Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/ba7854-886d-4148-a208-5c78639264aa/1/KNF-QXBE-ET2Ss8Ra3b9tGjUuzU.roa
File: KNF-QXBE-ET2Ss8Ra3b9tGjUuzU.roa (raw, json)
Hash identifier: ZA2nOGYGdA1K+/Cu62amSanLsSzoKdIYO3r9rfPBtJE=
Subject key identifier: 28:D1:7E:41:70:44:F8:44:F6:4A:CF:11:6B:76:FD:B4:68:D4:BB:35
Certificate issuer: /CN=cb173e8a827e636c4f251ef363bd94ea90a04cbf
Certificate serial: 019422FC29AAAD721C56CD1E46CED74EB15E
Authority key identifier: CB:17:3E:8A:82:7E:63:6C:4F:25:1E:F3:63:BD:94:EA:90:A0:4C:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxc-ioJ-Y2xPJR7zY72U6pCgTL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/ba7854-886d-4148-a208-5c78639264aa/1/KNF-QXBE-ET2Ss8Ra3b9tGjUuzU.roa
Signing time: Wed 01 Jan 2025 17:48:58 +0000
ROA not before: Wed 01 Jan 2025 17:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12843
IP address blocks: 91.208.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:29:aa:ad:72:1c:56:cd:1e:46:ce:d7:4e:b1:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb173e8a827e636c4f251ef363bd94ea90a04cbf
Validity
Not Before: Jan 1 17:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28d17e417044f844f64acf116b76fdb468d4bb35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e0:1f:86:e0:0c:ca:83:fe:76:4c:7d:e3:ef:
01:fc:a3:80:86:fb:d8:34:6e:1f:ed:80:91:ff:c8:
b9:09:bb:7a:04:be:4a:2f:3c:29:86:14:45:10:d0:
87:a3:1d:6c:0f:b5:d2:95:66:50:eb:dc:d7:ab:52:
7b:e1:d3:f1:3e:f1:46:07:8f:a4:82:ce:0f:83:3e:
aa:af:37:fd:2a:dd:95:66:63:62:92:da:51:7e:48:
4e:19:c7:94:3f:22:44:cf:c4:8c:1f:c6:b1:4a:b4:
6a:db:d1:c8:e0:3a:cf:b3:4e:b0:5e:31:ab:8d:de:
aa:ed:22:58:e7:26:4d:85:43:ac:fb:27:36:8b:cf:
e1:56:57:4f:19:39:92:59:66:1e:9a:ac:f8:f3:9d:
54:42:9c:c7:a7:df:e4:ca:56:a4:10:52:40:56:76:
a9:a5:62:8d:7f:17:64:70:72:65:58:2e:fa:26:b9:
18:8b:fe:b7:2b:76:fa:f6:d4:07:12:f2:33:4d:f1:
d1:ab:b2:67:c4:66:96:2e:cf:b0:2a:0e:3c:08:63:
c2:e6:f3:4c:a2:01:89:55:a1:ee:a7:5b:89:0d:bf:
23:b2:38:6a:43:d5:1f:89:4c:56:0f:ca:76:1a:0b:
b0:1f:97:bf:f5:e8:7f:65:12:55:38:eb:94:8a:43:
f4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D1:7E:41:70:44:F8:44:F6:4A:CF:11:6B:76:FD:B4:68:D4:BB:35
X509v3 Authority Key Identifier:
keyid:CB:17:3E:8A:82:7E:63:6C:4F:25:1E:F3:63:BD:94:EA:90:A0:4C:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxc-ioJ-Y2xPJR7zY72U6pCgTL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ba7854-886d-4148-a208-5c78639264aa/1/KNF-QXBE-ET2Ss8Ra3b9tGjUuzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ba7854-886d-4148-a208-5c78639264aa/1/yxc-ioJ-Y2xPJR7zY72U6pCgTL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.5.0/24
Signature Algorithm: sha256WithRSAEncryption
63:2e:ef:dd:d7:58:9f:c4:41:a8:e4:97:48:b6:10:42:b6:ef:
39:04:51:af:70:77:d0:28:3e:47:ee:c4:24:b7:28:c2:40:4f:
ef:c7:be:71:63:86:ec:9c:19:1c:a3:54:29:93:d7:1d:73:5b:
57:60:d5:00:c8:af:05:38:5f:d3:95:49:79:ad:24:42:6e:a3:
c6:c7:6c:c9:bb:1b:c5:9a:31:9a:54:9a:3d:7a:3f:7b:6b:ad:
59:96:57:b6:55:a0:e1:81:7e:c7:47:df:2a:b1:1d:55:ab:8a:
76:bb:e4:f4:6a:f0:f8:da:e0:a6:a0:84:19:c1:c1:ce:9a:d5:
ad:af:38:46:d3:da:4a:d1:88:5f:f5:1a:11:c2:ae:8e:aa:81:
56:fa:62:d7:7f:c6:3b:cb:7e:af:b3:a3:8a:74:17:10:2b:31:
5c:e4:d1:b4:12:40:4d:f7:db:84:de:4d:c2:f1:d9:2e:a9:90:
be:55:45:e6:48:b9:bc:94:f3:fc:6f:a3:11:a4:2e:eb:54:3e:
47:39:a1:53:51:cf:4b:ff:37:cc:24:1b:a3:73:65:b7:1b:a6:
d7:2d:38:60:9d:40:0b:c2:ce:58:a3:dd:a3:64:62:7b:8e:50:
8c:63:63:5b:73:99:7c:a4:35:05:65:7f:af:e4:74:e9:72:8e:
3c:1b:32:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/CmqrXIcVs0eRs7XTrFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMTczZThhODI3ZTYzNmM0ZjI1MWVmMzYzYmQ5NGVhOTBh
MDRjYmYwHhcNMjUwMTAxMTc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQxN2U0MTcwNDRmODQ0ZjY0YWNmMTE2Yjc2ZmRiNDY4ZDRiYjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOAfhuAMyoP+dkx94+8B/KOAhvvY
NG4f7YCR/8i5Cbt6BL5KLzwphhRFENCHox1sD7XSlWZQ69zXq1J74dPxPvFGB4+k
gs4Pgz6qrzf9Kt2VZmNiktpRfkhOGceUPyJEz8SMH8axSrRq29HI4DrPs06wXjGr
jd6q7SJY5yZNhUOs+yc2i8/hVldPGTmSWWYemqz4851UQpzHp9/kylakEFJAVnap
pWKNfxdkcHJlWC76JrkYi/63K3b69tQHEvIzTfHRq7JnxGaWLs+wKg48CGPC5vNM
ogGJVaHup1uJDb8jsjhqQ9UfiUxWD8p2GguwH5e/9eh/ZRJVOOuUikP0BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjRfkFwRPhE9krPEWt2/bRo1Ls1MB8GA1UdIwQY
MBaAFMsXPoqCfmNsTyUe82O9lOqQoEy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXhjLWlvSi1ZMnhQSlI3elk3MlU2cENnVEw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9iYTc4NTQtODg2ZC00MTQ4LWEyMDgt
NWM3ODYzOTI2NGFhLzEvS05GLVFYQkUtRVQyU3M4UmEzYjl0R2pVdXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9iYTc4NTQtODg2ZC00MTQ4LWEyMDgtNWM3ODYzOTI2NGFh
LzEveXhjLWlvSi1ZMnhQSlI3elk3MlU2cENnVEw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9AFMA0G
CSqGSIb3DQEBCwUAA4IBAQBjLu/d11ifxEGo5JdIthBCtu85BFGvcHfQKD5H7sQk
tyjCQE/vx75xY4bsnBkco1Qpk9cdc1tXYNUAyK8FOF/TlUl5rSRCbqPGx2zJuxvF
mjGaVJo9ej97a61Zlle2VaDhgX7HR98qsR1Vq4p2u+T0avD42uCmoIQZwcHOmtWt
rzhG09pK0Yhf9RoRwq6OqoFW+mLXf8Y7y36vs6OKdBcQKzFc5NG0EkBN99uE3k3C
8dkuqZC+VUXmSLm8lPP8b6MRpC7rVD5HOaFTUc9L/zfMJBujc2W3G6bXLThgnUAL
ws5Yo92jZGJ7jlCMY2Nbc5l8pDUFZX+v5HTpco48GzKp
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:27:51 2025 by rpki-client