Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/f0751d-d7b3-4701-a326-2148082c3533/1/KLN2YwTYjPNIaJl1unk5vIz6vqg.roa
File: KLN2YwTYjPNIaJl1unk5vIz6vqg.roa (raw, json)
Hash identifier: MhUIVJHps0H9qbSh6FLkKXTFhSCbjnKxeUmu3XhAiqM=
Subject key identifier: 28:B3:76:63:04:D8:8C:F3:48:68:99:75:BA:79:39:BC:8C:FA:BE:A8
Certificate issuer: /CN=406400d71d7edeb0eb305d4982ecf520b0f44e77
Certificate serial: 019425216DF8B9B0035BBDEED0D4D1BA05C0
Authority key identifier: 40:64:00:D7:1D:7E:DE:B0:EB:30:5D:49:82:EC:F5:20:B0:F4:4E:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QGQA1x1-3rDrMF1Jguz1ILD0Tnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/f0751d-d7b3-4701-a326-2148082c3533/1/KLN2YwTYjPNIaJl1unk5vIz6vqg.roa
Signing time: Thu 02 Jan 2025 03:48:55 +0000
ROA not before: Thu 02 Jan 2025 03:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210018
IP address blocks: 194.124.148.0/23 maxlen: 23
194.124.150.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:6d:f8:b9:b0:03:5b:bd:ee:d0:d4:d1:ba:05:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406400d71d7edeb0eb305d4982ecf520b0f44e77
Validity
Not Before: Jan 2 03:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28b3766304d88cf348689975ba7939bc8cfabea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c5:2f:e9:a7:1e:ca:ff:d3:b6:8a:14:89:c5:
8a:6c:ff:49:bb:92:b2:31:fb:31:cf:e0:7e:e5:11:
1c:f7:9b:73:d3:d2:ed:1b:1e:94:d1:37:99:c0:99:
6e:3a:9e:b9:ae:10:39:01:55:9d:6f:41:38:11:b6:
7f:c2:10:0d:d6:50:3d:05:2a:c7:e1:95:1e:62:70:
3d:69:f8:6c:27:31:ba:a4:24:66:e4:a1:a5:fe:58:
52:b9:3d:6f:b4:3b:53:27:4f:d6:05:20:01:5e:39:
2e:c7:34:7b:35:3e:46:91:5d:9b:1b:7a:58:31:ab:
84:28:1c:6f:52:d7:71:ce:86:7b:9e:b7:3a:a6:3e:
fd:fd:53:79:9f:d5:c4:71:e1:27:84:ba:08:47:b7:
0a:91:01:80:82:d2:ba:2a:08:b3:aa:4d:eb:62:3e:
64:9d:d7:e7:cb:a2:25:e2:55:03:49:79:26:f5:6c:
e5:60:ef:55:f6:a6:4f:1b:f9:27:1c:90:c5:6e:1b:
e7:1a:b8:f3:3c:97:f3:dd:9c:62:96:c1:e2:33:20:
6b:40:70:42:78:e9:00:24:8d:8c:d5:f0:e7:bb:4d:
6a:54:7f:ce:d4:54:4f:1b:7f:37:d6:0c:d8:97:25:
ed:5d:1b:c5:5e:02:75:ef:83:91:c9:c7:0c:fe:ed:
1d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B3:76:63:04:D8:8C:F3:48:68:99:75:BA:79:39:BC:8C:FA:BE:A8
X509v3 Authority Key Identifier:
keyid:40:64:00:D7:1D:7E:DE:B0:EB:30:5D:49:82:EC:F5:20:B0:F4:4E:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGQA1x1-3rDrMF1Jguz1ILD0Tnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f0751d-d7b3-4701-a326-2148082c3533/1/KLN2YwTYjPNIaJl1unk5vIz6vqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f0751d-d7b3-4701-a326-2148082c3533/1/QGQA1x1-3rDrMF1Jguz1ILD0Tnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.148.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:45:dc:d9:97:15:f4:6c:e1:06:df:e9:d3:9a:5a:a1:24:ab:
2d:1a:1d:0d:fa:fb:0b:01:5f:dc:5c:57:c3:0b:0d:c2:ef:be:
85:6c:27:13:d3:82:d7:b1:05:e6:fd:6d:74:2d:d0:44:c2:8c:
40:9e:c5:01:67:28:7e:58:9f:ff:0c:91:a2:9a:87:4f:74:35:
b7:39:28:3b:d2:cb:6e:1e:09:89:0e:99:9e:bc:0f:74:5d:10:
eb:82:62:14:ab:90:30:9b:54:02:f4:c2:36:86:70:54:4c:70:
80:1b:a0:6f:77:15:e3:44:49:ea:3a:c8:2f:ca:ad:50:e8:50:
b8:39:1c:bf:5c:3a:64:8c:64:f8:9f:5d:6c:6a:15:f3:d4:0a:
17:22:70:b4:fc:02:91:dc:71:e9:76:b2:00:3d:05:6b:8a:c7:
f8:b2:68:cc:d2:41:31:4c:29:18:cd:d0:ed:35:4a:22:8d:da:
f0:3f:8a:b9:85:48:d4:cc:a0:82:0e:0f:61:4b:0c:5c:d8:10:
d2:d9:d9:21:40:61:9a:a8:b5:03:ad:41:06:bf:f1:44:69:7c:
5c:fc:9f:dd:7e:5c:88:64:b5:99:3b:8b:a1:f5:ed:79:a4:5b:
4f:ab:a4:4d:3b:e8:87:95:db:f6:b0:b6:40:c3:88:f0:fe:9a:
ec:4d:69:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIW34ubADW73u0NTRugXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNjQwMGQ3MWQ3ZWRlYjBlYjMwNWQ0OTgyZWNmNTIwYjBm
NDRlNzcwHhcNMjUwMTAyMDM0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGIzNzY2MzA0ZDg4Y2YzNDg2ODk5NzViYTc5MzliYzhjZmFiZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28Uv6aceyv/TtooUicWKbP9Ju5Ky
Mfsxz+B+5REc95tz09LtGx6U0TeZwJluOp65rhA5AVWdb0E4EbZ/whAN1lA9BSrH
4ZUeYnA9afhsJzG6pCRm5KGl/lhSuT1vtDtTJ0/WBSABXjkuxzR7NT5GkV2bG3pY
MauEKBxvUtdxzoZ7nrc6pj79/VN5n9XEceEnhLoIR7cKkQGAgtK6Kgizqk3rYj5k
ndfny6Il4lUDSXkm9WzlYO9V9qZPG/knHJDFbhvnGrjzPJfz3ZxilsHiMyBrQHBC
eOkAJI2M1fDnu01qVH/O1FRPG3831gzYlyXtXRvFXgJ174ORyccM/u0dKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCizdmME2IzzSGiZdbp5ObyM+r6oMB8GA1UdIwQY
MBaAFEBkANcdft6w6zBdSYLs9SCw9E53MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUdRQTF4MS0zckRyTUYxSmd1ejFJTEQwVG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9mMDc1MWQtZDdiMy00NzAxLWEzMjYt
MjE0ODA4MmMzNTMzLzEvS0xOMll3VFlqUE5JYUpsMXVuazV2SXo2dnFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9mMDc1MWQtZDdiMy00NzAxLWEzMjYtMjE0ODA4MmMzNTMz
LzEvUUdRQTF4MS0zckRyTUYxSmd1ejFJTEQwVG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwnyUMA0G
CSqGSIb3DQEBCwUAA4IBAQB7RdzZlxX0bOEG3+nTmlqhJKstGh0N+vsLAV/cXFfD
Cw3C776FbCcT04LXsQXm/W10LdBEwoxAnsUBZyh+WJ//DJGimodPdDW3OSg70stu
HgmJDpmevA90XRDrgmIUq5Awm1QC9MI2hnBUTHCAG6BvdxXjREnqOsgvyq1Q6FC4
ORy/XDpkjGT4n11sahXz1AoXInC0/AKR3HHpdrIAPQVrisf4smjM0kExTCkYzdDt
NUoijdrwP4q5hUjUzKCCDg9hSwxc2BDS2dkhQGGaqLUDrUEGv/FEaXxc/J/dflyI
ZLWZO4uh9e15pFtPq6RNO+iHldv2sLZAw4jw/prsTWk0
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:58:58 2025 by rpki-client