Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/ecbe01-18ab-4fbd-9dc3-bcd52da15644/1/KlCag1k38E35giK2RwCL86wfRww.roa
File: KlCag1k38E35giK2RwCL86wfRww.roa (raw, json)
Hash identifier: 3A8pcHf0/9mVDJ/I9xf+96E0LjYi6EEs2LRUfPZpiNc=
Subject key identifier: 2A:50:9A:83:59:37:F0:4D:F9:82:22:B6:47:00:8B:F3:AC:1F:47:0C
Certificate issuer: /CN=31b5f0acae3652a53c71a074a2347ab6f17fd3f8
Certificate serial: 01942823101FAFE676C9A7E8CAA43CA5D179
Authority key identifier: 31:B5:F0:AC:AE:36:52:A5:3C:71:A0:74:A2:34:7A:B6:F1:7F:D3:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MbXwrK42UqU8caB0ojR6tvF_0_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/ecbe01-18ab-4fbd-9dc3-bcd52da15644/1/KlCag1k38E35giK2RwCL86wfRww.roa
Signing time: Thu 02 Jan 2025 17:49:34 +0000
ROA not before: Thu 02 Jan 2025 17:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200312
IP address blocks: 194.156.140.0/22 maxlen: 27
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:10:1f:af:e6:76:c9:a7:e8:ca:a4:3c:a5:d1:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31b5f0acae3652a53c71a074a2347ab6f17fd3f8
Validity
Not Before: Jan 2 17:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a509a835937f04df98222b647008bf3ac1f470c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:99:55:d9:dc:48:b1:ea:3b:19:e3:b4:85:d3:
b3:79:40:52:55:aa:97:e4:67:2a:52:49:4b:df:0b:
f3:33:6a:9b:a5:32:b4:57:f2:f9:f9:5f:2c:26:e1:
dd:3f:30:53:8a:75:a7:c8:46:59:0d:e1:d7:d7:45:
80:cb:24:8e:62:fc:db:17:32:ee:56:4b:90:e1:f7:
f0:d0:3d:fc:e9:bf:60:d0:ae:12:96:50:9b:13:42:
7b:70:61:25:2c:1e:7e:c5:d6:a8:4b:16:f0:d0:b2:
19:96:2b:e1:18:98:28:63:85:53:23:5b:f1:45:4e:
d9:b2:47:f6:2f:21:44:b3:0f:2c:fd:96:31:7f:a7:
45:2c:8b:77:a3:19:ad:17:9f:27:59:39:d5:62:1d:
7b:86:3a:23:8f:7e:68:0f:29:ea:88:3f:24:bd:32:
f7:63:a9:f2:b0:f6:b9:41:b4:14:43:81:9d:8a:6a:
0e:f1:b8:29:46:e9:df:b5:11:c7:c0:c0:c0:2a:2a:
2a:f8:75:34:73:7a:1a:0f:2a:00:98:33:76:89:4d:
ac:3b:9d:e9:48:15:cd:c6:e8:66:67:b2:25:9e:ea:
9e:07:10:c6:1d:e6:a2:6f:2a:ce:7c:7c:2b:e7:7f:
28:94:96:a5:7a:96:1b:89:96:cd:13:26:9a:30:49:
06:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:50:9A:83:59:37:F0:4D:F9:82:22:B6:47:00:8B:F3:AC:1F:47:0C
X509v3 Authority Key Identifier:
keyid:31:B5:F0:AC:AE:36:52:A5:3C:71:A0:74:A2:34:7A:B6:F1:7F:D3:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbXwrK42UqU8caB0ojR6tvF_0_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ecbe01-18ab-4fbd-9dc3-bcd52da15644/1/KlCag1k38E35giK2RwCL86wfRww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ecbe01-18ab-4fbd-9dc3-bcd52da15644/1/MbXwrK42UqU8caB0ojR6tvF_0_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.140.0/22
Signature Algorithm: sha256WithRSAEncryption
33:ed:7b:72:f9:17:03:cf:3a:e6:9c:8c:34:a6:4b:74:14:03:
0e:0e:06:c5:0d:0a:8b:93:82:fc:fe:4b:70:b6:f5:ab:da:25:
5c:43:f4:e9:05:7f:fa:28:24:57:05:8c:0c:de:ac:fe:bb:90:
70:91:d8:98:39:5b:5e:09:e7:35:30:48:2b:57:e5:c9:6c:6d:
46:6c:d6:eb:86:cf:bf:46:9f:ce:a3:f8:28:9f:06:69:a0:f9:
bf:dd:14:d3:e2:6a:7c:2e:e7:32:c8:d5:31:c0:d1:eb:08:1a:
2a:4f:e2:72:77:78:bc:80:e3:3f:35:9a:3e:f8:04:30:c4:6f:
ca:0e:26:f2:db:14:72:c7:37:a8:78:99:62:41:8c:70:90:14:
ba:55:fb:55:01:91:90:b4:14:8e:4c:c3:f3:12:99:90:2e:9a:
5e:86:a6:82:47:e7:19:d9:34:18:89:d8:65:58:44:35:c4:67:
4f:d6:bf:46:b9:16:56:4e:74:e7:45:f7:6b:3a:b0:03:01:ab:
cb:60:16:0b:a6:a9:3a:a0:e6:c7:ed:fa:5e:bb:35:1d:39:11:
63:28:9b:a1:0c:09:0b:d2:03:4d:e2:bc:32:1d:10:76:06:2f:
d1:2c:6b:13:71:d5:31:e4:df:95:4c:63:64:08:cd:c6:be:ff:
ed:e3:66:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoIxAfr+Z2yafoyqQ8pdF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYjVmMGFjYWUzNjUyYTUzYzcxYTA3NGEyMzQ3YWI2ZjE3
ZmQzZjgwHhcNMjUwMTAyMTc0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTUwOWE4MzU5MzdmMDRkZjk4MjIyYjY0NzAwOGJmM2FjMWY0NzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtplV2dxIseo7GeO0hdOzeUBSVaqX
5GcqUklL3wvzM2qbpTK0V/L5+V8sJuHdPzBTinWnyEZZDeHX10WAyySOYvzbFzLu
VkuQ4ffw0D386b9g0K4SllCbE0J7cGElLB5+xdaoSxbw0LIZlivhGJgoY4VTI1vx
RU7Zskf2LyFEsw8s/ZYxf6dFLIt3oxmtF58nWTnVYh17hjojj35oDynqiD8kvTL3
Y6nysPa5QbQUQ4GdimoO8bgpRunftRHHwMDAKioq+HU0c3oaDyoAmDN2iU2sO53p
SBXNxuhmZ7IlnuqeBxDGHeaibyrOfHwr538olJalepYbiZbNEyaaMEkGPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpQmoNZN/BN+YIitkcAi/OsH0cMMB8GA1UdIwQY
MBaAFDG18KyuNlKlPHGgdKI0erbxf9P4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWJYd3JLNDJVcVU4Y2FCMG9qUjZ0dkZfMF9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9lY2JlMDEtMThhYi00ZmJkLTlkYzMt
YmNkNTJkYTE1NjQ0LzEvS2xDYWcxazM4RTM1Z2lLMlJ3Q0w4NndmUnd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9lY2JlMDEtMThhYi00ZmJkLTlkYzMtYmNkNTJkYTE1NjQ0
LzEvTWJYd3JLNDJVcVU4Y2FCMG9qUjZ0dkZfMF9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpyMMA0G
CSqGSIb3DQEBCwUAA4IBAQAz7Xty+RcDzzrmnIw0pkt0FAMODgbFDQqLk4L8/ktw
tvWr2iVcQ/TpBX/6KCRXBYwM3qz+u5BwkdiYOVteCec1MEgrV+XJbG1GbNbrhs+/
Rp/Oo/gonwZpoPm/3RTT4mp8LucyyNUxwNHrCBoqT+Jyd3i8gOM/NZo++AQwxG/K
Diby2xRyxzeoeJliQYxwkBS6VftVAZGQtBSOTMPzEpmQLppehqaCR+cZ2TQYidhl
WEQ1xGdP1r9GuRZWTnTnRfdrOrADAavLYBYLpqk6oObH7fpeuzUdORFjKJuhDAkL
0gNN4rwyHRB2Bi/RLGsTcdUx5N+VTGNkCM3Gvv/t42ar
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:31 2025 by rpki-client on console.sobornost.net