Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/e3c854-2262-4895-b92a-f2c65a7013ef/1/KYV1JfOwegSjf6zKBq8tHTaXmT0.roa
File: KYV1JfOwegSjf6zKBq8tHTaXmT0.roa (raw, json)
Hash identifier: wD6Y6M95Qq3PTzEeuNVyakktvzn4uQHlbdIgr0S7IxQ=
Subject key identifier: 29:85:75:25:F3:B0:7A:04:A3:7F:AC:CA:06:AF:2D:1D:36:97:99:3D
Certificate issuer: /CN=111f4b0a73ac1b633d24ed5a094fde3a2ef51b94
Certificate serial: 018CC3B6A38CE478333046E0F4BF60A1BCA6
Authority key identifier: 11:1F:4B:0A:73:AC:1B:63:3D:24:ED:5A:09:4F:DE:3A:2E:F5:1B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER9LCnOsG2M9JO1aCU_eOi71G5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/e3c854-2262-4895-b92a-f2c65a7013ef/1/KYV1JfOwegSjf6zKBq8tHTaXmT0.roa
Signing time: Mon 01 Jan 2024 06:29:35 +0000
ROA not before: Mon 01 Jan 2024 06:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44780
IP address blocks: 185.148.168.0/22 maxlen: 24
2a07:60c0::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a3:8c:e4:78:33:30:46:e0:f4:bf:60:a1:bc:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111f4b0a73ac1b633d24ed5a094fde3a2ef51b94
Validity
Not Before: Jan 1 06:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29857525f3b07a04a37facca06af2d1d3697993d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d1:2a:aa:ca:6d:bd:3d:1c:31:ca:e1:21:85:
b6:27:7a:08:73:f8:43:1d:0f:a3:dd:04:b0:c5:a6:
78:bc:e2:5f:33:9e:12:8b:c3:1d:86:db:c5:cd:0b:
22:2b:92:9c:03:bd:ab:1e:c5:c0:d8:54:53:52:a8:
a9:8d:d5:31:32:1d:9d:cc:e9:9c:59:47:1a:f6:71:
c7:03:bc:95:f0:1d:72:6d:1d:aa:b7:79:17:53:fc:
da:a7:99:03:54:45:ac:99:84:8e:4a:b6:7f:ef:bc:
a6:3e:70:35:51:5a:73:c2:aa:b2:0f:bd:e6:7b:1a:
d7:70:9e:ad:24:c1:da:f0:57:b2:00:fe:5f:7d:29:
9c:1e:97:1c:50:76:cb:fe:12:2e:e9:a0:ea:2b:49:
b8:b4:ea:de:cc:06:b8:90:05:ff:1c:75:b0:ed:b8:
2a:96:80:db:29:92:18:0d:1a:b0:76:7c:ad:99:2a:
f9:d2:c4:8e:43:a3:50:08:ba:ef:a0:c5:2e:11:12:
dc:8b:e3:81:c6:2f:34:45:a4:b1:a0:4f:f5:f5:d0:
04:1c:fe:8f:93:be:72:cf:46:07:6b:53:5f:5e:90:
86:4d:37:03:82:f7:2d:c6:6a:e2:70:9e:7f:09:ee:
c1:50:a4:75:90:bc:34:7c:e8:cc:e3:3a:84:82:8b:
2a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:85:75:25:F3:B0:7A:04:A3:7F:AC:CA:06:AF:2D:1D:36:97:99:3D
X509v3 Authority Key Identifier:
keyid:11:1F:4B:0A:73:AC:1B:63:3D:24:ED:5A:09:4F:DE:3A:2E:F5:1B:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER9LCnOsG2M9JO1aCU_eOi71G5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e3c854-2262-4895-b92a-f2c65a7013ef/1/KYV1JfOwegSjf6zKBq8tHTaXmT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e3c854-2262-4895-b92a-f2c65a7013ef/1/ER9LCnOsG2M9JO1aCU_eOi71G5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.168.0/22
IPv6:
2a07:60c0::/29
Signature Algorithm: sha256WithRSAEncryption
70:6f:88:8c:e2:11:f6:5f:43:7e:05:6a:c2:95:1a:dc:a1:e0:
de:36:c5:35:39:5f:4f:fc:c4:24:5a:1d:23:1e:04:bf:9f:3a:
c4:ee:a7:7f:17:0a:1d:ca:09:fc:ae:31:47:81:8c:c5:dc:c8:
0c:bc:c8:03:28:ef:19:00:1e:a9:27:79:2b:cf:85:4d:37:38:
5e:41:3a:e2:79:51:62:cc:6f:4d:d7:3d:ad:63:94:b3:f6:68:
bc:d2:36:c6:30:ff:09:8a:f5:26:72:1d:a2:ab:98:58:1c:30:
72:6e:7f:ec:c6:18:bc:6d:d9:28:eb:7f:78:7a:01:f7:a5:9a:
bd:35:bb:72:89:f7:f1:c6:70:28:ca:85:79:1b:6e:af:21:c4:
5b:b7:68:a9:e7:65:ca:9b:25:a6:40:87:5b:3b:53:53:73:18:
b3:dd:ac:a8:94:8e:10:18:97:46:0f:c7:a4:96:33:a7:58:b0:
88:88:ee:64:7e:00:ed:2e:77:18:0f:86:c9:68:d6:b1:93:71:
d7:b3:51:d4:3d:da:c5:1f:df:de:78:5e:88:79:66:48:e8:c9:
82:15:80:7e:d8:03:5b:df:11:c7:0a:93:70:88:45:da:51:7f:
51:79:4f:fc:42:b7:50:1f:b3:7f:5a:27:94:45:64:b3:25:1f:
e7:b7:91:70
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtqOM5HgzMEbg9L9gobymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWY0YjBhNzNhYzFiNjMzZDI0ZWQ1YTA5NGZkZTNhMmVm
NTFiOTQwHhcNMjQwMTAxMDYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTg1NzUyNWYzYjA3YTA0YTM3ZmFjY2EwNmFmMmQxZDM2OTc5OTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9EqqsptvT0cMcrhIYW2J3oIc/hD
HQ+j3QSwxaZ4vOJfM54Si8MdhtvFzQsiK5KcA72rHsXA2FRTUqipjdUxMh2dzOmc
WUca9nHHA7yV8B1ybR2qt3kXU/zap5kDVEWsmYSOSrZ/77ymPnA1UVpzwqqyD73m
exrXcJ6tJMHa8FeyAP5ffSmcHpccUHbL/hIu6aDqK0m4tOrezAa4kAX/HHWw7bgq
loDbKZIYDRqwdnytmSr50sSOQ6NQCLrvoMUuERLci+OBxi80RaSxoE/19dAEHP6P
k75yz0YHa1NfXpCGTTcDgvctxmricJ5/Ce7BUKR1kLw0fOjM4zqEgosqrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCmFdSXzsHoEo3+sygavLR02l5k9MB8GA1UdIwQY
MBaAFBEfSwpzrBtjPSTtWglP3jou9RuUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVI5TENuT3NHMk05Sk8xYUNVX2VPaTcxRzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9lM2M4NTQtMjI2Mi00ODk1LWI5MmEt
ZjJjNjVhNzAxM2VmLzEvS1lWMUpmT3dlZ1NqZjZ6S0JxOHRIVGFYbVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9lM2M4NTQtMjI2Mi00ODk1LWI5MmEtZjJjNjVhNzAxM2Vm
LzEvRVI5TENuT3NHMk05Sk8xYUNVX2VPaTcxRzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZSoMA0E
AgACMAcDBQMqB2DAMA0GCSqGSIb3DQEBCwUAA4IBAQBwb4iM4hH2X0N+BWrClRrc
oeDeNsU1OV9P/MQkWh0jHgS/nzrE7qd/Fwodygn8rjFHgYzF3MgMvMgDKO8ZAB6p
J3krz4VNNzheQTrieVFizG9N1z2tY5Sz9mi80jbGMP8JivUmch2iq5hYHDBybn/s
xhi8bdko6394egH3pZq9NbtyiffxxnAoyoV5G26vIcRbt2ip52XKmyWmQIdbO1NT
cxiz3ayolI4QGJdGD8ekljOnWLCIiO5kfgDtLncYD4bJaNaxk3HXs1HUPdrFH9/e
eF6IeWZI6MmCFYB+2ANb3xHHCpNwiEXaUX9ReU/8QrdQH7N/WieURWSzJR/nt5Fw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:57 2025 by rpki-client