Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/KrPbG6M_7Mm1PtcHhZI4wknQI1M.roa
File: KrPbG6M_7Mm1PtcHhZI4wknQI1M.roa (raw, json)
Hash identifier: tjtqRRJLnNhIS/xM5FVWwtZTtirmBRvu7piQDYGy3mE=
Subject key identifier: 2A:B3:DB:1B:A3:3F:EC:C9:B5:3E:D7:07:85:92:38:C2:49:D0:23:53
Certificate issuer: /CN=afba10b0a676d3e1fab56528430fac891a083652
Certificate serial: 0194236A2EDF165A1C1B0B7D111681BA03F8
Authority key identifier: AF:BA:10:B0:A6:76:D3:E1:FA:B5:65:28:43:0F:AC:89:1A:08:36:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7oQsKZ20-H6tWUoQw-siRoINlI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/KrPbG6M_7Mm1PtcHhZI4wknQI1M.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28900
IP address blocks: 213.190.224.0/21 maxlen: 21
213.190.232.0/21 maxlen: 21
213.190.240.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2e:df:16:5a:1c:1b:0b:7d:11:16:81:ba:03:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afba10b0a676d3e1fab56528430fac891a083652
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ab3db1ba33fecc9b53ed707859238c249d02353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:76:92:e3:d2:32:17:1d:e9:da:34:11:5e:46:
a0:9c:13:23:c8:a0:bf:f9:5d:a0:de:42:65:af:10:
58:3b:31:f2:f4:0a:98:56:66:ba:da:04:88:93:13:
f9:17:66:46:0f:a3:72:83:d3:ac:34:9f:cf:df:2b:
71:db:aa:5f:eb:25:10:bc:ee:a2:5e:64:37:0a:50:
21:db:e4:2a:c9:4c:37:4d:d9:62:1d:f8:bb:62:36:
35:83:cf:78:f2:d5:9f:bb:87:e8:d1:42:49:8e:60:
77:e7:d4:dc:97:b3:63:1b:8f:38:e7:3c:0d:ca:09:
ef:f2:ae:e9:aa:33:a6:7d:0b:99:e6:b3:dd:76:5d:
37:c5:84:24:4e:7d:8c:3e:ec:01:1b:ff:88:da:a7:
72:91:9b:5c:54:42:9d:ef:62:28:bc:fb:c3:70:af:
46:7e:7c:59:7c:d0:53:cd:3e:29:67:2b:ed:5c:c0:
56:19:33:0e:f6:ff:bd:2f:08:0a:08:a8:71:36:35:
0b:da:24:da:6e:6e:7d:e4:dd:de:73:76:94:d5:83:
04:43:9d:0c:34:84:51:c2:7a:d3:e6:46:4c:ee:78:
6d:37:e4:13:69:5f:bb:2b:c2:e7:bf:bd:97:00:25:
f3:79:7d:5c:02:30:93:fd:76:4a:8a:d4:2a:30:99:
1f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B3:DB:1B:A3:3F:EC:C9:B5:3E:D7:07:85:92:38:C2:49:D0:23:53
X509v3 Authority Key Identifier:
keyid:AF:BA:10:B0:A6:76:D3:E1:FA:B5:65:28:43:0F:AC:89:1A:08:36:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7oQsKZ20-H6tWUoQw-siRoINlI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/KrPbG6M_7Mm1PtcHhZI4wknQI1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/r7oQsKZ20-H6tWUoQw-siRoINlI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.190.224.0/19
Signature Algorithm: sha256WithRSAEncryption
41:0a:92:76:27:59:24:c6:b3:5f:83:15:5b:61:7b:15:69:d4:
5a:3a:09:99:9b:b1:ac:83:c7:60:74:b8:66:97:6d:2a:84:2a:
4c:5a:04:71:e1:15:5f:0f:be:5e:86:64:54:7a:13:68:ec:86:
95:ae:c8:d8:09:c4:84:54:68:97:26:02:c7:f3:2a:bb:b2:c4:
70:c6:a4:d2:2f:17:72:da:3c:01:f1:78:a7:a7:a8:ed:2a:b5:
c6:f7:1e:ef:16:6c:98:fd:22:a4:36:85:f0:e7:53:9f:6b:95:
4b:0c:d9:3b:10:73:8c:2f:f5:a1:3c:02:bf:a4:ad:c6:8c:bf:
d8:96:26:9f:04:81:69:bf:6d:78:b2:31:11:7d:d2:c8:51:ba:
d6:93:6e:8e:56:3a:14:f3:e4:78:eb:17:71:fc:d5:e5:a6:63:
89:6a:44:79:1a:1d:ec:b5:eb:5b:17:5c:55:d2:4b:7a:d0:46:
2e:12:f4:cf:27:a3:b3:cf:57:a9:28:3f:34:55:4d:0f:79:49:
c8:d0:09:02:86:5b:ad:04:e2:22:dc:61:c5:13:c8:10:f1:cd:
20:8e:8b:1b:1b:97:05:4e:64:71:cf:ab:45:1e:49:03:33:bc:
da:6b:0d:27:07:e7:c5:d0:d8:3a:e3:02:80:4c:23:51:27:fd:
64:4b:5d:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjai7fFlocGwt9ERaBugP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYmExMGIwYTY3NmQzZTFmYWI1NjUyODQzMGZhYzg5MWEw
ODM2NTIwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWIzZGIxYmEzM2ZlY2M5YjUzZWQ3MDc4NTkyMzhjMjQ5ZDAyMzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHaS49IyFx3p2jQRXkagnBMjyKC/
+V2g3kJlrxBYOzHy9AqYVma62gSIkxP5F2ZGD6Nyg9OsNJ/P3ytx26pf6yUQvO6i
XmQ3ClAh2+QqyUw3TdliHfi7YjY1g8948tWfu4fo0UJJjmB359Tcl7NjG4845zwN
ygnv8q7pqjOmfQuZ5rPddl03xYQkTn2MPuwBG/+I2qdykZtcVEKd72IovPvDcK9G
fnxZfNBTzT4pZyvtXMBWGTMO9v+9LwgKCKhxNjUL2iTabm595N3ec3aU1YMEQ50M
NIRRwnrT5kZM7nhtN+QTaV+7K8Lnv72XACXzeX1cAjCT/XZKitQqMJkf7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqz2xujP+zJtT7XB4WSOMJJ0CNTMB8GA1UdIwQY
MBaAFK+6ELCmdtPh+rVlKEMPrIkaCDZSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjdvUXNLWjIwLUg2dFdVb1F3LXNpUm9JTmxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xYTljOWYtMGMwNy00Nzc2LWFlNjUt
ZTAyN2RjYjFkMTg2LzEvS3JQYkc2TV83TW0xUHRjSGhaSTR3a25RSTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xYTljOWYtMGMwNy00Nzc2LWFlNjUtZTAyN2RjYjFkMTg2
LzEvcjdvUXNLWjIwLUg2dFdVb1F3LXNpUm9JTmxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1b7gMA0G
CSqGSIb3DQEBCwUAA4IBAQBBCpJ2J1kkxrNfgxVbYXsVadRaOgmZm7Gsg8dgdLhm
l20qhCpMWgRx4RVfD75ehmRUehNo7IaVrsjYCcSEVGiXJgLH8yq7ssRwxqTSLxdy
2jwB8Xinp6jtKrXG9x7vFmyY/SKkNoXw51Ofa5VLDNk7EHOML/WhPAK/pK3GjL/Y
liafBIFpv214sjERfdLIUbrWk26OVjoU8+R46xdx/NXlpmOJakR5Gh3stetbF1xV
0kt60EYuEvTPJ6Ozz1epKD80VU0PeUnI0AkChlutBOIi3GHFE8gQ8c0gjosbG5cF
TmRxz6tFHkkDM7zaaw0nB+fF0Ng64wKATCNRJ/1kS13Q
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:47:47 2025 by rpki-client