Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/KoNGyfn6NOjO1WdPwvKKEAkE5dk.roa
File: KoNGyfn6NOjO1WdPwvKKEAkE5dk.roa (raw, json)
Hash identifier: KEmAObHmfoYR8GBRfhVNedYCytwcml/KfMx+plGZUGY=
Subject key identifier: 2A:83:46:C9:F9:FA:34:E8:CE:D5:67:4F:C2:F2:8A:10:09:04:E5:D9
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019425FD5D84B9825F872E779F059DE3FBBC
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/KoNGyfn6NOjO1WdPwvKKEAkE5dk.roa
Signing time: Thu 02 Jan 2025 07:49:09 +0000
ROA not before: Thu 02 Jan 2025 07:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60915
IP address blocks: 62.76.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:5d:84:b9:82:5f:87:2e:77:9f:05:9d:e3:fb:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 07:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a8346c9f9fa34e8ced5674fc2f28a100904e5d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:58:b8:97:ae:b0:55:1b:bf:b3:a6:f5:ea:e6:
8b:04:9b:82:e3:9c:ec:8a:0b:c5:d1:df:ee:b0:6d:
8e:e2:f8:7d:58:de:92:38:20:65:37:d0:82:d6:70:
04:41:4a:ff:fa:0d:3b:d0:77:85:fb:b7:de:c7:f4:
08:51:ba:ba:f0:9f:94:a5:46:d3:d1:51:a0:16:53:
16:6f:bb:b7:fe:1c:0e:37:1a:31:25:27:b5:94:83:
76:e2:d9:39:e0:48:4a:33:bd:c9:a3:93:db:a5:b5:
59:d3:ef:f9:dc:53:ec:59:16:ea:76:cc:3c:5c:34:
65:f2:03:ef:89:84:a7:ac:1b:62:1d:f7:0c:b1:c4:
32:fa:d1:3b:e2:66:db:08:68:ae:c0:d2:0c:07:49:
1f:17:83:2b:37:2b:6a:cd:d0:0a:25:86:01:8a:a3:
8c:4d:54:0b:99:60:86:a6:e9:7c:e3:0b:0b:03:45:
59:e5:5f:28:ea:a0:10:e7:aa:29:93:3c:e5:45:fa:
e9:e4:53:df:f7:8c:71:ba:63:4e:ea:11:1e:2a:1a:
c4:89:e8:8c:52:91:ae:e9:41:1e:fd:8e:4a:58:cf:
24:da:66:07:89:56:20:d9:76:85:bb:df:7e:e6:d7:
13:64:27:3a:d3:39:71:06:26:28:94:85:f9:a3:98:
08:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:83:46:C9:F9:FA:34:E8:CE:D5:67:4F:C2:F2:8A:10:09:04:E5:D9
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/KoNGyfn6NOjO1WdPwvKKEAkE5dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.9.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:dd:46:e9:51:c6:c8:07:83:78:bd:7b:06:8a:3d:5c:32:c0:
79:50:bc:bf:9a:b7:d0:ef:c7:ce:68:1f:eb:c4:2e:f0:48:3c:
02:5a:db:a0:0e:d6:63:9d:e4:70:9f:8c:56:87:c5:ea:55:16:
43:d5:2c:1a:05:ab:9e:d1:99:7d:89:d3:75:0a:79:43:75:55:
3f:7e:69:69:23:a1:f7:b2:26:ea:12:ee:29:2f:0e:46:0e:61:
e5:69:03:07:8f:12:21:de:49:ff:71:da:c0:99:9b:36:8b:19:
2b:72:db:05:85:97:bd:2a:be:fa:60:73:dc:c9:4e:99:db:01:
a3:3d:ec:07:7a:ea:65:71:9e:20:dc:34:41:ca:cb:cb:6e:7c:
a3:21:ce:92:b1:b7:75:2a:33:84:c1:0d:e1:34:c7:8c:8e:cd:
34:2e:69:62:46:0d:e2:63:c9:45:d9:2e:e6:7b:e6:01:01:52:
08:e0:f6:28:79:2e:71:58:c5:fc:39:61:10:ce:58:ec:04:df:
a5:24:76:c7:66:ea:5e:14:2f:31:f8:e3:45:c0:c0:10:91:91:
3e:11:32:74:cc:2b:54:6d:58:51:7d:e1:5c:82:82:bf:b6:6f:
cb:09:ad:e6:99:ba:08:fb:ed:1e:8f:61:35:2f:51:5e:15:f4:
f3:a2:67:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/V2EuYJfhy53nwWd4/u8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTAyMDc0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTgzNDZjOWY5ZmEzNGU4Y2VkNTY3NGZjMmYyOGExMDA5MDRlNWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnli4l66wVRu/s6b16uaLBJuC45zs
igvF0d/usG2O4vh9WN6SOCBlN9CC1nAEQUr/+g070HeF+7fex/QIUbq68J+UpUbT
0VGgFlMWb7u3/hwONxoxJSe1lIN24tk54EhKM73Jo5PbpbVZ0+/53FPsWRbqdsw8
XDRl8gPviYSnrBtiHfcMscQy+tE74mbbCGiuwNIMB0kfF4MrNytqzdAKJYYBiqOM
TVQLmWCGpul84wsLA0VZ5V8o6qAQ56opkzzlRfrp5FPf94xxumNO6hEeKhrEieiM
UpGu6UEe/Y5KWM8k2mYHiVYg2XaFu99+5tcTZCc60zlxBiYolIX5o5gIVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqDRsn5+jToztVnT8LyihAJBOXZMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvS29OR3lmbjZOT2pPMVdkUHd2S0tFQWtFNWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkwJMA0G
CSqGSIb3DQEBCwUAA4IBAQCK3UbpUcbIB4N4vXsGij1cMsB5ULy/mrfQ78fOaB/r
xC7wSDwCWtugDtZjneRwn4xWh8XqVRZD1SwaBaue0Zl9idN1CnlDdVU/fmlpI6H3
sibqEu4pLw5GDmHlaQMHjxIh3kn/cdrAmZs2ixkrctsFhZe9Kr76YHPcyU6Z2wGj
PewHeuplcZ4g3DRBysvLbnyjIc6Ssbd1KjOEwQ3hNMeMjs00LmliRg3iY8lF2S7m
e+YBAVII4PYoeS5xWMX8OWEQzljsBN+lJHbHZupeFC8x+ONFwMAQkZE+ETJ0zCtU
bVhRfeFcgoK/tm/LCa3mmboI++0ej2E1L1FeFfTzomdO
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:51:36 2025 by rpki-client