Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/KN7VL3uMpjbXhVV4v96V6gPc4eE.roa
File: KN7VL3uMpjbXhVV4v96V6gPc4eE.roa (raw, json)
Hash identifier: cuLGbnJuS+W8Mo7UCGgzHbjflmeI4xtLhFaSOf6PqC0=
Subject key identifier: 28:DE:D5:2F:7B:8C:A6:36:D7:85:55:78:BF:DE:95:EA:03:DC:E1:E1
Certificate issuer: /CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Certificate serial: 01856C6F0F0696FB632D1A0247C64C269165
Authority key identifier: 37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/KN7VL3uMpjbXhVV4v96V6gPc4eE.roa
Signing time: Sun 01 Jan 2023 08:24:55 +0000
ROA not before: Sun 01 Jan 2023 08:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212008
IP address blocks: 2a0e:46c4:2300::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:0f:06:96:fb:63:2d:1a:02:47:c6:4c:26:91:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Validity
Not Before: Jan 1 08:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28ded52f7b8ca636d7855578bfde95ea03dce1e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:71:94:0d:72:26:0d:3c:5f:0a:6c:70:44:1f:
0a:6f:16:7e:42:c1:a5:30:01:53:49:b5:7a:25:a3:
bf:ea:2a:bb:de:5c:c7:23:d8:6c:38:a5:e3:b7:19:
a9:19:76:56:49:00:66:88:2b:5d:4f:0b:ee:f0:03:
50:d0:5f:c9:da:e7:cb:74:57:05:67:ee:3d:85:66:
05:e3:7c:bb:c4:58:c7:77:97:01:0e:4f:de:28:99:
8d:d0:a6:a6:46:3f:ea:cf:a3:42:4b:b9:82:7d:02:
39:b4:a7:a7:86:be:09:54:7a:ad:b0:f3:2c:08:4a:
ff:41:7a:d7:55:3d:4e:52:7c:bf:a2:b4:86:0b:ac:
f9:6d:dd:9b:fb:cb:7f:ea:7c:db:be:65:66:fd:3a:
f3:09:2b:71:06:ee:a2:73:1c:c0:8a:66:60:5b:ee:
df:83:56:84:c9:25:de:86:ef:e2:f1:87:05:3b:34:
6e:3b:7c:f4:85:42:e0:cd:de:b1:41:6b:b0:b7:98:
3c:74:b9:11:5b:9e:d8:65:76:fa:77:d3:56:18:ac:
4a:af:8e:a6:3a:2a:5f:04:99:af:72:d8:9b:45:db:
bb:3f:e4:05:0b:1c:fe:18:18:e3:e5:2b:00:5b:b4:
f7:6e:44:8d:2a:45:11:da:ff:8d:49:77:17:61:fe:
a9:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:DE:D5:2F:7B:8C:A6:36:D7:85:55:78:BF:DE:95:EA:03:DC:E1:E1
X509v3 Authority Key Identifier:
keyid:37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/KN7VL3uMpjbXhVV4v96V6gPc4eE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:46c4:2300::/40
Signature Algorithm: sha256WithRSAEncryption
62:bb:6c:1e:44:5c:3b:6a:68:19:35:1d:d5:77:32:4a:74:75:
fc:f3:22:5f:57:81:27:47:af:74:b9:99:58:f6:1c:e9:85:36:
be:3a:a3:3e:ee:64:f8:f5:0f:86:53:15:dd:c6:52:b8:ce:58:
88:65:0b:a4:01:28:f9:6c:23:30:86:75:70:43:92:59:02:6c:
de:82:f3:57:1f:91:f5:0b:a3:3f:f3:ff:43:bc:3a:ce:94:5b:
8f:fc:b6:5d:6e:d1:ea:d9:e4:f3:a7:07:b9:c4:fa:b5:c1:7a:
f4:ba:66:d0:1f:5e:b3:a0:76:eb:3a:50:81:4f:81:8c:40:3c:
94:16:95:25:d4:d9:ed:7b:68:1d:89:bd:e0:74:75:ff:e4:5c:
c2:bd:3b:22:91:d7:5d:06:62:63:e7:51:c4:fd:51:3a:12:81:
15:68:ca:09:67:ea:de:3e:ee:a8:12:8c:ed:62:eb:58:59:43:
ae:47:0d:9e:d3:cd:85:93:37:a0:cd:43:a2:ff:ff:30:f2:f4:
3e:00:1d:2e:c5:1e:d9:e2:5d:63:4e:8a:3d:c6:ec:a2:2d:34:
09:cc:40:ec:23:cb:ff:86:33:1c:d1:af:79:37:6a:ba:00:90:
82:79:17:68:fc:a5:fa:e4:d2:c7:97:7d:19:43:59:94:c9:cf:
c8:d0:76:b1
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsbw8GlvtjLRoCR8ZMJpFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MGU1NDUwZDE0ODY3ODBhYmE1NGYwNDVlYzQ4MDJmMTlm
MGI0ZjcwHhcNMjMwMTAxMDgyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGRlZDUyZjdiOGNhNjM2ZDc4NTU1NzhiZmRlOTVlYTAzZGNlMWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXGUDXImDTxfCmxwRB8KbxZ+QsGl
MAFTSbV6JaO/6iq73lzHI9hsOKXjtxmpGXZWSQBmiCtdTwvu8ANQ0F/J2ufLdFcF
Z+49hWYF43y7xFjHd5cBDk/eKJmN0KamRj/qz6NCS7mCfQI5tKenhr4JVHqtsPMs
CEr/QXrXVT1OUny/orSGC6z5bd2b+8t/6nzbvmVm/TrzCStxBu6icxzAimZgW+7f
g1aEySXehu/i8YcFOzRuO3z0hULgzd6xQWuwt5g8dLkRW57YZXb6d9NWGKxKr46m
OipfBJmvctibRdu7P+QFCxz+GBjj5SsAW7T3bkSNKkUR2v+NSXcXYf6pUwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCje1S97jKY214VVeL/eleoD3OHhMB8GA1UdIwQY
MBaAFDcOVFDRSGeAq6VPBF7EgC8Z8LT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgt
ODU4ZGNlNTdmY2RiLzEvS043VkwzdU1wamJYaFZWNHY5NlY2Z1BjNGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgtODU4ZGNlNTdmY2Ri
LzEvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg5GxCMw
DQYJKoZIhvcNAQELBQADggEBAGK7bB5EXDtqaBk1HdV3Mkp0dfzzIl9XgSdHr3S5
mVj2HOmFNr46oz7uZPj1D4ZTFd3GUrjOWIhlC6QBKPlsIzCGdXBDklkCbN6C81cf
kfULoz/z/0O8Os6UW4/8tl1u0erZ5POnB7nE+rXBevS6ZtAfXrOgdus6UIFPgYxA
PJQWlSXU2e17aB2JveB0df/kXMK9OyKR110GYmPnUcT9UToSgRVoygln6t4+7qgS
jO1i61hZQ65HDZ7TzYWTN6DNQ6L//zDy9D4AHS7FHtniXWNOij3G7KItNAnMQOwj
y/+GMxzRr3k3aroAkIJ5F2j8pfrk0seXfRlDWZTJz8jQdrE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:24 2025 by rpki-client