Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/324d8f-4c20-4682-a114-89e8859cfae2/1/KZGwqhPT-R4bkrfU4Yie1R9XiCY.roa
File: KZGwqhPT-R4bkrfU4Yie1R9XiCY.roa (raw, json)
Hash identifier: tKy3I2Lqj6rY7FIScTGoKIDpNK+Amo2bX7sllOL/qFU=
Subject key identifier: 29:91:B0:AA:13:D3:F9:1E:1B:92:B7:D4:E1:88:9E:D5:1F:57:88:26
Certificate issuer: /CN=44838c7f23c4b7d17c74de914d99e2867839aeda
Certificate serial: 0183F63E75BAB1EEBBBD9EBA248C697A6D5F
Authority key identifier: 44:83:8C:7F:23:C4:B7:D1:7C:74:DE:91:4D:99:E2:86:78:39:AE:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RIOMfyPEt9F8dN6RTZnihng5rto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/324d8f-4c20-4682-a114-89e8859cfae2/1/KZGwqhPT-R4bkrfU4Yie1R9XiCY.roa
Signing time: Thu 20 Oct 2022 16:33:51 +0000
ROA not before: Thu 20 Oct 2022 16:33:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 85.8.144.0/23 maxlen: 23
85.8.146.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f6:3e:75:ba:b1:ee:bb:bd:9e:ba:24:8c:69:7a:6d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44838c7f23c4b7d17c74de914d99e2867839aeda
Validity
Not Before: Oct 20 16:33:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2991b0aa13d3f91e1b92b7d4e1889ed51f578826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f0:ca:23:ca:8c:eb:ff:71:49:6b:7b:0f:8b:
5c:7e:b0:5f:2a:74:86:50:de:4c:86:b4:97:8f:ad:
a5:a3:1a:1b:05:86:eb:fd:78:39:3b:93:68:0f:d3:
35:94:5d:3f:2c:fc:4a:a9:f8:34:ac:cb:28:4b:3c:
39:a8:58:20:23:7d:b6:4c:c7:c0:c0:ce:d1:97:ea:
7d:01:42:2c:a2:14:dc:3b:a4:d8:35:9e:40:ff:88:
f6:23:52:ed:06:a6:70:7a:ef:85:bf:51:32:25:31:
b5:75:e4:8f:26:f7:2c:ff:ac:e0:c9:cf:18:42:6a:
29:80:e4:62:9c:41:b1:1f:da:52:84:86:df:b0:0d:
83:52:a1:78:97:e8:9f:3d:ec:a5:ec:ee:0b:90:14:
6a:de:0c:c4:6c:c1:1c:5b:1a:e3:83:2d:1d:e4:b3:
8e:9c:43:e7:1c:30:13:b6:fd:a6:0a:65:ac:0e:1c:
a0:14:9d:d4:02:65:97:51:1a:bf:ce:b1:91:85:f3:
8a:bc:3f:14:7e:0a:1d:45:95:b4:01:bd:51:6e:02:
bd:4c:07:ae:4c:24:7e:21:7a:6a:95:5c:37:0d:8a:
ca:25:af:b0:eb:39:37:3c:b7:89:85:07:f8:f1:bd:
4e:33:19:00:f6:89:77:ef:85:5d:8f:f9:3d:82:91:
8b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:91:B0:AA:13:D3:F9:1E:1B:92:B7:D4:E1:88:9E:D5:1F:57:88:26
X509v3 Authority Key Identifier:
keyid:44:83:8C:7F:23:C4:B7:D1:7C:74:DE:91:4D:99:E2:86:78:39:AE:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RIOMfyPEt9F8dN6RTZnihng5rto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/324d8f-4c20-4682-a114-89e8859cfae2/1/KZGwqhPT-R4bkrfU4Yie1R9XiCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/324d8f-4c20-4682-a114-89e8859cfae2/1/RIOMfyPEt9F8dN6RTZnihng5rto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.144.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:70:03:76:37:3e:f7:7d:b8:f3:2f:5d:6a:df:48:cc:2d:87:
88:c9:56:df:58:8c:6e:e4:81:bb:e0:4c:23:66:b1:c5:d8:ff:
f0:b8:57:de:8f:c3:ae:de:3e:d0:50:31:5e:fb:8a:50:21:9c:
0e:cf:2f:49:0b:9d:32:35:60:4b:d1:9f:45:05:4c:18:c5:fa:
9e:1f:ab:e9:10:13:7c:99:03:80:fa:98:e5:11:2a:dc:3d:a0:
5f:66:e1:0a:cc:8b:b0:a7:b5:6a:3b:91:3c:77:69:12:03:01:
a2:ab:ab:10:5c:63:70:38:31:2e:40:d8:89:65:67:cb:85:59:
ba:7f:90:0d:7d:7f:85:de:c4:5c:d9:c4:02:bc:7f:f2:93:8e:
95:e5:b3:e4:aa:99:35:17:40:74:dc:53:53:53:cf:ea:7f:af:
6c:b0:2a:73:fa:98:6c:b9:79:dc:d6:b3:4e:80:d4:53:4e:d3:
47:e5:dc:e8:58:b8:e4:cc:6d:ab:56:29:35:a2:ae:f1:1e:84:
43:71:f7:21:25:46:6f:b0:df:f4:27:1f:e6:5e:88:89:24:7d:
68:d0:85:fa:e2:de:50:65:2e:e1:a4:6d:3e:9b:08:e5:ef:bf:
7f:9f:b2:80:4b:76:ea:c6:d6:bb:8b:6a:f3:ef:43:9e:ef:3f:
01:ed:d0:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP2PnW6se67vZ66JIxpem1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ODM4YzdmMjNjNGI3ZDE3Yzc0ZGU5MTRkOTllMjg2Nzgz
OWFlZGEwHhcNMjIxMDIwMTYzMzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTkxYjBhYTEzZDNmOTFlMWI5MmI3ZDRlMTg4OWVkNTFmNTc4ODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifDKI8qM6/9xSWt7D4tcfrBfKnSG
UN5MhrSXj62loxobBYbr/Xg5O5NoD9M1lF0/LPxKqfg0rMsoSzw5qFggI322TMfA
wM7Rl+p9AUIsohTcO6TYNZ5A/4j2I1LtBqZweu+Fv1EyJTG1deSPJvcs/6zgyc8Y
QmopgORinEGxH9pShIbfsA2DUqF4l+ifPeyl7O4LkBRq3gzEbMEcWxrjgy0d5LOO
nEPnHDATtv2mCmWsDhygFJ3UAmWXURq/zrGRhfOKvD8UfgodRZW0Ab1RbgK9TAeu
TCR+IXpqlVw3DYrKJa+w6zk3PLeJhQf48b1OMxkA9ol374Vdj/k9gpGLlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmRsKoT0/keG5K31OGIntUfV4gmMB8GA1UdIwQY
MBaAFESDjH8jxLfRfHTekU2Z4oZ4Oa7aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUklPTWZ5UEV0OUY4ZE42UlRabmlobmc1cnRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8zMjRkOGYtNGMyMC00NjgyLWExMTQt
ODllODg1OWNmYWUyLzEvS1pHd3FoUFQtUjRia3JmVTRZaWUxUjlYaUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8zMjRkOGYtNGMyMC00NjgyLWExMTQtODllODg1OWNmYWUy
LzEvUklPTWZ5UEV0OUY4ZE42UlRabmlobmc1cnRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVQiQMA0G
CSqGSIb3DQEBCwUAA4IBAQB+cAN2Nz73fbjzL11q30jMLYeIyVbfWIxu5IG74Ewj
ZrHF2P/wuFfej8Ou3j7QUDFe+4pQIZwOzy9JC50yNWBL0Z9FBUwYxfqeH6vpEBN8
mQOA+pjlESrcPaBfZuEKzIuwp7VqO5E8d2kSAwGiq6sQXGNwODEuQNiJZWfLhVm6
f5ANfX+F3sRc2cQCvH/yk46V5bPkqpk1F0B03FNTU8/qf69ssCpz+phsuXnc1rNO
gNRTTtNH5dzoWLjkzG2rVik1oq7xHoRDcfchJUZvsN/0Jx/mXoiJJH1o0IX64t5Q
ZS7hpG0+mwjl779/n7KAS3bqxta7i2rz70Oe7z8B7dBp
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:57:17 2025 by rpki-client