Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/KnZSri1ErHkMqK-ychOPB55BmVk.roa
File: KnZSri1ErHkMqK-ychOPB55BmVk.roa (raw, json)
Hash identifier: UwVkdk2lTL9ohV6GQ0qIHHU7mtry738p66pgVkpsNOo=
Subject key identifier: 2A:76:52:AE:2D:44:AC:79:0C:A8:AF:B2:72:13:8F:07:9E:41:99:59
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B05F337D35A2A00E22BF209AD5129
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/KnZSri1ErHkMqK-ychOPB55BmVk.roa
Signing time: Sun 01 Jan 2023 13:35:05 +0000
ROA not before: Sun 01 Jan 2023 13:35:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47538
IP address blocks: 212.243.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:05:f3:37:d3:5a:2a:00:e2:2b:f2:09:ad:51:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a7652ae2d44ac790ca8afb272138f079e419959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6f:fe:97:ac:6f:3c:a0:0f:01:39:b5:99:04:
94:59:83:82:23:e1:ad:51:a9:60:60:ff:52:dc:35:
9f:63:9f:96:87:87:95:b2:ce:39:3e:95:f0:ee:f7:
20:52:ad:49:b8:a0:80:60:2a:91:a9:7d:c8:1b:fe:
da:20:97:5a:31:e7:7a:f7:7e:69:ca:9e:42:0f:01:
e9:55:d8:25:75:ff:6f:51:b8:bf:b0:45:90:45:85:
72:fd:8b:2e:ec:d0:70:9b:e0:6a:0b:eb:82:fd:aa:
9f:45:ec:cb:1e:29:5c:fe:b2:0f:64:b3:1f:6a:05:
49:9b:4c:bf:08:32:2e:0a:d4:3c:85:41:85:3a:7d:
32:88:65:45:5d:a4:48:d9:53:66:1b:91:a5:d3:ad:
cc:a6:c2:c0:bb:43:94:3c:53:ec:a4:1e:f2:47:77:
d8:0c:6c:87:62:3d:ca:19:40:26:c3:80:d6:ee:11:
6c:fd:dc:ce:e3:3a:6f:1f:ff:95:b7:8d:c8:7e:70:
1f:00:ac:a2:44:17:3b:15:ad:e9:69:d8:d9:65:f6:
c7:38:bf:24:66:b5:ad:92:2b:ea:8c:bd:15:a9:4f:
74:a1:16:0e:44:89:a5:92:49:a0:13:46:ba:72:99:
b1:bb:89:4b:22:2f:a8:d0:ba:c6:16:59:e1:84:9c:
3d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:76:52:AE:2D:44:AC:79:0C:A8:AF:B2:72:13:8F:07:9E:41:99:59
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/KnZSri1ErHkMqK-ychOPB55BmVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.243.121.0/24
Signature Algorithm: sha256WithRSAEncryption
13:ca:8c:51:f1:5b:d2:03:de:ad:e4:ba:9e:80:1b:3f:54:8e:
4d:fb:0b:f3:ce:e9:d0:a7:3a:50:56:50:74:33:1b:09:e3:89:
a7:d8:25:d3:a9:ce:49:9b:fe:06:26:4b:88:89:9f:5b:43:f3:
56:d6:b9:65:7b:b3:89:54:4e:59:97:f1:2d:0f:e2:fd:4e:29:
df:7f:fb:1b:55:bd:e2:00:a2:fb:90:10:bc:51:39:4a:5b:de:
e7:03:67:f1:5f:55:69:1f:28:3d:c8:bd:b3:61:7b:a2:00:3e:
21:0f:29:49:c7:43:e7:d6:55:97:13:b2:fe:d3:d4:f8:5e:79:
ff:8c:f5:74:4a:59:86:d6:d3:a8:79:5d:e5:2a:13:a4:28:cf:
cb:15:20:c5:23:b5:40:33:e8:12:50:37:64:c1:07:67:12:d4:
42:cf:d2:d5:56:4f:86:d6:91:74:f9:6e:69:2a:64:4b:6a:43:
73:03:20:52:e2:e4:d6:95:b2:93:14:24:9d:f6:76:31:4c:23:
d6:1e:93:19:20:f3:5a:51:5f:46:f8:da:13:b4:51:a1:4f:9b:
31:3a:3a:46:2f:c3:f9:05:5b:42:02:82:70:a0:04:02:a9:66:
c5:b4:e1:3c:30:6b:7b:56:ee:ec:dd:b6:80:85:7c:66:10:57:
e2:15:dd:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtiwXzN9NaKgDiK/IJrVEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTc2NTJhZTJkNDRhYzc5MGNhOGFmYjI3MjEzOGYwNzllNDE5OTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG/+l6xvPKAPATm1mQSUWYOCI+Gt
UalgYP9S3DWfY5+Wh4eVss45PpXw7vcgUq1JuKCAYCqRqX3IG/7aIJdaMed6935p
yp5CDwHpVdgldf9vUbi/sEWQRYVy/Ysu7NBwm+BqC+uC/aqfRezLHilc/rIPZLMf
agVJm0y/CDIuCtQ8hUGFOn0yiGVFXaRI2VNmG5Gl063MpsLAu0OUPFPspB7yR3fY
DGyHYj3KGUAmw4DW7hFs/dzO4zpvH/+Vt43IfnAfAKyiRBc7Fa3padjZZfbHOL8k
ZrWtkivqjL0VqU90oRYORImlkkmgE0a6cpmxu4lLIi+o0LrGFlnhhJw90QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCp2Uq4tRKx5DKivsnITjweeQZlZMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvS25aU3JpMUVySGtNcUsteWNoT1BCNTVCbVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1PN5MA0G
CSqGSIb3DQEBCwUAA4IBAQATyoxR8VvSA96t5LqegBs/VI5N+wvzzunQpzpQVlB0
MxsJ44mn2CXTqc5Jm/4GJkuIiZ9bQ/NW1rlle7OJVE5Zl/EtD+L9Tinff/sbVb3i
AKL7kBC8UTlKW97nA2fxX1VpHyg9yL2zYXuiAD4hDylJx0Pn1lWXE7L+09T4Xnn/
jPV0SlmG1tOoeV3lKhOkKM/LFSDFI7VAM+gSUDdkwQdnEtRCz9LVVk+G1pF0+W5p
KmRLakNzAyBS4uTWlbKTFCSd9nYxTCPWHpMZIPNaUV9G+NoTtFGhT5sxOjpGL8P5
BVtCAoJwoAQCqWbFtOE8MGt7Vu7s3baAhXxmEFfiFd3M
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:32:31 2025 by rpki-client