Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/4891c4-53bd-4ad6-bade-e4b23f768957/1/kok0CfrcNMIlqEInKYrb93tnNGo.roa
File: kok0CfrcNMIlqEInKYrb93tnNGo.roa (raw, json)
Hash identifier: RllICFLKuh07ziyA8fM7y3/OpydLxIfNYRAVQztlWZc=
Subject key identifier: 92:89:34:09:FA:DC:34:C2:25:A8:42:27:29:8A:DB:F7:7B:67:34:6A
Certificate issuer: /CN=d9177cfd3851a5d51e45729f5156749248784885
Certificate serial: 018B1DF23A3FC6E4BAF3FE453E04A7DEEE79
Authority key identifier: D9:17:7C:FD:38:51:A5:D5:1E:45:72:9F:51:56:74:92:48:78:48:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Rd8_ThRpdUeRXKfUVZ0kkh4SIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/4891c4-53bd-4ad6-bade-e4b23f768957/1/kok0CfrcNMIlqEInKYrb93tnNGo.roa
Signing time: Wed 11 Oct 2023 08:54:55 +0000
ROA not before: Wed 11 Oct 2023 08:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201697
IP address blocks: 195.190.25.0/24 maxlen: 24
2001:678:72c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:f2:3a:3f:c6:e4:ba:f3:fe:45:3e:04:a7:de:ee:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9177cfd3851a5d51e45729f5156749248784885
Validity
Not Before: Oct 11 08:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92893409fadc34c225a84227298adbf77b67346a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a2:2f:20:bd:e4:93:fd:8b:ff:2d:c7:5d:77:
8b:6c:5e:af:61:21:d7:bc:19:f3:60:50:d7:b9:e4:
2a:39:bf:7f:8f:c4:8d:0a:c4:f3:81:9f:66:6b:61:
c7:87:91:dc:86:0b:6b:a9:90:f2:eb:27:69:5b:59:
3a:43:b4:ab:e8:30:d0:5d:b5:ab:b9:c9:a1:31:75:
b9:d2:c7:44:d8:14:35:c4:8e:3b:1f:64:09:db:75:
1f:ae:22:ab:19:20:c7:ca:fb:33:aa:bf:28:ea:44:
40:02:93:79:94:df:ca:87:1e:c3:8b:7a:de:5b:12:
5a:70:92:c8:e4:6b:af:36:ac:ab:0b:1b:e4:da:fd:
9f:83:60:f0:cc:85:4f:b5:ca:91:4a:03:f2:4b:75:
f0:bd:af:19:c1:23:e2:cd:20:88:6a:b7:2c:7e:da:
90:cb:2c:ad:e3:55:04:87:cf:df:c0:41:9f:46:90:
8a:53:28:14:32:45:93:4a:42:97:8f:df:d8:18:3c:
b0:ef:60:50:f2:06:32:0e:44:ff:48:a7:e8:b3:3a:
28:62:58:6e:46:e0:f9:3e:31:14:1b:19:36:71:a6:
ec:70:bf:53:a5:36:01:3c:a6:49:ad:32:13:f3:fd:
8d:b7:0b:e9:8f:f1:93:33:f0:f3:2a:bb:51:7e:02:
79:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:89:34:09:FA:DC:34:C2:25:A8:42:27:29:8A:DB:F7:7B:67:34:6A
X509v3 Authority Key Identifier:
keyid:D9:17:7C:FD:38:51:A5:D5:1E:45:72:9F:51:56:74:92:48:78:48:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Rd8_ThRpdUeRXKfUVZ0kkh4SIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4891c4-53bd-4ad6-bade-e4b23f768957/1/kok0CfrcNMIlqEInKYrb93tnNGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4891c4-53bd-4ad6-bade-e4b23f768957/1/2Rd8_ThRpdUeRXKfUVZ0kkh4SIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.25.0/24
IPv6:
2001:678:72c::/48
Signature Algorithm: sha256WithRSAEncryption
38:78:c8:4c:bd:a0:0c:02:33:39:15:83:cc:76:2e:29:a0:b3:
6b:d9:66:cd:65:20:a1:4c:48:63:da:1f:f4:90:1f:5b:c7:d0:
91:5c:db:18:e7:9d:bd:dc:4f:bd:67:28:0d:bf:f6:60:f5:10:
a7:fa:d2:ee:a9:fa:63:80:0f:bf:50:fa:03:b2:ac:99:bf:fa:
56:43:9d:d4:69:8f:a9:a4:9c:68:6d:7a:64:49:84:e9:7d:f8:
d8:7e:c9:32:6b:f9:b2:cc:5b:6a:89:39:bb:40:55:65:5b:d1:
b7:1d:26:bf:4d:01:b5:da:ab:1c:56:d3:14:7e:70:d7:c6:ce:
42:8e:cb:e9:c3:b6:5d:9d:59:dd:12:56:69:e8:1d:63:17:1c:
66:26:39:e6:fd:3c:bc:45:10:6e:59:21:78:cd:56:40:9f:86:
59:1d:db:f2:0b:ff:f7:16:21:70:df:a9:8c:76:78:6e:9f:1e:
f1:7d:f4:b7:d9:bf:6e:5b:da:1d:69:a4:27:41:24:88:39:f5:
f9:37:e0:3d:d6:c6:d5:10:bf:55:fb:00:11:7e:b2:8f:ab:1f:
ae:9e:fa:94:df:0f:8e:47:02:51:df:4a:80:c9:a8:cd:a1:cd:
b3:9e:0d:19:08:13:7e:53:4b:10:ce:0f:49:08:e8:6f:cb:60:
ea:53:fb:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsd8jo/xuS68/5FPgSn3u55MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTc3Y2ZkMzg1MWE1ZDUxZTQ1NzI5ZjUxNTY3NDkyNDg3
ODQ4ODUwHhcNMjMxMDExMDg1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjg5MzQwOWZhZGMzNGMyMjVhODQyMjcyOThhZGJmNzdiNjczNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKIvIL3kk/2L/y3HXXeLbF6vYSHX
vBnzYFDXueQqOb9/j8SNCsTzgZ9ma2HHh5HchgtrqZDy6ydpW1k6Q7Sr6DDQXbWr
ucmhMXW50sdE2BQ1xI47H2QJ23UfriKrGSDHyvszqr8o6kRAApN5lN/Khx7Di3re
WxJacJLI5GuvNqyrCxvk2v2fg2DwzIVPtcqRSgPyS3Xwva8ZwSPizSCIarcsftqQ
yyyt41UEh8/fwEGfRpCKUygUMkWTSkKXj9/YGDyw72BQ8gYyDkT/SKfoszooYlhu
RuD5PjEUGxk2cabscL9TpTYBPKZJrTIT8/2Ntwvpj/GTM/DzKrtRfgJ56QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJKJNAn63DTCJahCJymK2/d7ZzRqMB8GA1UdIwQY
MBaAFNkXfP04UaXVHkVyn1FWdJJIeEiFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJkOF9UaFJwZFVlUlhLZlVWWjBra2g0U0lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS80ODkxYzQtNTNiZC00YWQ2LWJhZGUt
ZTRiMjNmNzY4OTU3LzEva29rMENmcmNOTUlscUVJbktZcmI5M3RuTkdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS80ODkxYzQtNTNiZC00YWQ2LWJhZGUtZTRiMjNmNzY4OTU3
LzEvMlJkOF9UaFJwZFVlUlhLZlVWWjBra2g0U0lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw74ZMA8E
AgACMAkDBwAgAQZ4BywwDQYJKoZIhvcNAQELBQADggEBADh4yEy9oAwCMzkVg8x2
Limgs2vZZs1lIKFMSGPaH/SQH1vH0JFc2xjnnb3cT71nKA2/9mD1EKf60u6p+mOA
D79Q+gOyrJm/+lZDndRpj6mknGhtemRJhOl9+Nh+yTJr+bLMW2qJObtAVWVb0bcd
Jr9NAbXaqxxW0xR+cNfGzkKOy+nDtl2dWd0SVmnoHWMXHGYmOeb9PLxFEG5ZIXjN
VkCfhlkd2/IL//cWIXDfqYx2eG6fHvF99LfZv25b2h1ppCdBJIg59fk34D3WxtUQ
v1X7ABF+so+rH66e+pTfD45HAlHfSoDJqM2hzbOeDRkIE35TSxDOD0kI6G/LYOpT
+0Q=
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:34:58 2025 by rpki-client