Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/kazfjx-38nxUYNpFewsc-N0E_gQ.roa
File: kazfjx-38nxUYNpFewsc-N0E_gQ.roa (raw, json)
Hash identifier: FuOLRW+the6SJWKW/Fgn12OsU9fn3K6AgcPUOa9yvAQ=
Subject key identifier: 91:AC:DF:8F:1F:B7:F2:7C:54:60:DA:45:7B:0B:1C:F8:DD:04:FE:04
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 018CC725A2818C519C5BED259D39FCD5C907
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/kazfjx-38nxUYNpFewsc-N0E_gQ.roa
Signing time: Mon 01 Jan 2024 22:29:41 +0000
ROA not before: Mon 01 Jan 2024 22:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199458
IP address blocks: 94.137.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:a2:81:8c:51:9c:5b:ed:25:9d:39:fc:d5:c9:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Jan 1 22:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91acdf8f1fb7f27c5460da457b0b1cf8dd04fe04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a1:2e:a6:54:d6:e0:3f:45:40:3f:dc:9f:ee:
ea:f1:1c:13:29:7c:28:26:2f:da:a2:cd:24:e9:a6:
9f:7a:24:6e:e3:35:6d:c8:96:70:ab:0a:a1:57:12:
db:c5:78:b5:29:70:2b:d5:47:11:11:3d:54:87:35:
e9:af:74:49:95:0d:d5:62:a6:9c:bd:a7:df:82:f2:
e6:43:bb:b0:56:e8:4f:f5:c6:b6:dc:c3:71:c9:8d:
7d:ae:4e:9b:a0:29:67:83:d2:18:d7:76:2a:d7:c8:
13:b8:59:c4:36:49:6c:a8:75:65:fd:d1:7b:66:66:
53:cf:59:e9:78:80:ae:ff:3f:db:79:f3:61:ee:24:
d8:7b:57:db:91:c2:50:be:fc:0e:dd:66:89:b1:cc:
d6:94:2d:36:73:eb:34:5e:9e:ca:fb:0d:1a:a9:b6:
1e:f9:9b:95:ae:8c:43:7d:4c:37:46:b6:69:a5:83:
9d:4d:bd:18:9a:48:9f:9c:0f:67:93:e4:49:7f:fe:
48:4e:62:8f:be:1e:b3:e0:b1:88:3f:21:4e:ed:6b:
03:ea:e2:9a:f0:7a:25:59:1e:4d:76:db:c2:ea:a1:
3e:db:7a:4d:5f:75:05:0b:16:d9:70:f8:f7:8e:fa:
1f:02:09:a8:f5:93:2f:e7:45:06:3e:25:d2:02:b6:
c4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:AC:DF:8F:1F:B7:F2:7C:54:60:DA:45:7B:0B:1C:F8:DD:04:FE:04
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/kazfjx-38nxUYNpFewsc-N0E_gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.137.74.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:28:09:27:33:2f:78:15:5e:58:32:d1:2a:d6:bb:dc:63:31:
eb:35:a0:a2:39:50:37:e3:b8:b0:42:6d:83:9f:8c:a4:ac:c2:
2f:57:76:3f:05:88:41:47:e8:ce:35:9e:1d:4e:59:e3:a6:32:
9d:17:86:ad:fd:2e:7f:53:d9:61:a3:f0:02:d3:24:8c:17:b3:
45:fc:40:d8:ff:a7:03:8a:58:f8:42:e7:3c:13:58:fe:d8:ed:
df:e7:be:52:6f:63:07:74:45:6b:b0:3a:1c:92:1a:76:f6:fd:
ff:7f:e2:41:ed:13:bb:c1:37:76:93:8f:5b:ae:ee:d3:1c:07:
13:ed:d2:21:d4:6e:8e:a1:27:13:8f:bb:0f:ee:d5:37:25:ef:
cf:1a:48:6a:27:08:52:4a:ca:ba:cf:12:8d:b9:9f:0a:d2:bc:
75:f6:77:cd:eb:24:d7:ce:a7:f0:05:b6:f6:28:8e:d3:3b:98:
d7:70:b2:05:57:be:65:de:5a:91:5b:6b:76:4a:b9:a2:2e:de:
ad:ff:cb:b5:35:63:2b:c2:26:da:a7:82:3e:c6:9d:8a:3d:1e:
09:f7:89:83:c7:f7:82:7c:7d:0d:46:c9:b6:a7:0a:3c:43:01:
a9:75:f2:e0:c0:4e:45:8b:66:bb:eb:79:49:e5:3f:2c:41:4f:
ee:a4:25:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJaKBjFGcW+0lnTn81ckHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjQwMTAxMjIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWFjZGY4ZjFmYjdmMjdjNTQ2MGRhNDU3YjBiMWNmOGRkMDRmZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKEuplTW4D9FQD/cn+7q8RwTKXwo
Ji/aos0k6aafeiRu4zVtyJZwqwqhVxLbxXi1KXAr1UcRET1UhzXpr3RJlQ3VYqac
vaffgvLmQ7uwVuhP9ca23MNxyY19rk6boClng9IY13Yq18gTuFnENklsqHVl/dF7
ZmZTz1npeICu/z/befNh7iTYe1fbkcJQvvwO3WaJsczWlC02c+s0Xp7K+w0aqbYe
+ZuVroxDfUw3RrZppYOdTb0YmkifnA9nk+RJf/5ITmKPvh6z4LGIPyFO7WsD6uKa
8HolWR5NdtvC6qE+23pNX3UFCxbZcPj3jvofAgmo9ZMv50UGPiXSArbEnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGs348ft/J8VGDaRXsLHPjdBP4EMB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEva2F6Zmp4LTM4bnhVWU5wRmV3c2MtTjBFX2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXolKMA0G
CSqGSIb3DQEBCwUAA4IBAQA7KAknMy94FV5YMtEq1rvcYzHrNaCiOVA347iwQm2D
n4ykrMIvV3Y/BYhBR+jONZ4dTlnjpjKdF4at/S5/U9lho/AC0ySMF7NF/EDY/6cD
ilj4Quc8E1j+2O3f575Sb2MHdEVrsDockhp29v3/f+JB7RO7wTd2k49bru7THAcT
7dIh1G6OoScTj7sP7tU3Je/PGkhqJwhSSsq6zxKNuZ8K0rx19nfN6yTXzqfwBbb2
KI7TO5jXcLIFV75l3lqRW2t2SrmiLt6t/8u1NWMrwibap4I+xp2KPR4J94mDx/eC
fH0NRsm2pwo8QwGpdfLgwE5Fi2a763lJ5T8sQU/upCWX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:59 2025 by rpki-client