Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/3bf92d-1c59-474b-8865-bbe4cf13583f/1/KjfLZPgUvHdEvodTHIlXxGqFJ5w.roa
File: KjfLZPgUvHdEvodTHIlXxGqFJ5w.roa (raw, json)
Hash identifier: 9dGgca5Fkx1wbzD/IcRC/poVADPE4iOMhFoOoDyZG9c=
Subject key identifier: 2A:37:CB:64:F8:14:BC:77:44:BE:87:53:1C:89:57:C4:6A:85:27:9C
Certificate issuer: /CN=88ea8d80288edda94d95b6308bf159a526c63745
Certificate serial: 01879AD287A6F82996004E4F6A4C67CC8B44
Authority key identifier: 88:EA:8D:80:28:8E:DD:A9:4D:95:B6:30:8B:F1:59:A5:26:C6:37:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOqNgCiO3alNlbYwi_FZpSbGN0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/3bf92d-1c59-474b-8865-bbe4cf13583f/1/KjfLZPgUvHdEvodTHIlXxGqFJ5w.roa
Signing time: Wed 19 Apr 2023 18:41:41 +0000
ROA not before: Wed 19 Apr 2023 18:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196695
IP address blocks: 193.3.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9a:d2:87:a6:f8:29:96:00:4e:4f:6a:4c:67:cc:8b:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88ea8d80288edda94d95b6308bf159a526c63745
Validity
Not Before: Apr 19 18:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a37cb64f814bc7744be87531c8957c46a85279c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a7:41:f0:24:40:de:b3:10:fa:d3:26:27:72:
15:a0:a5:70:6c:b6:5f:67:e3:89:b7:d0:51:6e:5a:
49:5d:b2:fb:6b:fd:ff:d2:a5:b2:57:19:05:4f:96:
92:c1:67:e7:d2:63:0f:8d:12:76:38:5e:a7:7c:aa:
26:8f:4e:96:16:bf:4f:0e:a1:8c:2d:02:4f:a2:91:
86:d3:7a:86:6a:cc:75:68:b0:cd:ae:46:11:a2:c2:
7f:77:97:96:c2:95:e0:00:9c:d8:09:50:b0:d1:28:
d5:24:70:d9:b2:dc:e2:c7:29:37:69:d6:91:d7:0d:
fc:39:18:d8:b8:03:66:b0:42:55:26:9e:f7:04:ae:
5a:7a:91:b0:e8:45:24:78:f3:25:4c:17:19:3c:aa:
6f:77:13:d1:6b:e6:02:fb:9a:bd:f3:a7:5d:c2:a0:
b3:ec:19:6b:9d:d5:6b:24:18:e6:a3:42:82:a3:f4:
43:25:30:98:d1:fb:d3:dc:ee:5f:1d:75:12:9e:1e:
f2:55:7c:06:09:bd:e6:54:74:db:9f:f0:c8:fc:71:
ec:2a:64:c3:2d:ca:47:e7:9d:74:ee:c9:8c:6a:ec:
80:72:69:80:de:31:87:79:c0:68:98:16:05:97:7f:
44:5a:38:de:40:fe:c0:9a:84:45:3f:fd:66:56:62:
7f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:37:CB:64:F8:14:BC:77:44:BE:87:53:1C:89:57:C4:6A:85:27:9C
X509v3 Authority Key Identifier:
keyid:88:EA:8D:80:28:8E:DD:A9:4D:95:B6:30:8B:F1:59:A5:26:C6:37:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOqNgCiO3alNlbYwi_FZpSbGN0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3bf92d-1c59-474b-8865-bbe4cf13583f/1/KjfLZPgUvHdEvodTHIlXxGqFJ5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3bf92d-1c59-474b-8865-bbe4cf13583f/1/iOqNgCiO3alNlbYwi_FZpSbGN0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.188.0/24
Signature Algorithm: sha256WithRSAEncryption
76:96:24:66:68:f3:e0:19:ba:09:56:62:fb:14:6d:1f:32:f8:
79:f6:7a:ec:36:1b:ea:ea:23:09:83:23:3e:8d:1e:4d:f7:4b:
ce:51:b3:d3:a3:81:ae:f9:f9:7f:7d:ba:a6:86:19:1b:0d:3b:
a4:91:4b:3e:ec:b1:62:89:89:ec:fb:d4:c8:10:ed:f1:1f:b7:
73:85:8e:61:ef:30:a5:29:08:6e:80:8a:77:35:3b:b1:73:db:
f8:57:2e:79:88:69:30:59:e2:f4:0e:1b:58:d5:c4:2b:26:37:
28:09:cc:c6:53:6a:30:01:68:29:66:53:a8:a8:f3:ef:c3:bc:
11:db:81:cb:f7:90:22:1d:36:e4:41:54:c6:8e:c3:94:ff:1f:
d5:90:7b:96:39:04:6b:a5:b1:32:2f:bd:ec:d3:9d:d6:3f:fd:
1d:63:74:ef:c5:b1:4b:41:10:94:f7:bf:06:d3:84:85:bd:8e:
0b:7a:fa:af:dc:3b:15:1d:7d:95:3a:d9:50:fb:ab:95:44:18:
2e:6d:f9:31:37:49:6a:1c:eb:0a:4b:72:a6:ce:67:cb:a4:a2:
c6:0a:30:ff:75:47:3c:a1:a0:f0:ef:61:08:b2:0e:7c:1e:82:
89:dd:6f:d1:57:22:c5:d4:03:72:ce:3d:72:fc:77:65:05:46:
f3:e7:37:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYea0oem+CmWAE5PakxnzItEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZWE4ZDgwMjg4ZWRkYTk0ZDk1YjYzMDhiZjE1OWE1MjZj
NjM3NDUwHhcNMjMwNDE5MTg0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTM3Y2I2NGY4MTRiYzc3NDRiZTg3NTMxYzg5NTdjNDZhODUyNzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKdB8CRA3rMQ+tMmJ3IVoKVwbLZf
Z+OJt9BRblpJXbL7a/3/0qWyVxkFT5aSwWfn0mMPjRJ2OF6nfKomj06WFr9PDqGM
LQJPopGG03qGasx1aLDNrkYRosJ/d5eWwpXgAJzYCVCw0SjVJHDZstzixyk3adaR
1w38ORjYuANmsEJVJp73BK5aepGw6EUkePMlTBcZPKpvdxPRa+YC+5q986ddwqCz
7BlrndVrJBjmo0KCo/RDJTCY0fvT3O5fHXUSnh7yVXwGCb3mVHTbn/DI/HHsKmTD
LcpH55107smMauyAcmmA3jGHecBomBYFl39EWjjeQP7AmoRFP/1mVmJ/JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCo3y2T4FLx3RL6HUxyJV8RqhSecMB8GA1UdIwQY
MBaAFIjqjYAojt2pTZW2MIvxWaUmxjdFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9xTmdDaU8zYWxObGJZd2lfRlpwU2JHTjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zYmY5MmQtMWM1OS00NzRiLTg4NjUt
YmJlNGNmMTM1ODNmLzEvS2pmTFpQZ1V2SGRFdm9kVEhJbFh4R3FGSjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8zYmY5MmQtMWM1OS00NzRiLTg4NjUtYmJlNGNmMTM1ODNm
LzEvaU9xTmdDaU8zYWxObGJZd2lfRlpwU2JHTjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQO8MA0G
CSqGSIb3DQEBCwUAA4IBAQB2liRmaPPgGboJVmL7FG0fMvh59nrsNhvq6iMJgyM+
jR5N90vOUbPTo4Gu+fl/fbqmhhkbDTukkUs+7LFiiYns+9TIEO3xH7dzhY5h7zCl
KQhugIp3NTuxc9v4Vy55iGkwWeL0DhtY1cQrJjcoCczGU2owAWgpZlOoqPPvw7wR
24HL95AiHTbkQVTGjsOU/x/VkHuWOQRrpbEyL73s053WP/0dY3TvxbFLQRCU978G
04SFvY4Levqv3DsVHX2VOtlQ+6uVRBgubfkxN0lqHOsKS3KmzmfLpKLGCjD/dUc8
oaDw72EIsg58HoKJ3W/RVyLF1ANyzj1y/HdlBUbz5zc6
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:56:43 2025 by rpki-client