Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/5a3e08-ed41-4d0e-a6e0-32702dbd4bc7/1/KNcCODBaDX2MFgjxBHddnmeDs1w.roa
File: KNcCODBaDX2MFgjxBHddnmeDs1w.roa (raw, json)
Hash identifier: v5RHpNNKwnL8+b9d7xhZwKkWy+NYX2Itp+tps9r7KV8=
Subject key identifier: 28:D7:02:38:30:5A:0D:7D:8C:16:08:F1:04:77:5D:9E:67:83:B3:5C
Certificate issuer: /CN=17db8bdff22e1a37b0f4a6953424b65169b03429
Certificate serial: 0194221F80162050A40AF666757E8EF118BB
Authority key identifier: 17:DB:8B:DF:F2:2E:1A:37:B0:F4:A6:95:34:24:B6:51:69:B0:34:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9uL3_IuGjew9KaVNCS2UWmwNCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/5a3e08-ed41-4d0e-a6e0-32702dbd4bc7/1/KNcCODBaDX2MFgjxBHddnmeDs1w.roa
Signing time: Wed 01 Jan 2025 13:47:57 +0000
ROA not before: Wed 01 Jan 2025 13:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197942
IP address blocks: 2001:67c:9c4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:80:16:20:50:a4:0a:f6:66:75:7e:8e:f1:18:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17db8bdff22e1a37b0f4a6953424b65169b03429
Validity
Not Before: Jan 1 13:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28d70238305a0d7d8c1608f104775d9e6783b35c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:05:8e:40:68:74:68:ed:93:db:1e:4d:ea:8f:
fe:16:ef:27:d3:c9:49:52:58:4b:2c:5d:5b:93:24:
39:55:65:7b:95:2d:47:f2:05:d4:99:a7:4a:7b:0d:
34:0e:f7:a7:80:42:77:d9:75:60:cf:30:74:19:66:
fe:e5:7b:63:7d:d5:15:08:65:8c:e1:ca:25:ed:15:
d3:7c:c0:cd:b9:60:9c:25:a5:50:48:54:af:4a:47:
fb:ca:d0:f3:37:13:ed:6d:16:84:34:1a:9a:03:24:
34:4d:a5:78:82:52:62:e5:ef:5d:34:6f:12:c7:a0:
7a:3b:45:c4:2d:19:fa:57:78:a9:40:52:79:9a:5a:
9f:80:22:9c:96:ba:a4:9c:02:78:4f:f8:5c:2d:27:
89:0f:e4:90:66:30:d0:a0:f0:1e:5b:ae:de:4b:34:
29:1c:ed:3e:1b:81:8a:ab:bf:cc:fe:62:3e:84:f2:
8e:2f:7c:2d:d2:30:12:a1:b5:e6:be:59:58:59:2f:
2a:61:52:46:ce:fb:d6:5e:3b:e5:0d:39:e5:6a:1c:
7a:fe:09:d9:e5:c3:a2:14:4d:20:15:c7:2d:c2:10:
58:6e:7d:1b:ad:7d:a9:ed:9e:5c:fc:4c:d3:6f:e7:
a9:31:a8:a8:6f:dc:8e:d7:29:8f:e6:73:ce:10:6d:
dc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D7:02:38:30:5A:0D:7D:8C:16:08:F1:04:77:5D:9E:67:83:B3:5C
X509v3 Authority Key Identifier:
keyid:17:DB:8B:DF:F2:2E:1A:37:B0:F4:A6:95:34:24:B6:51:69:B0:34:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9uL3_IuGjew9KaVNCS2UWmwNCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5a3e08-ed41-4d0e-a6e0-32702dbd4bc7/1/KNcCODBaDX2MFgjxBHddnmeDs1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5a3e08-ed41-4d0e-a6e0-32702dbd4bc7/1/F9uL3_IuGjew9KaVNCS2UWmwNCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:9c4::/48
Signature Algorithm: sha256WithRSAEncryption
49:56:53:49:36:a6:b8:d7:29:6e:7c:25:00:8c:f8:9c:e7:0a:
b0:77:12:a4:23:6c:75:ec:e5:a7:cc:b9:ff:fb:1d:a3:b5:03:
f8:ff:9f:93:a3:c5:ee:20:a2:5b:7f:96:c9:a8:48:5e:76:99:
57:f7:9d:28:05:a8:29:8d:93:18:6d:61:24:31:a8:e4:f3:d7:
4a:15:ca:08:6a:b8:0f:af:c0:d5:cf:3e:a7:d0:a2:ce:7b:b0:
80:a4:3b:b8:10:73:56:f7:19:e1:8b:c0:7e:6f:8c:ec:9a:21:
2b:bb:26:5d:6c:3e:27:4b:7f:16:d2:39:59:a2:db:03:0b:d8:
55:ee:87:ec:45:cc:4e:c5:07:08:88:4b:bd:59:89:f7:03:4b:
a8:78:f3:bc:91:1d:e2:55:8d:a0:71:c7:01:c3:07:03:70:b1:
9f:32:b7:dc:aa:4e:a5:c1:8d:d5:85:01:9a:84:ba:b6:03:2b:
99:f7:34:05:a9:d6:cc:1f:c4:e4:5f:78:83:49:e9:7d:e0:ea:
db:c6:ce:66:79:21:c2:3c:4d:b2:d5:94:28:92:53:d9:84:77:
56:2d:22:d1:4d:e9:ba:06:25:09:7f:6b:4e:e6:57:d0:51:5a:
ff:2a:a5:5d:ec:8c:f0:bd:6d:66:ab:49:e3:d1:66:0a:c6:7c:
d1:84:1a:b3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiH4AWIFCkCvZmdX6O8Ri7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGI4YmRmZjIyZTFhMzdiMGY0YTY5NTM0MjRiNjUxNjli
MDM0MjkwHhcNMjUwMTAxMTM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQ3MDIzODMwNWEwZDdkOGMxNjA4ZjEwNDc3NWQ5ZTY3ODNiMzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQWOQGh0aO2T2x5N6o/+Fu8n08lJ
UlhLLF1bkyQ5VWV7lS1H8gXUmadKew00DvengEJ32XVgzzB0GWb+5XtjfdUVCGWM
4col7RXTfMDNuWCcJaVQSFSvSkf7ytDzNxPtbRaENBqaAyQ0TaV4glJi5e9dNG8S
x6B6O0XELRn6V3ipQFJ5mlqfgCKclrqknAJ4T/hcLSeJD+SQZjDQoPAeW67eSzQp
HO0+G4GKq7/M/mI+hPKOL3wt0jASobXmvllYWS8qYVJGzvvWXjvlDTnlahx6/gnZ
5cOiFE0gFcctwhBYbn0brX2p7Z5c/EzTb+epMaiob9yO1ymP5nPOEG3cVwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCjXAjgwWg19jBYI8QR3XZ5ng7NcMB8GA1UdIwQY
MBaAFBfbi9/yLho3sPSmlTQktlFpsDQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjl1TDNfSXVHamV3OUthVk5DUzJVV213TkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81YTNlMDgtZWQ0MS00ZDBlLWE2ZTAt
MzI3MDJkYmQ0YmM3LzEvS05jQ09EQmFEWDJNRmdqeEJIZGRubWVEczF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81YTNlMDgtZWQ0MS00ZDBlLWE2ZTAtMzI3MDJkYmQ0YmM3
LzEvRjl1TDNfSXVHamV3OUthVk5DUzJVV213TkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAnE
MA0GCSqGSIb3DQEBCwUAA4IBAQBJVlNJNqa41ylufCUAjPic5wqwdxKkI2x17OWn
zLn/+x2jtQP4/5+To8XuIKJbf5bJqEhedplX950oBagpjZMYbWEkMajk89dKFcoI
argPr8DVzz6n0KLOe7CApDu4EHNW9xnhi8B+b4zsmiEruyZdbD4nS38W0jlZotsD
C9hV7ofsRcxOxQcIiEu9WYn3A0uoePO8kR3iVY2gcccBwwcDcLGfMrfcqk6lwY3V
hQGahLq2AyuZ9zQFqdbMH8TkX3iDSel94Orbxs5meSHCPE2y1ZQoklPZhHdWLSLR
Tem6BiUJf2tO5lfQUVr/KqVd7IzwvW1mq0nj0WYKxnzRhBqz
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:54:43 2025 by rpki-client