Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/kkAK_iZPZkQ3SU5RdHZU1RDOfeU.roa
File: kkAK_iZPZkQ3SU5RdHZU1RDOfeU.roa (raw, json)
Hash identifier: W2MujiWrNHHsLvMLkdeEzpSgSuXzmOtIKkDO9DQfbow=
Subject key identifier: 92:40:0A:FE:26:4F:66:44:37:49:4E:51:74:76:54:D5:10:CE:7D:E5
Certificate issuer: /CN=292edce09f112ab2d3ffaf4cb2a38eaf1c1af92e
Certificate serial: 019422FB90503030F8F059138208C6C2603B
Authority key identifier: 29:2E:DC:E0:9F:11:2A:B2:D3:FF:AF:4C:B2:A3:8E:AF:1C:1A:F9:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KS7c4J8RKrLT_69MsqOOrxwa-S4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/kkAK_iZPZkQ3SU5RdHZU1RDOfeU.roa
Signing time: Wed 01 Jan 2025 17:48:19 +0000
ROA not before: Wed 01 Jan 2025 17:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 195.60.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:90:50:30:30:f8:f0:59:13:82:08:c6:c2:60:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=292edce09f112ab2d3ffaf4cb2a38eaf1c1af92e
Validity
Not Before: Jan 1 17:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92400afe264f664437494e51747654d510ce7de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:15:1c:4d:94:21:92:39:23:a9:23:8b:c1:c8:
7e:5a:57:21:4f:41:ee:fd:7a:c3:d9:49:a8:d4:54:
04:74:de:a8:c0:4c:7b:7a:e3:07:69:a9:c2:c6:a6:
31:21:e8:4b:df:f3:1f:e3:2f:80:45:40:c9:de:c9:
c6:5c:62:95:f3:cf:d6:e0:51:f8:60:59:c9:36:49:
60:6a:f1:71:32:a8:57:cf:db:41:75:e5:2e:b4:be:
a1:1d:3c:d5:e9:5c:67:3b:54:f7:77:70:2d:b9:6a:
8c:ed:e4:95:b5:ef:8a:99:cc:f5:2d:9e:72:85:80:
23:4b:bc:6e:4b:32:75:a8:d7:b3:76:d7:31:f2:2f:
6c:2e:99:11:c9:8b:96:2d:89:32:0c:30:2c:72:10:
49:6f:06:1d:8d:a8:31:a3:eb:0a:39:01:fd:29:a3:
d3:75:20:6e:f8:85:c2:3a:e1:12:52:70:4f:11:a0:
02:45:05:b0:76:f2:93:a0:56:7f:17:bc:ca:e2:98:
25:3a:6e:0d:fd:8d:41:33:cb:56:21:0c:dd:65:bb:
0a:43:8a:c4:c1:f1:25:8a:6b:3d:4c:34:20:cb:3c:
12:b1:fa:bf:95:b9:4e:d9:09:a9:c3:f0:9b:10:4f:
90:58:32:46:c6:6c:84:d1:af:8c:bc:96:f9:c8:e3:
64:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:40:0A:FE:26:4F:66:44:37:49:4E:51:74:76:54:D5:10:CE:7D:E5
X509v3 Authority Key Identifier:
keyid:29:2E:DC:E0:9F:11:2A:B2:D3:FF:AF:4C:B2:A3:8E:AF:1C:1A:F9:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KS7c4J8RKrLT_69MsqOOrxwa-S4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/kkAK_iZPZkQ3SU5RdHZU1RDOfeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/KS7c4J8RKrLT_69MsqOOrxwa-S4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.86.0/24
Signature Algorithm: sha256WithRSAEncryption
22:3b:6a:3d:a7:20:e1:2b:5b:ca:ae:52:30:d4:3a:b7:d0:5c:
6c:e0:4f:e1:72:1a:f6:13:72:6f:5d:b0:70:9e:7e:5e:52:ab:
96:73:14:b4:60:2e:7e:3d:91:02:96:cf:b3:34:0d:24:cf:ef:
70:53:56:31:56:48:3a:17:1a:b8:ea:8d:32:4a:d1:80:fa:12:
17:9b:45:26:43:5b:b8:4c:93:9b:09:6a:6c:63:d4:2a:c4:25:
4a:22:5d:07:48:76:51:c4:b6:c5:2f:fd:7b:54:d1:ac:35:a0:
f5:60:63:19:3d:f7:65:15:e6:80:92:19:35:f1:88:f1:c6:98:
e2:65:da:0f:e1:80:5b:53:f1:76:ac:f8:55:f6:64:e6:64:a2:
2a:d0:67:f6:76:09:ef:d7:01:e1:50:1d:46:ce:1d:00:68:5a:
43:f5:d6:6f:f2:6c:1f:58:6e:41:8b:6f:bd:df:d2:65:d7:4b:
84:04:69:9c:46:77:25:81:c6:ca:e8:93:06:1b:d2:1a:cc:25:
9c:b7:b5:46:13:e5:35:93:c9:b8:06:dd:46:3d:a0:24:54:3b:
45:d6:7f:ca:9c:ef:17:54:d6:ad:f6:48:c1:7f:ef:8c:55:4f:
79:63:7c:6e:76:5b:5b:01:c3:cc:06:95:71:d3:ee:72:71:c6:
9e:36:e4:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+5BQMDD48FkTggjGwmA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MmVkY2UwOWYxMTJhYjJkM2ZmYWY0Y2IyYTM4ZWFmMWMx
YWY5MmUwHhcNMjUwMTAxMTc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjQwMGFmZTI2NGY2NjQ0Mzc0OTRlNTE3NDc2NTRkNTEwY2U3ZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BUcTZQhkjkjqSOLwch+WlchT0Hu
/XrD2Umo1FQEdN6owEx7euMHaanCxqYxIehL3/Mf4y+ARUDJ3snGXGKV88/W4FH4
YFnJNklgavFxMqhXz9tBdeUutL6hHTzV6VxnO1T3d3AtuWqM7eSVte+Kmcz1LZ5y
hYAjS7xuSzJ1qNezdtcx8i9sLpkRyYuWLYkyDDAschBJbwYdjagxo+sKOQH9KaPT
dSBu+IXCOuESUnBPEaACRQWwdvKToFZ/F7zK4pglOm4N/Y1BM8tWIQzdZbsKQ4rE
wfElims9TDQgyzwSsfq/lblO2Qmpw/CbEE+QWDJGxmyE0a+MvJb5yONkSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJACv4mT2ZEN0lOUXR2VNUQzn3lMB8GA1UdIwQY
MBaAFCku3OCfESqy0/+vTLKjjq8cGvkuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1M3YzRKOFJLckxUXzY5TXNxT09yeHdhLVM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xMjI3NGUtMzE2Yi00ZjNjLThlNmMt
ZGNmZWIzZjEwYzg2LzEva2tBS19pWlBaa1EzU1U1UmRIWlUxUkRPZmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xMjI3NGUtMzE2Yi00ZjNjLThlNmMtZGNmZWIzZjEwYzg2
LzEvS1M3YzRKOFJLckxUXzY5TXNxT09yeHdhLVM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzxWMA0G
CSqGSIb3DQEBCwUAA4IBAQAiO2o9pyDhK1vKrlIw1Dq30Fxs4E/hchr2E3JvXbBw
nn5eUquWcxS0YC5+PZECls+zNA0kz+9wU1YxVkg6Fxq46o0yStGA+hIXm0UmQ1u4
TJObCWpsY9QqxCVKIl0HSHZRxLbFL/17VNGsNaD1YGMZPfdlFeaAkhk18Yjxxpji
ZdoP4YBbU/F2rPhV9mTmZKIq0Gf2dgnv1wHhUB1Gzh0AaFpD9dZv8mwfWG5Bi2+9
39Jl10uEBGmcRnclgcbK6JMGG9IazCWct7VGE+U1k8m4Bt1GPaAkVDtF1n/KnO8X
VNat9kjBf++MVU95Y3xudltbAcPMBpVx0+5yccaeNuTB
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:38 2025 by rpki-client