Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/K6kdDHVXBtEX6Y5yk6AzfvDAYZs.roa
File: K6kdDHVXBtEX6Y5yk6AzfvDAYZs.roa (raw, json)
Hash identifier: yMvGXrOJ8jKu649BZz8BjRbOK0tvmiA9YPgOAftQlRo=
Subject key identifier: 2B:A9:1D:0C:75:57:06:D1:17:E9:8E:72:93:A0:33:7E:F0:C0:61:9B
Certificate issuer: /CN=cd626bbb7b69eec9f6790b03705545b892fa2e8a
Certificate serial: 0194266C2EBDC8D6E4E41EE61775EE9FD44B
Authority key identifier: CD:62:6B:BB:7B:69:EE:C9:F6:79:0B:03:70:55:45:B8:92:FA:2E:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/K6kdDHVXBtEX6Y5yk6AzfvDAYZs.roa
Signing time: Thu 02 Jan 2025 09:50:11 +0000
ROA not before: Thu 02 Jan 2025 09:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30848
IP address blocks: 217.196.142.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:2e:bd:c8:d6:e4:e4:1e:e6:17:75:ee:9f:d4:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd626bbb7b69eec9f6790b03705545b892fa2e8a
Validity
Not Before: Jan 2 09:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ba91d0c755706d117e98e7293a0337ef0c0619b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f5:6b:15:5c:67:70:2c:cc:a2:75:a2:a8:7e:
b7:85:56:32:29:0b:f2:27:53:40:db:e1:e4:cf:aa:
d4:66:ad:dd:b1:cb:37:14:be:01:7c:9c:1c:b9:15:
42:3a:b1:a7:e2:4b:b5:d0:7b:b3:06:16:60:fe:a4:
bd:ff:c0:6e:f4:3d:ab:b3:18:f8:66:e6:db:9c:9f:
c1:91:fd:92:89:04:48:5f:47:8b:e9:94:06:cb:9e:
c8:2f:20:11:19:6b:c9:6a:63:a2:3a:1f:e6:01:7f:
9a:a9:ee:68:fb:9d:32:a5:66:25:91:ab:34:e3:3d:
75:c2:ca:02:ac:23:5b:c6:c1:d5:79:c4:a2:3a:6e:
dd:da:a9:3a:84:89:13:8f:29:a5:82:19:a5:55:77:
15:ce:a2:ef:a9:84:2e:17:2a:fb:71:6a:2e:5b:d8:
2e:01:75:02:75:01:ad:05:31:40:e2:88:82:cc:18:
34:a3:b4:c8:2b:e0:46:8f:e8:80:02:74:69:a7:a7:
2a:ab:db:14:67:e1:ac:42:c1:cf:0c:de:58:9a:31:
87:57:ff:aa:75:ac:5b:dd:dc:8b:0b:66:cf:f2:1d:
f4:c7:f3:54:c1:0d:c8:a3:51:37:33:3e:5f:cb:e9:
83:14:0c:d4:e4:31:97:35:0c:4c:62:6e:9f:3f:6d:
c7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:A9:1D:0C:75:57:06:D1:17:E9:8E:72:93:A0:33:7E:F0:C0:61:9B
X509v3 Authority Key Identifier:
keyid:CD:62:6B:BB:7B:69:EE:C9:F6:79:0B:03:70:55:45:B8:92:FA:2E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/K6kdDHVXBtEX6Y5yk6AzfvDAYZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/zWJru3tp7sn2eQsDcFVFuJL6Loo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.142.0/23
Signature Algorithm: sha256WithRSAEncryption
15:61:06:9d:26:b0:a0:f6:bc:cb:6e:67:28:d7:12:ad:3f:c9:
ea:95:d4:c4:56:0f:14:da:b3:ef:5e:13:73:6e:15:77:bb:73:
2e:e5:26:38:c0:69:f9:bc:6a:ae:fa:56:0c:cf:48:d3:1d:ed:
07:19:ed:1f:fd:83:c8:c2:f6:f6:9b:2c:e5:b6:43:23:a8:cd:
c4:e7:39:08:38:bf:47:55:65:44:3c:3e:77:b2:cd:46:25:03:
1a:9c:cb:14:ab:45:1f:2a:0a:a5:16:d0:a0:cd:58:de:5a:bc:
fc:76:fd:42:89:1c:78:c8:78:98:83:f3:d9:c2:6e:84:1e:5c:
49:37:a9:31:8a:5f:66:a1:3d:26:69:e4:1e:79:86:95:83:d2:
89:ef:cf:d8:5a:57:76:51:1f:4f:7d:04:40:f4:f3:d9:93:17:
fd:11:85:c6:6c:af:9b:48:95:58:a4:02:48:8a:11:25:19:45:
72:1c:ed:91:62:48:d3:7c:4f:05:26:c8:d1:5e:f9:2d:25:5f:
24:28:5f:93:69:db:ac:21:e4:6b:ad:ba:be:f1:62:63:b9:4d:
95:90:7a:0f:cd:96:d0:79:8d:40:11:e2:be:4f:d7:07:10:3c:
ef:95:5b:65:1b:9e:23:3b:a8:f7:f8:7d:41:16:b0:f8:91:25:
b7:d1:ae:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbC69yNbk5B7mF3Xun9RLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjI2YmJiN2I2OWVlYzlmNjc5MGIwMzcwNTU0NWI4OTJm
YTJlOGEwHhcNMjUwMTAyMDk1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmE5MWQwYzc1NTcwNmQxMTdlOThlNzI5M2EwMzM3ZWYwYzA2MTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvVrFVxncCzMonWiqH63hVYyKQvy
J1NA2+Hkz6rUZq3dscs3FL4BfJwcuRVCOrGn4ku10HuzBhZg/qS9/8Bu9D2rsxj4
ZubbnJ/Bkf2SiQRIX0eL6ZQGy57ILyARGWvJamOiOh/mAX+aqe5o+50ypWYlkas0
4z11wsoCrCNbxsHVecSiOm7d2qk6hIkTjymlghmlVXcVzqLvqYQuFyr7cWouW9gu
AXUCdQGtBTFA4oiCzBg0o7TIK+BGj+iAAnRpp6cqq9sUZ+GsQsHPDN5YmjGHV/+q
daxb3dyLC2bP8h30x/NUwQ3Io1E3Mz5fy+mDFAzU5DGXNQxMYm6fP23HiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCupHQx1VwbRF+mOcpOgM37wwGGbMB8GA1UdIwQY
MBaAFM1ia7t7ae7J9nkLA3BVRbiS+i6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldKcnUzdHA3c24yZVFzRGNGVkZ1Skw2TG9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yYjM3ZGYtOGZmZS00MWU1LWFjMDct
YzBmODlhZDM2YmNhLzEvSzZrZERIVlhCdEVYNlk1eWs2QXpmdkRBWVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yYjM3ZGYtOGZmZS00MWU1LWFjMDctYzBmODlhZDM2YmNh
LzEveldKcnUzdHA3c24yZVFzRGNGVkZ1Skw2TG9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2cSOMA0G
CSqGSIb3DQEBCwUAA4IBAQAVYQadJrCg9rzLbmco1xKtP8nqldTEVg8U2rPvXhNz
bhV3u3Mu5SY4wGn5vGqu+lYMz0jTHe0HGe0f/YPIwvb2myzltkMjqM3E5zkIOL9H
VWVEPD53ss1GJQManMsUq0UfKgqlFtCgzVjeWrz8dv1CiRx4yHiYg/PZwm6EHlxJ
N6kxil9moT0maeQeeYaVg9KJ78/YWld2UR9PfQRA9PPZkxf9EYXGbK+bSJVYpAJI
ihElGUVyHO2RYkjTfE8FJsjRXvktJV8kKF+TadusIeRrrbq+8WJjuU2VkHoPzZbQ
eY1AEeK+T9cHEDzvlVtlG54jO6j3+H1BFrD4kSW30a5w
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:13:26 2025 by rpki-client