Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/KDP9W_m_0hLGFtgf73aWlnZ_iQc.roa
File: KDP9W_m_0hLGFtgf73aWlnZ_iQc.roa (raw, json)
Hash identifier: lcUH+LFQ+UVivSdKcSpqJQp9Eg8xuBIT9bPnxngbu68=
Subject key identifier: 28:33:FD:5B:F9:BF:D2:12:C6:16:D8:1F:EF:76:96:96:76:7F:89:07
Certificate issuer: /CN=beb12ce6a91030e27d5abad146df27bc2880652b
Certificate serial: 0194252196158D5C2C05F6E5774104FE4AE6
Authority key identifier: BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/KDP9W_m_0hLGFtgf73aWlnZ_iQc.roa
Signing time: Thu 02 Jan 2025 03:49:05 +0000
ROA not before: Thu 02 Jan 2025 03:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205020
IP address blocks: 193.186.196.0/22 maxlen: 22
193.186.196.0/23 maxlen: 23
193.186.196.0/24 maxlen: 24
193.186.197.0/24 maxlen: 24
193.186.198.0/23 maxlen: 23
193.186.198.0/24 maxlen: 24
193.186.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:96:15:8d:5c:2c:05:f6:e5:77:41:04:fe:4a:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beb12ce6a91030e27d5abad146df27bc2880652b
Validity
Not Before: Jan 2 03:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2833fd5bf9bfd212c616d81fef769696767f8907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bd:49:18:2c:84:51:55:f9:05:df:09:2f:76:
0a:5e:77:64:be:32:3c:62:3d:a3:fc:10:d1:94:5e:
bb:2f:09:5a:f2:4e:db:f0:47:dd:f9:80:e8:1d:12:
c3:6f:91:f7:5c:6c:ae:e1:15:84:20:88:5b:80:2a:
c7:61:c8:ff:2a:b5:68:de:eb:72:24:67:81:06:91:
4c:ad:55:13:c9:70:58:49:d5:d0:50:de:87:10:97:
00:fa:b5:7b:9b:6a:92:9d:f1:0d:37:c9:a0:4c:f6:
11:e8:51:74:31:1a:1e:5f:bb:38:14:25:66:f1:57:
f8:c1:91:95:36:ea:8c:c5:ec:9a:38:9b:1a:ac:23:
fb:e4:4c:59:71:1c:4a:d1:ed:8d:d0:2d:43:2f:df:
d7:eb:8f:4a:d2:59:97:7b:cc:f1:66:d1:26:06:6e:
23:22:7d:a4:16:c8:6e:2d:64:78:55:79:83:b7:91:
ff:82:1d:8d:73:34:b3:bf:12:a0:a0:93:72:84:19:
d6:6f:15:8b:96:64:a0:cb:ef:ac:21:2c:2a:e3:8b:
9b:e7:ab:b1:2a:1b:79:e9:f7:26:34:08:74:c8:2b:
c4:eb:16:a7:76:9a:03:c7:a3:86:9a:f1:ae:29:d3:
cb:95:49:25:c1:86:d0:d0:2a:4d:ce:cd:cb:f0:bb:
9b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:33:FD:5B:F9:BF:D2:12:C6:16:D8:1F:EF:76:96:96:76:7F:89:07
X509v3 Authority Key Identifier:
keyid:BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/KDP9W_m_0hLGFtgf73aWlnZ_iQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.196.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:55:35:49:2c:d1:25:7f:22:ae:55:69:6e:a5:fd:98:bc:75:
84:42:18:e7:b0:90:5f:d0:2c:08:30:eb:67:5d:56:60:54:fa:
19:db:14:50:fc:59:a5:42:46:0e:35:06:b2:f7:c2:18:30:c6:
6e:33:e8:08:59:67:82:8a:d1:96:00:13:5b:f1:db:3d:2a:f3:
12:77:42:7f:7c:fb:e5:db:d1:b6:74:06:79:2b:84:ba:11:24:
32:da:a9:07:bf:08:37:b7:12:f6:80:ac:91:75:90:65:ec:13:
ef:02:b9:3d:a6:da:7c:63:57:03:f8:06:75:63:7b:f0:27:e1:
07:63:9a:c8:28:e3:4f:8b:bf:0f:0f:fe:4f:49:4f:46:46:76:
b9:7d:0e:35:ba:9a:b5:c2:f2:ea:19:ce:5a:8e:f1:69:9a:34:
c6:91:60:0d:dc:de:d9:44:15:0b:45:f1:e0:22:46:40:9c:e8:
9f:85:2b:03:35:55:4a:a3:52:57:b5:56:41:e9:ef:09:02:4d:
55:7d:f7:de:f8:b9:ce:9f:bf:2e:2d:62:b6:40:f5:2e:48:3b:
38:78:77:d4:38:56:03:0b:ab:ea:8c:b9:3b:f3:ab:c0:57:dd:
e9:b7:1e:8f:a0:f2:fc:a9:c3:d2:75:20:1c:37:31:8c:e8:db:
8a:60:b2:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIZYVjVwsBfbld0EE/krmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYjEyY2U2YTkxMDMwZTI3ZDVhYmFkMTQ2ZGYyN2JjMjg4
MDY1MmIwHhcNMjUwMTAyMDM0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODMzZmQ1YmY5YmZkMjEyYzYxNmQ4MWZlZjc2OTY5Njc2N2Y4OTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApb1JGCyEUVX5Bd8JL3YKXndkvjI8
Yj2j/BDRlF67Lwla8k7b8Efd+YDoHRLDb5H3XGyu4RWEIIhbgCrHYcj/KrVo3uty
JGeBBpFMrVUTyXBYSdXQUN6HEJcA+rV7m2qSnfENN8mgTPYR6FF0MRoeX7s4FCVm
8Vf4wZGVNuqMxeyaOJsarCP75ExZcRxK0e2N0C1DL9/X649K0lmXe8zxZtEmBm4j
In2kFshuLWR4VXmDt5H/gh2NczSzvxKgoJNyhBnWbxWLlmSgy++sISwq44ub56ux
Kht56fcmNAh0yCvE6xandpoDx6OGmvGuKdPLlUklwYbQ0CpNzs3L8LubuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgz/Vv5v9ISxhbYH+92lpZ2f4kHMB8GA1UdIwQY
MBaAFL6xLOapEDDifVq60UbfJ7wogGUrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMt
YTdhZGU0MzRkNDUxLzEvS0RQOVdfbV8waExHRnRnZjczYVdsblpfaVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMtYTdhZGU0MzRkNDUx
LzEvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwbrEMA0G
CSqGSIb3DQEBCwUAA4IBAQCrVTVJLNElfyKuVWlupf2YvHWEQhjnsJBf0CwIMOtn
XVZgVPoZ2xRQ/FmlQkYONQay98IYMMZuM+gIWWeCitGWABNb8ds9KvMSd0J/fPvl
29G2dAZ5K4S6ESQy2qkHvwg3txL2gKyRdZBl7BPvArk9ptp8Y1cD+AZ1Y3vwJ+EH
Y5rIKONPi78PD/5PSU9GRna5fQ41upq1wvLqGc5ajvFpmjTGkWAN3N7ZRBULRfHg
IkZAnOifhSsDNVVKo1JXtVZB6e8JAk1Vfffe+LnOn78uLWK2QPUuSDs4eHfUOFYD
C6vqjLk786vAV93ptx6PoPL8qcPSdSAcNzGM6NuKYLIZ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:01 2025 by rpki-client on console.sobornost.net