Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/KW7hxoUMyhenmpViJvX34T4r5UU.roa
File: KW7hxoUMyhenmpViJvX34T4r5UU.roa (raw, json)
Hash identifier: TtNzTOHz/UC6RdAOKXWvh0gSCFQSDN4/BXJdfugEvOw=
Subject key identifier: 29:6E:E1:C6:85:0C:CA:17:A7:9A:95:62:26:F5:F7:E1:3E:2B:E5:45
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAF03E1CFA4B0022E8A660D2046E26
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/KW7hxoUMyhenmpViJvX34T4r5UU.roa
Signing time: Sun 01 Jan 2023 10:05:17 +0000
ROA not before: Sun 01 Jan 2023 10:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49769
IP address blocks: 193.235.1.0/24 maxlen: 24
193.235.2.0/23 maxlen: 23
192.165.152.0/22 maxlen: 22
192.165.158.0/23 maxlen: 23
192.165.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:f0:3e:1c:fa:4b:00:22:e8:a6:60:d2:04:6e:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=296ee1c6850cca17a79a956226f5f7e13e2be545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:33:71:11:59:a0:eb:e4:2a:99:ae:d8:bc:17:
49:87:a1:ad:29:cd:03:38:e2:b7:9b:38:a0:68:3b:
33:5b:08:08:ff:91:08:a9:44:62:f2:14:a5:a9:10:
21:bf:9e:3d:36:02:13:26:21:7d:b3:23:bd:3a:85:
5f:a3:47:7a:4c:d7:46:37:29:c6:f6:12:89:ec:a8:
bf:3f:07:92:70:f7:ec:0a:33:9d:0e:52:d0:6c:83:
d1:aa:e2:8a:55:6c:ee:7f:77:9c:92:a3:32:2e:fa:
20:e8:02:6d:64:ea:9f:c3:02:3b:26:60:96:9b:7d:
8f:e6:b2:51:4c:ed:8b:b6:46:61:dc:5d:e5:5b:ba:
0b:aa:f4:5a:a9:ad:9c:68:f2:d2:c8:07:80:40:01:
ff:e3:e4:5f:63:aa:a6:97:24:70:34:40:ce:ff:e5:
f9:fe:0a:6d:4f:02:ad:98:b0:40:2d:9c:a9:2d:86:
3a:0b:78:03:2f:94:bd:45:ca:4a:e0:ef:68:cf:db:
85:6d:3e:c9:31:a8:dc:bc:26:94:2e:c3:7e:10:40:
68:e7:04:01:5a:f7:07:22:5f:6f:c0:8a:51:95:b6:
38:b6:9f:5e:5c:fc:32:f1:d4:71:02:98:88:c9:4d:
5c:aa:e7:65:01:31:49:7e:aa:79:c5:85:49:2d:11:
b7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:6E:E1:C6:85:0C:CA:17:A7:9A:95:62:26:F5:F7:E1:3E:2B:E5:45
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/KW7hxoUMyhenmpViJvX34T4r5UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.152.0-192.165.156.255
192.165.158.0/23
193.235.1.0-193.235.3.255
Signature Algorithm: sha256WithRSAEncryption
46:3a:b1:fb:31:3d:bc:9d:68:4f:36:40:5b:0e:ea:97:cc:cd:
09:f2:d1:8a:2c:14:f9:44:34:23:94:82:59:3c:2c:b2:b4:54:
90:46:31:9d:4d:a4:57:4f:59:2d:76:21:81:7b:d3:a7:1c:4a:
94:b6:d1:ff:f3:6b:87:4d:70:f0:64:9d:16:91:87:e1:72:2b:
b1:06:61:f4:f7:f8:2a:dd:ac:5a:53:7a:8e:95:5a:16:48:cc:
a2:6f:28:05:f8:59:ce:f1:3d:d9:c9:b2:d7:2b:91:8d:0a:62:
31:01:5b:dc:1a:48:d0:ed:d7:65:4a:b7:a0:b1:ac:4f:a1:15:
25:fb:61:ce:11:6b:52:c2:a2:ce:27:ef:cb:f0:56:dd:23:be:
05:23:31:7e:4c:9a:80:a9:00:4e:d3:cd:22:c4:31:9a:8d:1b:
4d:b7:54:ed:b8:13:83:86:53:47:60:d4:24:e3:08:5d:11:d2:
53:ea:c4:52:ed:4d:b1:60:57:19:c8:89:fa:38:31:00:f4:26:
f0:50:36:49:5f:02:19:ed:f5:74:e1:87:6c:80:ad:c5:9a:07:
de:da:a1:78:0c:fc:da:6f:19:1b:b2:05:12:21:1a:fb:d3:92:
4d:64:6a:12:7d:83:ab:b2:90:93:35:1b:1f:21:42:27:c4:d1:
54:39:d6:c8
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVsyvA+HPpLACLopmDSBG4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTZlZTFjNjg1MGNjYTE3YTc5YTk1NjIyNmY1ZjdlMTNlMmJlNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTNxEVmg6+Qqma7YvBdJh6GtKc0D
OOK3mzigaDszWwgI/5EIqURi8hSlqRAhv549NgITJiF9syO9OoVfo0d6TNdGNynG
9hKJ7Ki/PweScPfsCjOdDlLQbIPRquKKVWzuf3eckqMyLvog6AJtZOqfwwI7JmCW
m32P5rJRTO2LtkZh3F3lW7oLqvRaqa2caPLSyAeAQAH/4+RfY6qmlyRwNEDO/+X5
/gptTwKtmLBALZypLYY6C3gDL5S9RcpK4O9oz9uFbT7JMajcvCaULsN+EEBo5wQB
WvcHIl9vwIpRlbY4tp9eXPwy8dRxApiIyU1cqudlATFJfqp5xYVJLRG3/QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFClu4caFDMoXp5qVYib19+E+K+VFMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvS1c3aHhvVU15aGVubXBWaUp2WDM0VDRyNVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAPApZgD
BADApZwDBAHApZ4wDAMEAMHrAQMEAsHrADANBgkqhkiG9w0BAQsFAAOCAQEARjqx
+zE9vJ1oTzZAWw7ql8zNCfLRiiwU+UQ0I5SCWTwssrRUkEYxnU2kV09ZLXYhgXvT
pxxKlLbR//Nrh01w8GSdFpGH4XIrsQZh9Pf4Kt2sWlN6jpVaFkjMom8oBfhZzvE9
2cmy1yuRjQpiMQFb3BpI0O3XZUq3oLGsT6EVJfthzhFrUsKizifvy/BW3SO+BSMx
fkyagKkATtPNIsQxmo0bTbdU7bgTg4ZTR2DUJOMIXRHSU+rEUu1NsWBXGciJ+jgx
APQm8FA2SV8CGe31dOGHbICtxZoH3tqheAz82m8ZG7IFEiEa+9OSTWRqEn2Dq7KQ
kzUbHyFCJ8TRVDnWyA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:31 2025 by rpki-client