Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a2ffd4-2382-4ca2-8603-44d92de438c9/1/KMVYfNBq8fQcPieeDn4rOXJEAQc.roa
File: KMVYfNBq8fQcPieeDn4rOXJEAQc.roa (raw, json)
Hash identifier: ydascvmFGyZEMeBYeWR21NuJQtwhyewDNO5cyV/mt0U=
Subject key identifier: 28:C5:58:7C:D0:6A:F1:F4:1C:3E:27:9E:0E:7E:2B:39:72:44:01:07
Certificate issuer: /CN=c8c1dcf4c023467db3bf2eef3dd15b2efeeb2bd7
Certificate serial: 0194228DD752B5FD65F78411A5445CB7BDD6
Authority key identifier: C8:C1:DC:F4:C0:23:46:7D:B3:BF:2E:EF:3D:D1:5B:2E:FE:EB:2B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yMHc9MAjRn2zvy7vPdFbLv7rK9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ffd4-2382-4ca2-8603-44d92de438c9/1/KMVYfNBq8fQcPieeDn4rOXJEAQc.roa
Signing time: Wed 01 Jan 2025 15:48:28 +0000
ROA not before: Wed 01 Jan 2025 15:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203728
IP address blocks: 2001:678:90c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d7:52:b5:fd:65:f7:84:11:a5:44:5c:b7:bd:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8c1dcf4c023467db3bf2eef3dd15b2efeeb2bd7
Validity
Not Before: Jan 1 15:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28c5587cd06af1f41c3e279e0e7e2b3972440107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:98:17:f0:93:4c:36:0f:10:41:a8:e5:93:06:
0a:6a:d1:ee:ce:45:0e:40:4f:ce:f0:59:11:ac:8e:
a0:bd:b0:16:64:e3:eb:a5:e3:9e:ea:25:48:a2:1f:
e9:67:7c:be:65:63:44:51:f4:40:8b:ee:ee:20:98:
cd:09:b0:3f:c3:1a:c6:65:3f:a4:b3:27:d2:9d:9d:
ce:50:df:5b:84:33:69:7a:1c:d7:02:ea:39:0c:6e:
21:e1:67:92:76:ed:5a:b5:2a:da:49:d1:1a:c1:3c:
e1:37:a0:25:cd:bd:d0:01:d5:b9:15:5c:2a:58:cd:
6d:3d:b6:86:fa:9b:a8:b1:94:14:ec:3e:0d:a3:81:
bf:bb:52:8d:8c:07:ca:49:a2:97:d0:fa:a6:b3:1d:
30:de:a6:98:d4:27:0a:0c:e3:24:78:3e:ee:f4:ba:
8e:64:0d:24:32:c3:c3:ac:37:db:cb:52:23:1b:4f:
a2:a6:41:ca:0a:f6:75:18:c5:d4:cc:57:2b:ba:c9:
7b:da:c2:a4:42:42:10:22:15:3b:6b:1c:cf:6f:fd:
d0:06:b4:1e:88:93:16:cc:d9:2e:4a:b5:b3:19:32:
21:3d:0b:0e:05:0a:0a:86:fb:ce:6a:ca:65:c9:3e:
e8:5c:41:b2:44:5a:b5:03:ca:5a:e1:46:59:7e:48:
31:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C5:58:7C:D0:6A:F1:F4:1C:3E:27:9E:0E:7E:2B:39:72:44:01:07
X509v3 Authority Key Identifier:
keyid:C8:C1:DC:F4:C0:23:46:7D:B3:BF:2E:EF:3D:D1:5B:2E:FE:EB:2B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yMHc9MAjRn2zvy7vPdFbLv7rK9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ffd4-2382-4ca2-8603-44d92de438c9/1/KMVYfNBq8fQcPieeDn4rOXJEAQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ffd4-2382-4ca2-8603-44d92de438c9/1/yMHc9MAjRn2zvy7vPdFbLv7rK9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:90c::/48
Signature Algorithm: sha256WithRSAEncryption
0b:0c:27:33:d1:5e:a2:f1:af:1f:95:9c:de:64:e1:99:39:65:
51:a5:6a:0e:2d:52:3f:24:c4:44:26:e2:8f:85:88:9f:1d:31:
9a:ba:8f:43:71:a4:eb:a4:92:be:2a:e2:55:03:58:13:6f:c7:
98:ed:bb:6c:36:11:ae:3e:cd:c3:74:7e:66:d4:47:e1:86:35:
13:98:b2:3c:3f:bf:2e:5b:34:45:b7:2b:88:78:9e:8c:6a:00:
c6:f8:77:c7:bf:b0:42:ed:c2:cb:34:03:ea:e8:ca:99:9c:d2:
b8:6d:8f:e0:74:04:47:e6:21:93:1f:ba:40:ce:39:3e:3c:80:
1b:db:42:5b:6c:07:7c:5e:f1:1d:fe:19:eb:cc:4e:7d:45:c2:
dc:be:57:dc:f8:1d:92:7a:58:96:34:78:5a:6a:0e:ca:5c:f5:
c9:ab:d9:7c:7a:f2:8c:c2:1c:59:52:0c:ac:00:d2:8c:5a:9e:
6d:f1:7c:44:d1:dd:e5:2d:f0:03:df:2a:6d:c4:74:8f:92:c3:
94:97:8c:07:ec:b4:fd:a5:0a:3a:e2:fc:5a:4b:2f:8a:56:c0:
40:dc:59:0f:c2:00:6b:6d:61:19:28:e7:e8:7e:97:e5:e4:28:
d1:41:fc:f4:38:ca:3f:29:c0:13:62:f1:a9:c3:89:5c:9b:34:
40:ac:74:68
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQijddStf1l94QRpURct73WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YzFkY2Y0YzAyMzQ2N2RiM2JmMmVlZjNkZDE1YjJlZmVl
YjJiZDcwHhcNMjUwMTAxMTU0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM1NTg3Y2QwNmFmMWY0MWMzZTI3OWUwZTdlMmIzOTcyNDQwMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJgX8JNMNg8QQajlkwYKatHuzkUO
QE/O8FkRrI6gvbAWZOPrpeOe6iVIoh/pZ3y+ZWNEUfRAi+7uIJjNCbA/wxrGZT+k
syfSnZ3OUN9bhDNpehzXAuo5DG4h4WeSdu1atSraSdEawTzhN6Alzb3QAdW5FVwq
WM1tPbaG+puosZQU7D4No4G/u1KNjAfKSaKX0Pqmsx0w3qaY1CcKDOMkeD7u9LqO
ZA0kMsPDrDfby1IjG0+ipkHKCvZ1GMXUzFcrusl72sKkQkIQIhU7axzPb/3QBrQe
iJMWzNkuSrWzGTIhPQsOBQoKhvvOasplyT7oXEGyRFq1A8pa4UZZfkgxKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCjFWHzQavH0HD4nng5+KzlyRAEHMB8GA1UdIwQY
MBaAFMjB3PTAI0Z9s78u7z3RWy7+6yvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU1IYzlNQWpSbjJ6dnk3dlBkRmJMdjdySzljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hMmZmZDQtMjM4Mi00Y2EyLTg2MDMt
NDRkOTJkZTQzOGM5LzEvS01WWWZOQnE4ZlFjUGllZURuNHJPWEpFQVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hMmZmZDQtMjM4Mi00Y2EyLTg2MDMtNDRkOTJkZTQzOGM5
LzEveU1IYzlNQWpSbjJ6dnk3dlBkRmJMdjdySzljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAkM
MA0GCSqGSIb3DQEBCwUAA4IBAQALDCcz0V6i8a8flZzeZOGZOWVRpWoOLVI/JMRE
JuKPhYifHTGauo9DcaTrpJK+KuJVA1gTb8eY7btsNhGuPs3DdH5m1EfhhjUTmLI8
P78uWzRFtyuIeJ6MagDG+HfHv7BC7cLLNAPq6MqZnNK4bY/gdARH5iGTH7pAzjk+
PIAb20JbbAd8XvEd/hnrzE59RcLcvlfc+B2SeliWNHhaag7KXPXJq9l8evKMwhxZ
UgysANKMWp5t8XxE0d3lLfAD3yptxHSPksOUl4wH7LT9pQo64vxaSy+KVsBA3FkP
wgBrbWEZKOfofpfl5CjRQfz0OMo/KcATYvGpw4lcmzRArHRo
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:07:23 2025 by rpki-client