Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/0482c8-6fbf-481c-b5cb-a13b2f116521/1/kn65_jOfe1maJs68bAk7vd73jaA.roa
File: kn65_jOfe1maJs68bAk7vd73jaA.roa (raw, json)
Hash identifier: H0ldSexuaZHFqnTQpb1irUj3TukJmYAvXUXN0nABLfY=
Subject key identifier: 92:7E:B9:FE:33:9F:7B:59:9A:26:CE:BC:6C:09:3B:BD:DE:F7:8D:A0
Certificate issuer: /CN=9e888901024e8c6b27174da9e03dc8a09dcb8833
Certificate serial: 01856F5DD8BF15E82FB7D32FD9029BFA9D61
Authority key identifier: 9E:88:89:01:02:4E:8C:6B:27:17:4D:A9:E0:3D:C8:A0:9D:CB:88:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/noiJAQJOjGsnF02p4D3IoJ3LiDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/0482c8-6fbf-481c-b5cb-a13b2f116521/1/kn65_jOfe1maJs68bAk7vd73jaA.roa
Signing time: Sun 01 Jan 2023 22:04:59 +0000
ROA not before: Sun 01 Jan 2023 22:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.248.56.0/22 maxlen: 24
185.248.59.0/24 maxlen: 24
2a0d:2bc0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:d8:bf:15:e8:2f:b7:d3:2f:d9:02:9b:fa:9d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e888901024e8c6b27174da9e03dc8a09dcb8833
Validity
Not Before: Jan 1 22:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=927eb9fe339f7b599a26cebc6c093bbddef78da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:07:8a:af:49:b3:c4:38:59:ff:00:d3:7d:f4:
60:36:90:f2:a3:b0:a7:4f:07:08:63:66:fe:4c:05:
d0:99:85:59:7f:63:17:fe:21:a6:3b:3e:bc:22:1d:
8e:74:25:26:29:73:f9:d1:dc:e9:87:50:9a:4c:4b:
0b:8a:b4:ab:b2:a8:ac:b7:0e:3a:a1:ff:6a:e5:2d:
ca:0a:07:8a:e4:e4:eb:3d:ce:e3:d2:9d:0e:28:19:
4a:ea:96:14:14:22:94:72:b0:69:05:91:47:ca:a7:
5a:7c:bf:eb:f9:2a:66:af:ab:06:0a:96:1a:56:9d:
93:8f:85:18:9d:2c:72:af:26:16:d7:ea:c9:c1:fc:
aa:b7:91:35:55:5f:f1:36:49:aa:82:e1:94:2c:f8:
19:e9:a5:7b:44:23:1d:ae:ac:9d:0d:e6:aa:11:5d:
69:9d:bd:f4:51:49:10:62:97:e7:ff:e2:8e:a1:9a:
dc:1d:de:08:55:aa:d9:c9:9f:30:05:00:9b:68:f2:
c8:3d:7c:8b:4d:92:cb:0e:62:f7:68:ae:25:52:3c:
f7:cf:37:cf:d8:98:7a:04:67:25:33:9c:ab:38:f7:
97:05:42:17:09:c5:85:a7:96:97:4b:52:ba:a2:0c:
fe:ab:b4:af:dc:fe:41:85:a3:32:26:11:46:4b:05:
26:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7E:B9:FE:33:9F:7B:59:9A:26:CE:BC:6C:09:3B:BD:DE:F7:8D:A0
X509v3 Authority Key Identifier:
keyid:9E:88:89:01:02:4E:8C:6B:27:17:4D:A9:E0:3D:C8:A0:9D:CB:88:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/noiJAQJOjGsnF02p4D3IoJ3LiDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/0482c8-6fbf-481c-b5cb-a13b2f116521/1/kn65_jOfe1maJs68bAk7vd73jaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/0482c8-6fbf-481c-b5cb-a13b2f116521/1/noiJAQJOjGsnF02p4D3IoJ3LiDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.56.0/22
IPv6:
2a0d:2bc0::/48
Signature Algorithm: sha256WithRSAEncryption
7d:b7:16:57:84:47:a9:8b:87:a0:fa:f4:2b:b2:e4:2b:4f:b4:
58:46:75:2f:ca:58:cf:2e:01:d1:13:d7:83:02:e4:68:3b:7c:
23:24:04:49:e3:85:bd:ea:5e:bb:78:2d:52:e9:5d:72:91:2c:
0c:67:5a:25:91:f6:6c:c2:ea:a5:93:50:97:2f:0c:99:2d:9c:
35:68:6c:a9:51:4d:00:61:c5:a7:2e:89:af:fd:db:01:77:98:
41:7b:be:af:8f:0b:8a:7e:e8:be:97:61:53:82:0a:46:8d:f6:
78:20:c5:f0:f9:e1:a9:e1:03:35:38:61:5e:41:ea:22:95:9b:
a5:a7:83:1d:c5:e2:ad:c1:59:b1:4a:f5:f8:05:a3:8b:ea:4b:
6f:7f:94:94:47:67:fe:6d:e8:59:9a:7f:9a:16:e2:ce:cc:fe:
2b:39:af:0e:49:3b:34:7a:ef:e9:be:c7:1a:e4:3e:73:a1:9a:
f3:1d:16:5f:c5:6a:9d:b8:7c:79:8b:66:a6:9a:ee:97:83:b9:
86:78:cd:65:9e:21:60:72:1f:74:0c:40:92:0a:92:dc:b2:0a:
08:59:44:c8:29:83:1b:5b:83:65:b1:ff:79:a6:ff:5a:77:fe:
2b:a3:76:ee:88:04:59:37:6b:d8:87:1a:de:e7:ce:a3:34:5c:
77:54:f2:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvXdi/Fegvt9Mv2QKb+p1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllODg4OTAxMDI0ZThjNmIyNzE3NGRhOWUwM2RjOGEwOWRj
Yjg4MzMwHhcNMjMwMTAxMjIwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjdlYjlmZTMzOWY3YjU5OWEyNmNlYmM2YzA5M2JiZGRlZjc4ZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgeKr0mzxDhZ/wDTffRgNpDyo7Cn
TwcIY2b+TAXQmYVZf2MX/iGmOz68Ih2OdCUmKXP50dzph1CaTEsLirSrsqistw46
of9q5S3KCgeK5OTrPc7j0p0OKBlK6pYUFCKUcrBpBZFHyqdafL/r+Spmr6sGCpYa
Vp2Tj4UYnSxyryYW1+rJwfyqt5E1VV/xNkmqguGULPgZ6aV7RCMdrqydDeaqEV1p
nb30UUkQYpfn/+KOoZrcHd4IVarZyZ8wBQCbaPLIPXyLTZLLDmL3aK4lUjz3zzfP
2Jh6BGclM5yrOPeXBUIXCcWFp5aXS1K6ogz+q7Sv3P5BhaMyJhFGSwUmkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJJ+uf4zn3tZmibOvGwJO73e942gMB8GA1UdIwQY
MBaAFJ6IiQECToxrJxdNqeA9yKCdy4gzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm9pSkFRSk9qR3NuRjAycDREM0lvSjNMaURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8wNDgyYzgtNmZiZi00ODFjLWI1Y2It
YTEzYjJmMTE2NTIxLzEva242NV9qT2ZlMW1hSnM2OGJBazd2ZDczamFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8wNDgyYzgtNmZiZi00ODFjLWI1Y2ItYTEzYjJmMTE2NTIx
LzEvbm9pSkFRSk9qR3NuRjAycDREM0lvSjNMaURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCufg4MA8E
AgACMAkDBwAqDSvAAAAwDQYJKoZIhvcNAQELBQADggEBAH23FleER6mLh6D69Cuy
5CtPtFhGdS/KWM8uAdET14MC5Gg7fCMkBEnjhb3qXrt4LVLpXXKRLAxnWiWR9mzC
6qWTUJcvDJktnDVobKlRTQBhxacuia/92wF3mEF7vq+PC4p+6L6XYVOCCkaN9ngg
xfD54anhAzU4YV5B6iKVm6Wngx3F4q3BWbFK9fgFo4vqS29/lJRHZ/5t6Fmaf5oW
4s7M/is5rw5JOzR67+m+xxrkPnOhmvMdFl/Fap24fHmLZqaa7peDuYZ4zWWeIWBy
H3QMQJIKktyyCghZRMgpgxtbg2Wx/3mm/1p3/iujdu6IBFk3a9iHGt7nzqM0XHdU
8tM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:31 2024 by rpki-client on console-ams.rpki-client.org