Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/kneMclX-XHVI6dlIzw4W5SbL_xk.roa
File: kneMclX-XHVI6dlIzw4W5SbL_xk.roa (raw, json)
Hash identifier: HCRGyOWmMCjfO9DsBjvy+zHJBoT2wJHlr7uu2PVp51E=
Subject key identifier: 92:77:8C:72:55:FE:5C:75:48:E9:D9:48:CF:0E:16:E5:26:CB:FF:19
Certificate issuer: /CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Certificate serial: 01856D789B2EE3D83AB1D3C102132347E2ED
Authority key identifier: A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/kneMclX-XHVI6dlIzw4W5SbL_xk.roa
Signing time: Sun 01 Jan 2023 13:14:58 +0000
ROA not before: Sun 01 Jan 2023 13:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3215
IP address blocks: 185.42.233.0/24 maxlen: 24
185.42.232.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:9b:2e:e3:d8:3a:b1:d3:c1:02:13:23:47:e2:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Validity
Not Before: Jan 1 13:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92778c7255fe5c7548e9d948cf0e16e526cbff19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:63:2b:02:6c:50:dc:77:a8:ce:2f:e2:90:d1:
f7:d6:36:6f:c3:1e:47:31:df:56:30:47:66:eb:6a:
41:89:51:bf:c1:34:ee:3a:93:ce:d4:9e:ce:be:cf:
dc:2e:7c:87:83:77:73:39:96:bc:d4:cb:71:94:e7:
aa:42:31:b8:e4:ab:db:e0:1f:88:65:59:a4:1e:d5:
0f:56:fe:59:78:0b:10:3d:d1:55:37:4c:51:d7:64:
f6:90:b2:09:dc:66:d4:bf:60:6e:2e:1a:d3:46:c3:
a8:92:46:61:b2:46:d2:9f:51:c6:ad:e2:1f:1b:ef:
8e:b6:66:28:19:51:a2:7b:d7:6d:46:3c:46:5c:de:
de:e8:d1:c4:15:6d:c5:82:93:51:13:7f:02:d9:4e:
2c:3d:c2:05:c2:6c:ee:4f:de:ff:32:0d:db:f6:51:
a4:10:fb:04:44:06:cd:40:82:d3:60:09:5e:2c:13:
09:b6:4d:7a:75:b4:16:e0:82:e9:77:08:2f:24:f8:
c9:fd:68:f2:d6:ff:a0:91:b2:ab:64:6f:3a:ea:5e:
22:f4:52:ad:29:f6:8d:81:c2:88:c9:3c:4c:06:30:
94:96:13:bd:fa:c1:06:8c:f0:da:af:2c:47:75:be:
ba:81:10:d3:17:a9:62:01:05:b4:42:6f:b1:53:62:
0c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:77:8C:72:55:FE:5C:75:48:E9:D9:48:CF:0E:16:E5:26:CB:FF:19
X509v3 Authority Key Identifier:
keyid:A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/kneMclX-XHVI6dlIzw4W5SbL_xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.232.0/23
Signature Algorithm: sha256WithRSAEncryption
36:6f:51:c8:cc:28:9f:aa:af:41:fe:8b:15:39:48:4b:3a:72:
45:21:c9:42:f6:d6:98:f0:d2:e7:bb:22:20:3b:24:54:90:12:
96:62:ec:ed:3f:02:ea:bd:73:f6:6d:1d:54:70:97:2c:c5:cb:
f6:b4:57:94:10:c4:1e:95:bd:1d:61:7f:2d:3c:16:13:0d:94:
e6:09:63:a3:0a:96:4a:7d:b8:56:97:bf:a0:32:3c:a4:85:31:
28:18:18:2d:92:f2:e4:9f:26:77:63:3a:a4:d4:8c:d6:0a:2b:
eb:53:e4:d9:0c:c8:fe:77:c2:d9:0f:8e:c1:97:a1:c6:c8:2d:
d3:d8:b1:2b:c9:57:2c:40:19:7e:56:41:f3:c1:bd:16:0f:05:
44:f9:62:c7:02:8d:c8:b0:b6:f7:ef:44:e5:81:b4:6c:6f:97:
a4:64:2e:48:ab:c4:c7:c3:4d:3d:87:b8:d0:38:b3:2e:eb:1a:
d1:6b:29:ce:d1:95:72:9e:4d:0b:17:a9:29:f7:de:02:c3:2a:
64:1d:39:ec:59:62:5b:be:53:05:9b:58:dc:05:03:af:47:6b:
18:7f:55:ce:a9:92:22:3a:ed:12:7b:19:90:5d:ae:84:30:5b:
23:23:39:85:b5:cb:a6:fb:f9:4a:65:0d:68:af:93:86:0c:be:
d2:c1:b3:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteJsu49g6sdPBAhMjR+LtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MmYyZDNjMjY5ZDkzNTIyNzY5MGIyOGI3ZmJkZDk1M2Ux
ZTllZGMwHhcNMjMwMTAxMTMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjc3OGM3MjU1ZmU1Yzc1NDhlOWQ5NDhjZjBlMTZlNTI2Y2JmZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmMrAmxQ3Heozi/ikNH31jZvwx5H
Md9WMEdm62pBiVG/wTTuOpPO1J7Ovs/cLnyHg3dzOZa81MtxlOeqQjG45Kvb4B+I
ZVmkHtUPVv5ZeAsQPdFVN0xR12T2kLIJ3GbUv2BuLhrTRsOokkZhskbSn1HGreIf
G++OtmYoGVGie9dtRjxGXN7e6NHEFW3FgpNRE38C2U4sPcIFwmzuT97/Mg3b9lGk
EPsERAbNQILTYAleLBMJtk16dbQW4ILpdwgvJPjJ/Wjy1v+gkbKrZG866l4i9FKt
KfaNgcKIyTxMBjCUlhO9+sEGjPDaryxHdb66gRDTF6liAQW0Qm+xU2IM6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJ3jHJV/lx1SOnZSM8OFuUmy/8ZMB8GA1UdIwQY
MBaAFKYvLTwmnZNSJ2kLKLf73ZU+Hp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMt
MTAwZWVkODEyYzQwLzEva25lTWNsWC1YSFZJNmRsSXp3NFc1U2JMX3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMtMTAwZWVkODEyYzQw
LzEvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSroMA0G
CSqGSIb3DQEBCwUAA4IBAQA2b1HIzCifqq9B/osVOUhLOnJFIclC9taY8NLnuyIg
OyRUkBKWYuztPwLqvXP2bR1UcJcsxcv2tFeUEMQelb0dYX8tPBYTDZTmCWOjCpZK
fbhWl7+gMjykhTEoGBgtkvLknyZ3Yzqk1IzWCivrU+TZDMj+d8LZD47Bl6HGyC3T
2LEryVcsQBl+VkHzwb0WDwVE+WLHAo3IsLb370TlgbRsb5ekZC5Iq8THw009h7jQ
OLMu6xrRaynO0ZVynk0LF6kp994CwypkHTnsWWJbvlMFm1jcBQOvR2sYf1XOqZIi
Ou0SexmQXa6EMFsjIzmFtcum+/lKZQ1or5OGDL7SwbN+
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:58:31 2025 by rpki-client