Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/32b4a2-2b2f-4f6a-9b48-c1f3b9ede4db/1/KjH1_pGJzEWw5tI7eCrmw3mcnWQ.roa
File: KjH1_pGJzEWw5tI7eCrmw3mcnWQ.roa (raw, json)
Hash identifier: YCHZcqH5jthPhdYc2iMhEp+dhG2VS7J0RhoKLenoCng=
Subject key identifier: 2A:31:F5:FE:91:89:CC:45:B0:E6:D2:3B:78:2A:E6:C3:79:9C:9D:64
Certificate issuer: /CN=78bd1c6c688a175abc8d598fbcd107fca5254bde
Certificate serial: 018CC3495C2E656FDBC7742279BB8360CA91
Authority key identifier: 78:BD:1C:6C:68:8A:17:5A:BC:8D:59:8F:BC:D1:07:FC:A5:25:4B:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eL0cbGiKF1q8jVmPvNEH_KUlS94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/32b4a2-2b2f-4f6a-9b48-c1f3b9ede4db/1/KjH1_pGJzEWw5tI7eCrmw3mcnWQ.roa
Signing time: Mon 01 Jan 2024 04:30:13 +0000
ROA not before: Mon 01 Jan 2024 04:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60419
IP address blocks: 185.31.84.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5c:2e:65:6f:db:c7:74:22:79:bb:83:60:ca:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78bd1c6c688a175abc8d598fbcd107fca5254bde
Validity
Not Before: Jan 1 04:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a31f5fe9189cc45b0e6d23b782ae6c3799c9d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:97:3e:25:ee:24:60:17:51:7e:72:b2:a0:ab:
8d:c6:b7:5c:35:c1:b5:b2:84:27:38:5f:4e:3d:45:
1e:85:fc:03:ac:5a:bc:84:5c:c4:cb:ec:b7:90:9f:
05:d8:aa:47:e4:69:69:57:40:f5:25:d3:83:b5:ee:
4c:3a:85:e7:61:56:4a:7f:7c:21:ca:13:d8:ec:ff:
c5:f7:51:d7:37:30:c1:e9:11:22:51:50:06:35:80:
db:cb:f5:2c:97:a5:59:9e:c4:c1:d1:20:c7:c1:57:
b8:60:df:6e:24:9c:44:cb:24:a4:49:e5:01:52:60:
39:1a:e1:5d:45:be:7f:3c:3b:d6:62:68:57:7f:61:
c6:27:db:de:e4:dd:0e:46:0a:12:9e:17:5c:89:c7:
fa:d8:4b:c5:91:47:71:14:26:cc:9b:ee:20:ef:6d:
ba:c4:c4:75:2c:9c:b5:52:cb:46:94:1a:8d:6b:81:
7e:0a:6e:71:38:12:8c:6a:e5:fd:4d:f3:e9:9c:49:
63:cf:93:0c:d7:a2:74:cc:c3:3e:52:88:ac:e6:80:
f9:1b:ca:99:69:44:42:30:4b:f5:0a:a5:5c:5a:7b:
d1:ba:f7:36:62:9d:13:2b:d5:50:5d:72:2c:cd:e3:
1b:91:d5:a0:49:39:d8:07:dd:4a:0a:fb:f9:31:49:
dc:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:31:F5:FE:91:89:CC:45:B0:E6:D2:3B:78:2A:E6:C3:79:9C:9D:64
X509v3 Authority Key Identifier:
keyid:78:BD:1C:6C:68:8A:17:5A:BC:8D:59:8F:BC:D1:07:FC:A5:25:4B:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eL0cbGiKF1q8jVmPvNEH_KUlS94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/32b4a2-2b2f-4f6a-9b48-c1f3b9ede4db/1/KjH1_pGJzEWw5tI7eCrmw3mcnWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/32b4a2-2b2f-4f6a-9b48-c1f3b9ede4db/1/eL0cbGiKF1q8jVmPvNEH_KUlS94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.84.0/22
Signature Algorithm: sha256WithRSAEncryption
41:a7:8d:ce:c6:a5:c4:51:67:9a:58:78:a4:5f:2a:c1:61:7e:
8c:8c:83:78:c3:96:e1:53:ba:de:64:6d:61:ca:e7:93:1b:b1:
eb:47:71:1a:4b:98:0e:d9:c8:b2:cc:33:d6:de:b8:02:30:19:
4c:68:52:26:6d:e6:a2:4e:4b:e9:87:54:a3:77:24:e8:f6:f7:
7a:bd:e5:08:7d:f3:7f:32:e6:b1:c9:dd:08:1b:13:5e:a9:cc:
ea:ce:49:a6:a9:1d:34:16:b7:21:fa:bb:f5:f9:a6:0c:a8:e3:
5f:a9:ca:a4:f5:0b:6e:a2:b3:ee:b7:d5:a3:73:46:51:11:9a:
77:01:a7:f7:c0:04:9c:e9:d5:ec:63:04:83:58:c2:b5:3b:fe:
fc:64:a4:a6:6a:80:11:7a:c5:d3:5b:6b:62:10:d7:e8:cb:8b:
a7:0b:9e:f6:e6:6e:a6:1a:7a:79:4e:65:e0:83:bb:65:fe:6a:
fd:6c:f5:9d:77:a1:45:31:68:c4:2b:77:46:93:af:fc:16:82:
0e:e2:b6:fb:3e:5d:ef:d3:ab:0c:d0:fc:0d:e0:fa:e2:71:c6:
7b:05:ab:a6:08:3e:29:e6:bc:08:d2:f2:eb:ce:3f:fc:35:91:
19:b1:61:5a:b0:9d:65:70:cd:70:e8:6c:56:c7:16:77:3d:f9:
6b:8e:fa:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVwuZW/bx3QiebuDYMqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4YmQxYzZjNjg4YTE3NWFiYzhkNTk4ZmJjZDEwN2ZjYTUy
NTRiZGUwHhcNMjQwMTAxMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTMxZjVmZTkxODljYzQ1YjBlNmQyM2I3ODJhZTZjMzc5OWM5ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJc+Je4kYBdRfnKyoKuNxrdcNcG1
soQnOF9OPUUehfwDrFq8hFzEy+y3kJ8F2KpH5GlpV0D1JdODte5MOoXnYVZKf3wh
yhPY7P/F91HXNzDB6REiUVAGNYDby/Usl6VZnsTB0SDHwVe4YN9uJJxEyySkSeUB
UmA5GuFdRb5/PDvWYmhXf2HGJ9ve5N0ORgoSnhdcicf62EvFkUdxFCbMm+4g7226
xMR1LJy1UstGlBqNa4F+Cm5xOBKMauX9TfPpnEljz5MM16J0zMM+Uois5oD5G8qZ
aURCMEv1CqVcWnvRuvc2Yp0TK9VQXXIszeMbkdWgSTnYB91KCvv5MUncqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCox9f6RicxFsObSO3gq5sN5nJ1kMB8GA1UdIwQY
MBaAFHi9HGxoihdavI1Zj7zRB/ylJUveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUwwY2JHaUtGMXE4alZtUHZORUhfS1VsUzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMmI0YTItMmIyZi00ZjZhLTliNDgt
YzFmM2I5ZWRlNGRiLzEvS2pIMV9wR0p6RVd3NXRJN2VDcm13M21jbldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMmI0YTItMmIyZi00ZjZhLTliNDgtYzFmM2I5ZWRlNGRi
LzEvZUwwY2JHaUtGMXE4alZtUHZORUhfS1VsUzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuR9UMA0G
CSqGSIb3DQEBCwUAA4IBAQBBp43OxqXEUWeaWHikXyrBYX6MjIN4w5bhU7reZG1h
yueTG7HrR3EaS5gO2ciyzDPW3rgCMBlMaFImbeaiTkvph1SjdyTo9vd6veUIffN/
Muaxyd0IGxNeqczqzkmmqR00Frch+rv1+aYMqONfqcqk9QtuorPut9Wjc0ZREZp3
Aaf3wASc6dXsYwSDWMK1O/78ZKSmaoAResXTW2tiENfoy4unC5725m6mGnp5TmXg
g7tl/mr9bPWdd6FFMWjEK3dGk6/8FoIO4rb7Pl3v06sM0PwN4PriccZ7BaumCD4p
5rwI0vLrzj/8NZEZsWFasJ1lcM1w6GxWxxZ3Pflrjvr3
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:33:35 2025 by rpki-client