Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/K8N0yqu1VFWB7yBXtQ2RQoX6dMs.roa
File: K8N0yqu1VFWB7yBXtQ2RQoX6dMs.roa (raw, json)
Hash identifier: 69CYY95Yxi4cSSpcMZQk1EAQYBon/yI+Af+d2/WmPE8=
Subject key identifier: 2B:C3:74:CA:AB:B5:54:55:81:EF:20:57:B5:0D:91:42:85:FA:74:CB
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018E30C07D3487E33B44336897579AB0A008
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/K8N0yqu1VFWB7yBXtQ2RQoX6dMs.roa
Signing time: Tue 12 Mar 2024 03:41:45 +0000
ROA not before: Tue 12 Mar 2024 03:41:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 128.65.168.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:30:c0:7d:34:87:e3:3b:44:33:68:97:57:9a:b0:a0:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Mar 12 03:41:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bc374caabb5545581ef2057b50d914285fa74cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a6:e3:17:11:a5:db:6b:da:25:b9:b7:b2:ec:
69:17:ec:98:6d:5b:03:42:b2:47:67:ac:4e:82:42:
46:a1:fe:37:62:6f:ec:4f:99:6c:8f:1f:26:38:fd:
62:8d:c3:f9:ab:86:1e:1c:fa:d9:21:91:cb:e1:49:
a6:fb:1f:1d:76:4a:ec:5f:c0:64:0c:d9:f4:9d:38:
ca:4a:e3:21:aa:2a:52:65:2e:36:ed:ca:c3:1d:64:
96:d5:11:f1:76:3f:a9:d7:48:1a:96:1e:51:e0:ca:
d0:7a:ac:b9:a6:91:88:e5:b6:fe:0a:be:e2:cd:d4:
ba:8e:35:6b:ae:91:2b:a7:5c:09:bc:20:b0:1a:e3:
50:66:5b:cf:f8:6e:30:5a:b6:c1:80:00:6a:47:5b:
0e:d3:26:3c:a3:d8:45:7a:bc:97:87:1c:22:27:13:
ad:70:ae:63:43:38:6c:32:a1:a9:71:3a:bb:2e:b7:
ee:7e:08:6b:85:bb:40:35:c5:04:24:21:b1:ec:79:
66:3b:44:3d:05:a1:3b:de:5a:bb:d1:84:de:02:70:
9a:03:48:16:c3:74:fe:47:d0:09:c9:d6:d3:a8:4f:
23:db:b9:8a:e5:17:3d:fd:69:3b:87:64:88:15:8f:
1f:f4:6e:93:23:3b:74:14:e2:3a:65:f8:9b:cd:f8:
69:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C3:74:CA:AB:B5:54:55:81:EF:20:57:B5:0D:91:42:85:FA:74:CB
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/K8N0yqu1VFWB7yBXtQ2RQoX6dMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.168.0/22
Signature Algorithm: sha256WithRSAEncryption
71:c5:d0:26:84:6e:e4:39:3d:c1:0f:68:f9:de:51:30:2b:8e:
29:32:2b:f6:62:c8:b3:f2:bf:98:43:de:ed:41:10:f5:db:52:
d3:be:f2:d3:71:d4:14:df:61:bb:13:65:6c:19:28:7d:db:de:
9a:26:65:3c:f3:2f:c6:33:a9:6f:d3:20:2a:c7:49:cd:82:1b:
e4:8d:b8:c0:61:7c:0d:62:4d:27:1f:08:c9:9f:f2:7b:49:48:
82:27:9f:c2:25:1f:6e:e2:61:ec:e1:c1:fd:11:86:0a:c4:bd:
8c:41:42:f2:96:43:6c:db:c4:96:a5:cd:ca:72:80:4a:fd:80:
7c:be:f2:60:68:17:4d:13:23:83:dd:5a:02:07:e1:fd:1b:81:
b9:18:69:4e:e5:03:2c:34:4f:77:be:ac:d1:47:83:29:76:67:
07:51:64:d2:c1:83:98:63:08:51:04:cd:a7:d1:05:25:48:fe:
b5:01:de:2b:18:e6:2b:cf:b6:26:f0:bb:64:85:d2:d5:b9:c2:
c4:ce:84:51:2b:ad:a2:63:27:73:de:2c:ac:3b:06:ca:64:73:
d4:ac:05:ef:ca:17:f0:c3:72:79:c4:2a:c4:2b:ca:48:4e:6e:
f8:48:dd:cf:1d:d2:8c:14:2d:44:e1:86:04:ae:2f:52:d0:21:
fb:84:6c:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4wwH00h+M7RDNol1easKAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjQwMzEyMDM0MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmMzNzRjYWFiYjU1NDU1ODFlZjIwNTdiNTBkOTE0Mjg1ZmE3NGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2abjFxGl22vaJbm3suxpF+yYbVsD
QrJHZ6xOgkJGof43Ym/sT5lsjx8mOP1ijcP5q4YeHPrZIZHL4Umm+x8ddkrsX8Bk
DNn0nTjKSuMhqipSZS427crDHWSW1RHxdj+p10galh5R4MrQeqy5ppGI5bb+Cr7i
zdS6jjVrrpErp1wJvCCwGuNQZlvP+G4wWrbBgABqR1sO0yY8o9hFeryXhxwiJxOt
cK5jQzhsMqGpcTq7LrfufghrhbtANcUEJCGx7HlmO0Q9BaE73lq70YTeAnCaA0gW
w3T+R9AJydbTqE8j27mK5Rc9/Wk7h2SIFY8f9G6TIzt0FOI6ZfibzfhpCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvDdMqrtVRVge8gV7UNkUKF+nTLMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvSzhOMHlxdTFWRldCN3lCWHRRMlJRb1g2ZE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCgEGoMA0G
CSqGSIb3DQEBCwUAA4IBAQBxxdAmhG7kOT3BD2j53lEwK44pMiv2Ysiz8r+YQ97t
QRD121LTvvLTcdQU32G7E2VsGSh9296aJmU88y/GM6lv0yAqx0nNghvkjbjAYXwN
Yk0nHwjJn/J7SUiCJ5/CJR9u4mHs4cH9EYYKxL2MQULylkNs28SWpc3KcoBK/YB8
vvJgaBdNEyOD3VoCB+H9G4G5GGlO5QMsNE93vqzRR4MpdmcHUWTSwYOYYwhRBM2n
0QUlSP61Ad4rGOYrz7Ym8LtkhdLVucLEzoRRK62iYydz3iysOwbKZHPUrAXvyhfw
w3J5xCrEK8pITm74SN3PHdKMFC1E4YYEri9S0CH7hGy7
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:19:51 2025 by rpki-client