Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9aa500-f3bd-477b-9082-aa0b11564a32/1/KoXQ9LkfhExP7mVveMtLWZC5IiM.roa
File: KoXQ9LkfhExP7mVveMtLWZC5IiM.roa (raw, json)
Hash identifier: LBT235F6sMLtdK4vSJEhkVAXacca3HeBvisZUcca4t8=
Subject key identifier: 2A:85:D0:F4:B9:1F:84:4C:4F:EE:65:6F:78:CB:4B:59:90:B9:22:23
Certificate issuer: /CN=45dab507c08976cc29d177373de627a1ce86efae
Certificate serial: 01856F02214E61A985DB8EF9A575AD6B27E0
Authority key identifier: 45:DA:B5:07:C0:89:76:CC:29:D1:77:37:3D:E6:27:A1:CE:86:EF:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rdq1B8CJdswp0Xc3PeYnoc6G764.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9aa500-f3bd-477b-9082-aa0b11564a32/1/KoXQ9LkfhExP7mVveMtLWZC5IiM.roa
Signing time: Sun 01 Jan 2023 20:24:48 +0000
ROA not before: Sun 01 Jan 2023 20:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2723
IP address blocks: 213.198.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:21:4e:61:a9:85:db:8e:f9:a5:75:ad:6b:27:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45dab507c08976cc29d177373de627a1ce86efae
Validity
Not Before: Jan 1 20:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a85d0f4b91f844c4fee656f78cb4b5990b92223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d3:26:67:ae:88:21:22:5b:63:a8:10:a4:28:
52:9d:5a:85:4e:bf:51:74:5e:5b:e0:b9:95:ee:f9:
18:5e:08:ce:1d:b6:96:35:13:6a:6f:26:aa:e9:3d:
2d:1b:76:61:a5:ff:e6:c1:27:39:37:f4:ce:74:9b:
e2:e3:59:fd:82:40:69:9e:82:8c:f6:5c:b5:58:67:
36:a3:51:0d:8e:9e:78:e5:f7:8e:9f:5c:92:c2:33:
bf:cc:8f:e4:de:21:1d:9c:a9:3b:5a:97:ed:90:89:
6f:6f:f7:2a:b9:7b:65:be:cf:d0:16:02:62:bc:25:
e2:57:2e:bd:6c:9d:de:1c:b8:10:f0:67:3c:80:2a:
a5:2e:de:51:d1:2b:fe:7a:d4:d9:57:f2:20:5c:c1:
d2:3e:33:f1:91:57:13:3b:63:62:0c:8f:44:7a:82:
00:c1:4e:74:72:00:2f:d4:38:06:9f:5b:ea:12:79:
79:42:a6:1d:87:5b:cb:eb:31:dd:a1:22:59:b6:10:
b3:fc:dd:5e:c5:88:28:a4:c4:74:f3:83:88:33:45:
00:a5:05:36:a9:3f:cd:94:ed:2e:ee:ba:1a:dc:77:
80:f5:bc:42:ae:da:ac:0b:ba:28:72:42:1f:34:db:
c1:24:57:78:0a:00:65:f0:a8:05:18:10:9b:5d:5e:
32:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:85:D0:F4:B9:1F:84:4C:4F:EE:65:6F:78:CB:4B:59:90:B9:22:23
X509v3 Authority Key Identifier:
keyid:45:DA:B5:07:C0:89:76:CC:29:D1:77:37:3D:E6:27:A1:CE:86:EF:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rdq1B8CJdswp0Xc3PeYnoc6G764.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9aa500-f3bd-477b-9082-aa0b11564a32/1/KoXQ9LkfhExP7mVveMtLWZC5IiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9aa500-f3bd-477b-9082-aa0b11564a32/1/Rdq1B8CJdswp0Xc3PeYnoc6G764.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.198.50.0/24
Signature Algorithm: sha256WithRSAEncryption
58:fb:82:d4:be:49:ec:61:e3:b4:c0:42:b0:fb:4e:b0:3a:26:
11:3c:3f:63:01:27:d5:d3:4e:e7:a0:6f:35:ed:96:7c:a9:ca:
2e:a3:3f:1a:6c:ee:04:ef:24:41:0c:94:54:6d:ea:ab:88:cf:
23:d8:8d:74:f2:c7:e2:39:c8:13:84:44:ee:03:1d:7b:4a:86:
33:7c:dc:52:55:75:d2:52:cb:2a:ee:54:dd:91:ad:ac:dc:ee:
27:bf:d2:dc:e7:4e:9e:58:ec:d0:69:f2:5d:3e:2e:a5:13:06:
5e:96:b0:68:6f:eb:e2:f3:8e:80:67:b1:11:ce:54:df:3c:d9:
df:07:a7:dd:0c:2f:6b:c7:cc:0d:2e:3c:39:9f:e8:ef:f4:b3:
c3:6a:77:0d:f4:37:6a:f1:56:2f:36:c4:18:2f:3a:16:c1:7b:
5f:6e:56:12:33:2a:a6:cf:ce:29:2f:12:a3:ad:ec:11:08:7b:
fc:eb:aa:60:a9:31:0e:be:f4:8a:ef:f5:ae:b3:6d:c9:d3:ad:
c7:c9:f0:f7:f6:3e:25:b0:a5:4a:2f:c5:3c:d4:95:ad:b4:a8:
44:3d:6b:3a:1c:93:f5:c0:ce:38:4b:4a:58:9b:50:80:47:bf:
e3:7b:5d:8e:d5:56:a0:29:a0:18:f8:e9:53:d8:4e:5a:2b:8a:
66:45:f8:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAiFOYamF2475pXWtayfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZGFiNTA3YzA4OTc2Y2MyOWQxNzczNzNkZTYyN2ExY2U4
NmVmYWUwHhcNMjMwMTAxMjAyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTg1ZDBmNGI5MWY4NDRjNGZlZTY1NmY3OGNiNGI1OTkwYjkyMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dMmZ66IISJbY6gQpChSnVqFTr9R
dF5b4LmV7vkYXgjOHbaWNRNqbyaq6T0tG3Zhpf/mwSc5N/TOdJvi41n9gkBpnoKM
9ly1WGc2o1ENjp545feOn1ySwjO/zI/k3iEdnKk7WpftkIlvb/cquXtlvs/QFgJi
vCXiVy69bJ3eHLgQ8Gc8gCqlLt5R0Sv+etTZV/IgXMHSPjPxkVcTO2NiDI9EeoIA
wU50cgAv1DgGn1vqEnl5QqYdh1vL6zHdoSJZthCz/N1exYgopMR084OIM0UApQU2
qT/NlO0u7roa3HeA9bxCrtqsC7oockIfNNvBJFd4CgBl8KgFGBCbXV4y9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqF0PS5H4RMT+5lb3jLS1mQuSIjMB8GA1UdIwQY
MBaAFEXatQfAiXbMKdF3Nz3mJ6HOhu+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmRxMUI4Q0pkc3dwMFhjM1BlWW5vYzZHNzY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85YWE1MDAtZjNiZC00NzdiLTkwODIt
YWEwYjExNTY0YTMyLzEvS29YUTlMa2ZoRXhQN21WdmVNdExXWkM1SWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85YWE1MDAtZjNiZC00NzdiLTkwODItYWEwYjExNTY0YTMy
LzEvUmRxMUI4Q0pkc3dwMFhjM1BlWW5vYzZHNzY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1cYyMA0G
CSqGSIb3DQEBCwUAA4IBAQBY+4LUvknsYeO0wEKw+06wOiYRPD9jASfV007noG81
7ZZ8qcouoz8abO4E7yRBDJRUbeqriM8j2I108sfiOcgThETuAx17SoYzfNxSVXXS
Ussq7lTdka2s3O4nv9Lc506eWOzQafJdPi6lEwZelrBob+vi846AZ7ERzlTfPNnf
B6fdDC9rx8wNLjw5n+jv9LPDancN9Ddq8VYvNsQYLzoWwXtfblYSMyqmz84pLxKj
rewRCHv866pgqTEOvvSK7/Wus23J063HyfD39j4lsKVKL8U81JWttKhEPWs6HJP1
wM44S0pYm1CAR7/je12O1VagKaAY+OlT2E5aK4pmRfi3
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:28:13 2025 by rpki-client