Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/KifEl_Xaaw2SE_ZchpV_qIx5ajw.roa
File: KifEl_Xaaw2SE_ZchpV_qIx5ajw.roa (raw, json)
Hash identifier: 4kWOkXWqqRRlnwiFvFF/lfR7FrcTMNLn8XgjjJrClX8=
Subject key identifier: 2A:27:C4:97:F5:DA:6B:0D:92:13:F6:5C:86:95:7F:A8:8C:79:6A:3C
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4FE6A2DB723606B20C59CEC60B50C
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/KifEl_Xaaw2SE_ZchpV_qIx5ajw.roa
Signing time: Sun 01 Jan 2023 19:35:30 +0000
ROA not before: Sun 01 Jan 2023 19:35:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211076
IP address blocks: 185.196.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:fe:6a:2d:b7:23:60:6b:20:c5:9c:ec:60:b5:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a27c497f5da6b0d9213f65c86957fa88c796a3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4a:2c:dc:3c:58:d4:8e:6c:b6:0f:6c:c4:bf:
b1:da:36:d0:9f:29:57:e3:38:89:53:fb:17:f7:54:
ba:35:50:97:e5:ef:bb:78:be:21:1a:d7:79:f1:89:
e4:b8:68:13:d4:4e:ff:a9:aa:14:b9:01:40:2b:f7:
d7:cc:bc:3b:a6:1a:e5:2d:5d:70:62:ef:6d:c5:83:
73:e8:e7:06:1b:ac:a7:ea:c1:f9:a4:8f:b6:18:9d:
69:73:b5:54:c9:22:44:91:5c:c5:34:4c:6f:4e:3a:
7b:60:a0:75:28:69:d5:7b:9e:c7:29:88:4e:d4:65:
99:05:1d:52:0b:e9:aa:31:73:94:28:73:5a:c2:f9:
3d:60:fe:4f:cb:6a:9a:de:78:c9:36:71:82:72:0a:
c3:29:ff:b3:2d:4d:46:ca:1b:ce:a9:ab:b0:25:95:
44:a1:a8:36:d9:0c:9a:ce:fb:a9:89:10:a2:5a:34:
ab:69:f2:cb:5f:81:b5:6b:90:1d:be:59:c6:e3:15:
5e:45:a9:ef:7d:25:c7:9f:57:09:5e:df:5c:3c:5a:
45:6a:02:1a:c5:d1:cb:bd:9b:1d:b9:33:89:3b:3c:
fd:e9:dc:0d:f7:90:ad:0e:a5:da:5e:0c:bf:66:5b:
10:cd:07:41:20:95:a6:73:bb:09:2a:20:34:ef:48:
df:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:27:C4:97:F5:DA:6B:0D:92:13:F6:5C:86:95:7F:A8:8C:79:6A:3C
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/KifEl_Xaaw2SE_ZchpV_qIx5ajw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.245.0/24
Signature Algorithm: sha256WithRSAEncryption
70:ed:7d:ec:dd:9c:5a:13:37:15:49:8e:ce:b9:d3:60:82:d7:
4b:95:85:04:a8:10:9e:34:67:d9:8c:59:20:2c:4c:f0:40:0e:
eb:77:7a:ee:3f:1c:64:b3:7a:cb:ac:9b:df:12:3d:67:47:01:
23:28:76:e8:50:50:f3:47:c2:9f:3b:34:d5:f0:1a:3b:7d:ab:
16:d9:1c:18:c2:ad:2e:9b:9e:68:88:ed:9c:27:49:9c:0e:4f:
8a:16:b9:87:6d:12:5f:62:f4:b1:ea:2e:c5:8a:03:bf:57:9d:
51:fa:0a:a0:8e:38:e1:49:fb:78:80:03:7e:7e:ce:9b:7c:07:
29:a4:32:76:13:af:dd:3d:eb:45:07:08:95:18:ad:77:9f:09:
38:e4:41:6e:07:45:a5:8f:2a:f7:8c:93:2d:48:e8:b6:45:b2:
c8:1d:91:8c:ee:bf:66:7f:03:8b:f4:60:a1:3e:3c:e2:fa:bb:
e3:a8:78:c7:56:1d:88:ea:b2:d4:d6:9f:28:ba:66:32:fd:fb:
1c:70:d7:58:4b:3f:5a:00:fa:d6:ad:23:c5:88:c0:6f:a9:9a:
a0:03:d4:ac:cd:0f:51:76:16:50:92:7a:b4:1d:ae:31:0d:d5:
04:92:5f:0a:e2:ef:48:70:e2:15:7c:9d:bb:a2:38:dd:c6:dc:
ec:0e:52:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1P5qLbcjYGsgxZzsYLUMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTI3YzQ5N2Y1ZGE2YjBkOTIxM2Y2NWM4Njk1N2ZhODhjNzk2YTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEos3DxY1I5stg9sxL+x2jbQnylX
4ziJU/sX91S6NVCX5e+7eL4hGtd58YnkuGgT1E7/qaoUuQFAK/fXzLw7phrlLV1w
Yu9txYNz6OcGG6yn6sH5pI+2GJ1pc7VUySJEkVzFNExvTjp7YKB1KGnVe57HKYhO
1GWZBR1SC+mqMXOUKHNawvk9YP5Py2qa3njJNnGCcgrDKf+zLU1GyhvOqauwJZVE
oag22QyazvupiRCiWjSrafLLX4G1a5AdvlnG4xVeRanvfSXHn1cJXt9cPFpFagIa
xdHLvZsduTOJOzz96dwN95CtDqXaXgy/ZlsQzQdBIJWmc7sJKiA070jf6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFConxJf12msNkhP2XIaVf6iMeWo8MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvS2lmRWxfWGFhdzJTRV9aY2hwVl9xSXg1YWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucT1MA0G
CSqGSIb3DQEBCwUAA4IBAQBw7X3s3ZxaEzcVSY7OudNggtdLlYUEqBCeNGfZjFkg
LEzwQA7rd3ruPxxks3rLrJvfEj1nRwEjKHboUFDzR8KfOzTV8Bo7fasW2RwYwq0u
m55oiO2cJ0mcDk+KFrmHbRJfYvSx6i7FigO/V51R+gqgjjjhSft4gAN+fs6bfAcp
pDJ2E6/dPetFBwiVGK13nwk45EFuB0Wljyr3jJMtSOi2RbLIHZGM7r9mfwOL9GCh
Pjzi+rvjqHjHVh2I6rLU1p8oumYy/fsccNdYSz9aAPrWrSPFiMBvqZqgA9SszQ9R
dhZQknq0Ha4xDdUEkl8K4u9IcOIVfJ27ojjdxtzsDlJU
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:31:23 2025 by rpki-client