Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/KMON88Qhz2PHNfSlURmxM8NhOUk.roa
File: KMON88Qhz2PHNfSlURmxM8NhOUk.roa (raw, json)
Hash identifier: GOLGif7YCOnHWziPnq5j2ekBm6PkibDjgz5R1MAj56M=
Subject key identifier: 28:C3:8D:F3:C4:21:CF:63:C7:35:F4:A5:51:19:B1:33:C3:61:39:49
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 018C34316542A7C07D76FD0B39446ECCF0D9
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/KMON88Qhz2PHNfSlURmxM8NhOUk.roa
Signing time: Mon 04 Dec 2023 09:38:21 +0000
ROA not before: Mon 04 Dec 2023 09:38:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 141.226.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:31:65:42:a7:c0:7d:76:fd:0b:39:44:6e:cc:f0:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Dec 4 09:38:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28c38df3c421cf63c735f4a55119b133c3613949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:92:60:99:d4:ab:c0:f8:f1:75:cc:88:91:49:
cf:67:62:9e:ea:5c:c6:cc:ae:19:71:d4:8e:77:90:
1f:25:c7:37:66:5b:af:e2:2f:6f:7d:c5:4a:77:44:
ad:66:4c:62:aa:e7:ad:7d:2d:a3:8f:05:ee:8c:d0:
87:25:5b:42:8a:8d:51:ce:4a:92:ea:eb:57:33:8d:
f7:d6:ba:48:0c:73:07:73:fa:d0:4b:1d:b4:a1:a8:
f9:50:87:f3:d2:81:0d:12:ee:17:16:e8:17:e4:56:
cd:67:e7:0d:ce:87:d7:39:2b:16:ff:0b:44:c9:2c:
ce:47:ab:ff:e6:90:38:2b:9c:81:28:b8:35:f2:0b:
38:7f:2a:06:15:55:3c:5f:2a:6c:4c:56:52:7c:e4:
22:36:35:df:87:7f:85:fd:57:ad:0a:91:f1:4c:7b:
28:91:41:f7:de:9e:42:91:cc:00:b0:40:f4:ba:95:
14:a0:9a:f5:a5:a3:6c:69:40:85:9d:ca:ae:44:ee:
8f:04:1f:82:54:f6:dd:79:96:6f:0c:69:5b:0d:e1:
18:48:22:8e:f6:23:9a:92:fd:b7:d7:8a:e1:5a:b1:
d3:a6:a2:17:7f:74:7b:ef:8f:fa:48:ca:7f:8c:60:
94:b5:8f:90:fd:a4:92:6c:7e:1e:fc:c1:53:7e:ed:
81:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C3:8D:F3:C4:21:CF:63:C7:35:F4:A5:51:19:B1:33:C3:61:39:49
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/KMON88Qhz2PHNfSlURmxM8NhOUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.246.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:e4:d8:a1:29:79:a1:2f:d8:54:14:bc:9b:cd:eb:15:ee:32:
44:77:60:8a:41:62:77:d4:75:63:42:1c:31:ea:22:ed:2c:c4:
e0:1d:9b:84:2d:f7:ae:86:79:17:e2:62:2e:06:33:54:a5:d9:
73:30:f6:4e:ef:4e:e6:9d:de:f4:98:d5:ae:ad:cb:8d:e5:1c:
11:51:33:df:cd:b0:e8:d7:e7:60:c5:f7:dc:bd:29:5a:97:e1:
e7:53:32:7a:29:bf:94:52:fb:20:6c:3d:70:ee:78:7e:f3:fe:
40:c5:25:c4:d3:50:18:0e:88:a6:aa:b7:1d:39:33:f3:ac:d8:
86:5b:13:2f:bb:fc:27:ec:57:47:8b:87:0d:5a:47:a4:95:32:
90:d9:9e:0d:a0:46:15:ca:9a:a0:ec:a8:b7:8a:ed:ad:d2:14:
35:17:15:14:39:f0:cd:b1:77:fe:ea:bd:ca:81:81:1d:12:bb:
08:64:ca:17:08:e9:d1:d8:88:15:fc:82:c7:fa:9e:92:76:a4:
d7:cf:f5:02:f4:1f:e3:e6:68:48:0c:62:fa:27:85:d0:fe:33:
b9:2c:24:eb:27:eb:96:f2:82:d7:0e:26:bd:32:b3:4a:59:8e:
db:a0:d4:1f:c6:19:f8:7d:65:ce:1a:8a:ec:4c:94:f4:61:1a:
e0:8a:af:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw0MWVCp8B9dv0LOURuzPDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjMxMjA0MDkzODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGMzOGRmM2M0MjFjZjYzYzczNWY0YTU1MTE5YjEzM2MzNjEzOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZJgmdSrwPjxdcyIkUnPZ2Ke6lzG
zK4ZcdSOd5AfJcc3Zluv4i9vfcVKd0StZkxiquetfS2jjwXujNCHJVtCio1RzkqS
6utXM4331rpIDHMHc/rQSx20oaj5UIfz0oENEu4XFugX5FbNZ+cNzofXOSsW/wtE
ySzOR6v/5pA4K5yBKLg18gs4fyoGFVU8XypsTFZSfOQiNjXfh3+F/VetCpHxTHso
kUH33p5CkcwAsED0upUUoJr1paNsaUCFncquRO6PBB+CVPbdeZZvDGlbDeEYSCKO
9iOakv2314rhWrHTpqIXf3R774/6SMp/jGCUtY+Q/aSSbH4e/MFTfu2BBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjDjfPEIc9jxzX0pVEZsTPDYTlJMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvS01PTjg4UWh6MlBITmZTbFVSbXhNOE5oT1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjeL2MA0G
CSqGSIb3DQEBCwUAA4IBAQCK5NihKXmhL9hUFLybzesV7jJEd2CKQWJ31HVjQhwx
6iLtLMTgHZuELfeuhnkX4mIuBjNUpdlzMPZO707mnd70mNWurcuN5RwRUTPfzbDo
1+dgxffcvSlal+HnUzJ6Kb+UUvsgbD1w7nh+8/5AxSXE01AYDoimqrcdOTPzrNiG
WxMvu/wn7FdHi4cNWkeklTKQ2Z4NoEYVypqg7Ki3iu2t0hQ1FxUUOfDNsXf+6r3K
gYEdErsIZMoXCOnR2IgV/ILH+p6SdqTXz/UC9B/j5mhIDGL6J4XQ/jO5LCTrJ+uW
8oLXDia9MrNKWY7boNQfxhn4fWXOGorsTJT0YRrgiq87
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:36 2025 by rpki-client