Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/cbd4c0-728b-43cc-82ed-16878abd1a9f/1/KofGW2yodVqozEGxYhVOHJabWrE.roa
File: KofGW2yodVqozEGxYhVOHJabWrE.roa (raw, json)
Hash identifier: Q3R0HoGVV/bliUH+OdmNOR158n0LheoGygIUdJbIoMM=
Subject key identifier: 2A:87:C6:5B:6C:A8:75:5A:A8:CC:41:B1:62:15:4E:1C:96:9B:5A:B1
Certificate issuer: /CN=d220740dd8da306f214b4fe8ce1185b5d5ff3b78
Certificate serial: 01856C012D00B3DCF724A39B928C1E4D1615
Authority key identifier: D2:20:74:0D:D8:DA:30:6F:21:4B:4F:E8:CE:11:85:B5:D5:FF:3B:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0iB0DdjaMG8hS0_ozhGFtdX_O3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/cbd4c0-728b-43cc-82ed-16878abd1a9f/1/KofGW2yodVqozEGxYhVOHJabWrE.roa
Signing time: Sun 01 Jan 2023 06:24:54 +0000
ROA not before: Sun 01 Jan 2023 06:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44419
IP address blocks: 188.127.128.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:2d:00:b3:dc:f7:24:a3:9b:92:8c:1e:4d:16:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d220740dd8da306f214b4fe8ce1185b5d5ff3b78
Validity
Not Before: Jan 1 06:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a87c65b6ca8755aa8cc41b162154e1c969b5ab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bc:58:32:a5:5e:2d:03:5d:80:9c:2e:d6:3c:
fd:5c:14:b1:b5:8b:d3:da:80:2c:db:68:6f:86:b1:
42:4a:22:18:c3:e2:16:a4:6e:df:3f:c9:96:69:bf:
d1:d5:16:23:0c:b5:d7:00:46:14:97:11:da:4c:16:
08:ee:e0:15:52:c5:7a:90:b4:b3:4c:e5:5d:0b:03:
c9:41:ab:8b:95:c3:16:8f:95:c0:96:29:91:3c:20:
aa:8a:2b:d7:d1:e9:89:47:b9:11:1c:4d:cc:d5:d9:
f7:45:10:23:79:01:ea:9d:43:f1:9e:1a:c8:64:44:
89:1b:ab:29:28:d5:e2:c8:46:80:df:1a:59:f4:a2:
b9:ab:d1:d5:d4:97:d7:01:41:45:5f:9b:8a:5c:33:
06:f3:0a:1e:f3:c9:92:97:40:36:7c:f6:f8:95:45:
eb:a4:c2:51:ba:5f:c2:92:ec:f2:87:d4:93:8a:85:
f0:c0:48:82:4b:00:82:c3:a7:c1:a9:b9:93:10:53:
66:43:1e:82:8d:1a:fe:d3:95:ca:64:f2:f3:24:aa:
ac:06:aa:c7:fb:5c:52:0d:04:4f:f3:97:b7:bd:92:
0c:5c:8f:02:e0:a1:25:4e:48:89:df:a2:b9:2e:8d:
dd:a7:79:32:75:f4:fb:6a:09:a1:e8:ce:de:9b:1e:
d9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:87:C6:5B:6C:A8:75:5A:A8:CC:41:B1:62:15:4E:1C:96:9B:5A:B1
X509v3 Authority Key Identifier:
keyid:D2:20:74:0D:D8:DA:30:6F:21:4B:4F:E8:CE:11:85:B5:D5:FF:3B:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0iB0DdjaMG8hS0_ozhGFtdX_O3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cbd4c0-728b-43cc-82ed-16878abd1a9f/1/KofGW2yodVqozEGxYhVOHJabWrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cbd4c0-728b-43cc-82ed-16878abd1a9f/1/0iB0DdjaMG8hS0_ozhGFtdX_O3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.127.128.0/19
Signature Algorithm: sha256WithRSAEncryption
59:5b:f6:58:56:4b:37:f4:b8:0e:1f:4a:2e:90:b8:92:49:7f:
cb:14:84:65:f8:fe:cc:81:54:0f:b9:c3:ec:25:da:4f:04:dd:
c7:bf:f6:71:30:d8:d2:a5:40:86:4e:12:6e:6f:90:31:fb:c2:
ee:14:be:6b:da:e7:22:88:43:7a:07:27:70:d6:ea:a1:52:c4:
0d:98:93:0a:e1:de:b1:6d:7b:e0:4a:e8:de:df:df:9a:f5:3c:
eb:8f:0f:bb:92:e1:98:64:5e:8a:97:dd:32:6a:ef:98:67:70:
ce:ec:2a:b8:d5:f3:06:52:c5:f9:e2:36:19:a4:09:a0:d3:18:
27:1a:5e:f3:70:36:3d:04:87:5d:8c:8e:7d:8c:56:6e:7f:13:
2f:d8:94:c9:90:92:8d:b1:82:cf:ba:07:2e:a6:00:27:58:f5:
68:61:41:71:b2:9e:e4:d2:7f:19:1f:20:e5:ba:dc:39:a7:82:
2a:ae:bb:00:30:b2:33:27:f7:bd:a1:b4:d1:4a:44:98:6b:fb:
dd:eb:31:25:b8:57:1f:d2:5d:17:26:78:25:6e:6a:65:fb:8c:
21:71:90:2e:46:1b:59:a8:33:e9:20:f2:2d:47:1c:84:c4:65:
48:29:3e:29:bf:d9:e5:e2:69:0e:6a:5c:e1:18:93:bc:51:c8:
c5:3f:27:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsAS0As9z3JKObkoweTRYVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMjA3NDBkZDhkYTMwNmYyMTRiNGZlOGNlMTE4NWI1ZDVm
ZjNiNzgwHhcNMjMwMTAxMDYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTg3YzY1YjZjYTg3NTVhYThjYzQxYjE2MjE1NGUxYzk2OWI1YWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprxYMqVeLQNdgJwu1jz9XBSxtYvT
2oAs22hvhrFCSiIYw+IWpG7fP8mWab/R1RYjDLXXAEYUlxHaTBYI7uAVUsV6kLSz
TOVdCwPJQauLlcMWj5XAlimRPCCqiivX0emJR7kRHE3M1dn3RRAjeQHqnUPxnhrI
ZESJG6spKNXiyEaA3xpZ9KK5q9HV1JfXAUFFX5uKXDMG8woe88mSl0A2fPb4lUXr
pMJRul/Ckuzyh9STioXwwEiCSwCCw6fBqbmTEFNmQx6CjRr+05XKZPLzJKqsBqrH
+1xSDQRP85e3vZIMXI8C4KElTkiJ36K5Lo3dp3kydfT7agmh6M7emx7Z7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqHxltsqHVaqMxBsWIVThyWm1qxMB8GA1UdIwQY
MBaAFNIgdA3Y2jBvIUtP6M4RhbXV/zt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGlCMERkamFNRzhoUzBfb3poR0Z0ZFhfTzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jYmQ0YzAtNzI4Yi00M2NjLTgyZWQt
MTY4NzhhYmQxYTlmLzEvS29mR1cyeW9kVnFvekVHeFloVk9ISmFiV3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jYmQ0YzAtNzI4Yi00M2NjLTgyZWQtMTY4NzhhYmQxYTlm
LzEvMGlCMERkamFNRzhoUzBfb3poR0Z0ZFhfTzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFvH+AMA0G
CSqGSIb3DQEBCwUAA4IBAQBZW/ZYVks39LgOH0oukLiSSX/LFIRl+P7MgVQPucPs
JdpPBN3Hv/ZxMNjSpUCGThJub5Ax+8LuFL5r2uciiEN6Bydw1uqhUsQNmJMK4d6x
bXvgSuje39+a9Tzrjw+7kuGYZF6Kl90yau+YZ3DO7Cq41fMGUsX54jYZpAmg0xgn
Gl7zcDY9BIddjI59jFZufxMv2JTJkJKNsYLPugcupgAnWPVoYUFxsp7k0n8ZHyDl
utw5p4IqrrsAMLIzJ/e9obTRSkSYa/vd6zEluFcf0l0XJnglbmpl+4whcZAuRhtZ
qDPpIPItRxyExGVIKT4pv9nl4mkOalzhGJO8UcjFPydu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:40 2023 by rpki-client on console-fra.rpki-client.org