e:2e:8a:9e:12:b5:95:e1:86:cd:
b8:2f:91:c1:c7:b9:76:82:c7:f0:00:f5:56:95:54:
fc:e7:d0:1d:14:e6:6f:37:63:8e:a3:0b:e8:75:36:
89:da:0c:b1:6a:3b:80:9a:7c:17:7e:09:8e:94:27:
2f:31:25:23:f0:0b:41:54:09:13:7f:21:c8:2d:e0:
5e:33:64:70:fd:ec:70:e3:e8:88:d5:4d:5a:0c:77:
7f:7e:67:94:52:c2:89:cd:8a:2e:41:b2:f1:e7:dc:
36:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:25:C6:15:5A:F2:6A:63:6E:27:DB:40:BD:7E:63:E3:9A:B4:DB:CF
X509v3 Authority Key Identifier:
keyid:DA:AC:15:B7:82:BC:32:74:7B:53:8D:EC:2A:22:24:16:CD:68:48:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qwVt4K8MnR7U43sKiIkFs1oSCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/56f2e9-72aa-4a41-8946-182432a96dbd/1/KSXGFVryamNuJ9tAvX5j45q0288.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/56f2e9-72aa-4a41-8946-182432a96dbd/1/2qwVt4K8MnR7U43sKiIkFs1oSCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.38.0/24
Signature Algorithm: sha256WithRSAEncryption
43:a7:13:61:82:58:3e:f2:a3:f2:02:20:e2:3d:21:31:c8:e1:
dd:b9:91:50:59:96:67:4e:1c:03:c2:7e:72:e4:83:a8:fe:45:
99:0b:ee:23:04:0b:52:e3:77:df:29:59:49:7d:21:3e:57:0f:
1d:19:6b:c5:b2:5b:57:9a:cf:58:31:cd:df:cf:c3:e8:88:de:
d6:7c:f9:0f:81:70:15:78:20:12:98:91:7f:8f:4c:e7:d0:71:
31:4a:04:bc:69:cf:f5:28:0f:14:31:0d:40:5d:6e:a6:b5:65:
17:ce:6b:fc:35:24:a4:e8:bd:25:c5:fb:c0:d8:1c:f8:cf:0d:
68:5b:0d:fa:c3:da:bb:ac:47:15:27:43:0c:35:84:6e:a2:19:
e2:08:fa:29:e8:5b:dd:c5:a2:09:88:34:bc:6c:39:54:82:c4:
00:ac:88:e7:f0:ba:84:4a:0a:7a:1a:c1:d0:b0:8d:b6:f6:13:
df:3e:f8:e7:7b:f5:91:1c:cf:f0:ed:09:b1:fd:73:78:18:7f:
10:5d:43:58:85:a6:e3:b2:65:31:77:67:9e:a4:27:6b:82:68:
67:f0:93:07:2c:d0:8b:86:55:e5:82:40:ca:a4:b5:1d:31:cd:
4b:42:3c:aa:ba:9c:e1:68:01:68:e8:f8:62:a7:31:d5:c7:c6:
ba:2a:fc:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+i0r1KHEeF/04so3pQsKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWMxNWI3ODJiYzMyNzQ3YjUzOGRlYzJhMjIyNDE2Y2Q2
ODQ4MjUwHhcNMjUwMTAxMDM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTI1YzYxNTVhZjI2YTYzNmUyN2RiNDBiZDdlNjNlMzlhYjRkYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA97coYMxKYtlt4uhNRkqE7hM8sUCf
WZzxtJn3iFEWs4uOub7FBL88uWIqcRixvuHlbqG7AkowuP0Nmyr6DZw8r1nTzuVb
9F3ZtHr0e9DHm00ZV6ZmzifG9s5hXtWap4Zc1ubMwjhnckjgNF6png18uvQ7bKt0
/u3buZ2peQdMWVEh3X+kPMHKNCFQYbyhoFrnTD+/KW8CEHJJdz4uip4StZXhhs24
L5HBx7l2gsfwAPVWlVT859AdFOZvN2OOowvodTaJ2gyxajuAmnwXfgmOlCcvMSUj
8AtBVAkTfyHILeBeM2Rw/exw4+iI1U1aDHd/fmeUUsKJzYouQbLx59w27QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCklxhVa8mpjbifbQL1+Y+OatNvPMB8GA1UdIwQY
MBaAFNqsFbeCvDJ0e1ON7CoiJBbNaEglMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnF3VnQ0SzhNblI3VTQzc0tpSWtGczFvU0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81NmYyZTktNzJhYS00YTQxLTg5NDYt
MTgyNDMyYTk2ZGJkLzEvS1NYR0ZWcnlhbU51Sjl0QXZYNWo0NXEwMjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81NmYyZTktNzJhYS00YTQxLTg5NDYtMTgyNDMyYTk2ZGJk
LzEvMnF3VnQ0SzhNblI3VTQzc0tpSWtGczFvU0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQMmMA0G
CSqGSIb3DQEBCwUAA4IBAQBDpxNhglg+8qPyAiDiPSExyOHduZFQWZZnThwDwn5y
5IOo/kWZC+4jBAtS43ffKVlJfSE+Vw8dGWvFsltXms9YMc3fz8PoiN7WfPkPgXAV
eCASmJF/j0zn0HExSgS8ac/1KA8UMQ1AXW6mtWUXzmv8NSSk6L0lxfvA2Bz4zw1o
Ww36w9q7rEcVJ0MMNYRuohniCPop6FvdxaIJiDS8bDlUgsQArIjn8LqESgp6GsHQ
sI229hPfPvjne/WRHM/w7Qmx/XN4GH8QXUNYhabjsmUxd2eepCdrgmhn8JMHLNCL
hlXlgkDKpLUdMc1LQjyqupzhaAFo6PhipzHVx8a6KvwX
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:08:45 2025 by rpki-client