Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/VK52xwAI-aKIKTeQlztwUDOO02E.roa
File: VK52xwAI-aKIKTeQlztwUDOO02E.roa (raw, json)
Hash identifier: C9ydrT1jO/tCG0jTbHX7J5njz1R33YyX3/MyTTWyLe8=
Subject key identifier: 54:AE:76:C7:00:08:F9:A2:88:29:37:90:97:3B:70:50:33:8E:D3:61
Certificate issuer: /CN=39732dcd0c35426144f9f026754179dfaebe8958
Certificate serial: 019424450140820A36F46274A9E3D3B55461
Authority key identifier: 39:73:2D:CD:0C:35:42:61:44:F9:F0:26:75:41:79:DF:AE:BE:89:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXMtzQw1QmFE-fAmdUF5366-iVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/VK52xwAI-aKIKTeQlztwUDOO02E.roa
Signing time: Wed 01 Jan 2025 23:48:09 +0000
ROA not before: Wed 01 Jan 2025 23:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201240
IP address blocks: 192.166.240.0/24 maxlen: 24
2a07:eec0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:01:40:82:0a:36:f4:62:74:a9:e3:d3:b5:54:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39732dcd0c35426144f9f026754179dfaebe8958
Validity
Not Before: Jan 1 23:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54ae76c70008f9a288293790973b7050338ed361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5e:1b:27:6f:d4:3c:ab:74:80:b2:2c:22:93:
d2:17:53:d6:36:77:d5:ae:60:a5:2e:13:7c:75:58:
f4:41:67:4b:7a:6d:83:54:ba:cd:a0:6b:3b:4c:66:
c0:89:56:4b:77:33:0f:0a:88:87:d2:56:ac:49:37:
db:3b:e0:bd:aa:ae:52:1b:a8:f9:42:6e:a7:79:0f:
e2:2d:49:40:a0:5b:2a:28:75:b1:4a:28:3d:f7:c0:
28:31:ad:c7:22:51:5e:d0:92:fa:88:5e:68:f3:b3:
50:9e:ec:52:a3:b1:20:b3:56:22:8b:45:b8:92:7e:
b8:39:2a:a2:c0:97:8e:7d:af:bb:a6:5d:69:19:44:
34:75:0a:dc:f6:1f:72:72:18:f8:61:09:b4:ec:78:
28:09:77:5e:fd:3a:de:95:f7:5e:1c:a7:d7:2b:a0:
20:99:b8:44:15:6c:50:53:bb:f9:93:d3:ac:be:6d:
2f:39:5e:a0:81:2d:77:7f:2a:21:4c:0c:f8:1f:11:
89:0f:5f:70:f7:4e:3d:11:04:bc:d9:0a:d5:3a:1d:
23:b8:48:02:e3:1a:4b:52:d0:1c:59:66:7e:8c:28:
ce:67:7b:8a:ea:35:28:30:fa:33:8f:d5:97:65:e9:
b7:d3:89:1e:9a:3f:8f:0c:03:de:07:c5:28:3e:9e:
7b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:AE:76:C7:00:08:F9:A2:88:29:37:90:97:3B:70:50:33:8E:D3:61
X509v3 Authority Key Identifier:
keyid:39:73:2D:CD:0C:35:42:61:44:F9:F0:26:75:41:79:DF:AE:BE:89:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXMtzQw1QmFE-fAmdUF5366-iVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/VK52xwAI-aKIKTeQlztwUDOO02E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/OXMtzQw1QmFE-fAmdUF5366-iVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.240.0/24
IPv6:
2a07:eec0::/29
Signature Algorithm: sha256WithRSAEncryption
96:31:72:45:c7:95:23:6d:f1:29:5c:c4:11:6f:40:85:b6:69:
2b:01:34:80:6a:f0:b9:2c:f7:87:da:d0:a3:9f:14:80:32:eb:
6d:c1:3d:c9:65:3c:e2:f3:a9:8c:2d:32:b2:ae:7e:dd:e1:0c:
50:a2:6c:ce:23:28:d9:d4:3b:61:f0:8f:77:b2:27:b6:91:d0:
69:82:12:04:eb:b4:89:99:c4:74:d9:e4:54:f9:d9:9d:a0:b3:
3f:aa:ac:38:d2:04:39:ec:56:de:1e:a5:4d:57:43:9c:b7:c1:
2d:e5:93:1d:21:70:35:d2:54:81:ba:7d:81:ab:e3:c4:c3:7b:
27:15:9a:48:0b:a7:d8:00:a6:3e:2e:66:3e:df:02:49:e2:d4:
0d:3f:ca:40:6a:94:31:16:88:55:72:47:40:4a:72:9b:38:ee:
1b:70:45:d1:e0:b0:60:9f:be:19:cb:18:e5:d4:e6:0f:fc:ab:
ed:5a:ab:de:ea:4b:77:c0:03:11:68:b0:3e:5a:98:d9:20:b2:
d5:2c:4d:9e:ce:96:2b:c2:18:f7:5d:ff:9c:d9:03:a6:a5:c7:
0b:c0:d3:da:45:e3:0e:4d:33:6a:62:1e:b0:2c:24:c7:88:9c:
f7:bb:8c:8d:af:42:cd:a7:61:b3:07:b3:34:2f:49:17:5a:d6:
fd:8a:bb:7b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRQFAggo29GJ0qePTtVRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzMyZGNkMGMzNTQyNjE0NGY5ZjAyNjc1NDE3OWRmYWVi
ZTg5NTgwHhcNMjUwMTAxMjM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGFlNzZjNzAwMDhmOWEyODgyOTM3OTA5NzNiNzA1MDMzOGVkMzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxF4bJ2/UPKt0gLIsIpPSF1PWNnfV
rmClLhN8dVj0QWdLem2DVLrNoGs7TGbAiVZLdzMPCoiH0lasSTfbO+C9qq5SG6j5
Qm6neQ/iLUlAoFsqKHWxSig998AoMa3HIlFe0JL6iF5o87NQnuxSo7Egs1Yii0W4
kn64OSqiwJeOfa+7pl1pGUQ0dQrc9h9ychj4YQm07HgoCXde/TrelfdeHKfXK6Ag
mbhEFWxQU7v5k9Osvm0vOV6ggS13fyohTAz4HxGJD19w9049EQS82QrVOh0juEgC
4xpLUtAcWWZ+jCjOZ3uK6jUoMPozj9WXZem304kemj+PDAPeB8UoPp57RwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFSudscACPmiiCk3kJc7cFAzjtNhMB8GA1UdIwQY
MBaAFDlzLc0MNUJhRPnwJnVBed+uvolYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hNdHpRdzFRbUZFLWZBbWRVRjUzNjYtaVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yMzcxMDYtZDA4ZC00YWEwLWFjODIt
ZjYwYWYyYTgyMDYwLzEvVks1Mnh3QUktYUtJS1RlUWx6dHdVRE9PMDJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yMzcxMDYtZDA4ZC00YWEwLWFjODItZjYwYWYyYTgyMDYw
LzEvT1hNdHpRdzFRbUZFLWZBbWRVRjUzNjYtaVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwKbwMA0E
AgACMAcDBQMqB+7AMA0GCSqGSIb3DQEBCwUAA4IBAQCWMXJFx5UjbfEpXMQRb0CF
tmkrATSAavC5LPeH2tCjnxSAMuttwT3JZTzi86mMLTKyrn7d4QxQomzOIyjZ1Dth
8I93sie2kdBpghIE67SJmcR02eRU+dmdoLM/qqw40gQ57FbeHqVNV0Oct8Et5ZMd
IXA10lSBun2Bq+PEw3snFZpIC6fYAKY+LmY+3wJJ4tQNP8pAapQxFohVckdASnKb
OO4bcEXR4LBgn74Zyxjl1OYP/KvtWqve6kt3wAMRaLA+WpjZILLVLE2ezpYrwhj3
Xf+c2QOmpccLwNPaReMOTTNqYh6wLCTHiJz3u4yNr0LNp2GzB7M0L0kXWtb9irt7
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:47:15 2025 by rpki-client