Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/KKO74UOOqzmrYYtvzGpjwEwi8GI.roa
File: KKO74UOOqzmrYYtvzGpjwEwi8GI.roa (raw, json)
Hash identifier: U0souWc0OY3b3WI9wKTig0CRbHW/XIL2Vg4rCEu5rcc=
Subject key identifier: 28:A3:BB:E1:43:8E:AB:39:AB:61:8B:6F:CC:6A:63:C0:4C:22:F0:62
Certificate issuer: /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial: 0188690C28D2F3163C53EAD4488A61111CC3
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/KKO74UOOqzmrYYtvzGpjwEwi8GI.roa
Signing time: Mon 29 May 2023 19:46:24 +0000
ROA not before: Mon 29 May 2023 19:46:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30860
IP address blocks: 188.95.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:69:0c:28:d2:f3:16:3c:53:ea:d4:48:8a:61:11:1c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94846741139263388d984db1e97e031669c6486e
Validity
Not Before: May 29 19:46:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28a3bbe1438eab39ab618b6fcc6a63c04c22f062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:91:b6:b2:33:29:76:ec:55:f4:b5:cb:e0:97:
66:02:78:8f:98:ec:33:2e:36:96:0a:8e:cd:31:1e:
3c:9f:72:5a:e4:d5:76:bf:51:8d:b5:e7:22:c1:66:
c5:b3:4f:7f:6e:d4:dd:a9:fb:86:3e:dc:42:d5:12:
05:de:c9:00:69:ca:b2:0d:ee:e8:52:3b:7e:91:d1:
9d:7d:3a:96:d2:ee:99:b6:78:a4:73:1a:f7:90:67:
56:9c:19:be:e6:76:e3:e4:ec:49:94:0c:61:63:49:
8e:89:81:c3:d1:77:1e:53:be:cb:f5:10:8e:33:49:
1c:c7:fe:7a:2d:b7:29:a6:fe:f5:36:24:66:d1:a2:
fb:28:10:ab:db:47:40:59:8b:79:95:2f:4c:b2:59:
53:f0:8b:5d:8a:a5:8f:e2:f2:d1:84:d7:6a:32:d7:
f2:27:19:09:01:92:5f:a1:ae:5e:0f:d7:dc:92:ca:
27:04:c5:b0:f4:9e:8f:bc:59:51:82:4b:f5:24:ef:
51:09:1f:fc:6a:79:da:ac:2a:d8:03:2c:48:db:62:
8c:e0:ff:d7:9c:f2:b4:8a:31:68:6e:aa:e1:a6:91:
aa:e5:64:aa:78:a1:cd:3d:25:01:7d:5f:7d:49:93:
aa:ab:de:04:58:41:90:5c:4a:21:b6:de:69:25:be:
98:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A3:BB:E1:43:8E:AB:39:AB:61:8B:6F:CC:6A:63:C0:4C:22:F0:62
X509v3 Authority Key Identifier:
keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/KKO74UOOqzmrYYtvzGpjwEwi8GI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.89.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:0c:36:de:28:8c:32:e1:72:15:4f:e6:9d:6c:3b:b7:94:3c:
bf:ed:e5:bc:52:22:20:d7:aa:8b:ed:b4:e1:d2:db:9e:0c:e2:
fd:bd:98:95:e5:55:91:89:cf:21:e5:ef:17:bb:49:24:82:86:
5c:bb:b2:e2:fa:05:31:0e:3e:bd:3d:52:9f:2e:c8:52:6f:c8:
d3:98:3d:39:5e:e3:67:93:7a:9e:0f:b0:82:06:57:8d:10:d2:
0b:9b:9e:33:4b:3c:56:92:a2:b8:3d:74:64:e4:fc:92:4c:10:
9b:0b:70:68:97:5f:5b:ee:13:96:e1:5d:64:e1:db:ed:e6:8b:
f6:cb:f5:c5:d9:da:e2:7a:12:f0:b5:4c:81:8e:f5:16:dd:a6:
8f:6b:a6:2d:0b:67:f9:d4:4f:c0:85:37:ea:5a:7b:03:c3:20:
ec:13:e3:8b:7f:e4:e2:14:fd:87:8a:a5:b7:b4:c6:56:68:69:
fb:1f:b0:dc:4d:13:82:f7:60:da:16:d3:41:b6:b0:0d:3e:9c:
e4:9c:b5:0c:1b:dc:28:fb:49:8d:57:df:cf:e3:f9:8b:8e:85:
2a:4a:1b:2c:d1:a4:bb:d6:e5:26:fa:09:2b:3e:9a:61:ad:75:
ed:06:92:7f:a7:2e:1e:95:df:e1:59:5f:2d:91:87:89:09:0f:
a0:03:78:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhpDCjS8xY8U+rUSIphERzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODQ2NzQxMTM5MjYzMzg4ZDk4NGRiMWU5N2UwMzE2Njlj
NjQ4NmUwHhcNMjMwNTI5MTk0NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGEzYmJlMTQzOGVhYjM5YWI2MThiNmZjYzZhNjNjMDRjMjJmMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipG2sjMpduxV9LXL4JdmAniPmOwz
LjaWCo7NMR48n3Ja5NV2v1GNteciwWbFs09/btTdqfuGPtxC1RIF3skAacqyDe7o
Ujt+kdGdfTqW0u6Ztnikcxr3kGdWnBm+5nbj5OxJlAxhY0mOiYHD0XceU77L9RCO
M0kcx/56Lbcppv71NiRm0aL7KBCr20dAWYt5lS9MsllT8ItdiqWP4vLRhNdqMtfy
JxkJAZJfoa5eD9fcksonBMWw9J6PvFlRgkv1JO9RCR/8annarCrYAyxI22KM4P/X
nPK0ijFobqrhppGq5WSqeKHNPSUBfV99SZOqq94EWEGQXEohtt5pJb6YPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCiju+FDjqs5q2GLb8xqY8BMIvBiMB8GA1UdIwQY
MBaAFJSEZ0ETkmM4jZhNsel+AxZpxkhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTct
Y2IxMTI1MDA3ZGZiLzEvS0tPNzRVT09xem1yWVl0dnpHcGp3RXdpOEdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTctY2IxMTI1MDA3ZGZi
LzEvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF9ZMA0G
CSqGSIb3DQEBCwUAA4IBAQDVDDbeKIwy4XIVT+adbDu3lDy/7eW8UiIg16qL7bTh
0tueDOL9vZiV5VWRic8h5e8Xu0kkgoZcu7Li+gUxDj69PVKfLshSb8jTmD05XuNn
k3qeD7CCBleNENILm54zSzxWkqK4PXRk5PySTBCbC3Bol19b7hOW4V1k4dvt5ov2
y/XF2driehLwtUyBjvUW3aaPa6YtC2f51E/AhTfqWnsDwyDsE+OLf+TiFP2HiqW3
tMZWaGn7H7DcTROC92DaFtNBtrANPpzknLUMG9wo+0mNV9/P4/mLjoUqShss0aS7
1uUm+gkrPpphrXXtBpJ/py4eld/hWV8tkYeJCQ+gA3jR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:44 2025 by rpki-client