Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c60ece-561b-4d19-8abf-c1ffa7e5b04a/1/KMhjR7OaljQecf--K5oBCFilqrk.roa
File: KMhjR7OaljQecf--K5oBCFilqrk.roa (raw, json)
Hash identifier: boDix8PlYTetVytuBwmg5PoqbE822hSr2Vuxu9cZrwM=
Subject key identifier: 28:C8:63:47:B3:9A:96:34:1E:71:FF:BE:2B:9A:01:08:58:A5:AA:B9
Certificate issuer: /CN=e9cb1687488cf43a7334f9efa4d9cdf635724e9c
Certificate serial: 018733686CB922B6A3D18E5177666EF6AD92
Authority key identifier: E9:CB:16:87:48:8C:F4:3A:73:34:F9:EF:A4:D9:CD:F6:35:72:4E:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6csWh0iM9DpzNPnvpNnN9jVyTpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c60ece-561b-4d19-8abf-c1ffa7e5b04a/1/KMhjR7OaljQecf--K5oBCFilqrk.roa
Signing time: Thu 30 Mar 2023 16:44:54 +0000
ROA not before: Thu 30 Mar 2023 16:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 194.126.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:33:68:6c:b9:22:b6:a3:d1:8e:51:77:66:6e:f6:ad:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9cb1687488cf43a7334f9efa4d9cdf635724e9c
Validity
Not Before: Mar 30 16:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28c86347b39a96341e71ffbe2b9a010858a5aab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:35:ca:1e:da:c9:ac:68:e8:b7:a5:f0:6c:15:
24:3d:5a:b7:3d:22:4e:b0:34:81:01:16:13:5f:e2:
91:08:e0:cd:ef:92:b7:27:62:89:33:6e:44:a4:64:
df:32:87:7c:c5:a5:01:72:7a:0a:50:b6:ab:04:28:
a4:7c:f6:90:2f:84:f9:d8:2c:3a:10:f9:45:5f:b5:
ef:f5:f1:b7:16:fb:c2:2f:a1:6b:03:d8:5d:3c:70:
2b:9f:f7:b8:1d:5b:57:66:cb:98:e0:00:f5:5a:e3:
3a:61:72:8d:39:51:a8:6a:ca:cd:c2:a8:3b:f7:6d:
fb:94:cc:be:93:30:77:eb:07:53:80:bc:20:3b:7f:
bb:49:d8:b9:cd:d4:6d:0b:83:e3:9e:30:2b:9a:4a:
74:9e:3c:03:f0:80:59:9a:49:3e:64:c3:e0:32:27:
85:c9:8c:15:a5:9f:56:d0:1b:45:29:f8:3a:b9:fc:
25:a9:a7:9b:39:c2:57:a2:22:93:bf:5d:81:7f:95:
75:50:69:20:45:17:74:47:00:b6:ca:85:05:27:94:
e6:38:bc:ff:18:ab:5d:63:82:f0:dd:06:c8:0c:77:
61:d9:c6:39:a1:7b:ed:34:d1:fa:fa:15:af:16:2c:
e8:c0:20:e0:b7:84:b5:4d:b6:ee:18:5e:1a:39:d7:
a5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C8:63:47:B3:9A:96:34:1E:71:FF:BE:2B:9A:01:08:58:A5:AA:B9
X509v3 Authority Key Identifier:
keyid:E9:CB:16:87:48:8C:F4:3A:73:34:F9:EF:A4:D9:CD:F6:35:72:4E:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6csWh0iM9DpzNPnvpNnN9jVyTpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c60ece-561b-4d19-8abf-c1ffa7e5b04a/1/KMhjR7OaljQecf--K5oBCFilqrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c60ece-561b-4d19-8abf-c1ffa7e5b04a/1/6csWh0iM9DpzNPnvpNnN9jVyTpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.219.0/24
Signature Algorithm: sha256WithRSAEncryption
37:35:c5:e1:d5:d7:ad:bd:4c:2e:43:49:dd:a5:17:eb:ab:4f:
84:f1:68:db:06:fd:7d:cc:80:0d:8d:03:61:c0:cc:d7:5e:e3:
dd:37:3d:c0:a1:b5:ba:1d:9d:b0:98:d0:8f:c9:57:42:a0:0a:
cc:45:ce:56:5c:bc:01:dd:d7:73:96:08:d1:08:2d:bd:5f:b5:
78:30:9a:4e:fc:58:22:4c:59:9d:1e:1a:98:30:bc:05:b5:c1:
3a:b0:73:16:7a:9e:fc:e8:08:0f:ea:ff:22:f1:02:87:bf:82:
d9:6c:db:56:aa:6f:50:41:9a:c2:f3:f5:54:c9:7e:e7:62:be:
aa:e3:d6:2f:6e:c1:35:3c:ce:f2:e4:8a:cf:00:2c:ef:9a:a6:
4d:2e:ff:e6:4b:1b:32:1d:30:c4:e8:a4:fc:c1:0a:47:a8:20:
00:14:c1:64:00:54:16:33:64:fc:93:99:6b:02:6e:32:e0:e3:
93:5c:0a:c0:8c:f2:d8:e6:1d:ad:b7:8d:66:be:01:f7:ed:41:
66:7b:f7:f1:a2:5f:ad:3c:46:e5:ec:2c:d9:be:d7:81:e4:c8:
88:00:bc:a0:9b:2f:5f:6d:e6:e7:aa:68:3b:a0:a5:97:93:ac:
d0:f4:da:af:b6:42:02:1b:48:84:2b:90:0a:9a:65:f0:1b:e5:
39:5d:ca:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYczaGy5Iraj0Y5Rd2Zu9q2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5Y2IxNjg3NDg4Y2Y0M2E3MzM0ZjllZmE0ZDljZGY2MzU3
MjRlOWMwHhcNMjMwMzMwMTY0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM4NjM0N2IzOWE5NjM0MWU3MWZmYmUyYjlhMDEwODU4YTVhYWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTXKHtrJrGjot6XwbBUkPVq3PSJO
sDSBARYTX+KRCODN75K3J2KJM25EpGTfMod8xaUBcnoKULarBCikfPaQL4T52Cw6
EPlFX7Xv9fG3FvvCL6FrA9hdPHArn/e4HVtXZsuY4AD1WuM6YXKNOVGoasrNwqg7
9237lMy+kzB36wdTgLwgO3+7Sdi5zdRtC4PjnjArmkp0njwD8IBZmkk+ZMPgMieF
yYwVpZ9W0BtFKfg6ufwlqaebOcJXoiKTv12Bf5V1UGkgRRd0RwC2yoUFJ5TmOLz/
GKtdY4Lw3QbIDHdh2cY5oXvtNNH6+hWvFizowCDgt4S1TbbuGF4aOdelOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjIY0ezmpY0HnH/viuaAQhYpaq5MB8GA1UdIwQY
MBaAFOnLFodIjPQ6czT576TZzfY1ck6cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmNzV2gwaU05RHB6TlBudnBObk45alZ5VHB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jNjBlY2UtNTYxYi00ZDE5LThhYmYt
YzFmZmE3ZTViMDRhLzEvS01oalI3T2FsalFlY2YtLUs1b0JDRmlscXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jNjBlY2UtNTYxYi00ZDE5LThhYmYtYzFmZmE3ZTViMDRh
LzEvNmNzV2gwaU05RHB6TlBudnBObk45alZ5VHB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn7bMA0G
CSqGSIb3DQEBCwUAA4IBAQA3NcXh1detvUwuQ0ndpRfrq0+E8WjbBv19zIANjQNh
wMzXXuPdNz3AobW6HZ2wmNCPyVdCoArMRc5WXLwB3ddzlgjRCC29X7V4MJpO/Fgi
TFmdHhqYMLwFtcE6sHMWep786AgP6v8i8QKHv4LZbNtWqm9QQZrC8/VUyX7nYr6q
49YvbsE1PM7y5IrPACzvmqZNLv/mSxsyHTDE6KT8wQpHqCAAFMFkAFQWM2T8k5lr
Am4y4OOTXArAjPLY5h2tt41mvgH37UFme/fxol+tPEbl7CzZvteB5MiIALygmy9f
bebnqmg7oKWXk6zQ9NqvtkICG0iEK5AKmmXwG+U5XcpS
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:53:06 2025 by rpki-client