Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/196925-f347-49a4-a5ec-6cb195d3df69/1/KXpCRU67CQYOXS7a51xQb0ceV1g.roa
File: KXpCRU67CQYOXS7a51xQb0ceV1g.roa (raw, json)
Hash identifier: VyZpZuVuIZd8E7TNsVQzi5l9Moj40IeBs9NRAz+XVs4=
Subject key identifier: 29:7A:42:45:4E:BB:09:06:0E:5D:2E:DA:E7:5C:50:6F:47:1E:57:58
Certificate issuer: /CN=684d5d5fd7ed1071ca4739f0e238ba515346c3a1
Certificate serial: 01856D940A9418602362A955C864E402262F
Authority key identifier: 68:4D:5D:5F:D7:ED:10:71:CA:47:39:F0:E2:38:BA:51:53:46:C3:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aE1dX9ftEHHKRznw4ji6UVNGw6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/196925-f347-49a4-a5ec-6cb195d3df69/1/KXpCRU67CQYOXS7a51xQb0ceV1g.roa
Signing time: Sun 01 Jan 2023 13:44:56 +0000
ROA not before: Sun 01 Jan 2023 13:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 62.68.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:0a:94:18:60:23:62:a9:55:c8:64:e4:02:26:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=684d5d5fd7ed1071ca4739f0e238ba515346c3a1
Validity
Not Before: Jan 1 13:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=297a42454ebb09060e5d2edae75c506f471e5758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5a:e4:c2:9a:2c:2e:2d:d9:58:26:a3:33:89:
28:68:c9:41:55:bb:0d:d8:ad:04:36:16:c7:2f:19:
7e:61:c2:20:14:41:e5:5b:22:11:76:ec:05:88:57:
27:eb:32:73:54:8d:d1:28:bb:20:ae:eb:0e:05:7b:
a1:93:ff:ca:8c:66:ba:af:96:f7:de:18:72:36:d8:
72:65:93:21:bc:17:83:01:a5:c5:5c:34:cc:2f:eb:
64:77:c2:21:57:e7:34:92:d8:36:c6:65:fa:42:8b:
1a:8a:52:f5:f2:a0:ef:12:ab:d9:08:a2:68:36:ab:
e3:f5:b2:15:73:17:7a:b6:34:e5:0b:ff:e1:79:9d:
4b:68:0c:2c:3f:82:15:00:8d:4c:3a:13:c0:6a:2f:
c4:5d:77:4a:4a:14:2c:91:26:29:b6:84:5d:df:5e:
d7:3c:e9:fa:cb:2f:2d:9f:03:1d:30:34:db:1b:5f:
f2:62:7f:0b:a2:1c:c3:b0:48:0a:d5:21:1b:6b:0d:
01:ae:ca:c3:f7:31:58:53:23:95:c9:bc:3c:56:3c:
cd:7b:22:a7:b2:31:71:a2:b6:85:7a:cf:7f:12:10:
25:37:ea:b2:de:59:7c:4a:f1:23:ff:d2:99:55:d4:
72:c1:08:09:a9:d3:4b:aa:19:1b:41:60:29:c2:09:
de:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:7A:42:45:4E:BB:09:06:0E:5D:2E:DA:E7:5C:50:6F:47:1E:57:58
X509v3 Authority Key Identifier:
keyid:68:4D:5D:5F:D7:ED:10:71:CA:47:39:F0:E2:38:BA:51:53:46:C3:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aE1dX9ftEHHKRznw4ji6UVNGw6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/196925-f347-49a4-a5ec-6cb195d3df69/1/KXpCRU67CQYOXS7a51xQb0ceV1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/196925-f347-49a4-a5ec-6cb195d3df69/1/aE1dX9ftEHHKRznw4ji6UVNGw6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.66.0/24
Signature Algorithm: sha256WithRSAEncryption
36:7b:f5:b5:54:65:30:d9:0c:ee:64:0e:b5:fc:51:2f:f6:de:
98:1b:3d:c2:f3:93:42:45:f1:e1:9e:4b:41:49:7e:09:77:ff:
d2:74:86:5e:83:23:76:df:e9:9a:dd:3a:a3:2e:89:bf:8e:78:
e9:21:ef:5a:7c:7b:26:f2:b6:4d:fc:a9:1d:0e:26:7c:89:b5:
03:60:e7:fb:36:4f:9c:c5:d9:24:ea:0b:3b:2e:d1:b2:99:9c:
44:2d:fd:c6:67:82:20:ed:c8:2e:ee:e1:db:b5:d1:30:b5:9f:
54:82:37:7d:53:df:df:2a:95:6b:33:98:64:ed:e2:e1:92:c6:
4c:26:07:8d:84:65:45:2f:3e:bc:79:b2:1c:ea:f7:8f:a7:9b:
b2:ed:b7:a4:62:eb:1b:77:65:2c:7d:8c:df:ab:3f:85:54:6c:
c6:8e:30:56:08:dd:4f:ab:95:9f:bd:21:6a:43:3a:cb:e0:50:
7d:ed:e6:e7:88:72:3e:57:26:ab:c4:6d:73:19:76:62:df:1e:
da:ae:69:d1:88:5e:1c:5e:bd:8a:73:5f:8c:a0:aa:e7:bc:99:
a0:f5:e4:ae:da:38:84:d0:94:b6:65:c8:46:00:f7:35:e5:2b:
5b:3e:35:ab:9e:2b:6f:5a:61:54:35:51:39:24:28:e3:9d:4f:
11:8e:6b:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtlAqUGGAjYqlVyGTkAiYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NGQ1ZDVmZDdlZDEwNzFjYTQ3MzlmMGUyMzhiYTUxNTM0
NmMzYTEwHhcNMjMwMTAxMTM0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTdhNDI0NTRlYmIwOTA2MGU1ZDJlZGFlNzVjNTA2ZjQ3MWU1NzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1rkwposLi3ZWCajM4koaMlBVbsN
2K0ENhbHLxl+YcIgFEHlWyIRduwFiFcn6zJzVI3RKLsgrusOBXuhk//KjGa6r5b3
3hhyNthyZZMhvBeDAaXFXDTML+tkd8IhV+c0ktg2xmX6QosailL18qDvEqvZCKJo
Nqvj9bIVcxd6tjTlC//heZ1LaAwsP4IVAI1MOhPAai/EXXdKShQskSYptoRd317X
POn6yy8tnwMdMDTbG1/yYn8LohzDsEgK1SEbaw0BrsrD9zFYUyOVybw8VjzNeyKn
sjFxoraFes9/EhAlN+qy3ll8SvEj/9KZVdRywQgJqdNLqhkbQWApwgneLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCl6QkVOuwkGDl0u2udcUG9HHldYMB8GA1UdIwQY
MBaAFGhNXV/X7RBxykc58OI4ulFTRsOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUUxZFg5ZnRFSEhLUnpudzRqaTZVVk5HdzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8xOTY5MjUtZjM0Ny00OWE0LWE1ZWMt
NmNiMTk1ZDNkZjY5LzEvS1hwQ1JVNjdDUVlPWFM3YTUxeFFiMGNlVjFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8xOTY5MjUtZjM0Ny00OWE0LWE1ZWMtNmNiMTk1ZDNkZjY5
LzEvYUUxZFg5ZnRFSEhLUnpudzRqaTZVVk5HdzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkRCMA0G
CSqGSIb3DQEBCwUAA4IBAQA2e/W1VGUw2QzuZA61/FEv9t6YGz3C85NCRfHhnktB
SX4Jd//SdIZegyN23+ma3TqjLom/jnjpIe9afHsm8rZN/KkdDiZ8ibUDYOf7Nk+c
xdkk6gs7LtGymZxELf3GZ4Ig7cgu7uHbtdEwtZ9Ugjd9U9/fKpVrM5hk7eLhksZM
JgeNhGVFLz68ebIc6vePp5uy7bekYusbd2UsfYzfqz+FVGzGjjBWCN1Pq5WfvSFq
QzrL4FB97ebniHI+VyarxG1zGXZi3x7armnRiF4cXr2Kc1+MoKrnvJmg9eSu2jiE
0JS2ZchGAPc15StbPjWrnitvWmFUNVE5JCjjnU8RjmtE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:35 2025 by rpki-client