Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/Knfth6txiDF12eWnRVMBTSZ3N7E.roa
File: Knfth6txiDF12eWnRVMBTSZ3N7E.roa (raw, json)
Hash identifier: Erv1kSG7AIiPjVidT056wHHSwG5zaW2OWLCIEkBM0Dk=
Subject key identifier: 2A:77:ED:87:AB:71:88:31:75:D9:E5:A7:45:53:01:4D:26:77:37:B1
Certificate issuer: /CN=0b8d1bb72791c878550d1b9d8fef564ac3919368
Certificate serial: 019427B6239A5BE2ACA366437B1DE984FAE8
Authority key identifier: 0B:8D:1B:B7:27:91:C8:78:55:0D:1B:9D:8F:EF:56:4A:C3:91:93:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C40btyeRyHhVDRudj-9WSsORk2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/Knfth6txiDF12eWnRVMBTSZ3N7E.roa
Signing time: Thu 02 Jan 2025 15:50:35 +0000
ROA not before: Thu 02 Jan 2025 15:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205588
IP address blocks: 185.213.8.0/24 maxlen: 24
185.213.9.0/24 maxlen: 24
185.213.10.0/24 maxlen: 24
185.213.11.0/24 maxlen: 24
2a0d:d580::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:23:9a:5b:e2:ac:a3:66:43:7b:1d:e9:84:fa:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b8d1bb72791c878550d1b9d8fef564ac3919368
Validity
Not Before: Jan 2 15:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a77ed87ab71883175d9e5a74553014d267737b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:94:14:0a:a4:ed:39:66:ef:8b:a8:ec:64:23:
68:5d:66:d6:dc:35:03:bc:29:06:17:80:76:69:97:
ed:28:56:fe:7b:60:a1:7b:65:e3:63:14:b2:37:6c:
30:37:56:3b:4d:fb:f2:5c:6f:ff:17:bf:b8:89:bc:
54:ea:9b:9d:70:af:d2:52:4d:15:96:98:47:7f:a2:
a6:3b:52:02:d5:66:0b:48:23:35:4b:d4:61:05:3a:
f0:9f:7e:58:c7:57:c8:fa:90:b9:a7:ac:f0:cd:5a:
8b:87:df:37:ee:98:a0:c9:a3:ea:52:7f:5b:eb:98:
43:d3:ac:79:92:2c:93:73:7c:b1:03:23:64:4e:0c:
69:e1:4c:8e:d7:98:ad:24:90:b3:bc:c1:68:a8:58:
13:76:8c:d3:14:8d:85:18:47:af:0d:f7:8e:ca:56:
9a:d4:9d:7b:2a:68:19:09:00:0e:d0:66:fe:2a:6a:
55:d7:81:56:bb:5d:b1:5a:35:a4:7b:55:7f:e5:34:
e7:da:4d:3b:50:e4:d2:c6:b3:0b:82:f1:f4:61:f7:
04:91:52:d9:be:a2:c3:71:df:6b:6f:d6:4a:71:6a:
e7:f5:c9:70:f1:6d:ba:1d:d8:3a:1f:5b:f2:94:1e:
1d:d5:d7:d4:37:b2:67:f0:4a:97:65:5d:4e:1d:a6:
52:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:77:ED:87:AB:71:88:31:75:D9:E5:A7:45:53:01:4D:26:77:37:B1
X509v3 Authority Key Identifier:
keyid:0B:8D:1B:B7:27:91:C8:78:55:0D:1B:9D:8F:EF:56:4A:C3:91:93:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C40btyeRyHhVDRudj-9WSsORk2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/Knfth6txiDF12eWnRVMBTSZ3N7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/C40btyeRyHhVDRudj-9WSsORk2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.8.0/22
IPv6:
2a0d:d580::/32
Signature Algorithm: sha256WithRSAEncryption
82:de:b6:ad:3f:b3:55:cc:d5:3d:7a:fc:c8:6b:eb:a7:8a:19:
91:51:23:35:69:ff:c9:be:1e:ce:3a:65:a1:00:b8:44:bf:ec:
b1:fe:f0:22:d9:1d:fe:94:7d:a5:82:bb:50:44:c8:76:9a:92:
19:a7:fc:81:a2:72:fa:39:77:9f:5b:ce:cf:8a:5d:d0:a8:ce:
85:c9:02:a7:ec:10:31:26:94:ed:31:a9:06:c5:e3:30:69:5f:
3b:db:4c:3a:87:64:c7:09:a1:06:3b:39:69:1e:5c:c2:b2:af:
95:0f:25:0b:27:31:bb:b2:e3:46:f0:3f:8a:c6:3e:f5:e6:57:
ec:db:4c:65:d1:c7:17:36:6f:64:5a:32:fa:59:17:7e:1c:5b:
50:c2:5f:da:7e:f9:6e:f7:05:91:8e:7e:6b:09:46:44:34:52:
3e:65:45:fd:82:0d:a1:57:96:d1:2b:de:a7:6a:90:14:b4:17:
b6:00:12:69:f6:01:ce:19:22:de:f5:50:7c:dd:45:40:53:7b:
3f:0e:98:16:ec:71:39:1e:b7:4d:8d:7c:1d:98:0c:97:bd:6f:
be:aa:48:aa:84:f8:b0:33:26:db:97:cc:52:06:4f:a5:3f:ed:
06:4f:9d:44:66:65:83:8e:0a:e9:4e:a7:04:24:4f:c7:a7:32:
bd:79:1a:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntiOaW+Kso2ZDex3phProMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOGQxYmI3Mjc5MWM4Nzg1NTBkMWI5ZDhmZWY1NjRhYzM5
MTkzNjgwHhcNMjUwMTAyMTU1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTc3ZWQ4N2FiNzE4ODMxNzVkOWU1YTc0NTUzMDE0ZDI2NzczN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25QUCqTtOWbvi6jsZCNoXWbW3DUD
vCkGF4B2aZftKFb+e2Che2XjYxSyN2wwN1Y7TfvyXG//F7+4ibxU6pudcK/SUk0V
lphHf6KmO1IC1WYLSCM1S9RhBTrwn35Yx1fI+pC5p6zwzVqLh9837pigyaPqUn9b
65hD06x5kiyTc3yxAyNkTgxp4UyO15itJJCzvMFoqFgTdozTFI2FGEevDfeOylaa
1J17KmgZCQAO0Gb+KmpV14FWu12xWjWke1V/5TTn2k07UOTSxrMLgvH0YfcEkVLZ
vqLDcd9rb9ZKcWrn9clw8W26Hdg6H1vylB4d1dfUN7Jn8EqXZV1OHaZSaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCp37YercYgxddnlp0VTAU0mdzexMB8GA1UdIwQY
MBaAFAuNG7cnkch4VQ0bnY/vVkrDkZNoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzQwYnR5ZVJ5SGhWRFJ1ZGotOVdTc09SazJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8wMzY3ZDAtZmE4NS00NTQ2LWI4NGMt
MDI3OGM1ZGMxNDkxLzEvS25mdGg2dHhpREYxMmVXblJWTUJUU1ozTjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8wMzY3ZDAtZmE4NS00NTQ2LWI4NGMtMDI3OGM1ZGMxNDkx
LzEvQzQwYnR5ZVJ5SGhWRFJ1ZGotOVdTc09SazJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudUIMA0E
AgACMAcDBQAqDdWAMA0GCSqGSIb3DQEBCwUAA4IBAQCC3ratP7NVzNU9evzIa+un
ihmRUSM1af/Jvh7OOmWhALhEv+yx/vAi2R3+lH2lgrtQRMh2mpIZp/yBonL6OXef
W87Pil3QqM6FyQKn7BAxJpTtMakGxeMwaV8720w6h2THCaEGOzlpHlzCsq+VDyUL
JzG7suNG8D+Kxj715lfs20xl0ccXNm9kWjL6WRd+HFtQwl/afvlu9wWRjn5rCUZE
NFI+ZUX9gg2hV5bRK96napAUtBe2ABJp9gHOGSLe9VB83UVAU3s/DpgW7HE5HrdN
jXwdmAyXvW++qkiqhPiwMybbl8xSBk+lP+0GT51EZmWDjgrpTqcEJE/HpzK9eRp8
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:04 2025 by rpki-client