Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/KgJFjtXpANvbqkfqOR_BDITUz1I.roa
File: KgJFjtXpANvbqkfqOR_BDITUz1I.roa (raw, json)
Hash identifier: Fx5cDQga5r+zhubxJZXoqZY5CAQumyi8huOxbjPNEyo=
Subject key identifier: 2A:02:45:8E:D5:E9:00:DB:DB:AA:47:EA:39:1F:C1:0C:84:D4:CF:52
Certificate issuer: /CN=c4b21c89bc7e2b214067f30707a4a03dc346ee05
Certificate serial: 01941F8C482D038994E06937516A0D04E6A9
Authority key identifier: C4:B2:1C:89:BC:7E:2B:21:40:67:F3:07:07:A4:A0:3D:C3:46:EE:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/KgJFjtXpANvbqkfqOR_BDITUz1I.roa
Signing time: Wed 01 Jan 2025 01:47:54 +0000
ROA not before: Wed 01 Jan 2025 01:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211335
IP address blocks: 45.11.41.0/24 maxlen: 24
2a0e:7d02::/32 maxlen: 32
2a0e:7d03::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:48:2d:03:89:94:e0:69:37:51:6a:0d:04:e6:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4b21c89bc7e2b214067f30707a4a03dc346ee05
Validity
Not Before: Jan 1 01:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a02458ed5e900dbdbaa47ea391fc10c84d4cf52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:20:ec:9f:2c:9d:05:86:a7:79:3a:41:af:f1:
bf:47:c7:4d:c1:b0:85:af:47:68:63:01:fa:fa:f8:
b6:b0:48:c7:14:a2:dd:af:51:86:07:bb:46:12:e8:
11:ff:e0:33:11:76:59:88:aa:1b:d9:ec:78:fd:80:
e1:b2:3e:dd:51:c0:23:d2:86:c3:bc:7b:dd:a2:2c:
92:ba:1e:ac:c9:ee:90:3f:24:6a:be:cd:e2:b7:0d:
de:5e:1c:ac:17:2d:75:7b:7d:b7:99:02:e1:8a:f1:
5f:53:72:5e:40:35:55:3e:17:4e:39:68:1a:28:86:
23:93:3e:3a:83:7c:7e:f9:56:2e:c5:b7:a6:9a:6a:
f0:51:5f:80:b5:b8:e0:26:d4:4f:f6:ea:f9:34:90:
c3:66:63:85:ad:9a:36:3e:f8:93:35:99:4f:1c:0c:
a9:52:27:e7:e6:7f:ec:8d:b4:be:b6:f8:55:f8:f2:
af:df:e9:6c:3c:0a:7b:8f:7b:00:7a:a2:90:59:2a:
28:d4:ae:2e:a2:a9:28:35:c9:c5:02:a1:25:72:04:
d4:40:42:f7:82:f9:cf:23:7a:8b:ea:69:35:ef:8e:
11:72:b6:ff:c2:3a:b9:04:4d:6e:25:d9:a1:46:b8:
b6:69:d7:18:72:0d:52:da:be:a4:b9:fe:04:7e:49:
e8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:02:45:8E:D5:E9:00:DB:DB:AA:47:EA:39:1F:C1:0C:84:D4:CF:52
X509v3 Authority Key Identifier:
keyid:C4:B2:1C:89:BC:7E:2B:21:40:67:F3:07:07:A4:A0:3D:C3:46:EE:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/KgJFjtXpANvbqkfqOR_BDITUz1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/xLIcibx-KyFAZ_MHB6SgPcNG7gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.41.0/24
IPv6:
2a0e:7d02::/31
Signature Algorithm: sha256WithRSAEncryption
92:df:76:69:d6:06:cd:04:50:8c:ab:bc:87:ee:75:8d:6b:b3:
01:6d:76:2f:31:43:a2:3b:0a:19:a1:6f:94:8e:94:42:3f:02:
c1:82:10:04:17:3b:48:a2:49:73:65:bd:66:8d:22:b2:e0:3d:
74:21:14:ac:51:53:4c:87:69:44:c9:80:52:c0:11:a1:40:d3:
49:e8:c3:db:1f:47:44:87:47:ab:5c:48:22:e3:5e:9a:e9:10:
2a:15:94:a1:27:cb:a0:6a:ee:06:bf:b7:70:1e:10:15:50:48:
59:4b:0d:c4:6d:52:68:38:7b:12:c8:52:20:a7:9c:bd:f8:e4:
c3:80:23:c9:9c:e7:c1:3c:c5:44:9a:1d:97:7c:87:14:e3:62:
e1:f6:64:ff:f5:df:a6:97:bd:9b:8e:55:d2:e0:ca:52:e7:7f:
12:55:36:1c:1a:4a:f2:c4:c1:41:83:77:71:0c:f1:33:45:73:
4d:d7:4d:73:8a:cd:f7:ce:1d:ce:5c:a3:ef:eb:1c:c8:0c:92:
a0:3c:a8:b6:3b:c0:ee:7b:4f:f8:f0:57:8f:50:ff:be:36:70:
88:3c:8c:0b:91:4b:1b:7e:08:56:8a:2a:e8:56:7c:ea:a6:30:
07:c4:0a:55:77:d2:bf:ed:89:51:2d:3c:6f:da:49:45:0b:35:
19:51:76:03
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjEgtA4mU4Gk3UWoNBOapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YjIxYzg5YmM3ZTJiMjE0MDY3ZjMwNzA3YTRhMDNkYzM0
NmVlMDUwHhcNMjUwMTAxMDE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTAyNDU4ZWQ1ZTkwMGRiZGJhYTQ3ZWEzOTFmYzEwYzg0ZDRjZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CDsnyydBYaneTpBr/G/R8dNwbCF
r0doYwH6+vi2sEjHFKLdr1GGB7tGEugR/+AzEXZZiKob2ex4/YDhsj7dUcAj0obD
vHvdoiySuh6sye6QPyRqvs3itw3eXhysFy11e323mQLhivFfU3JeQDVVPhdOOWga
KIYjkz46g3x++VYuxbemmmrwUV+AtbjgJtRP9ur5NJDDZmOFrZo2PviTNZlPHAyp
Uifn5n/sjbS+tvhV+PKv3+lsPAp7j3sAeqKQWSoo1K4uoqkoNcnFAqElcgTUQEL3
gvnPI3qL6mk1744Rcrb/wjq5BE1uJdmhRri2adcYcg1S2r6kuf4EfknoKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCoCRY7V6QDb26pH6jkfwQyE1M9SMB8GA1UdIwQY
MBaAFMSyHIm8fishQGfzBwekoD3DRu4FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveExJY2lieC1LeUZBWl9NSEI2U2dQY05HN2dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MTM3YjgtMTM4My00YjcxLWExODkt
MDYzYjQwMTc0NTk3LzEvS2dKRmp0WHBBTnZicWtmcU9SX0JESVRVejFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MTM3YjgtMTM4My00YjcxLWExODktMDYzYjQwMTc0NTk3
LzEveExJY2lieC1LeUZBWl9NSEI2U2dQY05HN2dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALQspMA0E
AgACMAcDBQEqDn0CMA0GCSqGSIb3DQEBCwUAA4IBAQCS33Zp1gbNBFCMq7yH7nWN
a7MBbXYvMUOiOwoZoW+UjpRCPwLBghAEFztIoklzZb1mjSKy4D10IRSsUVNMh2lE
yYBSwBGhQNNJ6MPbH0dEh0erXEgi416a6RAqFZShJ8ugau4Gv7dwHhAVUEhZSw3E
bVJoOHsSyFIgp5y9+OTDgCPJnOfBPMVEmh2XfIcU42Lh9mT/9d+ml72bjlXS4MpS
538SVTYcGkryxMFBg3dxDPEzRXNN101zis33zh3OXKPv6xzIDJKgPKi2O8Due0/4
8FePUP++NnCIPIwLkUsbfghWiiroVnzqpjAHxApVd9K/7YlRLTxv2klFCzUZUXYD
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:11:04 2025 by rpki-client