Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/KHRtjlZXj9JhsSQmCnqy5PWrOw0.roa
File: KHRtjlZXj9JhsSQmCnqy5PWrOw0.roa (raw, json)
Hash identifier: GE+OW6+M0PvIZWjS19IHDFPUj9Xbkg4zo6bqce80n58=
Subject key identifier: 28:74:6D:8E:56:57:8F:D2:61:B1:24:26:0A:7A:B2:E4:F5:AB:3B:0D
Certificate issuer: /CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
Certificate serial: 0188D71A4937CB1E2B4A1606E6D38510C787
Authority key identifier: B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/KHRtjlZXj9JhsSQmCnqy5PWrOw0.roa
Signing time: Tue 20 Jun 2023 04:40:04 +0000
ROA not before: Tue 20 Jun 2023 04:40:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 194.26.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d7:1a:49:37:cb:1e:2b:4a:16:06:e6:d3:85:10:c7:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
Validity
Not Before: Jun 20 04:40:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28746d8e56578fd261b124260a7ab2e4f5ab3b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:af:52:a9:9a:44:71:d3:bb:b9:dd:5e:5a:8e:
c3:5b:f7:1c:9e:0a:02:67:77:70:1e:e0:71:83:8b:
a0:86:83:07:45:11:d2:f0:a5:41:6c:f0:47:c2:f6:
6e:0b:67:62:8f:25:ea:7c:81:fd:ab:ca:0c:c7:d2:
04:6d:7c:5e:a2:7e:ac:58:42:e4:19:43:aa:1b:49:
35:27:55:a6:45:3d:f2:bc:7b:f2:86:1c:a1:76:a1:
94:db:47:41:10:58:df:6a:48:44:94:60:3f:dc:a9:
d4:4e:e7:db:68:e3:8b:b0:69:a5:be:cc:e1:33:a0:
de:5b:e8:be:39:d2:51:cd:d1:f5:ff:78:45:b3:70:
22:bd:da:b8:ea:29:72:08:12:28:55:b4:fc:3d:72:
73:da:25:eb:12:2b:76:4b:28:18:0a:6c:a7:75:d9:
b6:c4:30:d4:74:75:60:1f:4a:a1:97:30:61:e0:b8:
d4:e9:ee:18:61:8c:f0:52:e8:a8:45:4f:a4:e2:13:
f0:63:9a:76:bd:c0:e0:54:06:6e:14:25:15:da:4c:
e2:ce:0d:8d:aa:36:73:77:65:f2:ef:03:50:4a:13:
13:be:08:69:f5:6f:5d:8d:83:07:fd:24:95:b0:b3:
d7:cb:eb:65:60:7a:fa:91:a8:d0:ac:6c:d1:99:0a:
c2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:74:6D:8E:56:57:8F:D2:61:B1:24:26:0A:7A:B2:E4:F5:AB:3B:0D
X509v3 Authority Key Identifier:
keyid:B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/KHRtjlZXj9JhsSQmCnqy5PWrOw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/s-_qOnL68N9DIs2quaE2153oo-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.215.0/24
Signature Algorithm: sha256WithRSAEncryption
19:6d:a5:79:c3:98:0b:12:bf:ae:1d:3e:18:47:3b:a2:f4:62:
e0:d8:96:9a:dd:1e:61:ee:f7:b8:b7:1f:c6:f3:75:0c:b2:44:
d9:d5:52:d4:a2:c7:57:81:c0:0d:a9:19:90:06:9f:bc:f6:0f:
79:7d:c8:29:e8:98:0d:ff:eb:c0:a4:a8:df:10:ad:d3:6b:7d:
ab:64:a0:41:be:2d:a4:fa:91:48:17:b0:99:03:0e:0c:f3:f5:
5f:8a:be:80:b7:60:03:95:73:80:d6:a6:f9:e3:93:79:ec:91:
fb:f3:83:4e:72:a2:8e:da:97:b4:76:a2:46:cc:15:a3:76:6b:
8f:92:5b:61:21:fc:96:02:0d:e7:01:1c:57:46:2a:a2:fd:07:
88:39:34:18:db:33:e4:79:5f:fe:a6:99:cd:9d:d1:16:fd:67:
e0:d2:b9:4f:2d:d0:1c:2f:61:84:90:49:69:f7:3b:eb:be:d5:
85:7e:ef:e9:42:9c:5a:9e:75:5b:97:fb:91:a6:07:25:89:31:
b9:33:2e:3d:0d:43:f6:56:79:42:86:54:64:8d:7c:11:13:5f:
79:7f:a3:46:fe:af:12:a3:6e:2e:68:f9:dc:13:dc:fe:c7:9f:
f3:b4:4f:c9:d6:59:a0:54:62:55:99:a3:40:60:e8:e2:9e:98:
73:95:7d:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjXGkk3yx4rShYG5tOFEMeHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZWZlYTNhNzJmYWYwZGY0MzIyY2RhYWI5YTEzNmQ3OWRl
OGEzZWYwHhcNMjMwNjIwMDQ0MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODc0NmQ4ZTU2NTc4ZmQyNjFiMTI0MjYwYTdhYjJlNGY1YWIzYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna9SqZpEcdO7ud1eWo7DW/ccngoC
Z3dwHuBxg4ughoMHRRHS8KVBbPBHwvZuC2dijyXqfIH9q8oMx9IEbXxeon6sWELk
GUOqG0k1J1WmRT3yvHvyhhyhdqGU20dBEFjfakhElGA/3KnUTufbaOOLsGmlvszh
M6DeW+i+OdJRzdH1/3hFs3Aivdq46ilyCBIoVbT8PXJz2iXrEit2SygYCmynddm2
xDDUdHVgH0qhlzBh4LjU6e4YYYzwUuioRU+k4hPwY5p2vcDgVAZuFCUV2kzizg2N
qjZzd2Xy7wNQShMTvghp9W9djYMH/SSVsLPXy+tlYHr6kajQrGzRmQrCaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCh0bY5WV4/SYbEkJgp6suT1qzsNMB8GA1UdIwQY
MBaAFLPv6jpy+vDfQyLNqrmhNted6KPvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcy1fcU9uTDY4TjlESXMycXVhRTIxNTNvby04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jZDk0ZjItM2IxOS00ODI2LWEwZWIt
YmZlMjIxNTUzZjA3LzEvS0hSdGpsWlhqOUpoc1NRbUNucXk1UFdyT3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jZDk0ZjItM2IxOS00ODI2LWEwZWItYmZlMjIxNTUzZjA3
LzEvcy1fcU9uTDY4TjlESXMycXVhRTIxNTNvby04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhrXMA0G
CSqGSIb3DQEBCwUAA4IBAQAZbaV5w5gLEr+uHT4YRzui9GLg2Jaa3R5h7ve4tx/G
83UMskTZ1VLUosdXgcANqRmQBp+89g95fcgp6JgN/+vApKjfEK3Ta32rZKBBvi2k
+pFIF7CZAw4M8/Vfir6At2ADlXOA1qb545N57JH784NOcqKO2pe0dqJGzBWjdmuP
klthIfyWAg3nARxXRiqi/QeIOTQY2zPkeV/+ppnNndEW/Wfg0rlPLdAcL2GEkElp
9zvrvtWFfu/pQpxannVbl/uRpgcliTG5My49DUP2VnlChlRkjXwRE195f6NG/q8S
o24uaPncE9z+x5/ztE/J1lmgVGJVmaNAYOjinphzlX1K
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:04 2025 by rpki-client