Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KkTOteQUGewLwZoxnEph46bdLTE.roa
File: KkTOteQUGewLwZoxnEph46bdLTE.roa (raw, json)
Hash identifier: pw71J26w+5n1y3l9mzDvXMIQLn5PzwgdVAosXi+pR9I=
Subject key identifier: 2A:44:CE:B5:E4:14:19:EC:0B:C1:9A:31:9C:4A:61:E3:A6:DD:2D:31
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0194228D92BCB7DF8BECDB307274AF8CFF2E
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KkTOteQUGewLwZoxnEph46bdLTE.roa
Signing time: Wed 01 Jan 2025 15:48:10 +0000
ROA not before: Wed 01 Jan 2025 15:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21646
IP address blocks: 212.222.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:92:bc:b7:df:8b:ec:db:30:72:74:af:8c:ff:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jan 1 15:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a44ceb5e41419ec0bc19a319c4a61e3a6dd2d31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0d:70:2a:13:0b:e9:d4:30:5f:e3:6c:6e:ba:
6f:33:57:a8:07:bf:e5:77:43:f9:8e:ca:70:fc:7f:
f0:f0:91:2a:1d:67:b5:4b:0e:fd:17:cd:64:30:e1:
65:1b:0b:0a:21:12:3d:cc:07:63:cc:fd:51:54:c1:
cc:e8:b9:ec:c8:eb:08:f7:7e:aa:ad:64:90:99:6e:
69:ff:43:04:99:fc:83:14:70:60:e3:71:c2:67:f1:
1f:79:50:59:2d:d4:83:9a:0b:ba:e2:34:37:6b:df:
d4:8f:fb:de:3a:60:19:bc:35:4c:32:45:e1:47:f1:
6b:30:91:46:e2:6b:8b:98:4f:4d:d6:cd:3e:69:e0:
e5:12:e3:d6:fe:65:7a:82:21:1a:e4:95:f8:22:22:
03:37:56:44:95:b0:7a:5a:0c:21:18:4e:c4:32:45:
30:76:02:bf:fc:74:c0:45:b8:09:cc:f0:5b:a9:6b:
c8:f6:32:b6:a0:2f:13:2b:18:8f:3e:cc:97:04:07:
0b:6e:6b:7e:ac:bf:cf:bd:5d:c3:b0:f2:35:cc:4d:
c3:1c:a6:e3:f7:e3:61:0a:c1:a9:6f:44:de:7d:3a:
5a:5b:37:2a:92:b8:15:79:29:09:bd:aa:ea:f3:4b:
68:26:29:6e:55:bd:b1:b1:78:89:97:ac:9c:a8:5e:
e1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:44:CE:B5:E4:14:19:EC:0B:C1:9A:31:9C:4A:61:E3:A6:DD:2D:31
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KkTOteQUGewLwZoxnEph46bdLTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.222.192.0/24
Signature Algorithm: sha256WithRSAEncryption
82:a7:58:42:df:a2:53:10:7a:76:91:48:23:41:82:dd:6d:12:
1f:8f:2e:89:42:8b:ec:5a:eb:a9:87:4a:63:03:ac:e2:2e:e6:
39:fd:83:85:08:03:83:b4:37:40:d1:30:1f:c2:01:e6:14:c3:
d0:98:65:7d:ff:a6:e8:9f:98:ad:f7:ec:56:69:dd:9d:71:4c:
a2:e7:96:2c:d6:2e:28:c2:b7:cd:ca:18:f3:4e:a7:ea:82:a5:
c3:1c:45:f9:6e:ef:6f:18:5f:a4:a0:23:3e:1c:9a:d6:59:23:
6c:45:32:eb:44:02:c0:7f:24:09:29:47:e8:77:1c:33:3e:1d:
bb:ba:44:11:a7:f9:4a:14:20:ba:c2:81:57:fb:16:14:f7:ad:
d1:13:7f:64:79:a6:a6:b1:1b:21:7d:7d:69:45:8d:76:fa:7a:
a8:91:15:fa:29:ac:89:06:82:4f:1c:93:4b:e9:fd:ae:28:db:
91:34:b0:fe:82:00:23:09:11:02:a6:8e:16:6f:fa:a0:f9:df:
d8:44:69:2e:23:ea:06:43:ee:c3:88:e1:3d:4e:19:50:48:58:
4a:c5:e9:43:d7:48:55:1d:3a:45:4f:6c:7f:52:83:3b:05:65:
16:ab:49:9c:ea:16:b6:9c:c3:02:d4:2b:e3:ea:37:63:aa:c2:
fc:a8:2b:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijZK8t9+L7NswcnSvjP8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwMTAxMTU0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQ0Y2ViNWU0MTQxOWVjMGJjMTlhMzE5YzRhNjFlM2E2ZGQyZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkg1wKhML6dQwX+NsbrpvM1eoB7/l
d0P5jspw/H/w8JEqHWe1Sw79F81kMOFlGwsKIRI9zAdjzP1RVMHM6LnsyOsI936q
rWSQmW5p/0MEmfyDFHBg43HCZ/EfeVBZLdSDmgu64jQ3a9/Uj/veOmAZvDVMMkXh
R/FrMJFG4muLmE9N1s0+aeDlEuPW/mV6giEa5JX4IiIDN1ZElbB6WgwhGE7EMkUw
dgK//HTARbgJzPBbqWvI9jK2oC8TKxiPPsyXBAcLbmt+rL/PvV3DsPI1zE3DHKbj
9+NhCsGpb0TefTpaWzcqkrgVeSkJvarq80toJiluVb2xsXiJl6ycqF7hYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpEzrXkFBnsC8GaMZxKYeOm3S0xMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvS2tUT3RlUVVHZXdMd1pveG5FcGg0NmJkTFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1N7AMA0G
CSqGSIb3DQEBCwUAA4IBAQCCp1hC36JTEHp2kUgjQYLdbRIfjy6JQovsWuuph0pj
A6ziLuY5/YOFCAODtDdA0TAfwgHmFMPQmGV9/6bon5it9+xWad2dcUyi55Ys1i4o
wrfNyhjzTqfqgqXDHEX5bu9vGF+koCM+HJrWWSNsRTLrRALAfyQJKUfodxwzPh27
ukQRp/lKFCC6woFX+xYU963RE39keaamsRshfX1pRY12+nqokRX6KayJBoJPHJNL
6f2uKNuRNLD+ggAjCRECpo4Wb/qg+d/YRGkuI+oGQ+7DiOE9ThlQSFhKxelD10hV
HTpFT2x/UoM7BWUWq0mc6ha2nMMC1Cvj6jdjqsL8qCsR
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:22:51 2025 by rpki-client