Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KTvst5E273i2Mc9vy643ySO027U.roa
File: KTvst5E273i2Mc9vy643ySO027U.roa (raw, json)
Hash identifier: He7ExOCbXkRzFO1kHNdhIarzwYlxVs8AS5cEWbds8sg=
Subject key identifier: 29:3B:EC:B7:91:36:EF:78:B6:31:CF:6F:CB:AE:37:C9:23:B4:DB:B5
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422202819AA2F15BA6BD72FCCD6B8A172
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KTvst5E273i2Mc9vy643ySO027U.roa
Signing time: Wed 01 Jan 2025 13:48:40 +0000
ROA not before: Wed 01 Jan 2025 13:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50338
IP address blocks: 185.226.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:28:19:aa:2f:15:ba:6b:d7:2f:cc:d6:b8:a1:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=293becb79136ef78b631cf6fcbae37c923b4dbb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2e:39:8d:dd:e3:1d:e7:92:eb:ab:92:f6:19:
fb:0d:b2:e1:64:9e:5c:89:0f:a8:17:27:5d:57:3a:
dd:62:12:23:3c:e5:df:b4:78:a1:6a:ea:94:d0:01:
e5:18:7b:1d:db:76:30:34:0a:76:a4:df:d2:bc:6b:
e0:d4:fd:1e:ed:e7:ec:b3:46:dd:14:08:31:07:dc:
5b:e1:bf:f9:8d:5a:a0:df:46:a8:2e:d4:8e:ab:fc:
a6:5f:d1:7a:a6:94:23:49:fb:18:55:6a:4e:39:a6:
95:24:35:cf:de:cb:1d:09:3b:11:ee:c8:07:cb:e4:
4f:d1:0a:f6:d5:d5:6f:2d:8b:b8:8b:61:c5:aa:44:
27:86:06:a1:5d:97:b7:44:a7:a6:01:36:45:d0:78:
bd:b6:9e:c2:40:45:dd:22:06:8f:fd:81:bf:ae:a2:
aa:d2:5e:97:41:a2:79:a7:fd:5c:fc:ca:fe:d4:7e:
2d:8e:a4:e7:5a:e1:67:e0:05:31:d1:2c:a4:0a:95:
d5:0a:87:54:31:36:96:b8:2b:3d:4b:e3:9b:b9:95:
e7:52:8c:d1:6f:21:07:e4:1e:ba:eb:ee:5f:92:6b:
2b:6a:d5:f9:95:3e:45:0c:05:4d:31:4b:e4:dc:8b:
62:26:0b:6d:f6:68:16:3d:ae:35:5a:55:b1:c7:a5:
a2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:3B:EC:B7:91:36:EF:78:B6:31:CF:6F:CB:AE:37:C9:23:B4:DB:B5
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KTvst5E273i2Mc9vy643ySO027U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.107.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:8e:dc:ac:e9:80:b0:3c:b8:01:1d:cd:b0:5b:b1:8a:6a:2f:
6e:4e:3d:56:3b:51:1b:54:0b:ab:43:1f:07:28:54:5a:65:a2:
34:90:1a:46:55:59:4c:52:29:57:cf:4d:c0:0b:eb:1b:a8:dc:
27:56:1a:46:3f:f9:50:ca:2f:c7:a6:c4:78:10:7a:52:d6:4b:
b6:f8:06:c4:32:b6:3f:46:a8:3b:72:f3:a0:88:e2:8a:db:19:
61:89:11:82:c1:6f:50:eb:98:a0:31:bf:95:a3:7e:95:0e:ce:
8d:a0:f7:49:dd:be:82:8c:41:2f:6b:3d:a1:bb:cb:d7:0f:8f:
57:49:1d:f4:a1:1c:b1:6d:bf:a5:92:88:9f:3a:01:54:1f:bb:
1b:32:f1:f4:dc:99:43:8d:17:7e:34:0e:b9:22:5b:72:31:d7:
23:74:4b:91:26:d0:70:6c:bc:c9:1f:b0:d2:d0:5c:b8:75:4c:
21:ff:35:97:ea:cf:1f:90:a6:4f:e6:a3:90:11:3e:35:5f:61:
e7:43:07:57:f8:b7:70:39:c0:d8:0e:6a:6b:44:f6:98:d1:db:
da:af:2a:34:06:f4:bf:be:e0:f8:b5:1e:f7:3e:cf:b1:92:a0:
75:60:a7:04:2a:27:54:2a:0c:80:37:02:80:de:d8:bd:f1:7b:
31:27:13:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiICgZqi8VumvXL8zWuKFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTNiZWNiNzkxMzZlZjc4YjYzMWNmNmZjYmFlMzdjOTIzYjRkYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC45jd3jHeeS66uS9hn7DbLhZJ5c
iQ+oFyddVzrdYhIjPOXftHihauqU0AHlGHsd23YwNAp2pN/SvGvg1P0e7efss0bd
FAgxB9xb4b/5jVqg30aoLtSOq/ymX9F6ppQjSfsYVWpOOaaVJDXP3ssdCTsR7sgH
y+RP0Qr21dVvLYu4i2HFqkQnhgahXZe3RKemATZF0Hi9tp7CQEXdIgaP/YG/rqKq
0l6XQaJ5p/1c/Mr+1H4tjqTnWuFn4AUx0SykCpXVCodUMTaWuCs9S+ObuZXnUozR
byEH5B666+5fkmsratX5lT5FDAVNMUvk3ItiJgtt9mgWPa41WlWxx6WiowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCk77LeRNu94tjHPb8uuN8kjtNu1MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvS1R2c3Q1RTI3M2kyTWM5dnk2NDN5U08wMjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueJrMA0G
CSqGSIb3DQEBCwUAA4IBAQDDjtys6YCwPLgBHc2wW7GKai9uTj1WO1EbVAurQx8H
KFRaZaI0kBpGVVlMUilXz03AC+sbqNwnVhpGP/lQyi/HpsR4EHpS1ku2+AbEMrY/
Rqg7cvOgiOKK2xlhiRGCwW9Q65igMb+Vo36VDs6NoPdJ3b6CjEEvaz2hu8vXD49X
SR30oRyxbb+lkoifOgFUH7sbMvH03JlDjRd+NA65IltyMdcjdEuRJtBwbLzJH7DS
0Fy4dUwh/zWX6s8fkKZP5qOQET41X2HnQwdX+LdwOcDYDmprRPaY0dvaryo0BvS/
vuD4tR73Ps+xkqB1YKcEKidUKgyANwKA3ti98XsxJxMq
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:35:20 2025 by rpki-client