Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/0c2ec3-3844-4b5f-9f58-5f1b69048fe2/1/Khu0iUVuTs8ZYAwuEt_S3XCnJdE.roa
File: Khu0iUVuTs8ZYAwuEt_S3XCnJdE.roa (raw, json)
Hash identifier: 0AzGfOb5OfWgiAbeRL3c+g44yXgjZKIdXOkCd1IWoeo=
Subject key identifier: 2A:1B:B4:89:45:6E:4E:CF:19:60:0C:2E:12:DF:D2:DD:70:A7:25:D1
Certificate issuer: /CN=423d93054f063cf8a291861735f90059ab9ec169
Certificate serial: 0194236A261C658B19A567948183973232A2
Authority key identifier: 42:3D:93:05:4F:06:3C:F8:A2:91:86:17:35:F9:00:59:AB:9E:C1:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qj2TBU8GPPiikYYXNfkAWauewWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/0c2ec3-3844-4b5f-9f58-5f1b69048fe2/1/Khu0iUVuTs8ZYAwuEt_S3XCnJdE.roa
Signing time: Wed 01 Jan 2025 19:49:06 +0000
ROA not before: Wed 01 Jan 2025 19:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206495
IP address blocks: 185.188.113.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:26:1c:65:8b:19:a5:67:94:81:83:97:32:32:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=423d93054f063cf8a291861735f90059ab9ec169
Validity
Not Before: Jan 1 19:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a1bb489456e4ecf19600c2e12dfd2dd70a725d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d1:72:40:53:40:7d:ef:d7:e9:a6:6d:4d:59:
0f:02:1a:ac:df:0e:88:c9:ad:5d:8d:ca:93:a8:76:
29:f4:73:79:4f:fb:69:e5:4a:d6:26:41:40:d2:93:
97:d6:02:c2:a9:fd:f8:af:46:c1:ea:ee:83:17:85:
8f:fa:68:0f:db:de:c0:7a:8e:5d:55:61:d2:66:b5:
ae:52:f8:e7:f7:0a:68:2e:62:fb:58:a3:9d:a5:b0:
6a:bc:39:46:38:c5:f7:c2:42:84:d5:f6:4e:81:0a:
3e:e7:8b:7e:eb:f6:a2:f1:4f:b3:44:8d:a7:88:da:
78:ec:96:ee:47:74:0e:c3:93:24:23:ac:77:f6:32:
45:40:29:13:91:78:40:28:3f:86:9a:27:fd:d1:b1:
50:51:33:f6:89:77:b5:98:1e:d9:f6:32:fa:3e:07:
f3:69:4e:50:8d:b9:97:93:0a:85:c7:64:ef:4a:33:
7d:cd:c7:8f:6c:8e:b4:e9:c1:57:3a:fc:ea:1c:54:
f7:93:51:c3:6d:64:e0:fd:52:91:d4:42:49:de:75:
40:e9:25:aa:1e:3b:b5:9b:fb:fc:41:c6:1f:fc:d8:
7c:a7:33:6e:d9:fb:31:43:d8:70:fd:b1:29:d2:be:
e3:bb:a3:33:bb:17:c3:46:10:1a:db:71:8b:f3:0f:
c7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:1B:B4:89:45:6E:4E:CF:19:60:0C:2E:12:DF:D2:DD:70:A7:25:D1
X509v3 Authority Key Identifier:
keyid:42:3D:93:05:4F:06:3C:F8:A2:91:86:17:35:F9:00:59:AB:9E:C1:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qj2TBU8GPPiikYYXNfkAWauewWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0c2ec3-3844-4b5f-9f58-5f1b69048fe2/1/Khu0iUVuTs8ZYAwuEt_S3XCnJdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0c2ec3-3844-4b5f-9f58-5f1b69048fe2/1/Qj2TBU8GPPiikYYXNfkAWauewWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.113.0/24
Signature Algorithm: sha256WithRSAEncryption
89:2f:bd:38:a5:35:e7:17:ec:0b:72:f1:04:f5:fb:cc:8e:e0:
0a:3b:74:5d:6e:16:b1:2e:69:55:1a:87:f4:76:82:a3:e2:a0:
3d:dc:81:69:b5:07:a6:4b:b6:29:46:e2:1c:bf:99:67:57:ff:
df:2e:d1:ce:06:1b:14:9c:1a:c2:e2:b4:d5:c3:0f:29:bd:54:
95:03:05:b9:32:b5:46:27:b9:bc:d4:5d:ae:cf:37:fd:7e:33:
f9:19:58:c5:63:66:5b:dc:26:63:49:05:ec:e1:11:62:22:b8:
ac:5a:9b:06:2c:f0:b7:0d:85:06:93:41:85:61:2b:a3:a0:94:
c1:27:02:4f:d5:25:47:9b:63:95:a2:2e:76:38:54:42:f9:47:
4a:85:46:8a:b6:d6:e5:98:07:2a:a0:e9:b1:f7:39:dd:5a:05:
4f:d8:34:70:9f:84:2e:fb:32:92:72:96:ae:60:46:c3:ed:24:
5f:45:86:39:37:fe:83:0d:51:2f:2a:af:10:9b:bd:f8:fa:7c:
e8:54:4a:8a:87:9f:f8:36:27:ef:44:84:99:b9:3e:cb:84:4e:
bf:c9:3c:c5:c4:16:8d:b2:4f:7a:fd:0c:26:38:6d:2f:a0:b5:
30:ee:b3:d9:1b:b6:1e:ce:64:b7:15:71:85:41:39:7d:5e:55:
8b:c0:77:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaiYcZYsZpWeUgYOXMjKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyM2Q5MzA1NGYwNjNjZjhhMjkxODYxNzM1ZjkwMDU5YWI5
ZWMxNjkwHhcNMjUwMTAxMTk0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTFiYjQ4OTQ1NmU0ZWNmMTk2MDBjMmUxMmRmZDJkZDcwYTcyNWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NFyQFNAfe/X6aZtTVkPAhqs3w6I
ya1djcqTqHYp9HN5T/tp5UrWJkFA0pOX1gLCqf34r0bB6u6DF4WP+mgP297Aeo5d
VWHSZrWuUvjn9wpoLmL7WKOdpbBqvDlGOMX3wkKE1fZOgQo+54t+6/ai8U+zRI2n
iNp47JbuR3QOw5MkI6x39jJFQCkTkXhAKD+Gmif90bFQUTP2iXe1mB7Z9jL6Pgfz
aU5QjbmXkwqFx2TvSjN9zcePbI606cFXOvzqHFT3k1HDbWTg/VKR1EJJ3nVA6SWq
Hju1m/v8QcYf/Nh8pzNu2fsxQ9hw/bEp0r7ju6MzuxfDRhAa23GL8w/HTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCobtIlFbk7PGWAMLhLf0t1wpyXRMB8GA1UdIwQY
MBaAFEI9kwVPBjz4opGGFzX5AFmrnsFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWoyVEJVOEdQUGlpa1lZWE5ma0FXYXVld1drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8wYzJlYzMtMzg0NC00YjVmLTlmNTgt
NWYxYjY5MDQ4ZmUyLzEvS2h1MGlVVnVUczhaWUF3dUV0X1MzWENuSmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8wYzJlYzMtMzg0NC00YjVmLTlmNTgtNWYxYjY5MDQ4ZmUy
LzEvUWoyVEJVOEdQUGlpa1lZWE5ma0FXYXVld1drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubxxMA0G
CSqGSIb3DQEBCwUAA4IBAQCJL704pTXnF+wLcvEE9fvMjuAKO3RdbhaxLmlVGof0
doKj4qA93IFptQemS7YpRuIcv5lnV//fLtHOBhsUnBrC4rTVww8pvVSVAwW5MrVG
J7m81F2uzzf9fjP5GVjFY2Zb3CZjSQXs4RFiIrisWpsGLPC3DYUGk0GFYSujoJTB
JwJP1SVHm2OVoi52OFRC+UdKhUaKttblmAcqoOmx9zndWgVP2DRwn4Qu+zKScpau
YEbD7SRfRYY5N/6DDVEvKq8Qm734+nzoVEqKh5/4NifvRISZuT7LhE6/yTzFxBaN
sk96/QwmOG0voLUw7rPZG7YezmS3FXGFQTl9XlWLwHdI
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:08:33 2025 by rpki-client