Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/kA_OSzYdIA2vmO2YYor5kHVNHTQ.roa
File: kA_OSzYdIA2vmO2YYor5kHVNHTQ.roa (raw, json)
Hash identifier: na+fNS4+KPnZVKtvI9VPkmEDxvmlZJBhohUxDwUJWbE=
Subject key identifier: 90:0F:CE:4B:36:1D:20:0D:AF:98:ED:98:62:8A:F9:90:75:4D:1D:34
Certificate issuer: /CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Certificate serial: 019425FCE8A3C3E489DE0DC80795FAAF8F49
Authority key identifier: 28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/kA_OSzYdIA2vmO2YYor5kHVNHTQ.roa
Signing time: Thu 02 Jan 2025 07:48:39 +0000
ROA not before: Thu 02 Jan 2025 07:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21382
IP address blocks: 193.189.157.0/24 maxlen: 24
193.189.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:e8:a3:c3:e4:89:de:0d:c8:07:95:fa:af:8f:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Validity
Not Before: Jan 2 07:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=900fce4b361d200daf98ed98628af990754d1d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:87:14:35:9f:87:dc:93:0d:4f:b7:41:92:ca:
78:81:fd:a1:da:3a:2d:3c:ad:e5:42:fc:25:da:9b:
f8:d2:6e:fd:1b:2e:2d:fe:4d:69:bf:90:72:7e:c4:
af:35:ac:e4:a5:cd:f5:cc:3e:4f:75:6a:67:4b:dd:
27:36:3e:e0:f9:96:ec:58:6d:3d:57:53:df:25:05:
dd:28:8c:18:57:3c:82:c9:c0:19:36:75:57:63:f5:
f0:e7:ca:d2:93:38:e0:99:5e:dc:35:53:ea:dd:43:
ae:92:0d:66:5b:d4:86:81:66:09:59:c1:e9:13:e5:
76:5a:d8:70:20:53:ab:d0:94:e6:8d:f0:e8:3c:b7:
a5:30:40:96:85:ca:25:31:86:e9:9f:1d:df:87:4e:
f9:b5:37:fd:58:0a:5b:2f:ef:0b:70:94:88:29:ba:
2c:7d:16:90:92:26:41:50:ad:31:fb:52:8f:68:8b:
24:06:76:84:64:84:c7:76:6b:7e:d3:2d:89:39:c1:
e5:47:f8:44:10:38:48:de:13:80:25:40:19:e2:4a:
1c:4b:f8:bf:94:29:43:53:01:2d:48:e3:e0:e5:97:
39:94:3e:2d:55:10:1b:58:88:15:ef:0d:2d:7e:6c:
a0:61:2b:92:d0:d5:00:8f:9b:e7:e8:fe:c6:38:d5:
55:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0F:CE:4B:36:1D:20:0D:AF:98:ED:98:62:8A:F9:90:75:4D:1D:34
X509v3 Authority Key Identifier:
keyid:28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/kA_OSzYdIA2vmO2YYor5kHVNHTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.189.157.0-193.189.158.255
Signature Algorithm: sha256WithRSAEncryption
83:32:a9:76:1b:3e:bd:4e:c6:84:39:b6:45:3b:c2:cc:e1:5f:
0d:69:b0:a9:e7:af:a4:dd:ee:99:a2:c5:1a:f3:02:a7:07:82:
56:ce:bc:47:b2:f5:6a:21:84:e1:c3:77:d0:ff:c9:62:b5:d1:
45:fe:a1:ee:c4:9b:f5:35:cc:a9:da:b8:e1:ff:3d:cd:28:e9:
06:55:e8:83:98:38:21:c7:e3:b4:f1:e8:8c:90:60:11:91:95:
92:23:8b:b4:5c:21:23:8c:b4:fc:55:d1:99:cf:c3:95:3f:fc:
be:0e:16:0c:c3:89:f0:ce:64:b8:1d:f6:20:eb:9c:78:fb:b5:
f8:c3:7d:e4:fa:3a:60:56:a4:4d:04:2c:98:bf:2d:a3:e9:e3:
47:54:67:a1:4d:08:12:3b:18:db:6e:93:39:21:c6:64:24:85:
08:17:44:8f:d5:59:e0:a5:a4:e8:bb:2a:f4:bb:aa:2e:f1:e2:
f8:f5:c4:c1:ff:b8:77:93:58:51:9e:f5:4e:f3:8b:56:36:9f:
c2:1e:31:15:21:ca:8f:bd:c4:14:30:79:d9:2c:41:a1:4a:ed:
fd:e6:ab:c5:cc:ff:e4:ac:1f:92:11:6a:12:08:3e:a9:bc:4a:
38:89:ca:33:e9:4f:ff:17:8d:f3:5c:d3:28:6e:68:9f:b5:7e:
80:27:04:0b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQl/Oijw+SJ3g3IB5X6r49JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIwM2Q2NWRmMmQ2NWJkYmNmM2M4ODM0NDJkZGFiNTVh
M2JjZGUwHhcNMjUwMTAyMDc0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBmY2U0YjM2MWQyMDBkYWY5OGVkOTg2MjhhZjk5MDc1NGQxZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5IcUNZ+H3JMNT7dBksp4gf2h2jot
PK3lQvwl2pv40m79Gy4t/k1pv5ByfsSvNazkpc31zD5PdWpnS90nNj7g+ZbsWG09
V1PfJQXdKIwYVzyCycAZNnVXY/Xw58rSkzjgmV7cNVPq3UOukg1mW9SGgWYJWcHp
E+V2WthwIFOr0JTmjfDoPLelMECWhcolMYbpnx3fh075tTf9WApbL+8LcJSIKbos
fRaQkiZBUK0x+1KPaIskBnaEZITHdmt+0y2JOcHlR/hEEDhI3hOAJUAZ4kocS/i/
lClDUwEtSOPg5Zc5lD4tVRAbWIgV7w0tfmygYSuS0NUAj5vn6P7GONVVKwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJAPzks2HSANr5jtmGKK+ZB1TR00MB8GA1UdIwQY
MBaAFCjCA9Zd8tZb2888iDRC3atVo7zeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmIt
ODg1OTIwNDMwMjZmLzEva0FfT1N6WWRJQTJ2bU8yWVlvcjVrSFZOSFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmItODg1OTIwNDMwMjZm
LzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBvZ0D
BADBvZ4wDQYJKoZIhvcNAQELBQADggEBAIMyqXYbPr1OxoQ5tkU7wszhXw1psKnn
r6Td7pmixRrzAqcHglbOvEey9WohhOHDd9D/yWK10UX+oe7Em/U1zKnauOH/Pc0o
6QZV6IOYOCHH47Tx6IyQYBGRlZIji7RcISOMtPxV0ZnPw5U//L4OFgzDifDOZLgd
9iDrnHj7tfjDfeT6OmBWpE0ELJi/LaPp40dUZ6FNCBI7GNtukzkhxmQkhQgXRI/V
WeClpOi7KvS7qi7x4vj1xMH/uHeTWFGe9U7zi1Y2n8IeMRUhyo+9xBQwedksQaFK
7f3mq8XM/+SsH5IRahIIPqm8SjiJyjPpT/8XjfNc0yhuaJ+1foAnBAs=
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:36:08 2025 by rpki-client