Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/K_0VKEBHZ8AzTGdtRKig6YmReAg.roa
File: K_0VKEBHZ8AzTGdtRKig6YmReAg.roa (raw, json)
Hash identifier: V6KL9KuDWKfGzsEoPpZURMCt8ttu62n0nd3Y+gExuwA=
Subject key identifier: 2B:FD:15:28:40:47:67:C0:33:4C:67:6D:44:A8:A0:E9:89:91:78:08
Certificate issuer: /CN=921c4fda367c5383b15c2a7143ad4b10c955cea0
Certificate serial: 019422203082884E8361CA96017CAF0830E9
Authority key identifier: 92:1C:4F:DA:36:7C:53:83:B1:5C:2A:71:43:AD:4B:10:C9:55:CE:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khxP2jZ8U4OxXCpxQ61LEMlVzqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/K_0VKEBHZ8AzTGdtRKig6YmReAg.roa
Signing time: Wed 01 Jan 2025 13:48:42 +0000
ROA not before: Wed 01 Jan 2025 13:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202680
IP address blocks: 185.152.104.0/22 maxlen: 22
2a07:8180::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:30:82:88:4e:83:61:ca:96:01:7c:af:08:30:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921c4fda367c5383b15c2a7143ad4b10c955cea0
Validity
Not Before: Jan 1 13:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bfd1528404767c0334c676d44a8a0e989917808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e3:66:28:ac:16:d8:7c:ef:96:3d:88:71:17:
48:ba:e5:cc:7a:be:8c:3c:c9:ae:88:14:60:b2:eb:
cb:66:32:3b:98:a1:4a:b0:b6:80:f4:3c:f3:95:6b:
fe:93:21:bf:4c:2a:d9:dd:81:74:de:46:0f:13:6f:
74:f9:af:6f:91:be:91:be:32:dd:d4:cc:73:fa:de:
24:e4:00:9a:c6:09:48:2e:1e:4f:bc:a4:9a:04:6e:
b0:75:7a:b1:2f:2d:b6:7a:f1:2a:b5:af:9c:4c:31:
a6:69:a7:12:25:03:fe:26:c1:fd:e5:78:d4:71:72:
e2:e6:1d:45:72:1a:e3:05:52:0a:da:bc:e9:ea:71:
92:e0:d4:0c:d9:cb:1b:b9:71:09:28:d8:b1:42:7e:
32:a5:95:d8:52:5c:c1:7f:dc:bf:34:ce:bd:e7:29:
67:cf:71:01:23:20:2f:03:35:28:2b:44:85:b4:df:
41:06:db:4c:f7:96:ff:39:12:f0:b9:6c:05:dd:a3:
0a:1d:b1:ae:67:f6:96:a0:6b:d6:3d:ea:07:91:7d:
a9:81:03:8d:30:38:c1:e5:3d:eb:15:4a:ef:07:c2:
21:15:fa:8b:06:94:1a:a7:9d:78:63:83:e5:ef:df:
dc:ee:58:bf:56:b4:8c:1b:b8:eb:14:85:23:4d:c2:
78:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:FD:15:28:40:47:67:C0:33:4C:67:6D:44:A8:A0:E9:89:91:78:08
X509v3 Authority Key Identifier:
keyid:92:1C:4F:DA:36:7C:53:83:B1:5C:2A:71:43:AD:4B:10:C9:55:CE:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khxP2jZ8U4OxXCpxQ61LEMlVzqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/K_0VKEBHZ8AzTGdtRKig6YmReAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.104.0/22
IPv6:
2a07:8180::/29
Signature Algorithm: sha256WithRSAEncryption
1a:9a:19:52:bb:ae:19:7e:aa:97:11:e1:46:76:42:16:f6:5e:
f1:96:74:c7:7f:19:91:ff:22:f6:ec:c8:dd:64:7d:e6:4c:2f:
00:d7:ad:39:ab:15:6b:17:b8:e3:53:f4:b4:c7:5a:2c:85:b9:
4c:6d:7c:c5:cc:7e:53:af:5c:3c:48:3d:87:70:72:19:73:b5:
1f:76:f7:2b:ac:ad:1e:dc:af:d0:44:6b:a1:da:84:3b:92:66:
49:d1:eb:38:fc:fa:e5:69:5c:31:37:30:3b:ea:7b:f8:50:8f:
fb:5e:d2:de:f4:f1:32:03:4c:75:c7:64:f1:c3:d6:67:c0:24:
45:fe:7d:f7:8c:15:3a:fe:bc:ca:e8:0c:34:c0:46:8d:af:d5:
e6:4d:2b:5c:e1:68:d0:17:1a:a4:b6:0a:61:38:77:c4:f8:1b:
bb:6c:3e:a4:41:b3:b9:c2:c9:d5:60:89:d0:6e:f4:c2:cf:f9:
db:f8:f7:4f:f1:4d:6e:3c:51:60:20:fa:13:70:36:41:94:34:
5a:c0:02:18:09:11:b9:81:59:7e:78:2d:c1:11:75:12:df:6d:
7c:ff:f5:a4:ea:ac:96:9a:ce:38:b5:52:e0:74:8e:48:fa:34:
6e:c3:cb:d2:b7:21:01:55:13:e5:8a:7d:fe:7d:a8:32:34:c9:
ec:67:fd:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiIDCCiE6DYcqWAXyvCDDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWM0ZmRhMzY3YzUzODNiMTVjMmE3MTQzYWQ0YjEwYzk1
NWNlYTAwHhcNMjUwMTAxMTM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmZkMTUyODQwNDc2N2MwMzM0YzY3NmQ0NGE4YTBlOTg5OTE3ODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+NmKKwW2Hzvlj2IcRdIuuXMer6M
PMmuiBRgsuvLZjI7mKFKsLaA9DzzlWv+kyG/TCrZ3YF03kYPE290+a9vkb6RvjLd
1Mxz+t4k5ACaxglILh5PvKSaBG6wdXqxLy22evEqta+cTDGmaacSJQP+JsH95XjU
cXLi5h1FchrjBVIK2rzp6nGS4NQM2csbuXEJKNixQn4ypZXYUlzBf9y/NM695yln
z3EBIyAvAzUoK0SFtN9BBttM95b/ORLwuWwF3aMKHbGuZ/aWoGvWPeoHkX2pgQON
MDjB5T3rFUrvB8IhFfqLBpQap514Y4Pl79/c7li/VrSMG7jrFIUjTcJ4KQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCv9FShAR2fAM0xnbUSooOmJkXgIMB8GA1UdIwQY
MBaAFJIcT9o2fFODsVwqcUOtSxDJVc6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h4UDJqWjhVNE94WENweFE2MUxFTWxWenFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zZDZiMWEtNmQ2MS00NGI4LThjYmIt
MjM2MDhmNmFlMmVhLzEvS18wVktFQkhaOEF6VEdkdFJLaWc2WW1SZUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zZDZiMWEtNmQ2MS00NGI4LThjYmItMjM2MDhmNmFlMmVh
LzEva2h4UDJqWjhVNE94WENweFE2MUxFTWxWenFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZhoMA0E
AgACMAcDBQMqB4GAMA0GCSqGSIb3DQEBCwUAA4IBAQAamhlSu64ZfqqXEeFGdkIW
9l7xlnTHfxmR/yL27MjdZH3mTC8A1605qxVrF7jjU/S0x1oshblMbXzFzH5Tr1w8
SD2HcHIZc7UfdvcrrK0e3K/QRGuh2oQ7kmZJ0es4/PrlaVwxNzA76nv4UI/7XtLe
9PEyA0x1x2Txw9ZnwCRF/n33jBU6/rzK6Aw0wEaNr9XmTStc4WjQFxqktgphOHfE
+Bu7bD6kQbO5wsnVYInQbvTCz/nb+PdP8U1uPFFgIPoTcDZBlDRawAIYCRG5gVl+
eC3BEXUS3218//Wk6qyWms44tVLgdI5I+jRuw8vStyEBVRPlin3+fagyNMnsZ/3A
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:34:04 2025 by rpki-client