Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/KL_oocCv4khkyRa25dlbyITRdjc.roa
File: KL_oocCv4khkyRa25dlbyITRdjc.roa (raw, json)
Hash identifier: 4wKDO2i1BeDNJh2oVpIy70ysxuQo2aRiUjHzNsE7zKM=
Subject key identifier: 28:BF:E8:A1:C0:AF:E2:48:64:C9:16:B6:E5:D9:5B:C8:84:D1:76:37
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0195DF2970D14AC148C62FA93D67312F1B5D
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/KL_oocCv4khkyRa25dlbyITRdjc.roa
Signing time: Fri 28 Mar 2025 23:49:49 +0000
ROA not before: Fri 28 Mar 2025 23:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 64.188.68.0/22 maxlen: 24
193.23.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:df:29:70:d1:4a:c1:48:c6:2f:a9:3d:67:31:2f:1b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 28 23:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28bfe8a1c0afe24864c916b6e5d95bc884d17637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:aa:a1:22:c0:58:e8:b1:bc:a5:4a:6c:89:68:
38:cd:fc:5a:32:39:5c:03:01:eb:d9:64:25:02:7b:
34:b4:f1:55:05:7e:be:7b:43:b9:05:15:28:eb:d4:
f4:d1:f0:6f:e0:76:98:3e:84:6f:5b:cd:58:6f:c6:
dc:d7:af:e8:ba:bb:0a:00:b5:d6:56:9e:74:1e:de:
c2:9f:52:6a:96:88:32:65:d6:32:f3:d8:a3:e7:7e:
1a:96:ff:b3:18:35:ed:f4:67:dc:06:55:f1:e2:c4:
b4:6d:ce:c5:d8:82:6e:d1:77:a6:7f:e0:60:f8:3f:
95:03:ef:54:e9:04:28:61:99:9e:57:fb:e9:a3:99:
29:7a:05:36:15:7c:1e:23:4d:82:62:c8:c1:00:b8:
75:26:05:be:d9:96:f3:82:2c:33:7a:05:6a:be:38:
d0:05:1b:6e:ec:f2:4d:fe:49:3d:a0:95:7f:fb:53:
47:7f:5a:3f:6d:b0:53:29:06:80:90:31:f2:b4:58:
03:1d:ee:01:9b:c6:58:4c:d8:30:1d:bd:60:ae:42:
f3:a9:7d:8b:82:83:00:e8:cd:2d:71:7f:b1:03:37:
77:50:6a:31:30:ad:cf:44:01:fb:01:8b:ab:85:56:
29:7a:22:35:c9:3e:4b:b5:8d:cc:58:0a:cd:74:56:
55:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:BF:E8:A1:C0:AF:E2:48:64:C9:16:B6:E5:D9:5B:C8:84:D1:76:37
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/KL_oocCv4khkyRa25dlbyITRdjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.68.0/22
193.23.192.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:b1:4b:bd:6d:38:97:13:fb:3d:07:a8:79:13:d3:e5:43:aa:
6e:d0:27:3a:d6:39:9b:aa:f5:df:01:ec:e7:2e:16:1a:31:c2:
2a:5a:35:2a:29:b1:43:d2:22:72:55:cf:62:0e:b4:f1:34:50:
c9:56:11:ae:8e:4b:24:30:02:17:e0:f8:2d:89:6a:7c:7c:1b:
b0:61:04:19:63:46:78:94:17:4f:5a:79:b9:ea:16:dd:84:06:
2a:85:59:b6:99:ef:c8:77:33:20:e5:41:a3:93:af:e2:92:a1:
b3:32:04:5d:05:e8:5b:4f:14:c2:49:6d:cd:a7:4b:0b:c5:ea:
61:e7:e1:0e:bf:09:fa:0e:7b:03:4e:07:db:6d:ba:5f:e8:bc:
ce:93:80:7e:ef:ea:d3:66:15:d9:99:09:71:5a:68:cd:78:e6:
1e:3d:ef:ba:64:cc:b5:00:5e:cf:85:3e:e6:dc:0d:02:ef:8f:
3f:82:c5:ee:b8:8a:c6:2d:ea:b9:79:1f:46:ce:fe:f3:0d:91:
e6:92:c0:6d:0c:32:eb:80:2c:ff:17:0b:87:b1:d0:00:78:fe:
c8:40:ea:85:e6:5b:87:b4:c1:02:c8:d7:82:6d:f7:0f:04:1b:
00:41:58:b5:17:e8:82:3b:d7:7b:20:7a:7d:d8:1a:0e:f4:ce:
0b:ad:7d:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXfKXDRSsFIxi+pPWcxLxtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMzI4MjM0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGJmZThhMWMwYWZlMjQ4NjRjOTE2YjZlNWQ5NWJjODg0ZDE3NjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16qhIsBY6LG8pUpsiWg4zfxaMjlc
AwHr2WQlAns0tPFVBX6+e0O5BRUo69T00fBv4HaYPoRvW81Yb8bc16/oursKALXW
Vp50Ht7Cn1JqlogyZdYy89ij534alv+zGDXt9GfcBlXx4sS0bc7F2IJu0Xemf+Bg
+D+VA+9U6QQoYZmeV/vpo5kpegU2FXweI02CYsjBALh1JgW+2ZbzgiwzegVqvjjQ
BRtu7PJN/kk9oJV/+1NHf1o/bbBTKQaAkDHytFgDHe4Bm8ZYTNgwHb1grkLzqX2L
goMA6M0tcX+xAzd3UGoxMK3PRAH7AYurhVYpeiI1yT5LtY3MWArNdFZVdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCi/6KHAr+JIZMkWtuXZW8iE0XY3MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvS0xfb29jQ3Y0a2hreVJhMjVkbGJ5SVRSZGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCQLxEAwQC
wRfAMA0GCSqGSIb3DQEBCwUAA4IBAQBfsUu9bTiXE/s9B6h5E9PlQ6pu0Cc61jmb
qvXfAeznLhYaMcIqWjUqKbFD0iJyVc9iDrTxNFDJVhGujkskMAIX4PgtiWp8fBuw
YQQZY0Z4lBdPWnm56hbdhAYqhVm2me/IdzMg5UGjk6/ikqGzMgRdBehbTxTCSW3N
p0sLxeph5+EOvwn6DnsDTgfbbbpf6LzOk4B+7+rTZhXZmQlxWmjNeOYePe+6ZMy1
AF7PhT7m3A0C748/gsXuuIrGLeq5eR9Gzv7zDZHmksBtDDLrgCz/FwuHsdAAeP7I
QOqF5luHtMECyNeCbfcPBBsAQVi1F+iCO9d7IHp92BoO9M4LrX06
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:23:48 2025 by rpki-client