Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/Kiv_IviKdC8pR128g7W0wceOpJ0.roa
File: Kiv_IviKdC8pR128g7W0wceOpJ0.roa (raw, json)
Hash identifier: 50AAjX5lYU+hq4n12QkFVtcpqB6XzbZl6EuH3DlX6GI=
Subject key identifier: 2A:2B:FF:22:F8:8A:74:2F:29:47:5D:BC:83:B5:B4:C1:C7:8E:A4:9D
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 019426D873C1970716B78C1E85D29EDA403A
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/Kiv_IviKdC8pR128g7W0wceOpJ0.roa
Signing time: Thu 02 Jan 2025 11:48:27 +0000
ROA not before: Thu 02 Jan 2025 11:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204652
IP address blocks: 185.25.142.0/24 maxlen: 24
2a02:2339:c000::/34 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:73:c1:97:07:16:b7:8c:1e:85:d2:9e:da:40:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Jan 2 11:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a2bff22f88a742f29475dbc83b5b4c1c78ea49d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d1:3d:ee:77:ca:0a:4c:ed:15:47:f7:94:4f:
bb:97:9f:ed:fd:23:ed:f0:ed:ae:07:86:6c:34:95:
08:eb:75:f5:d4:65:a6:03:17:84:b9:4f:e6:74:0b:
6d:a9:cf:04:f7:de:01:13:6d:1a:29:08:de:47:85:
6a:ed:b4:d1:b1:fc:48:aa:44:3f:76:e1:e5:e4:74:
47:e0:aa:f6:fe:69:9f:6e:d3:46:d8:e8:70:20:f7:
9d:54:d3:d9:89:fd:7f:a6:25:75:91:f7:30:be:5f:
7f:f4:34:b7:f0:a4:de:d7:e2:8e:ad:1a:62:fa:73:
f8:27:a1:50:9a:1d:0c:52:3f:60:13:31:3c:9a:a0:
1c:32:25:5b:cb:4d:ff:3a:9a:26:21:77:21:46:c4:
e5:48:88:9e:8d:c2:15:f8:4a:67:36:9e:2b:1e:06:
5e:f3:25:32:0e:8d:1c:98:93:e5:21:88:0e:1c:d3:
74:f8:8a:9e:b7:a6:49:c8:5b:a5:a4:db:95:6d:23:
18:e6:49:41:dd:3a:3f:6d:17:50:72:20:61:11:50:
6d:7a:37:4c:bb:71:c6:61:81:71:1c:ff:4a:e0:c5:
0f:9e:92:60:4f:ac:32:7c:74:68:a4:be:39:08:8b:
d1:9a:65:01:67:93:72:15:a0:d3:37:3e:a8:27:99:
4d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2B:FF:22:F8:8A:74:2F:29:47:5D:BC:83:B5:B4:C1:C7:8E:A4:9D
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/Kiv_IviKdC8pR128g7W0wceOpJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.142.0/24
IPv6:
2a02:2339:c000::/34
Signature Algorithm: sha256WithRSAEncryption
49:a7:90:bd:11:91:4a:3f:47:ac:54:5c:1f:98:2c:fb:b4:26:
f7:2d:03:ab:e7:15:99:ae:85:d7:43:1f:c6:eb:51:e6:df:88:
f2:c9:e3:d1:9c:34:48:bd:65:72:3a:01:7b:96:c6:a1:d7:23:
d8:71:c1:30:5b:aa:44:fb:9e:24:05:5e:54:04:72:04:02:6a:
da:81:b8:8f:f0:04:01:0a:f7:48:70:a9:a8:90:45:50:73:01:
f6:7a:27:0b:3f:a5:34:05:39:e7:53:a9:a6:b0:9b:00:71:28:
bc:78:52:d2:e6:dd:30:c7:af:6e:38:e9:05:2e:67:f4:50:0b:
03:01:43:81:87:da:14:6c:97:93:c0:0f:35:d2:c9:e0:3b:16:
e6:df:fb:46:f0:43:99:7b:1a:0f:c6:60:e3:0f:9d:8c:de:0e:
bb:51:e2:bf:ac:c5:63:eb:55:23:f0:17:2f:9c:cd:d3:df:1d:
96:ee:b3:41:7c:41:13:d8:ab:d8:36:d7:89:e9:91:4a:a6:09:
8a:c7:33:5e:a8:70:53:04:7e:ac:45:4c:4b:4e:52:76:b2:76:
ec:8a:47:52:03:7e:76:47:eb:b3:d9:74:44:06:1d:70:06:a0:
af:7c:d8:32:b1:a6:15:ba:b5:a8:b8:fd:fe:05:21:fe:f6:3e:
6a:68:a3:bb
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQm2HPBlwcWt4wehdKe2kA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl
NzUxNjQwHhcNMjUwMTAyMTE0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTJiZmYyMmY4OGE3NDJmMjk0NzVkYmM4M2I1YjRjMWM3OGVhNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNE97nfKCkztFUf3lE+7l5/t/SPt
8O2uB4ZsNJUI63X11GWmAxeEuU/mdAttqc8E994BE20aKQjeR4Vq7bTRsfxIqkQ/
duHl5HRH4Kr2/mmfbtNG2OhwIPedVNPZif1/piV1kfcwvl9/9DS38KTe1+KOrRpi
+nP4J6FQmh0MUj9gEzE8mqAcMiVby03/OpomIXchRsTlSIiejcIV+EpnNp4rHgZe
8yUyDo0cmJPlIYgOHNN0+Iqet6ZJyFulpNuVbSMY5klB3To/bRdQciBhEVBtejdM
u3HGYYFxHP9K4MUPnpJgT6wyfHRopL45CIvRmmUBZ5NyFaDTNz6oJ5lN3wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCor/yL4inQvKUddvIO1tMHHjqSdMB8GA1UdIwQY
MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt
M2U1OWNlNDQ1YjFjLzEvS2l2X0l2aUtkQzhwUjEyOGc3VzB3Y2VPcEowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj
LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuRmOMA4E
AgACMAgDBgYqAiM5wDANBgkqhkiG9w0BAQsFAAOCAQEASaeQvRGRSj9HrFRcH5gs
+7Qm9y0Dq+cVma6F10MfxutR5t+I8snj0Zw0SL1lcjoBe5bGodcj2HHBMFuqRPue
JAVeVARyBAJq2oG4j/AEAQr3SHCpqJBFUHMB9nonCz+lNAU551OpprCbAHEovHhS
0ubdMMevbjjpBS5n9FALAwFDgYfaFGyXk8APNdLJ4DsW5t/7RvBDmXsaD8Zg4w+d
jN4Ou1Hiv6zFY+tVI/AXL5zN098dlu6zQXxBE9ir2DbXiemRSqYJisczXqhwUwR+
rEVMS05SdrJ27IpHUgN+dkfrs9l0RAYdcAagr3zYMrGmFbq1qLj9/gUh/vY+amij
uw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:42:25 2025 by rpki-client