Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/Kt18qGRPFhnoeDMRU6Ja36FUtdA.roa
File: Kt18qGRPFhnoeDMRU6Ja36FUtdA.roa (raw, json)
Hash identifier: ZdZhwP5GgUBDAZeIM6qZ4JCbpszuez2XwZJ3dyqtyLY=
Subject key identifier: 2A:DD:7C:A8:64:4F:16:19:E8:78:33:11:53:A2:5A:DF:A1:54:B5:D0
Certificate issuer: /CN=31c6bbaf409f5fd6d709c4d7d24344a292a3caa5
Certificate serial: 0194236A15E6E3628DC9A54C74EDAA29AE74
Authority key identifier: 31:C6:BB:AF:40:9F:5F:D6:D7:09:C4:D7:D2:43:44:A2:92:A3:CA:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mca7r0CfX9bXCcTX0kNEopKjyqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/Kt18qGRPFhnoeDMRU6Ja36FUtdA.roa
Signing time: Wed 01 Jan 2025 19:49:02 +0000
ROA not before: Wed 01 Jan 2025 19:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203384
IP address blocks: 193.73.106.0/23 maxlen: 24
193.223.192.0/20 maxlen: 24
193.223.224.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:15:e6:e3:62:8d:c9:a5:4c:74:ed:aa:29:ae:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31c6bbaf409f5fd6d709c4d7d24344a292a3caa5
Validity
Not Before: Jan 1 19:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2add7ca8644f1619e878331153a25adfa154b5d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7d:eb:2a:d1:47:65:23:54:2e:a5:eb:41:d5:
c1:ac:99:4b:14:94:16:a4:89:d4:be:3d:6e:77:cc:
b9:68:63:0c:c7:90:e3:79:36:ab:76:f4:7d:fe:d6:
cb:4d:1e:c6:d2:60:42:a5:34:58:11:b9:f1:c1:b4:
03:7a:20:45:77:34:80:c8:9d:7e:e8:18:b5:64:d0:
64:d6:77:4f:c6:79:02:6c:ab:5e:eb:11:44:70:18:
49:c9:85:9b:63:38:a7:b5:70:af:11:47:91:fd:d6:
36:f5:2a:9d:27:7d:8c:c0:cb:ba:82:68:db:03:5f:
74:61:df:92:5f:bb:3d:2a:e0:0b:88:e9:4d:c4:3e:
84:c5:39:a0:6a:eb:db:83:3b:f3:d3:c3:5b:6c:e2:
cf:e1:c0:05:b4:c9:53:78:ea:98:75:38:8f:df:a4:
90:3f:72:14:d9:eb:ce:5f:22:06:14:69:9f:c7:cc:
9e:ee:ff:f2:28:f3:43:0b:2f:d0:a8:7c:f9:00:4a:
c6:94:43:ff:12:e2:6c:f2:69:0f:42:18:6a:4d:bf:
10:26:c5:95:f0:6f:ac:bb:fa:ff:8e:c7:e1:c6:17:
da:20:46:c1:6a:ff:d5:5b:5e:24:8f:36:59:3e:47:
00:f0:77:b3:6e:2e:55:eb:ac:e4:de:b2:c3:6e:95:
a8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DD:7C:A8:64:4F:16:19:E8:78:33:11:53:A2:5A:DF:A1:54:B5:D0
X509v3 Authority Key Identifier:
keyid:31:C6:BB:AF:40:9F:5F:D6:D7:09:C4:D7:D2:43:44:A2:92:A3:CA:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mca7r0CfX9bXCcTX0kNEopKjyqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/Kt18qGRPFhnoeDMRU6Ja36FUtdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/Mca7r0CfX9bXCcTX0kNEopKjyqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.73.106.0/23
193.223.192.0/20
193.223.224.0/20
Signature Algorithm: sha256WithRSAEncryption
aa:da:43:57:c5:95:e9:de:aa:66:a4:34:72:ee:82:14:c0:39:
59:46:0b:63:d0:43:bd:ea:12:10:85:38:87:ca:39:65:58:12:
84:61:9c:14:18:7f:06:81:d6:b6:b7:96:db:2f:70:0c:d8:67:
d9:5b:80:27:fb:9d:26:e3:5a:84:08:8d:62:a4:89:4a:8e:7c:
fb:fa:e4:5d:64:a4:44:ec:6f:34:b2:dc:be:d1:92:f0:1d:88:
19:e9:bf:91:a6:1e:a1:6c:20:73:25:d7:c4:93:55:4f:e6:bb:
ef:d7:fa:b2:84:69:9e:e2:88:b3:2e:14:62:57:19:2c:29:0d:
12:bf:d7:10:c7:eb:06:24:66:19:8f:60:94:57:22:40:43:fd:
ad:a1:7c:e7:f2:a3:3c:30:fa:3f:5e:78:d2:0a:74:d0:1f:74:
59:4e:77:b5:e7:72:20:fd:85:a3:53:de:78:f9:95:1f:72:de:
23:8c:4a:ba:3a:bd:7d:fc:21:45:70:04:76:ae:71:5d:42:b9:
e6:5f:81:c8:60:b8:0b:12:1b:4b:d4:3c:70:16:2e:9a:71:12:
64:16:57:53:4b:03:bc:b6:fd:44:c0:72:3b:dc:a0:d9:58:30:
12:00:c4:91:05:8b:4a:0c:b9:69:db:9d:17:ad:72:e2:e1:ff:
22:5a:90:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjahXm42KNyaVMdO2qKa50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYzZiYmFmNDA5ZjVmZDZkNzA5YzRkN2QyNDM0NGEyOTJh
M2NhYTUwHhcNMjUwMTAxMTk0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWRkN2NhODY0NGYxNjE5ZTg3ODMzMTE1M2EyNWFkZmExNTRiNWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkX3rKtFHZSNULqXrQdXBrJlLFJQW
pInUvj1ud8y5aGMMx5DjeTardvR9/tbLTR7G0mBCpTRYEbnxwbQDeiBFdzSAyJ1+
6Bi1ZNBk1ndPxnkCbKte6xFEcBhJyYWbYzintXCvEUeR/dY29SqdJ32MwMu6gmjb
A190Yd+SX7s9KuALiOlNxD6ExTmgauvbgzvz08NbbOLP4cAFtMlTeOqYdTiP36SQ
P3IU2evOXyIGFGmfx8ye7v/yKPNDCy/QqHz5AErGlEP/EuJs8mkPQhhqTb8QJsWV
8G+su/r/jsfhxhfaIEbBav/VW14kjzZZPkcA8Hezbi5V66zk3rLDbpWolQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCrdfKhkTxYZ6HgzEVOiWt+hVLXQMB8GA1UdIwQY
MBaAFDHGu69An1/W1wnE19JDRKKSo8qlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWNhN3IwQ2ZYOWJYQ2NUWDBrTkVvcEtqeXFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9jYmY5M2MtNmRkYS00ODI0LTgwMzMt
NDFjM2NmOTA4ZTk3LzEvS3QxOHFHUlBGaG5vZURNUlU2SmEzNkZVdGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9jYmY5M2MtNmRkYS00ODI0LTgwMzMtNDFjM2NmOTA4ZTk3
LzEvTWNhN3IwQ2ZYOWJYQ2NUWDBrTkVvcEtqeXFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwUlqAwQE
wd/AAwQEwd/gMA0GCSqGSIb3DQEBCwUAA4IBAQCq2kNXxZXp3qpmpDRy7oIUwDlZ
Rgtj0EO96hIQhTiHyjllWBKEYZwUGH8Ggda2t5bbL3AM2GfZW4An+50m41qECI1i
pIlKjnz7+uRdZKRE7G80sty+0ZLwHYgZ6b+Rph6hbCBzJdfEk1VP5rvv1/qyhGme
4oizLhRiVxksKQ0Sv9cQx+sGJGYZj2CUVyJAQ/2toXzn8qM8MPo/XnjSCnTQH3RZ
Tne153Ig/YWjU954+ZUfct4jjEq6Or19/CFFcAR2rnFdQrnmX4HIYLgLEhtL1Dxw
Fi6acRJkFldTSwO8tv1EwHI73KDZWDASAMSRBYtKDLlp250XrXLi4f8iWpAE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:25 2025 by rpki-client on console.sobornost.net