Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/KJGSO_Jbi9ni4NOw9fv7oVHU0lw.roa
File: KJGSO_Jbi9ni4NOw9fv7oVHU0lw.roa (raw, json)
Hash identifier: Cnkf5BP8PoSOYvrbLpJW+Q1TwYdlx+FxqtmsAfvNXlU=
Subject key identifier: 28:91:92:3B:F2:5B:8B:D9:E2:E0:D3:B0:F5:FB:FB:A1:51:D4:D2:5C
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 018CC9BBD80841256DCBCC572036CEF4DFF0
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/KJGSO_Jbi9ni4NOw9fv7oVHU0lw.roa
Signing time: Tue 02 Jan 2024 10:33:00 +0000
ROA not before: Tue 02 Jan 2024 10:33:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396828
IP address blocks: 2a10:eec0:b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:d8:08:41:25:6d:cb:cc:57:20:36:ce:f4:df:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 2 10:33:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2891923bf25b8bd9e2e0d3b0f5fbfba151d4d25c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8a:b0:e3:2d:41:42:d6:f9:26:e4:ba:02:f1:
61:3b:b9:cf:6c:e8:03:22:b9:f1:8f:ba:86:b8:27:
2a:99:89:5f:6f:7b:5f:5b:54:cd:e0:af:3d:7b:2d:
bd:56:9b:ec:22:03:67:47:5e:42:16:e3:e6:c1:6c:
8c:e1:58:91:40:dd:62:bd:f2:ee:99:16:e0:50:20:
e3:a1:7e:6b:61:f0:45:bb:f4:66:2e:fa:76:62:23:
d4:0e:27:40:21:c8:66:b8:d9:bc:00:90:24:a0:35:
6e:5b:4e:57:42:ee:41:e2:ea:1c:ad:3a:ca:97:88:
a4:f0:a2:0f:55:e8:88:6d:d2:26:db:f7:99:d8:2b:
a1:91:de:84:f2:5c:a7:96:65:0c:5f:26:a8:60:5e:
69:df:0d:1e:0e:87:d8:34:fc:6a:08:c7:85:23:9c:
50:47:a0:f4:66:08:e4:94:b2:ea:83:e2:08:52:a7:
5c:1e:60:f5:32:76:69:ab:04:79:94:ce:ec:ad:3b:
e7:10:26:c8:7a:f6:e2:8e:4a:fa:49:97:7a:5e:4f:
44:88:2d:62:75:75:39:30:ca:a9:98:81:77:d2:2e:
e7:76:e4:ff:ff:d4:b2:6b:95:56:b7:09:8a:4f:46:
3d:2c:f7:55:56:c9:cf:b2:fa:96:58:b8:86:66:07:
01:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:91:92:3B:F2:5B:8B:D9:E2:E0:D3:B0:F5:FB:FB:A1:51:D4:D2:5C
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/KJGSO_Jbi9ni4NOw9fv7oVHU0lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:eec0:b::/48
Signature Algorithm: sha256WithRSAEncryption
0e:01:01:c4:19:de:82:d2:bd:71:eb:09:50:0f:65:1f:d1:39:
44:41:8f:19:24:41:7f:f6:ee:d5:66:95:e6:94:3e:a5:3f:11:
dc:51:8e:94:eb:d3:48:a4:96:8b:97:3d:b9:58:f9:68:2a:92:
7d:c1:22:4c:c5:54:80:89:96:82:01:13:2b:0d:02:3e:33:ef:
3d:34:df:54:9d:ff:5d:a6:5d:02:19:3c:f3:10:60:97:d4:32:
a9:bc:df:11:aa:24:ea:43:5a:cb:49:a5:2d:c8:60:bf:20:90:
23:fc:58:51:a8:90:90:62:b8:c5:0e:17:e2:c9:bd:fa:89:d3:
17:21:16:21:c3:49:49:9c:97:64:0b:fb:fb:47:8b:4b:b8:fe:
a5:20:1f:a4:bb:34:5d:6e:2a:13:5b:15:da:d6:62:2b:99:24:
84:20:88:67:17:6d:1b:bd:de:c6:5b:7d:7b:e0:07:12:d2:d7:
e4:4c:74:35:28:f4:54:a2:8d:ad:0a:15:3f:a9:23:8f:c8:53:
25:d4:8a:c5:ff:19:3f:85:79:3f:5a:34:94:1b:34:bb:5f:66:
34:77:fa:b5:63:ae:56:9b:07:86:27:89:60:8a:71:d4:7a:a0:
27:4e:ac:58:57:8a:6e:66:3c:c6:a3:15:a3:e0:b1:8d:d2:82:
f2:b0:42:ec
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJu9gIQSVty8xXIDbO9N/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQwMTAyMTAzMzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODkxOTIzYmYyNWI4YmQ5ZTJlMGQzYjBmNWZiZmJhMTUxZDRkMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIqw4y1BQtb5JuS6AvFhO7nPbOgD
Irnxj7qGuCcqmYlfb3tfW1TN4K89ey29VpvsIgNnR15CFuPmwWyM4ViRQN1ivfLu
mRbgUCDjoX5rYfBFu/RmLvp2YiPUDidAIchmuNm8AJAkoDVuW05XQu5B4uocrTrK
l4ik8KIPVeiIbdIm2/eZ2Cuhkd6E8lynlmUMXyaoYF5p3w0eDofYNPxqCMeFI5xQ
R6D0ZgjklLLqg+IIUqdcHmD1MnZpqwR5lM7srTvnECbIevbijkr6SZd6Xk9EiC1i
dXU5MMqpmIF30i7nduT//9Sya5VWtwmKT0Y9LPdVVsnPsvqWWLiGZgcBBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCiRkjvyW4vZ4uDTsPX7+6FR1NJcMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvS0pHU09fSmJpOW5pNE5PdzlmdjdvVkhVMGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhDuwAAL
MA0GCSqGSIb3DQEBCwUAA4IBAQAOAQHEGd6C0r1x6wlQD2Uf0TlEQY8ZJEF/9u7V
ZpXmlD6lPxHcUY6U69NIpJaLlz25WPloKpJ9wSJMxVSAiZaCARMrDQI+M+89NN9U
nf9dpl0CGTzzEGCX1DKpvN8RqiTqQ1rLSaUtyGC/IJAj/FhRqJCQYrjFDhfiyb36
idMXIRYhw0lJnJdkC/v7R4tLuP6lIB+kuzRdbioTWxXa1mIrmSSEIIhnF20bvd7G
W3174AcS0tfkTHQ1KPRUoo2tChU/qSOPyFMl1IrF/xk/hXk/WjSUGzS7X2Y0d/q1
Y65WmweGJ4lginHUeqAnTqxYV4puZjzGoxWj4LGN0oLysELs
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:08 2025 by rpki-client