Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/cb53fc-7096-4594-91b1-d92785a61219/1/KgcCICa_-hixWZTTUELiCMTd1qc.roa
File: KgcCICa_-hixWZTTUELiCMTd1qc.roa (raw, json)
Hash identifier: aB/2vvsZVUV2pqutYR0WS2bhu7nsx+1f1yx0LZyC04o=
Subject key identifier: 2A:07:02:20:26:BF:FA:18:B1:59:94:D3:50:42:E2:08:C4:DD:D6:A7
Certificate issuer: /CN=3812c97dbd32195b6afa91140b5520b5e0c2c5be
Certificate serial: 019421B2143D4182CCB89B4EEB4CF2E91F35
Authority key identifier: 38:12:C9:7D:BD:32:19:5B:6A:FA:91:14:0B:55:20:B5:E0:C2:C5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBLJfb0yGVtq-pEUC1UgteDCxb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/cb53fc-7096-4594-91b1-d92785a61219/1/KgcCICa_-hixWZTTUELiCMTd1qc.roa
Signing time: Wed 01 Jan 2025 11:48:26 +0000
ROA not before: Wed 01 Jan 2025 11:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44322
IP address blocks: 185.83.240.0/22 maxlen: 24
2a05:a000::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:14:3d:41:82:cc:b8:9b:4e:eb:4c:f2:e9:1f:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3812c97dbd32195b6afa91140b5520b5e0c2c5be
Validity
Not Before: Jan 1 11:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a07022026bffa18b15994d35042e208c4ddd6a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:00:f7:56:11:57:6f:02:76:b0:38:9f:73:b0:
c9:74:7c:aa:3c:49:ac:8a:40:1d:35:95:ef:9b:35:
27:a6:5f:25:24:f3:cd:31:b3:22:8f:92:0e:e3:ac:
d9:fc:38:b4:16:79:c8:7e:ea:6c:f6:57:65:14:4d:
ba:e8:2f:a5:3c:8a:bb:80:0d:7c:0b:b7:c3:51:6b:
2f:c5:53:d9:b6:43:e6:4a:6b:f4:eb:c1:85:15:c6:
7a:c6:75:b9:12:b7:56:84:d5:c8:07:c0:55:59:29:
04:49:c0:3e:10:b7:0f:96:84:b1:17:1d:63:84:0b:
4e:53:9f:dd:9c:7c:17:ed:b3:28:26:4a:8a:3c:96:
74:36:c9:2a:1f:e6:15:a7:d9:ab:96:0b:56:8c:fc:
13:d2:13:0c:7f:4f:62:be:9f:ce:59:bc:d5:0f:0d:
dc:42:32:f6:d2:db:d3:44:89:ae:df:5d:80:06:9a:
dd:1e:66:28:c0:b0:23:86:e2:31:a7:1c:82:5c:7c:
16:ff:b0:05:5d:05:2f:7b:a0:4b:04:1c:a1:90:35:
2b:05:a9:5e:40:fe:1f:96:47:99:c4:be:88:dd:6a:
fd:fd:ff:da:17:c4:34:c4:b2:8f:03:6f:2e:3b:d6:
73:a4:31:ba:f0:f2:12:ae:dd:d4:dd:e3:54:30:d1:
e2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:07:02:20:26:BF:FA:18:B1:59:94:D3:50:42:E2:08:C4:DD:D6:A7
X509v3 Authority Key Identifier:
keyid:38:12:C9:7D:BD:32:19:5B:6A:FA:91:14:0B:55:20:B5:E0:C2:C5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBLJfb0yGVtq-pEUC1UgteDCxb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cb53fc-7096-4594-91b1-d92785a61219/1/KgcCICa_-hixWZTTUELiCMTd1qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cb53fc-7096-4594-91b1-d92785a61219/1/OBLJfb0yGVtq-pEUC1UgteDCxb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.240.0/22
IPv6:
2a05:a000::/29
Signature Algorithm: sha256WithRSAEncryption
a4:22:63:81:47:15:5b:98:87:d8:af:15:f3:02:d7:19:58:c1:
82:86:7c:3a:ca:d7:3f:95:7e:a1:1f:be:08:9c:d8:5b:f6:68:
ed:ec:2e:fb:5a:5a:48:26:3d:df:98:cc:4c:0d:61:92:32:a4:
85:c4:3e:e9:7f:af:f1:b8:df:4c:d2:3b:31:3c:87:aa:8c:54:
4b:3f:cb:e5:d2:fd:ff:6d:d1:96:47:87:c5:66:af:10:8d:75:
38:04:d1:15:fc:8c:8b:8d:3d:40:95:01:28:75:71:a4:b6:56:
d9:7c:3c:aa:1d:63:4e:d9:8f:b0:4c:d8:63:88:cc:9d:59:02:
52:b3:c0:00:ab:ce:85:e5:cc:c7:4a:44:f1:07:67:49:f2:85:
7c:2b:d5:7c:89:9c:40:32:96:6b:3c:53:bf:ed:70:84:3f:2c:
d1:d9:87:0e:ac:33:d2:31:52:84:40:ca:74:ae:f0:13:99:a6:
ec:59:ae:99:8f:ee:f2:0f:eb:05:f7:11:f7:09:3a:2f:7e:77:
83:24:cc:df:4d:e9:0b:04:ef:a1:c4:a7:f9:ef:20:c9:5b:e7:
d3:ff:66:d2:96:9b:57:1a:79:51:cd:b2:cc:1a:d0:7c:5a:d5:
92:ce:21:45:3c:ea:59:ab:74:9f:09:4f:55:aa:ac:bb:ae:c0:
64:35:3c:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhshQ9QYLMuJtO60zy6R81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MTJjOTdkYmQzMjE5NWI2YWZhOTExNDBiNTUyMGI1ZTBj
MmM1YmUwHhcNMjUwMTAxMTE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTA3MDIyMDI2YmZmYTE4YjE1OTk0ZDM1MDQyZTIwOGM0ZGRkNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswD3VhFXbwJ2sDifc7DJdHyqPEms
ikAdNZXvmzUnpl8lJPPNMbMij5IO46zZ/Di0FnnIfups9ldlFE266C+lPIq7gA18
C7fDUWsvxVPZtkPmSmv068GFFcZ6xnW5ErdWhNXIB8BVWSkEScA+ELcPloSxFx1j
hAtOU5/dnHwX7bMoJkqKPJZ0NskqH+YVp9mrlgtWjPwT0hMMf09ivp/OWbzVDw3c
QjL20tvTRImu312ABprdHmYowLAjhuIxpxyCXHwW/7AFXQUve6BLBByhkDUrBale
QP4flkeZxL6I3Wr9/f/aF8Q0xLKPA28uO9ZzpDG68PISrt3U3eNUMNHixQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCoHAiAmv/oYsVmU01BC4gjE3danMB8GA1UdIwQY
MBaAFDgSyX29MhlbavqRFAtVILXgwsW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0JMSmZiMHlHVnRxLXBFVUMxVWd0ZURDeGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9jYjUzZmMtNzA5Ni00NTk0LTkxYjEt
ZDkyNzg1YTYxMjE5LzEvS2djQ0lDYV8taGl4V1pUVFVFTGlDTVRkMXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9jYjUzZmMtNzA5Ni00NTk0LTkxYjEtZDkyNzg1YTYxMjE5
LzEvT0JMSmZiMHlHVnRxLXBFVUMxVWd0ZURDeGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVPwMA0E
AgACMAcDBQMqBaAAMA0GCSqGSIb3DQEBCwUAA4IBAQCkImOBRxVbmIfYrxXzAtcZ
WMGChnw6ytc/lX6hH74InNhb9mjt7C77WlpIJj3fmMxMDWGSMqSFxD7pf6/xuN9M
0jsxPIeqjFRLP8vl0v3/bdGWR4fFZq8QjXU4BNEV/IyLjT1AlQEodXGktlbZfDyq
HWNO2Y+wTNhjiMydWQJSs8AAq86F5czHSkTxB2dJ8oV8K9V8iZxAMpZrPFO/7XCE
PyzR2YcOrDPSMVKEQMp0rvATmabsWa6Zj+7yD+sF9xH3CTovfneDJMzfTekLBO+h
xKf57yDJW+fT/2bSlptXGnlRzbLMGtB8WtWSziFFPOpZq3SfCU9Vqqy7rsBkNTy+
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:18 2025 by rpki-client