Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/KizNWf11U6c_6EltEXKlziIexwk.roa
File: KizNWf11U6c_6EltEXKlziIexwk.roa (raw, json)
Hash identifier: Pq47korZtEkCVi3L1F6nJltfWEwWAjbqqhU1oGso4QE=
Subject key identifier: 2A:2C:CD:59:FD:75:53:A7:3F:E8:49:6D:11:72:A5:CE:22:1E:C7:09
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018B289E29120EBB51BDDB72614260D19F7F
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/KizNWf11U6c_6EltEXKlziIexwk.roa
Signing time: Fri 13 Oct 2023 10:38:55 +0000
ROA not before: Fri 13 Oct 2023 10:38:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.21.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:28:9e:29:12:0e:bb:51:bd:db:72:61:42:60:d1:9f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Oct 13 10:38:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a2ccd59fd7553a73fe8496d1172a5ce221ec709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2a:92:05:3e:30:3b:e2:ba:4a:db:8a:e7:23:
32:2e:f4:4e:4d:89:48:39:1a:86:ab:71:07:77:d8:
9f:12:bb:05:f3:bf:74:c4:b0:9e:5d:0a:47:8b:43:
55:7d:7c:4f:8a:42:de:67:8b:e9:36:56:7b:49:2e:
0a:7e:31:8b:33:96:76:79:07:6f:7d:2f:46:dc:97:
cf:06:fa:13:f3:dc:ef:b6:f6:7b:83:cc:ab:0f:6a:
79:a5:ab:d3:a1:b0:25:fa:58:ec:32:83:92:12:b0:
27:ad:d6:19:d2:8e:ef:cd:b8:f4:28:61:90:9f:e9:
a9:0a:1f:c9:94:68:a7:38:9d:db:8c:43:fa:88:77:
86:15:0f:91:d2:a9:6d:31:5e:8c:6f:7e:73:22:2f:
b0:fc:e6:de:c5:29:04:9c:51:a1:d9:cb:dd:ae:42:
d4:be:84:79:6d:d9:5f:a6:68:37:ea:98:11:8c:4c:
7d:df:aa:3f:14:73:66:c8:ee:46:45:a2:cc:cd:78:
bd:af:2d:04:18:30:89:86:ca:c1:11:1a:fa:5a:ab:
dd:f3:1f:f2:1a:fe:69:00:57:cf:62:07:d0:79:2b:
d3:2d:4f:e4:c2:77:14:08:d9:04:79:44:ec:d8:3a:
66:a2:e8:79:bc:7b:9f:81:0d:3f:9a:f8:2c:1c:e3:
38:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2C:CD:59:FD:75:53:A7:3F:E8:49:6D:11:72:A5:CE:22:1E:C7:09
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/KizNWf11U6c_6EltEXKlziIexwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.252.0/24
Signature Algorithm: sha256WithRSAEncryption
99:a9:d5:12:0d:64:52:39:da:a9:6a:12:fb:5f:0a:69:da:8d:
86:51:f5:06:a6:73:0a:9f:02:9d:47:e7:0e:9a:2e:07:47:0b:
62:88:a0:14:83:e2:85:75:3f:26:c7:53:11:a1:c3:05:c9:ae:
66:d7:05:60:28:34:01:f1:5c:86:fe:a6:15:ee:e6:b3:98:18:
9b:ef:58:d8:2b:81:dc:cb:57:8a:e1:7d:d0:cc:e5:eb:94:ba:
49:1b:19:dd:19:89:b0:ca:44:87:24:62:2b:cf:c4:5a:0a:e4:
37:21:07:fb:e6:87:19:79:1c:98:0e:ac:02:64:8f:d6:a8:13:
ed:32:09:ce:c4:52:62:8d:58:90:e4:84:30:33:e2:ee:de:42:
cd:96:73:ff:14:12:ae:1c:dd:44:7a:ce:84:93:32:a6:9f:01:
ec:6f:22:06:de:44:6b:b6:ec:88:2d:4d:a4:fd:ab:99:58:b4:
bf:d5:63:fc:cc:8d:f1:a5:23:b2:93:78:ab:23:f7:f3:9c:7c:
58:84:08:ea:0c:f4:59:d5:c9:cc:96:40:b6:50:a5:50:bb:c2:
d7:ac:9f:b9:5c:8c:c6:e5:f1:38:e2:88:70:0e:3a:9c:5b:e5:
e7:12:13:f8:5c:45:16:ee:73:ac:0b:c6:e4:ae:89:72:de:22:
fc:63:42:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsonikSDrtRvdtyYUJg0Z9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMxMDEzMTAzODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTJjY2Q1OWZkNzU1M2E3M2ZlODQ5NmQxMTcyYTVjZTIyMWVjNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyqSBT4wO+K6StuK5yMyLvROTYlI
ORqGq3EHd9ifErsF8790xLCeXQpHi0NVfXxPikLeZ4vpNlZ7SS4KfjGLM5Z2eQdv
fS9G3JfPBvoT89zvtvZ7g8yrD2p5pavTobAl+ljsMoOSErAnrdYZ0o7vzbj0KGGQ
n+mpCh/JlGinOJ3bjEP6iHeGFQ+R0qltMV6Mb35zIi+w/ObexSkEnFGh2cvdrkLU
voR5bdlfpmg36pgRjEx936o/FHNmyO5GRaLMzXi9ry0EGDCJhsrBERr6Wqvd8x/y
Gv5pAFfPYgfQeSvTLU/kwncUCNkEeUTs2Dpmouh5vHufgQ0/mvgsHOM4MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoszVn9dVOnP+hJbRFypc4iHscJMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvS2l6TldmMTFVNmNfNkVsdEVYS2x6aUlleHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX8MA0G
CSqGSIb3DQEBCwUAA4IBAQCZqdUSDWRSOdqpahL7Xwpp2o2GUfUGpnMKnwKdR+cO
mi4HRwtiiKAUg+KFdT8mx1MRocMFya5m1wVgKDQB8VyG/qYV7uazmBib71jYK4Hc
y1eK4X3QzOXrlLpJGxndGYmwykSHJGIrz8RaCuQ3IQf75ocZeRyYDqwCZI/WqBPt
MgnOxFJijViQ5IQwM+Lu3kLNlnP/FBKuHN1Ees6EkzKmnwHsbyIG3kRrtuyILU2k
/auZWLS/1WP8zI3xpSOyk3irI/fznHxYhAjqDPRZ1cnMlkC2UKVQu8LXrJ+5XIzG
5fE44ohwDjqcW+XnEhP4XEUW7nOsC8bkroly3iL8Y0K8
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:35 2025 by rpki-client