Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/KmIs3bltG0RlRXDQw8WOmr3TNds.roa
File: KmIs3bltG0RlRXDQw8WOmr3TNds.roa (raw, json)
Hash identifier: zPvglX+4nnp/F0j03bN/ET+TFqy4ClowjFnoLlbTQl8=
Subject key identifier: 2A:62:2C:DD:B9:6D:1B:44:65:45:70:D0:C3:C5:8E:9A:BD:D3:35:DB
Certificate issuer: /CN=33f5ce1fc37927cb5a4e67b176c7a63b32ff6e89
Certificate serial: 018D842F1C7BDF8FC878FB88E88F0971F322
Authority key identifier: 33:F5:CE:1F:C3:79:27:CB:5A:4E:67:B1:76:C7:A6:3B:32:FF:6E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_XOH8N5J8taTmexdsemOzL_bok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/KmIs3bltG0RlRXDQw8WOmr3TNds.roa
Signing time: Wed 07 Feb 2024 15:28:16 +0000
ROA not before: Wed 07 Feb 2024 15:28:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64494
IP address blocks: 185.161.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:2f:1c:7b:df:8f:c8:78:fb:88:e8:8f:09:71:f3:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33f5ce1fc37927cb5a4e67b176c7a63b32ff6e89
Validity
Not Before: Feb 7 15:28:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a622cddb96d1b44654570d0c3c58e9abdd335db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fa:b9:8d:4f:c5:08:f0:fd:ab:f6:72:ae:c2:
4f:20:33:ed:95:ab:66:71:8d:e9:03:30:a4:ad:bf:
be:17:c1:41:a9:a4:42:c6:6d:d8:80:5e:eb:fe:a6:
b8:e6:ea:f2:19:86:a4:35:01:cf:79:72:dc:c0:26:
e5:1d:40:61:b9:26:fb:63:67:bc:a4:33:c3:79:d7:
a9:e1:ff:75:c6:b5:87:98:ad:e9:e5:46:88:77:35:
bf:47:4d:d8:95:fc:a0:47:1f:83:c1:fd:d3:8f:d9:
f1:de:5c:14:a9:b3:46:07:f5:75:1b:6b:c7:22:86:
7b:dc:b7:6f:47:e2:a6:56:31:cc:c3:87:97:3a:d8:
f7:e1:64:23:f0:67:8e:2b:54:00:cd:d3:2e:52:7f:
aa:4e:98:24:cb:c2:9f:73:1a:15:a3:7c:c9:f2:a5:
e6:b4:9a:bb:8e:fe:b9:05:b5:8e:68:2b:bf:76:a0:
a1:f6:70:3b:9e:e5:89:6c:18:ea:86:a3:9d:6f:17:
0c:6c:2d:f6:29:40:33:01:60:2d:2a:0b:94:9f:f7:
ea:19:04:1a:92:8c:39:e6:36:8d:4a:a9:b4:62:ea:
33:b2:29:d3:ec:1b:9e:7c:f9:5c:bd:cc:b0:d1:cd:
70:bf:be:3d:37:77:24:83:e8:32:c8:23:aa:c0:52:
7d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:62:2C:DD:B9:6D:1B:44:65:45:70:D0:C3:C5:8E:9A:BD:D3:35:DB
X509v3 Authority Key Identifier:
keyid:33:F5:CE:1F:C3:79:27:CB:5A:4E:67:B1:76:C7:A6:3B:32:FF:6E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_XOH8N5J8taTmexdsemOzL_bok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/KmIs3bltG0RlRXDQw8WOmr3TNds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/M_XOH8N5J8taTmexdsemOzL_bok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.79.0/24
Signature Algorithm: sha256WithRSAEncryption
36:9d:38:6f:80:24:a8:1a:45:c6:9a:6c:26:53:51:60:0f:5f:
f7:c2:09:06:4f:da:4e:02:c9:1c:8d:42:49:bb:81:f0:90:9b:
28:a3:64:72:8e:2b:d9:81:d0:89:87:48:7f:e1:42:be:1d:a7:
14:19:3e:c7:4b:6f:6c:66:5b:76:be:bf:fb:39:8f:3a:14:80:
07:6b:36:44:19:4e:32:e0:8e:51:8a:7e:ce:f5:42:2e:80:8e:
44:3d:5f:02:32:c9:16:ca:8b:b4:13:ea:da:ad:31:99:1e:8f:
05:03:69:ab:34:36:d8:ee:6c:ea:25:ab:2e:f3:d2:4e:dc:e2:
af:b8:53:22:64:92:fa:55:fb:8e:75:9f:31:59:45:62:bc:12:
30:56:76:56:43:a5:eb:31:17:ae:2e:60:a3:15:7e:9d:95:62:
2a:ef:ab:7d:5d:e2:c9:bc:22:84:e0:10:cb:78:be:74:de:d5:
a7:4e:95:34:34:d8:19:a6:d9:28:70:a0:25:58:c6:77:a9:f1:
6e:f8:3a:49:d0:c1:a8:26:0b:8f:a8:d2:72:c8:aa:5e:dc:78:
63:79:29:f6:5c:80:d7:8c:c6:45:6d:32:56:5b:7d:e9:87:0f:
97:1e:45:af:ef:d0:d6:4f:62:f3:44:a2:76:de:16:d1:69:48:
eb:2f:b5:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2ELxx734/IePuI6I8JcfMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZjVjZTFmYzM3OTI3Y2I1YTRlNjdiMTc2YzdhNjNiMzJm
ZjZlODkwHhcNMjQwMjA3MTUyODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTYyMmNkZGI5NmQxYjQ0NjU0NTcwZDBjM2M1OGU5YWJkZDMzNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPq5jU/FCPD9q/ZyrsJPIDPtlatm
cY3pAzCkrb++F8FBqaRCxm3YgF7r/qa45uryGYakNQHPeXLcwCblHUBhuSb7Y2e8
pDPDedep4f91xrWHmK3p5UaIdzW/R03YlfygRx+Dwf3Tj9nx3lwUqbNGB/V1G2vH
IoZ73LdvR+KmVjHMw4eXOtj34WQj8GeOK1QAzdMuUn+qTpgky8KfcxoVo3zJ8qXm
tJq7jv65BbWOaCu/dqCh9nA7nuWJbBjqhqOdbxcMbC32KUAzAWAtKguUn/fqGQQa
kow55jaNSqm0YuozsinT7BuefPlcvcyw0c1wv749N3ckg+gyyCOqwFJ9hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpiLN25bRtEZUVw0MPFjpq90zXbMB8GA1UdIwQY
MBaAFDP1zh/DeSfLWk5nsXbHpjsy/26JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTV9YT0g4TjVKOHRhVG1leGRzZW1PekxfYm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zYmI5ZDgtYmY1NC00ZThmLTgzZTUt
M2ZmYzAxZmNiZmI2LzEvS21JczNibHRHMFJsUlhEUXc4V09tcjNUTmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zYmI5ZDgtYmY1NC00ZThmLTgzZTUtM2ZmYzAxZmNiZmI2
LzEvTV9YT0g4TjVKOHRhVG1leGRzZW1PekxfYm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaFPMA0G
CSqGSIb3DQEBCwUAA4IBAQA2nThvgCSoGkXGmmwmU1FgD1/3wgkGT9pOAskcjUJJ
u4HwkJsoo2RyjivZgdCJh0h/4UK+HacUGT7HS29sZlt2vr/7OY86FIAHazZEGU4y
4I5Rin7O9UIugI5EPV8CMskWyou0E+rarTGZHo8FA2mrNDbY7mzqJasu89JO3OKv
uFMiZJL6VfuOdZ8xWUVivBIwVnZWQ6XrMReuLmCjFX6dlWIq76t9XeLJvCKE4BDL
eL503tWnTpU0NNgZptkocKAlWMZ3qfFu+DpJ0MGoJguPqNJyyKpe3HhjeSn2XIDX
jMZFbTJWW33phw+XHkWv79DWT2LzRKJ23hbRaUjrL7Ul
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:13 2025 by rpki-client