Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/KnHSfACB43qbnjtGkHwSiOhf49E.roa
File: KnHSfACB43qbnjtGkHwSiOhf49E.roa (raw, json)
Hash identifier: WemRgPPloJkbyTIdoZVe+32PypuGgWgl1NJXoqtjtg8=
Subject key identifier: 2A:71:D2:7C:00:81:E3:7A:9B:9E:3B:46:90:7C:12:88:E8:5F:E3:D1
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 019423D7E8DCBADF787E49057F7C9562C8C6
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/KnHSfACB43qbnjtGkHwSiOhf49E.roa
Signing time: Wed 01 Jan 2025 21:48:59 +0000
ROA not before: Wed 01 Jan 2025 21:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208397
IP address blocks: 212.22.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:e8:dc:ba:df:78:7e:49:05:7f:7c:95:62:c8:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Jan 1 21:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a71d27c0081e37a9b9e3b46907c1288e85fe3d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:3e:f6:18:af:d7:47:82:60:d0:21:5e:45:78:
7b:1c:15:79:6b:44:b2:c5:0e:44:02:7a:63:c3:0c:
3c:35:b9:78:d7:bd:1c:52:54:bf:11:8b:03:19:0d:
a2:a4:1a:0c:3c:e8:da:5c:a7:0e:1f:8e:09:63:cb:
7a:e3:60:0f:4a:37:b8:e0:a7:a3:87:e9:5c:44:28:
a5:1e:20:84:dd:4d:bc:3e:59:1f:5d:6d:e4:32:c4:
b8:b7:ef:94:cd:cf:d9:c9:68:2a:62:f6:3f:6c:dd:
7e:64:f7:49:50:04:62:de:eb:61:47:4e:87:fc:4c:
2d:1a:b9:fb:7a:d9:90:b3:49:18:1e:9a:86:50:00:
1b:d5:3f:ed:e2:e2:da:39:b0:bd:6e:92:32:cc:c0:
ce:5b:d7:79:58:16:7f:22:b1:92:d7:74:fc:f2:bf:
6d:3a:17:83:8c:d9:61:e7:33:35:fd:b8:85:45:c7:
9c:7d:18:37:9d:8c:0d:ab:be:a9:16:67:90:db:95:
74:10:5f:f7:d8:94:e4:02:2a:a9:f2:c0:e8:47:be:
d9:23:e6:48:45:c6:ed:6d:b1:6f:21:46:49:c0:91:
f2:3e:ad:92:58:62:0f:49:bf:8c:85:e0:31:0c:ac:
6d:9b:4e:f8:04:89:3a:1a:ad:9f:78:37:58:56:e4:
60:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:71:D2:7C:00:81:E3:7A:9B:9E:3B:46:90:7C:12:88:E8:5F:E3:D1
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/KnHSfACB43qbnjtGkHwSiOhf49E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.22.68.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:9a:d4:35:64:df:78:7e:eb:b3:bf:f6:7b:77:e0:31:7b:8a:
4d:39:59:3d:e7:dc:e7:4b:16:fb:21:79:21:14:9c:29:b9:37:
92:82:68:24:75:c3:eb:05:cf:55:50:bb:94:ab:cd:e7:2d:1c:
13:90:03:a9:65:6f:ad:91:dc:4e:6e:40:75:c3:07:73:e8:55:
3a:5b:e0:52:6f:b0:64:1a:70:df:d4:60:5e:cf:77:56:e2:aa:
fc:78:f7:ad:3b:a6:d5:75:56:0d:a9:52:4f:df:46:32:12:ff:
c6:fc:9b:f4:22:62:95:6e:2f:86:3c:8e:99:56:c4:96:67:39:
40:66:41:bf:73:26:43:f7:9e:0a:e0:80:6a:88:8a:15:e4:71:
b8:5d:cb:33:bb:e9:34:ae:60:13:31:7e:53:50:6e:9c:5f:2e:
39:37:27:a6:5c:a0:7f:87:62:fd:45:0d:4a:9c:69:0d:82:d7:
ec:24:74:d9:d2:86:4a:8a:25:7b:55:9a:1a:11:9c:af:8b:93:
c0:f2:a6:ec:24:4c:44:56:f5:90:e2:0b:72:e1:36:7f:b3:ae:
27:d1:bd:cf:fb:5f:18:96:78:d7:4c:15:e7:f2:dd:47:c3:56:
b9:60:da:b7:55:91:fd:9e:75:0e:e0:d8:48:a1:14:eb:d9:4a:
e0:9f:13:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1+jcut94fkkFf3yVYsjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjUwMTAxMjE0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTcxZDI3YzAwODFlMzdhOWI5ZTNiNDY5MDdjMTI4OGU4NWZlM2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8T72GK/XR4Jg0CFeRXh7HBV5a0Sy
xQ5EAnpjwww8Nbl4170cUlS/EYsDGQ2ipBoMPOjaXKcOH44JY8t642APSje44Kej
h+lcRCilHiCE3U28PlkfXW3kMsS4t++Uzc/ZyWgqYvY/bN1+ZPdJUARi3uthR06H
/EwtGrn7etmQs0kYHpqGUAAb1T/t4uLaObC9bpIyzMDOW9d5WBZ/IrGS13T88r9t
OheDjNlh5zM1/biFRcecfRg3nYwNq76pFmeQ25V0EF/32JTkAiqp8sDoR77ZI+ZI
RcbtbbFvIUZJwJHyPq2SWGIPSb+MheAxDKxtm074BIk6Gq2feDdYVuRgjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpx0nwAgeN6m547RpB8EojoX+PRMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvS25IU2ZBQ0I0M3Fibmp0R2tId1NpT2hmNDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BZEMA0G
CSqGSIb3DQEBCwUAA4IBAQBLmtQ1ZN94fuuzv/Z7d+Axe4pNOVk959znSxb7IXkh
FJwpuTeSgmgkdcPrBc9VULuUq83nLRwTkAOpZW+tkdxObkB1wwdz6FU6W+BSb7Bk
GnDf1GBez3dW4qr8ePetO6bVdVYNqVJP30YyEv/G/Jv0ImKVbi+GPI6ZVsSWZzlA
ZkG/cyZD954K4IBqiIoV5HG4Xcszu+k0rmATMX5TUG6cXy45NyemXKB/h2L9RQ1K
nGkNgtfsJHTZ0oZKiiV7VZoaEZyvi5PA8qbsJExEVvWQ4gty4TZ/s64n0b3P+18Y
lnjXTBXn8t1Hw1a5YNq3VZH9nnUO4NhIoRTr2UrgnxOg
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:58:15 2025 by rpki-client