Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/09d340-f3ea-4aef-b7d2-b1276e45c788/1/D4RvYyXM5L6LbvgEJagIW2s0nUo.roa
File: D4RvYyXM5L6LbvgEJagIW2s0nUo.roa (raw, json)
Hash identifier: kB9l90WAvL+EB1HV87ozJUFbKAIXFF6DlReociIBQC4=
Subject key identifier: 0F:84:6F:63:25:CC:E4:BE:8B:6E:F8:04:25:A8:08:5B:6B:34:9D:4A
Certificate issuer: /CN=29337fd8db864bf3ebfcbe799d8af9a230449b1a
Certificate serial: EF5026
Authority key identifier: 29:33:7F:D8:DB:86:4B:F3:EB:FC:BE:79:9D:8A:F9:A2:30:44:9B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KTN_2NuGS_Pr_L55nYr5ojBEmxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/09d340-f3ea-4aef-b7d2-b1276e45c788/1/D4RvYyXM5L6LbvgEJagIW2s0nUo.roa
Signing time: Sat 01 Jan 2022 12:05:26 +0000
ROA not before: Sat 01 Jan 2022 12:05:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 213.5.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15683622 (0xef5026)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29337fd8db864bf3ebfcbe799d8af9a230449b1a
Validity
Not Before: Jan 1 12:05:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f846f6325cce4be8b6ef80425a8085b6b349d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3c:1b:57:a6:31:d0:ed:cd:85:a9:d1:9c:1e:
91:54:cc:2a:01:e9:5a:3c:5e:d3:e4:54:da:f0:cd:
cb:ed:d3:2b:cd:93:58:f6:1a:d3:46:cd:c2:83:6e:
c7:df:bd:e7:c7:22:e2:66:c5:47:a1:cf:b2:06:e1:
9f:f3:0c:d8:88:e4:09:48:24:08:9b:14:b0:98:b2:
fc:63:03:ea:48:68:08:93:2c:6b:dc:ef:ee:9f:31:
0c:5d:c0:04:cc:c6:5c:24:cc:0a:6b:1b:19:0b:6e:
4e:50:37:55:93:f5:81:32:95:f6:58:e3:b0:03:e1:
3f:0f:12:1e:1b:f3:21:42:44:b1:92:92:7d:31:30:
44:63:e5:d5:ed:2b:4f:48:75:e0:8a:d2:94:37:83:
97:59:99:66:bb:0c:8a:ce:d2:6d:fb:33:3f:47:5d:
8d:6e:3a:1a:d3:03:8d:4b:6c:fc:c6:79:d1:25:37:
86:3d:d6:1f:47:61:52:17:85:60:c3:42:39:ba:0f:
5c:36:2c:b9:3f:80:06:6b:a0:cb:e3:fe:e3:ec:25:
7c:dc:b4:7a:26:97:53:f8:86:1b:df:03:23:5e:e9:
99:21:97:a2:d4:15:56:78:29:74:f5:86:0b:88:7b:
b2:fc:f4:bd:0a:c9:9f:22:15:99:2e:0b:34:b3:db:
a8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:84:6F:63:25:CC:E4:BE:8B:6E:F8:04:25:A8:08:5B:6B:34:9D:4A
X509v3 Authority Key Identifier:
keyid:29:33:7F:D8:DB:86:4B:F3:EB:FC:BE:79:9D:8A:F9:A2:30:44:9B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KTN_2NuGS_Pr_L55nYr5ojBEmxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/09d340-f3ea-4aef-b7d2-b1276e45c788/1/D4RvYyXM5L6LbvgEJagIW2s0nUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/09d340-f3ea-4aef-b7d2-b1276e45c788/1/KTN_2NuGS_Pr_L55nYr5ojBEmxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.128.0/24
Signature Algorithm: sha256WithRSAEncryption
01:56:ab:a9:db:dd:26:f4:97:64:3d:69:bf:ff:77:6a:67:0c:
9e:fb:cc:f2:d9:4a:d6:8d:a5:56:f6:23:50:f5:b1:a2:ef:f6:
c4:86:e2:61:cc:28:5d:77:72:33:6a:3b:76:a6:03:fb:45:bc:
84:c3:88:60:7b:a9:98:c5:de:5c:42:96:a2:06:c8:00:7b:91:
9f:3a:b3:ca:a5:28:da:38:13:84:ee:2a:91:24:ae:47:2f:01:
f4:17:0b:ef:18:10:5e:d8:5c:88:f1:62:e2:4c:87:ee:71:45:
68:04:ed:60:3f:b1:ee:f8:7f:e1:72:e7:58:a1:4c:cb:46:46:
05:6c:7c:63:22:f4:9f:82:07:cc:ae:95:84:4d:4d:e2:df:57:
f5:b3:21:15:7e:62:e9:f3:ad:21:b0:20:ec:76:39:a4:65:7c:
92:85:77:ca:f9:1d:c8:68:68:25:75:c8:88:49:f8:70:aa:79:
90:be:47:d6:e7:9a:18:f4:67:12:ec:51:6b:bc:3b:2c:a5:96:
42:3b:9b:f9:a1:8e:20:16:2e:e7:76:95:a4:43:8b:0b:60:86:
28:b3:7e:2f:a8:60:37:66:73:64:33:53:a3:4b:f3:bc:d5:b4:
18:0f:aa:1f:89:68:a5:bd:c4:37:66:db:41:3b:2a:95:8a:76:
17:20:5f:1b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAO9QJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTMzN2ZkOGRiODY0YmYzZWJmY2JlNzk5ZDhhZjlhMjMwNDQ5YjFhMB4XDTIyMDEw
MTEyMDUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGY4NDZmNjMyNWNj
ZTRiZThiNmVmODA0MjVhODA4NWI2YjM0OWQ0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKk8G1emMdDtzYWp0ZwekVTMKgHpWjxe0+RU2vDNy+3TK82T
WPYa00bNwoNux9+958ci4mbFR6HPsgbhn/MM2IjkCUgkCJsUsJiy/GMD6khoCJMs
a9zv7p8xDF3ABMzGXCTMCmsbGQtuTlA3VZP1gTKV9ljjsAPhPw8SHhvzIUJEsZKS
fTEwRGPl1e0rT0h14IrSlDeDl1mZZrsMis7SbfszP0ddjW46GtMDjUts/MZ50SU3
hj3WH0dhUheFYMNCOboPXDYsuT+ABmugy+P+4+wlfNy0eiaXU/iGG98DI17pmSGX
otQVVngpdPWGC4h7svz0vQrJnyIVmS4LNLPbqE8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQPhG9jJczkvotu+AQlqAhbazSdSjAfBgNVHSMEGDAWgBQpM3/Y24ZL8+v8
vnmdivmiMESbGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tUTl8yTnVHU19Qcl9MNTVuWXI1b2pCRW14by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvMDlkMzQwLWYzZWEtNGFlZi1iN2QyLWIxMjc2ZTQ1Yzc4OC8x
L0Q0UnZZeVhNNUw2TGJ2Z0VKYWdJVzJzMG5Vby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
MDlkMzQwLWYzZWEtNGFlZi1iN2QyLWIxMjc2ZTQ1Yzc4OC8xL0tUTl8yTnVHU19Q
cl9MNTVuWXI1b2pCRW14by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANUFgDANBgkqhkiG9w0BAQsFAAOC
AQEAAVarqdvdJvSXZD1pv/93amcMnvvM8tlK1o2lVvYjUPWxou/2xIbiYcwoXXdy
M2o7dqYD+0W8hMOIYHupmMXeXEKWogbIAHuRnzqzyqUo2jgThO4qkSSuRy8B9BcL
7xgQXthciPFi4kyH7nFFaATtYD+x7vh/4XLnWKFMy0ZGBWx8YyL0n4IHzK6VhE1N
4t9X9bMhFX5i6fOtIbAg7HY5pGV8koV3yvkdyGhoJXXIiEn4cKp5kL5H1ueaGPRn
EuxRa7w7LKWWQjub+aGOIBYu53aVpEOLC2CGKLN+L6hgN2ZzZDNTo0vzvNW0GA+q
H4lopb3EN2bbQTsqlYp2FyBfGw==
-----END CERTIFICATE-----
Generated at Mon Jun 16 20:48:14 2025 by rpki-client