Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/KwHNXab8T0qily6EhqwAah0U6m4.roa
File: KwHNXab8T0qily6EhqwAah0U6m4.roa (raw, json)
Hash identifier: 5HRuV5twWfwR5EfODMLW7Fwyf5uXxHS3zEz0c8szxsQ=
Subject key identifier: 2B:01:CD:5D:A6:FC:4F:4A:A2:97:2E:84:86:AC:00:6A:1D:14:EA:6E
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019465C8949D35E208F76DFAECC234F50886
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/KwHNXab8T0qily6EhqwAah0U6m4.roa
Signing time: Tue 14 Jan 2025 17:07:11 +0000
ROA not before: Tue 14 Jan 2025 17:07:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213893
IP address blocks: 77.239.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:c8:94:9d:35:e2:08:f7:6d:fa:ec:c2:34:f5:08:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jan 14 17:07:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b01cd5da6fc4f4aa2972e8486ac006a1d14ea6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f2:cb:11:6c:f2:75:62:9d:50:77:e8:88:a6:
23:95:16:73:42:9e:30:e9:05:3e:79:ab:3a:7f:b0:
ba:db:7c:28:27:2a:d2:e2:a1:9e:eb:33:2c:17:93:
a6:91:8f:60:f0:48:d4:93:57:51:3e:b8:f5:c5:c9:
15:d7:70:69:24:10:30:8f:5c:de:26:21:1c:bc:6d:
14:f6:47:92:8e:bd:7e:c3:8c:bf:3f:72:fb:04:9e:
e6:e6:30:bd:c5:f3:ef:e6:81:2f:3b:c4:15:ac:43:
6e:80:3f:12:24:a7:3c:09:05:64:e2:df:59:a3:9d:
bd:2f:b2:21:5a:5a:50:94:04:21:cc:ba:5a:38:16:
75:b0:9a:9b:21:7a:00:e4:21:ca:86:07:de:94:2e:
49:98:7d:01:78:52:6f:89:cb:3b:c8:5f:87:bd:d0:
9e:f6:94:cb:79:d5:4e:4f:a5:c3:59:29:8a:70:5c:
0c:10:81:58:2e:88:2f:83:87:25:78:61:bf:ee:ec:
6a:26:94:c1:bb:0b:66:14:66:4f:a0:65:e9:a1:27:
54:f9:91:66:ac:d4:14:47:e6:29:15:f3:09:50:c6:
46:87:65:75:e2:b7:a0:c0:0b:28:4d:c2:86:ed:b6:
85:e3:b0:64:77:9f:e6:08:98:49:71:d8:59:3c:48:
2d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:01:CD:5D:A6:FC:4F:4A:A2:97:2E:84:86:AC:00:6A:1D:14:EA:6E
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/KwHNXab8T0qily6EhqwAah0U6m4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.239.127.0/24
Signature Algorithm: sha256WithRSAEncryption
64:d8:24:b1:1b:e1:c1:67:64:4e:5b:de:24:46:68:a2:17:18:
de:b8:a5:88:ce:7c:34:79:3a:63:19:c7:9a:4c:5b:87:5f:05:
cf:93:a0:4f:ba:18:ac:74:b2:ca:a4:26:9b:40:5f:b1:bf:38:
1e:6a:07:15:d4:9b:33:f8:5f:48:cd:9f:b8:0e:51:56:83:04:
8c:7b:59:1f:47:a2:21:4f:cb:57:f0:b2:16:80:33:89:46:a8:
ca:84:08:85:08:16:b8:82:91:13:d8:b3:87:60:fe:dc:0e:08:
1e:02:e3:c9:88:81:dc:a8:ca:a4:c9:e6:ad:24:66:1b:6e:9b:
03:09:cb:19:05:bd:c1:fc:19:ef:10:70:6d:c5:3f:f5:8b:33:
11:30:d7:af:80:13:f8:70:d1:64:a7:8b:7b:1c:3e:fc:c2:60:
cc:ab:7b:0d:cd:e3:0f:9c:41:0d:be:6d:a8:13:af:0f:e9:5a:
65:09:bf:ab:7e:6c:f6:0d:1d:d0:33:6b:6d:32:09:da:21:d0:
fd:d0:65:a6:ce:f4:c5:a8:d3:d4:ad:ba:fc:0d:2b:93:18:c2:
ce:17:96:99:b9:23:1a:52:5c:14:ec:01:b0:8d:e5:4f:d9:18:
a8:17:ac:a4:5d:ce:f8:f6:d2:45:78:7e:62:64:27:c1:f7:b6:
70:73:8e:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRlyJSdNeII92367MI09QiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMTE0MTcwNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjAxY2Q1ZGE2ZmM0ZjRhYTI5NzJlODQ4NmFjMDA2YTFkMTRlYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvLLEWzydWKdUHfoiKYjlRZzQp4w
6QU+eas6f7C623woJyrS4qGe6zMsF5OmkY9g8EjUk1dRPrj1xckV13BpJBAwj1ze
JiEcvG0U9keSjr1+w4y/P3L7BJ7m5jC9xfPv5oEvO8QVrENugD8SJKc8CQVk4t9Z
o529L7IhWlpQlAQhzLpaOBZ1sJqbIXoA5CHKhgfelC5JmH0BeFJvics7yF+HvdCe
9pTLedVOT6XDWSmKcFwMEIFYLogvg4cleGG/7uxqJpTBuwtmFGZPoGXpoSdU+ZFm
rNQUR+YpFfMJUMZGh2V14regwAsoTcKG7baF47Bkd5/mCJhJcdhZPEgtOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsBzV2m/E9KopcuhIasAGodFOpuMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvS3dITlhhYjhUMHFpbHk2RWhxd0FhaDBVNm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATe9/MA0G
CSqGSIb3DQEBCwUAA4IBAQBk2CSxG+HBZ2ROW94kRmiiFxjeuKWIznw0eTpjGcea
TFuHXwXPk6BPuhisdLLKpCabQF+xvzgeagcV1Jsz+F9IzZ+4DlFWgwSMe1kfR6Ih
T8tX8LIWgDOJRqjKhAiFCBa4gpET2LOHYP7cDggeAuPJiIHcqMqkyeatJGYbbpsD
CcsZBb3B/BnvEHBtxT/1izMRMNevgBP4cNFkp4t7HD78wmDMq3sNzeMPnEENvm2o
E68P6VplCb+rfmz2DR3QM2ttMgnaIdD90GWmzvTFqNPUrbr8DSuTGMLOF5aZuSMa
UlwU7AGwjeVP2RioF6ykXc749tJFeH5iZCfB97Zwc46Y
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:39 2025 by rpki-client