Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/KnDVs-UjNHPACpHt-MQ39f3Lh4c.roa
File: KnDVs-UjNHPACpHt-MQ39f3Lh4c.roa (raw, json)
Hash identifier: QWA9WRwhuH38Y9WAASdb4qTU5et8dYSCezxbhSf/3wQ=
Subject key identifier: 2A:70:D5:B3:E5:23:34:73:C0:0A:91:ED:F8:C4:37:F5:FD:CB:87:87
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 0187094591283428020D1E9330DA70806A52
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/KnDVs-UjNHPACpHt-MQ39f3Lh4c.roa
Signing time: Wed 22 Mar 2023 12:22:46 +0000
ROA not before: Wed 22 Mar 2023 12:22:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28716
IP address blocks: 147.123.80.0/22 maxlen: 24
147.123.84.0/22 maxlen: 24
147.123.88.0/22 maxlen: 24
147.123.92.0/22 maxlen: 24
147.123.96.0/22 maxlen: 24
147.123.100.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:09:45:91:28:34:28:02:0d:1e:93:30:da:70:80:6a:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Mar 22 12:22:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a70d5b3e5233473c00a91edf8c437f5fdcb8787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2f:60:c3:03:92:16:63:24:2f:24:6e:d3:4e:
ce:9e:e4:de:c8:d7:06:f9:10:92:fe:21:5b:e2:5c:
48:ec:a2:f8:78:71:d6:6e:20:bd:2a:03:ba:09:72:
2d:22:a8:cd:27:2d:d4:e9:d1:c1:90:66:e8:25:46:
b5:e7:8f:8e:6e:c0:cb:66:dc:da:bf:b3:8f:c0:ee:
9c:ec:5a:d3:69:bd:b8:67:e9:ba:04:11:d6:ff:dc:
e7:02:10:02:8a:ed:ce:6d:17:15:01:61:fc:86:a7:
a1:38:5b:9c:77:a4:59:b2:f5:1a:4c:82:55:65:ab:
f7:15:31:94:82:54:da:a1:94:18:3c:12:bd:19:20:
50:4f:7e:ca:b7:f6:36:03:f4:29:15:0c:00:1f:9b:
c8:b9:29:fd:1a:94:b0:43:38:9c:d9:bd:37:34:b7:
3e:8a:e0:ee:02:00:f3:74:36:6a:e7:1f:06:27:32:
da:18:1d:58:5e:53:2f:40:76:37:10:7e:7a:99:a3:
6e:d2:ef:9c:41:d0:ab:8a:5f:6c:c8:17:31:b8:55:
67:ed:46:45:d2:43:ca:21:66:07:cc:41:ee:42:fa:
f9:da:8f:6e:2d:8b:4b:92:b8:86:5d:09:f6:6e:de:
66:1a:97:b2:52:ac:89:03:71:fd:bd:02:fa:bc:44:
46:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:70:D5:B3:E5:23:34:73:C0:0A:91:ED:F8:C4:37:F5:FD:CB:87:87
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/KnDVs-UjNHPACpHt-MQ39f3Lh4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.123.80.0-147.123.103.255
Signature Algorithm: sha256WithRSAEncryption
18:0f:31:86:4a:31:fd:d2:5a:61:87:29:a7:9a:a9:7d:97:b0:
a7:61:d3:51:16:b9:95:26:b5:37:61:6e:2e:79:6d:dc:c2:40:
c1:71:8e:7a:c8:c4:1d:54:3b:2f:3d:37:b5:ea:cf:68:ce:6d:
af:df:fb:98:0d:82:be:1e:e4:f7:19:55:d5:62:a0:65:27:ec:
0a:7a:00:95:3e:d8:07:f6:de:91:9b:06:7a:97:10:96:da:8a:
2c:da:bb:27:b2:dd:5f:0c:d2:29:9b:04:7b:fd:8a:63:50:b0:
35:26:fa:d7:71:f1:b2:86:7e:d3:97:ab:48:28:71:e7:bd:6d:
33:0c:1b:43:9d:c5:49:2a:77:29:ba:2e:b2:14:a1:8b:c6:ea:
06:0e:77:58:61:db:16:04:1a:01:9b:1a:61:73:17:50:8e:c3:
b4:89:51:ea:5c:e1:f2:2b:8d:2b:cb:33:6b:96:16:31:f2:30:
e8:67:b8:aa:59:65:f8:70:f6:1f:06:cb:cd:a7:3a:35:07:8b:
b9:d0:aa:71:fc:b6:b9:36:8e:f4:ac:9d:83:98:d4:07:c4:6d:
23:52:22:d0:54:b9:b0:d2:20:49:92:8b:1c:a7:bc:e7:b1:91:
0d:a7:0d:61:66:e7:ed:ea:15:5c:dc:e2:49:82:35:a9:b0:d6:
eb:c4:8b:c7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYcJRZEoNCgCDR6TMNpwgGpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjMwMzIyMTIyMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTcwZDViM2U1MjMzNDczYzAwYTkxZWRmOGM0MzdmNWZkY2I4Nzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC9gwwOSFmMkLyRu007OnuTeyNcG
+RCS/iFb4lxI7KL4eHHWbiC9KgO6CXItIqjNJy3U6dHBkGboJUa154+ObsDLZtza
v7OPwO6c7FrTab24Z+m6BBHW/9znAhACiu3ObRcVAWH8hqehOFucd6RZsvUaTIJV
Zav3FTGUglTaoZQYPBK9GSBQT37Kt/Y2A/QpFQwAH5vIuSn9GpSwQzic2b03NLc+
iuDuAgDzdDZq5x8GJzLaGB1YXlMvQHY3EH56maNu0u+cQdCril9syBcxuFVn7UZF
0kPKIWYHzEHuQvr52o9uLYtLkriGXQn2bt5mGpeyUqyJA3H9vQL6vERGDwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCpw1bPlIzRzwAqR7fjEN/X9y4eHMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvS25EVnMtVWpOSFBBQ3BIdC1NUTM5ZjNMaDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASTe1AD
BAOTe2AwDQYJKoZIhvcNAQELBQADggEBABgPMYZKMf3SWmGHKaeaqX2XsKdh01EW
uZUmtTdhbi55bdzCQMFxjnrIxB1UOy89N7Xqz2jOba/f+5gNgr4e5PcZVdVioGUn
7Ap6AJU+2Af23pGbBnqXEJbaiizauyey3V8M0imbBHv9imNQsDUm+tdx8bKGftOX
q0gocee9bTMMG0OdxUkqdym6LrIUoYvG6gYOd1hh2xYEGgGbGmFzF1COw7SJUepc
4fIrjSvLM2uWFjHyMOhnuKpZZfhw9h8Gy82nOjUHi7nQqnH8trk2jvSsnYOY1AfE
bSNSItBUubDSIEmSixynvOexkQ2nDWFm5+3qFVzc4kmCNamw1uvEi8c=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:22 2025 by rpki-client