Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/KyVxNGhg58wNZJoZwNixwApU5Co.roa
File: KyVxNGhg58wNZJoZwNixwApU5Co.roa (raw, json)
Hash identifier: H624PFf0/lxGgsfl+PtGTV1RWTMIyh54PdenWs05cho=
Subject key identifier: 2B:25:71:34:68:60:E7:CC:0D:64:9A:19:C0:D8:B1:C0:0A:54:E4:2A
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 0185720353CC8C2C9439C46B6EA6A53DD622
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/KyVxNGhg58wNZJoZwNixwApU5Co.roa
Signing time: Mon 02 Jan 2023 10:24:58 +0000
ROA not before: Mon 02 Jan 2023 10:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44070
IP address blocks: 89.31.8.0/21 maxlen: 21
78.41.8.0/21 maxlen: 21
2a10:c540::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:53:cc:8c:2c:94:39:c4:6b:6e:a6:a5:3d:d6:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 2 10:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b2571346860e7cc0d649a19c0d8b1c00a54e42a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:37:23:f6:2a:b4:0b:8d:b6:2b:86:1e:fb:a9:
4a:3c:77:fc:3c:a9:22:9e:ca:f7:8e:de:9f:e1:a9:
d7:73:e7:18:0e:67:86:af:be:c4:1e:96:d1:20:08:
76:73:bd:3c:7b:31:a9:53:e6:58:91:c1:fb:7d:2e:
a4:08:03:2f:17:b5:d2:47:c7:85:e4:8a:c6:14:5e:
c3:a2:e0:27:52:2f:b2:4c:71:d4:da:25:0e:93:09:
38:b5:6d:2f:ee:c8:58:bf:69:6c:2e:96:2d:5c:2b:
7c:cc:cd:07:43:9a:1a:8f:7b:23:8d:e0:25:d5:b7:
06:44:db:7b:a9:92:eb:00:32:59:ea:ab:51:18:5f:
4b:44:ac:2d:f4:2e:20:72:5b:cf:bf:e2:1b:98:d5:
e7:c3:27:ba:7b:b0:0a:ae:d9:da:de:00:33:09:bb:
fe:c2:d7:b2:fe:47:99:2b:33:3e:18:99:00:31:a4:
18:1f:ca:75:ca:a0:1c:c0:b5:76:d1:91:ba:10:1a:
7d:c5:b3:dd:89:86:c8:d3:ed:8e:72:a1:31:41:85:
79:69:b2:7e:a9:25:ca:71:bb:c8:39:70:da:49:5a:
e8:c7:71:07:aa:55:5f:b9:2d:e1:ae:50:c6:aa:f6:
2f:15:0f:f4:8b:6a:ee:86:b6:13:4e:08:1e:94:f0:
b9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:25:71:34:68:60:E7:CC:0D:64:9A:19:C0:D8:B1:C0:0A:54:E4:2A
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/KyVxNGhg58wNZJoZwNixwApU5Co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.8.0/21
89.31.8.0/21
IPv6:
2a10:c540::/29
Signature Algorithm: sha256WithRSAEncryption
c2:2b:93:33:d4:ea:e9:33:3e:bc:30:1e:88:75:a1:32:51:cf:
ca:c0:3a:72:e3:ce:cf:77:c7:3e:a4:db:51:46:80:d4:5e:7d:
53:cc:9b:d0:48:9e:31:e2:5d:f0:19:0c:64:b0:02:58:f4:b6:
eb:d8:69:79:10:0d:b2:57:39:22:ca:a9:0d:ad:b7:fa:c1:1b:
18:a5:e7:85:36:9f:ab:66:e4:50:b9:f2:95:26:3f:06:29:ff:
6a:88:b6:e5:26:4f:a4:e8:bd:02:b1:bc:42:0f:7c:34:28:1a:
60:70:d0:9f:4f:7d:56:eb:f3:db:01:49:51:4c:55:d9:69:36:
81:15:e0:43:33:52:7a:da:ef:e0:34:c1:1c:86:85:82:04:a5:
20:a5:b5:20:eb:46:b6:31:ba:6d:04:a7:29:1f:11:70:10:79:
a8:01:76:65:01:24:11:22:f9:f8:8f:38:f6:19:78:61:d3:9a:
b5:ef:b5:21:be:2c:b0:43:43:6c:95:24:73:c8:5a:58:47:7a:
d9:3b:9d:be:ca:77:af:6f:3b:1f:16:0a:d4:66:1f:65:ca:10:
dd:7a:77:15:a5:e6:f4:6c:91:02:70:22:8c:46:27:4d:fa:66:
68:da:74:0f:94:21:7f:c8:e8:57:53:53:31:10:03:6e:e0:d3:
4b:d9:45:18
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyA1PMjCyUOcRrbqalPdYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjMwMTAyMTAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjI1NzEzNDY4NjBlN2NjMGQ2NDlhMTljMGQ4YjFjMDBhNTRlNDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzcj9iq0C422K4Ye+6lKPHf8PKki
nsr3jt6f4anXc+cYDmeGr77EHpbRIAh2c708ezGpU+ZYkcH7fS6kCAMvF7XSR8eF
5IrGFF7DouAnUi+yTHHU2iUOkwk4tW0v7shYv2lsLpYtXCt8zM0HQ5oaj3sjjeAl
1bcGRNt7qZLrADJZ6qtRGF9LRKwt9C4gclvPv+IbmNXnwye6e7AKrtna3gAzCbv+
wtey/keZKzM+GJkAMaQYH8p1yqAcwLV20ZG6EBp9xbPdiYbI0+2OcqExQYV5abJ+
qSXKcbvIOXDaSVrox3EHqlVfuS3hrlDGqvYvFQ/0i2ruhrYTTggelPC55QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCslcTRoYOfMDWSaGcDYscAKVOQqMB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEvS3lWeE5HaGc1OHdOWkpvWndOaXh3QXBVNUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUtZjBjMjFmODE4NmYw
LzEvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTikIAwQD
WR8IMA0EAgACMAcDBQMqEMVAMA0GCSqGSIb3DQEBCwUAA4IBAQDCK5Mz1OrpMz68
MB6IdaEyUc/KwDpy487Pd8c+pNtRRoDUXn1TzJvQSJ4x4l3wGQxksAJY9Lbr2Gl5
EA2yVzkiyqkNrbf6wRsYpeeFNp+rZuRQufKVJj8GKf9qiLblJk+k6L0CsbxCD3w0
KBpgcNCfT31W6/PbAUlRTFXZaTaBFeBDM1J62u/gNMEchoWCBKUgpbUg60a2Mbpt
BKcpHxFwEHmoAXZlASQRIvn4jzj2GXhh05q177UhviywQ0NslSRzyFpYR3rZO52+
ynevbzsfFgrUZh9lyhDdencVpeb0bJECcCKMRidN+mZo2nQPlCF/yOhXU1MxEANu
4NNL2UUY
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:06 2025 by rpki-client