Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/1-KYSj48sD3jE1Gzvv9kFu9QJGtY.roa
File: 1-KYSj48sD3jE1Gzvv9kFu9QJGtY.roa (raw, json)
Hash identifier: H4x96iKua2b3UDRaB1WSf9rakbeSZ8QQwLawXzA3kBc=
Subject key identifier: F8:A6:12:8F:8F:2C:0F:78:C4:D4:6C:EF:BF:D9:05:BB:D4:09:1A:D6
Certificate issuer: /CN=a52fc60d36e28bb8df145c84acab19cfa53b025a
Certificate serial: 0194266C0A93E129BA44BFF72847E6357581
Authority key identifier: A5:2F:C6:0D:36:E2:8B:B8:DF:14:5C:84:AC:AB:19:CF:A5:3B:02:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/1-KYSj48sD3jE1Gzvv9kFu9QJGtY.roa
Signing time: Thu 02 Jan 2025 09:50:02 +0000
ROA not before: Thu 02 Jan 2025 09:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201612
IP address blocks: 176.97.158.0/24 maxlen: 24
192.174.68.0/24 maxlen: 24
2001:67c:10b8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:0a:93:e1:29:ba:44:bf:f7:28:47:e6:35:75:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a52fc60d36e28bb8df145c84acab19cfa53b025a
Validity
Not Before: Jan 2 09:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8a6128f8f2c0f78c4d46cefbfd905bbd4091ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0b:81:0d:c4:42:30:9e:5a:20:e7:76:1d:5b:
da:f9:ba:4f:b3:26:7f:64:19:58:b7:c9:56:e4:bd:
ce:c8:2b:07:f4:4a:0b:e5:59:41:c7:07:f8:47:10:
d3:bb:f3:e6:81:42:10:ed:e2:ef:5c:28:77:65:a3:
97:b5:6d:af:54:9d:a5:67:4a:08:b9:19:f3:85:68:
c4:5c:49:be:d7:87:76:17:4e:c3:01:d5:b7:1c:36:
f3:72:18:2a:b4:f1:3a:36:17:1f:80:d6:96:d2:2a:
8f:a4:22:3a:3b:71:06:a2:47:33:e5:23:0a:71:b8:
db:2c:3d:63:c7:59:cf:94:21:64:b8:35:4f:50:09:
8a:29:5e:33:0d:67:af:67:ab:5b:0e:e1:41:ab:8d:
5e:3c:ff:b2:00:86:79:33:13:60:21:49:64:8e:46:
8b:6b:b6:8e:0b:f0:8d:76:57:8a:08:92:d3:cf:65:
70:4c:5f:db:46:98:84:4c:8a:1c:b4:3f:ac:f4:41:
3d:4b:56:58:10:b0:c1:db:04:9b:17:e0:30:cf:67:
f2:05:a1:c5:61:17:38:83:2e:51:1d:4e:fa:c8:9c:
5f:7d:5e:e3:ef:1e:da:f9:88:df:d8:ae:e2:85:6e:
b3:a8:d2:b6:e1:70:ed:71:59:df:61:f6:b0:30:51:
0b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A6:12:8F:8F:2C:0F:78:C4:D4:6C:EF:BF:D9:05:BB:D4:09:1A:D6
X509v3 Authority Key Identifier:
keyid:A5:2F:C6:0D:36:E2:8B:B8:DF:14:5C:84:AC:AB:19:CF:A5:3B:02:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/1-KYSj48sD3jE1Gzvv9kFu9QJGtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/pS_GDTbii7jfFFyErKsZz6U7Alo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.158.0/24
192.174.68.0/24
IPv6:
2001:67c:10b8::/48
Signature Algorithm: sha256WithRSAEncryption
0b:dd:96:c0:65:75:71:eb:66:f4:97:97:70:e2:72:f4:b4:79:
43:6d:df:b6:5d:c4:bf:d1:a2:1f:40:a6:6e:63:83:92:93:2c:
0f:24:29:10:4a:5a:33:34:56:07:5b:36:64:dd:35:4f:81:8e:
28:3f:38:ed:61:31:65:6b:b0:36:84:6c:47:1d:a9:b1:01:dd:
a2:b5:f8:17:d8:3e:05:35:3c:90:48:93:ce:62:c1:c4:00:63:
23:66:ec:0a:27:bc:f6:d6:4c:98:39:4a:ab:bd:c4:a2:14:55:
a7:3a:e6:8d:f5:80:bc:5f:74:91:49:c0:5b:f5:5f:20:4c:1a:
13:0c:16:6c:fc:ab:c1:18:ab:c0:87:8b:14:4a:7b:95:a2:e3:
55:74:90:5c:87:63:5a:9b:22:bb:9f:1b:b4:8e:b1:86:96:58:
06:33:49:1a:fa:ea:f2:33:b9:14:5c:de:bf:e6:a4:58:02:80:
23:3a:75:87:61:ef:b7:59:d2:45:6b:7b:94:2c:16:10:3c:4a:
17:d7:8e:a3:da:d6:41:9a:75:89:a0:3b:a2:29:aa:f0:6a:68:
78:fa:a4:3c:ff:71:10:c4:0f:94:90:09:11:50:e7:32:b5:23:
c8:3f:33:19:d8:a2:43:36:cd:57:18:94:e7:a6:55:01:14:1d:
18:f2:1b:9e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQmbAqT4Sm6RL/3KEfmNXWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MmZjNjBkMzZlMjhiYjhkZjE0NWM4NGFjYWIxOWNmYTUz
YjAyNWEwHhcNMjUwMTAyMDk1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGE2MTI4ZjhmMmMwZjc4YzRkNDZjZWZiZmQ5MDViYmQ0MDkxYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAuBDcRCMJ5aIOd2HVva+bpPsyZ/
ZBlYt8lW5L3OyCsH9EoL5VlBxwf4RxDTu/PmgUIQ7eLvXCh3ZaOXtW2vVJ2lZ0oI
uRnzhWjEXEm+14d2F07DAdW3HDbzchgqtPE6NhcfgNaW0iqPpCI6O3EGokcz5SMK
cbjbLD1jx1nPlCFkuDVPUAmKKV4zDWevZ6tbDuFBq41ePP+yAIZ5MxNgIUlkjkaL
a7aOC/CNdleKCJLTz2VwTF/bRpiETIoctD+s9EE9S1ZYELDB2wSbF+Awz2fyBaHF
YRc4gy5RHU76yJxffV7j7x7a+Yjf2K7ihW6zqNK24XDtcVnfYfawMFELfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPimEo+PLA94xNRs77/ZBbvUCRrWMB8GA1UdIwQY
MBaAFKUvxg024ou43xRchKyrGc+lOwJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFNfR0RUYmlpN2pmRkZ5RXJLc1p6NlU3QWxvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9mMGI5NjAtODZkOC00MDYyLWE1OTct
OWI0YTJkNWYzYTc2LzEvMS1LWVNqNDhzRDNqRTFHenZ2OWtGdTlRSkd0WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODYvZjBiOTYwLTg2ZDgtNDA2Mi1hNTk3LTliNGEyZDVmM2E3
Ni8xL3BTX0dEVGJpaTdqZkZGeUVyS3NaejZVN0Fsby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEALBhngME
AMCuRDAPBAIAAjAJAwcAIAEGfBC4MA0GCSqGSIb3DQEBCwUAA4IBAQAL3ZbAZXVx
62b0l5dw4nL0tHlDbd+2XcS/0aIfQKZuY4OSkywPJCkQSlozNFYHWzZk3TVPgY4o
PzjtYTFla7A2hGxHHamxAd2itfgX2D4FNTyQSJPOYsHEAGMjZuwKJ7z21kyYOUqr
vcSiFFWnOuaN9YC8X3SRScBb9V8gTBoTDBZs/KvBGKvAh4sUSnuVouNVdJBch2Na
myK7nxu0jrGGllgGM0ka+uryM7kUXN6/5qRYAoAjOnWHYe+3WdJFa3uULBYQPEoX
146j2tZBmnWJoDuiKarwamh4+qQ8/3EQxA+UkAkRUOcytSPIPzMZ2KJDNs1XGJTn
plUBFB0Y8hue
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:55:20 2025 by rpki-client