Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/dKpw_-0HjSGrVaWJaUDvP77eqyY.roa
File: dKpw_-0HjSGrVaWJaUDvP77eqyY.roa (raw, json)
Hash identifier: QqA/x8rzftDJLWW2k4Vuop1woZfiPckz4TMZl5sc2Xs=
Subject key identifier: 74:AA:70:FF:ED:07:8D:21:AB:55:A5:89:69:40:EF:3F:BE:DE:AB:26
Certificate issuer: /CN=ba77301e14d65b3a3d686daac16dfc49ac48c7cd
Certificate serial: 019423690E6E98DCBCB0E9C2923450423A2E
Authority key identifier: BA:77:30:1E:14:D6:5B:3A:3D:68:6D:AA:C1:6D:FC:49:AC:48:C7:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uncwHhTWWzo9aG2qwW38SaxIx80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/dKpw_-0HjSGrVaWJaUDvP77eqyY.roa
Signing time: Wed 01 Jan 2025 19:47:55 +0000
ROA not before: Wed 01 Jan 2025 19:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211896
IP address blocks: 194.180.20.0/24 maxlen: 24
194.180.25.0/24 maxlen: 24
194.180.52.0/24 maxlen: 24
194.180.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:0e:6e:98:dc:bc:b0:e9:c2:92:34:50:42:3a:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba77301e14d65b3a3d686daac16dfc49ac48c7cd
Validity
Not Before: Jan 1 19:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74aa70ffed078d21ab55a5896940ef3fbedeab26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:af:8e:52:25:e7:d4:5a:ec:72:94:63:79:62:
91:4c:ee:9a:a7:a2:5c:90:55:fb:b2:62:f7:3c:95:
8d:b4:81:d5:c4:0b:63:4b:c1:0e:35:0f:e9:80:f2:
4c:fb:c3:71:f8:3a:f2:51:08:89:2d:70:f4:21:73:
f3:82:83:de:33:32:19:5d:4b:78:05:9f:c2:17:e3:
e0:b6:0f:a1:ef:7c:5b:6d:86:c6:8f:3f:9d:32:53:
5e:62:26:b4:73:ff:9b:af:d9:96:af:9e:ab:c2:5c:
ce:37:38:97:2a:87:29:a1:f9:0f:da:59:87:34:c1:
66:00:59:4f:91:c9:d7:c4:ed:e5:9c:df:6d:4d:77:
16:6e:aa:4f:d7:b4:bd:bc:ed:9b:ca:41:84:56:76:
4b:5d:67:0a:fa:1a:00:e0:db:20:09:80:6f:34:26:
91:90:e9:a4:77:35:9f:a3:8d:7d:5a:c3:f9:3d:e3:
fc:8f:02:ee:ae:ef:b4:3f:85:07:76:c4:55:86:aa:
19:8d:82:cf:bf:e0:e2:9f:c2:5f:46:21:f3:30:b0:
39:7d:9d:84:21:84:9d:09:eb:61:29:47:15:9b:44:
15:cc:8a:02:f6:8c:83:cb:cb:01:93:ee:37:22:82:
44:e6:1d:f9:9d:18:e3:62:ac:86:9e:05:06:88:e2:
66:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:AA:70:FF:ED:07:8D:21:AB:55:A5:89:69:40:EF:3F:BE:DE:AB:26
X509v3 Authority Key Identifier:
keyid:BA:77:30:1E:14:D6:5B:3A:3D:68:6D:AA:C1:6D:FC:49:AC:48:C7:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uncwHhTWWzo9aG2qwW38SaxIx80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/dKpw_-0HjSGrVaWJaUDvP77eqyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/uncwHhTWWzo9aG2qwW38SaxIx80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.20.0/24
194.180.25.0/24
194.180.52.0/24
194.180.55.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:df:4b:4e:b9:34:b2:ff:6f:45:3f:69:c7:a9:09:39:72:df:
e6:52:6b:a6:ce:3e:81:35:a9:3b:c2:a1:a1:c2:ab:d2:e9:0e:
29:8a:48:c0:fe:e6:bc:c7:c6:7f:3e:57:b9:23:b7:93:2f:09:
2d:1a:7c:81:fd:ef:0f:c3:54:0e:d4:0c:3b:3c:da:73:6f:88:
ad:10:cd:b7:2c:0c:14:c0:06:33:4b:a0:cd:8d:51:74:d0:33:
17:99:18:e4:26:d1:74:56:64:22:55:b5:72:fa:c3:4a:91:a6:
0a:b3:dc:46:5c:73:06:23:a8:7b:c6:7f:80:30:17:a4:65:34:
48:c4:9d:53:59:6b:95:59:f0:4d:02:e9:cd:52:d2:aa:59:18:
22:88:bc:42:59:b9:51:55:ed:a9:70:54:0c:8b:34:87:ff:23:
ce:2c:0b:cd:20:97:1d:c2:b9:83:25:cb:e4:5a:10:b9:22:0b:
07:3a:82:84:12:16:e5:7d:d6:2a:3a:cf:35:52:70:f6:72:c9:
b6:d2:94:11:b2:16:b8:84:7f:46:f6:ce:89:92:d9:2a:db:20:
44:f0:cb:bc:fe:57:36:5d:4a:1c:75:c4:f0:7f:6d:c6:22:e8:
9d:f2:9c:f0:56:02:74:4d:83:39:36:ac:09:3b:48:c0:72:a8:
24:ad:e9:23
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQjaQ5umNy8sOnCkjRQQjouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNzczMDFlMTRkNjViM2EzZDY4NmRhYWMxNmRmYzQ5YWM0
OGM3Y2QwHhcNMjUwMTAxMTk0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGFhNzBmZmVkMDc4ZDIxYWI1NWE1ODk2OTQwZWYzZmJlZGVhYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK+OUiXn1FrscpRjeWKRTO6ap6Jc
kFX7smL3PJWNtIHVxAtjS8EONQ/pgPJM+8Nx+DryUQiJLXD0IXPzgoPeMzIZXUt4
BZ/CF+Pgtg+h73xbbYbGjz+dMlNeYia0c/+br9mWr56rwlzONziXKocpofkP2lmH
NMFmAFlPkcnXxO3lnN9tTXcWbqpP17S9vO2bykGEVnZLXWcK+hoA4NsgCYBvNCaR
kOmkdzWfo419WsP5PeP8jwLuru+0P4UHdsRVhqoZjYLPv+Din8JfRiHzMLA5fZ2E
IYSdCethKUcVm0QVzIoC9oyDy8sBk+43IoJE5h35nRjjYqyGngUGiOJmswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHSqcP/tB40hq1WliWlA7z++3qsmMB8GA1UdIwQY
MBaAFLp3MB4U1ls6PWhtqsFt/EmsSMfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW5jd0hoVFdXem85YUcycXdXMzhTYXhJeDgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzM5M2ItNjgxOC00OGQzLWIwODEt
NWM2OGY2YjBiMmM3LzEvZEtwd18tMEhqU0dyVmFXSmFVRHZQNzdlcXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzM5M2ItNjgxOC00OGQzLWIwODEtNWM2OGY2YjBiMmM3
LzEvdW5jd0hoVFdXem85YUcycXdXMzhTYXhJeDgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwrQUAwQA
wrQZAwQAwrQ0AwQAwrQ3MA0GCSqGSIb3DQEBCwUAA4IBAQCK30tOuTSy/29FP2nH
qQk5ct/mUmumzj6BNak7wqGhwqvS6Q4pikjA/ua8x8Z/Ple5I7eTLwktGnyB/e8P
w1QO1Aw7PNpzb4itEM23LAwUwAYzS6DNjVF00DMXmRjkJtF0VmQiVbVy+sNKkaYK
s9xGXHMGI6h7xn+AMBekZTRIxJ1TWWuVWfBNAunNUtKqWRgiiLxCWblRVe2pcFQM
izSH/yPOLAvNIJcdwrmDJcvkWhC5IgsHOoKEEhblfdYqOs81UnD2csm20pQRsha4
hH9G9s6Jktkq2yBE8Mu8/lc2XUocdcTwf23GIuid8pzwVgJ0TYM5NqwJO0jAcqgk
rekj
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:37 2025 by rpki-client on console.sobornost.net