Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/vkVOKzv8_S2fkG1izpq7kTixdUE.roa
File: vkVOKzv8_S2fkG1izpq7kTixdUE.roa (raw, json)
Hash identifier: piMEcgAOMMddSvNaBzKcgAojln/bHlikM4A3Z6HENXY=
Subject key identifier: BE:45:4E:2B:3B:FC:FD:2D:9F:90:6D:62:CE:9A:BB:91:38:B1:75:41
Certificate issuer: /CN=52411e52dab7d0be2674313b6b5d2e74bd11360e
Certificate serial: 0194221F4A34AD169049FD575C67199622AF
Authority key identifier: 52:41:1E:52:DA:B7:D0:BE:26:74:31:3B:6B:5D:2E:74:BD:11:36:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UkEeUtq30L4mdDE7a10udL0RNg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/vkVOKzv8_S2fkG1izpq7kTixdUE.roa
Signing time: Wed 01 Jan 2025 13:47:43 +0000
ROA not before: Wed 01 Jan 2025 13:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201299
IP address blocks: 217.198.189.0/24 maxlen: 24
2a11:ffc0::/29 maxlen: 42
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:4a:34:ad:16:90:49:fd:57:5c:67:19:96:22:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52411e52dab7d0be2674313b6b5d2e74bd11360e
Validity
Not Before: Jan 1 13:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be454e2b3bfcfd2d9f906d62ce9abb9138b17541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:3a:d5:26:0d:b9:d6:25:dc:cb:e9:51:09:13:
fb:33:7c:96:ba:e7:0c:b8:e7:4d:08:60:21:f0:18:
8a:2d:e7:75:b6:e9:a9:2a:33:62:f4:40:5c:9f:71:
4b:c5:bd:0d:58:69:ab:7f:42:6d:cd:e9:ad:f9:d3:
14:1e:cc:80:43:6b:be:27:33:1d:65:07:ab:5c:9b:
c9:52:81:30:9b:52:bb:21:fb:b4:99:40:76:28:4b:
62:4b:95:28:86:72:d3:3f:b7:0f:21:6d:b6:32:28:
03:ba:56:5c:c9:15:07:e4:c1:c9:5b:ee:52:82:c7:
1b:a8:6a:dc:9e:a2:51:d8:3d:5c:53:ca:78:b6:d6:
d8:2e:ec:3a:b2:58:36:8b:30:df:0f:7e:a2:35:8c:
17:3e:fe:f1:1c:81:14:f2:d9:70:74:61:a2:4d:5c:
9b:71:13:01:fb:57:5e:a6:ac:a6:c3:8f:e8:e9:f5:
1a:fa:a7:ec:c4:59:0f:d2:19:26:fe:77:7e:9e:74:
24:a9:33:36:5a:b7:08:fd:0d:76:cb:25:2e:0e:f8:
d3:14:fe:d5:bb:c7:d5:bb:2d:b7:83:f7:27:cd:72:
04:45:3b:20:d6:6f:43:78:d9:c5:ae:8d:8b:ff:e7:
6b:8e:d3:e4:d7:27:3a:2a:10:c5:08:72:87:3a:75:
c1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:45:4E:2B:3B:FC:FD:2D:9F:90:6D:62:CE:9A:BB:91:38:B1:75:41
X509v3 Authority Key Identifier:
keyid:52:41:1E:52:DA:B7:D0:BE:26:74:31:3B:6B:5D:2E:74:BD:11:36:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UkEeUtq30L4mdDE7a10udL0RNg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/vkVOKzv8_S2fkG1izpq7kTixdUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/UkEeUtq30L4mdDE7a10udL0RNg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.198.189.0/24
IPv6:
2a11:ffc0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:fd:32:e4:6e:c5:37:02:7d:aa:01:85:f3:43:49:32:26:ff:
db:19:06:a2:0e:8b:cc:42:03:f2:75:f6:fa:26:a8:6a:eb:f8:
0b:29:9a:dc:b9:0e:90:89:9f:7f:5b:ef:dd:f1:5d:37:61:cb:
bb:b3:6e:75:ee:b8:0e:54:f2:11:0c:7d:7d:7d:19:c7:38:27:
67:ca:c3:af:01:bb:9a:bc:23:4f:ae:b3:4d:c6:e2:97:a5:60:
d9:9a:d8:42:aa:21:e7:0e:d7:17:0e:23:97:6d:4e:a0:86:74:
f6:0e:8a:43:81:66:f7:11:a3:25:e7:95:77:98:99:8f:30:57:
07:1c:b5:bd:89:16:59:a5:f1:e1:2d:7f:85:cf:bc:b3:da:77:
fe:b0:82:84:bf:1e:ac:28:28:17:3a:f0:22:ed:93:45:2f:d5:
8f:da:65:ff:61:b6:07:34:ec:af:9b:84:18:41:c0:1a:93:40:
5c:02:71:83:3e:35:56:cc:74:56:77:db:de:12:cd:33:7b:b2:
9e:4f:ca:dd:3d:8c:0c:78:bd:7b:3a:f3:10:47:21:99:0a:63:
5f:fc:07:20:13:b0:dd:01:89:9b:71:b9:51:5b:07:04:71:a2:
aa:61:90:0e:84:d6:c5:b4:25:b9:fc:e7:d1:5f:44:f7:ab:df:
e9:9d:b6:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH0o0rRaQSf1XXGcZliKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNDExZTUyZGFiN2QwYmUyNjc0MzEzYjZiNWQyZTc0YmQx
MTM2MGUwHhcNMjUwMTAxMTM0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTQ1NGUyYjNiZmNmZDJkOWY5MDZkNjJjZTlhYmI5MTM4YjE3NTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jrVJg251iXcy+lRCRP7M3yWuucM
uOdNCGAh8BiKLed1tumpKjNi9EBcn3FLxb0NWGmrf0Jtzemt+dMUHsyAQ2u+JzMd
ZQerXJvJUoEwm1K7Ifu0mUB2KEtiS5UohnLTP7cPIW22MigDulZcyRUH5MHJW+5S
gscbqGrcnqJR2D1cU8p4ttbYLuw6slg2izDfD36iNYwXPv7xHIEU8tlwdGGiTVyb
cRMB+1depqymw4/o6fUa+qfsxFkP0hkm/nd+nnQkqTM2WrcI/Q12yyUuDvjTFP7V
u8fVuy23g/cnzXIERTsg1m9DeNnFro2L/+drjtPk1yc6KhDFCHKHOnXB4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL5FTis7/P0tn5BtYs6au5E4sXVBMB8GA1UdIwQY
MBaAFFJBHlLat9C+JnQxO2tdLnS9ETYOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWtFZVV0cTMwTDRtZERFN2ExMHVkTDBSTmc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85YjFkODUtNzE5OC00YWY2LWE2MzIt
ZDBjZmU0MzAxNmRlLzEvdmtWT0t6djhfUzJma0cxaXpwcTdrVGl4ZFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85YjFkODUtNzE5OC00YWY2LWE2MzItZDBjZmU0MzAxNmRl
LzEvVWtFZVV0cTMwTDRtZERFN2ExMHVkTDBSTmc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2ca9MA0E
AgACMAcDBQMqEf/AMA0GCSqGSIb3DQEBCwUAA4IBAQB+/TLkbsU3An2qAYXzQ0ky
Jv/bGQaiDovMQgPydfb6Jqhq6/gLKZrcuQ6QiZ9/W+/d8V03Ycu7s2517rgOVPIR
DH19fRnHOCdnysOvAbuavCNPrrNNxuKXpWDZmthCqiHnDtcXDiOXbU6ghnT2DopD
gWb3EaMl55V3mJmPMFcHHLW9iRZZpfHhLX+Fz7yz2nf+sIKEvx6sKCgXOvAi7ZNF
L9WP2mX/YbYHNOyvm4QYQcAak0BcAnGDPjVWzHRWd9veEs0ze7KeT8rdPYwMeL17
OvMQRyGZCmNf/AcgE7DdAYmbcblRWwcEcaKqYZAOhNbFtCW5/OfRX0T3q9/pnbaI
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:59:46 2025 by rpki-client