Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/f66ebb-ad73-4483-ae33-d08e8b181556/1/KXiwpsbAle7IVbiYvxXCx4R5fJY.roa
File: KXiwpsbAle7IVbiYvxXCx4R5fJY.roa (raw, json)
Hash identifier: WTpZuBImDLBxKuU1e5HeM8uEe0D6IIIrNqDl8QlIDvs=
Subject key identifier: 29:78:B0:A6:C6:C0:95:EE:C8:55:B8:98:BF:15:C2:C7:84:79:7C:96
Certificate issuer: /CN=921c2eb0164c18390030c5e705c4a3479150df9e
Certificate serial: 01857231123E8E09DDBA0A75EC105CF2AFD8
Authority key identifier: 92:1C:2E:B0:16:4C:18:39:00:30:C5:E7:05:C4:A3:47:91:50:DF:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khwusBZMGDkAMMXnBcSjR5FQ354.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/f66ebb-ad73-4483-ae33-d08e8b181556/1/KXiwpsbAle7IVbiYvxXCx4R5fJY.roa
Signing time: Mon 02 Jan 2023 11:14:56 +0000
ROA not before: Mon 02 Jan 2023 11:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213098
IP address blocks: 195.62.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:12:3e:8e:09:dd:ba:0a:75:ec:10:5c:f2:af:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921c2eb0164c18390030c5e705c4a3479150df9e
Validity
Not Before: Jan 2 11:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2978b0a6c6c095eec855b898bf15c2c784797c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:37:50:d9:2a:46:d8:63:7c:54:74:54:69:6f:
94:56:62:c6:ff:1c:99:d2:af:03:24:83:d4:40:87:
c0:e6:2a:6d:3f:9c:0f:9f:92:46:9a:90:7b:eb:18:
29:4e:08:04:81:02:5e:fe:99:32:23:65:24:34:6e:
a6:9d:ee:77:75:2f:8b:34:dd:19:f0:41:18:d3:89:
dc:f4:f0:0c:b7:df:1f:73:70:0c:57:ad:91:cb:66:
c2:ba:35:1f:c7:69:78:88:36:b2:fa:1e:4b:e3:38:
6f:77:69:37:c2:19:22:4e:59:9f:42:c1:46:17:6d:
20:2c:56:40:22:1b:73:07:b8:df:69:21:1b:c8:6c:
d7:ab:e2:ed:49:ce:d7:30:b5:e2:76:aa:cd:94:c8:
26:9e:b6:9c:c0:a2:af:a8:e7:59:dc:2c:cd:ca:54:
43:a2:8e:24:f6:71:36:18:08:5c:76:f8:17:16:89:
92:ba:36:b2:d1:29:d0:f3:81:73:4e:67:10:0d:76:
74:96:be:d6:24:5f:45:a4:00:91:00:39:54:1c:32:
ac:2f:96:b8:49:26:30:2c:e6:20:b1:89:7c:83:76:
65:6f:98:67:c2:76:ad:0a:aa:86:83:42:09:7a:c8:
7e:45:33:e5:72:9e:b1:92:6b:5e:17:81:ec:1b:0e:
f3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:78:B0:A6:C6:C0:95:EE:C8:55:B8:98:BF:15:C2:C7:84:79:7C:96
X509v3 Authority Key Identifier:
keyid:92:1C:2E:B0:16:4C:18:39:00:30:C5:E7:05:C4:A3:47:91:50:DF:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khwusBZMGDkAMMXnBcSjR5FQ354.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/f66ebb-ad73-4483-ae33-d08e8b181556/1/KXiwpsbAle7IVbiYvxXCx4R5fJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/f66ebb-ad73-4483-ae33-d08e8b181556/1/khwusBZMGDkAMMXnBcSjR5FQ354.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.62.88.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:30:f5:36:69:25:d6:aa:29:ac:b1:07:e0:bf:21:12:97:45:
f4:43:45:e8:3b:d0:f7:b8:00:d5:39:44:79:64:35:09:5c:c7:
c9:63:16:52:4c:d1:78:32:8b:4d:e5:68:10:87:a2:bb:05:4e:
99:fa:32:ed:49:9b:26:64:56:22:66:01:01:7f:db:7d:96:e6:
0b:26:85:31:65:d8:ad:06:1e:ef:38:c1:84:3b:5b:e8:6a:0f:
33:9b:d0:e6:ce:06:0d:fb:16:89:49:03:df:ac:29:bf:cb:3c:
ea:0a:21:ea:2a:d7:2b:42:13:14:36:7c:29:4f:61:e0:9a:06:
fe:ad:8c:83:ac:00:7d:a1:15:ae:e8:02:51:83:82:ec:20:00:
e5:36:ef:75:22:34:56:5a:f8:75:17:27:69:10:7b:57:d1:09:
c6:95:01:c0:91:9e:df:71:ff:0b:ca:10:da:78:8e:2d:33:0c:
5f:97:4b:76:d4:65:a6:bb:68:5b:03:d8:78:ce:a3:80:fc:dc:
ed:97:99:0d:3a:49:55:73:14:27:75:58:4c:aa:49:07:bf:9f:
ef:b2:fe:c4:34:14:12:8d:65:c9:a0:57:8c:04:42:5b:f3:da:
1f:4e:50:1e:a8:11:61:b9:22:76:ed:fa:26:69:24:02:07:cb:
64:cd:74:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMRI+jgndugp17BBc8q/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWMyZWIwMTY0YzE4MzkwMDMwYzVlNzA1YzRhMzQ3OTE1
MGRmOWUwHhcNMjMwMTAyMTExNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTc4YjBhNmM2YzA5NWVlYzg1NWI4OThiZjE1YzJjNzg0Nzk3Yzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozdQ2SpG2GN8VHRUaW+UVmLG/xyZ
0q8DJIPUQIfA5iptP5wPn5JGmpB76xgpTggEgQJe/pkyI2UkNG6mne53dS+LNN0Z
8EEY04nc9PAMt98fc3AMV62Ry2bCujUfx2l4iDay+h5L4zhvd2k3whkiTlmfQsFG
F20gLFZAIhtzB7jfaSEbyGzXq+LtSc7XMLXidqrNlMgmnracwKKvqOdZ3CzNylRD
oo4k9nE2GAhcdvgXFomSujay0SnQ84FzTmcQDXZ0lr7WJF9FpACRADlUHDKsL5a4
SSYwLOYgsYl8g3Zlb5hnwnatCqqGg0IJesh+RTPlcp6xkmteF4HsGw7zNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCl4sKbGwJXuyFW4mL8VwseEeXyWMB8GA1UdIwQY
MBaAFJIcLrAWTBg5ADDF5wXEo0eRUN+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h3dXNCWk1HRGtBTU1YbkJjU2pSNUZRMzU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9mNjZlYmItYWQ3My00NDgzLWFlMzMt
ZDA4ZThiMTgxNTU2LzEvS1hpd3BzYkFsZTdJVmJpWXZ4WEN4NFI1ZkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9mNjZlYmItYWQ3My00NDgzLWFlMzMtZDA4ZThiMTgxNTU2
LzEva2h3dXNCWk1HRGtBTU1YbkJjU2pSNUZRMzU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwz5YMA0G
CSqGSIb3DQEBCwUAA4IBAQDCMPU2aSXWqimssQfgvyESl0X0Q0XoO9D3uADVOUR5
ZDUJXMfJYxZSTNF4MotN5WgQh6K7BU6Z+jLtSZsmZFYiZgEBf9t9luYLJoUxZdit
Bh7vOMGEO1voag8zm9DmzgYN+xaJSQPfrCm/yzzqCiHqKtcrQhMUNnwpT2Hgmgb+
rYyDrAB9oRWu6AJRg4LsIADlNu91IjRWWvh1FydpEHtX0QnGlQHAkZ7fcf8LyhDa
eI4tMwxfl0t21GWmu2hbA9h4zqOA/Nztl5kNOklVcxQndVhMqkkHv5/vsv7ENBQS
jWXJoFeMBEJb89ofTlAeqBFhuSJ27fomaSQCB8tkzXRo
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:08 2025 by rpki-client