Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/fbad19-c87c-4f30-b0b6-e57163d41359/1/KVNoG-NSey3xHFUpil3iLHxeYPs.roa
File: KVNoG-NSey3xHFUpil3iLHxeYPs.roa (raw, json)
Hash identifier: antpbhFxB+bPqxmd39yyQFSOSW81XNkJf6FkVKhTPC8=
Subject key identifier: 29:53:68:1B:E3:52:7B:2D:F1:1C:55:29:8A:5D:E2:2C:7C:5E:60:FB
Certificate issuer: /CN=3025fef9ca6404582d1a74da7f8bbe92b00282aa
Certificate serial: 01875305B056676CF04723BEB3B69E4F02AD
Authority key identifier: 30:25:FE:F9:CA:64:04:58:2D:1A:74:DA:7F:8B:BE:92:B0:02:82:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCX--cpkBFgtGnTaf4u-krACgqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/fbad19-c87c-4f30-b0b6-e57163d41359/1/KVNoG-NSey3xHFUpil3iLHxeYPs.roa
Signing time: Wed 05 Apr 2023 20:04:54 +0000
ROA not before: Wed 05 Apr 2023 20:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209202
IP address blocks: 2.57.128.0/22 maxlen: 22
2a09:d940::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:53:05:b0:56:67:6c:f0:47:23:be:b3:b6:9e:4f:02:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3025fef9ca6404582d1a74da7f8bbe92b00282aa
Validity
Not Before: Apr 5 20:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2953681be3527b2df11c55298a5de22c7c5e60fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5e:1e:c4:cf:d3:98:1e:88:15:6c:47:4a:50:
e8:60:01:fc:c8:ee:60:67:1e:06:6c:ae:1f:34:a0:
56:89:b3:86:4b:f3:2b:97:c1:00:0a:76:25:f0:b9:
b2:32:65:29:f6:0c:1c:33:dc:3a:45:07:bc:73:c1:
76:51:b2:70:62:07:48:dd:c2:df:6d:83:e5:29:d5:
e8:90:a9:21:3f:f8:2f:03:cf:ed:e5:77:a9:6d:81:
07:3b:e6:75:40:c0:e6:cc:c1:7b:42:f5:35:46:49:
6d:bb:4b:04:c5:41:e5:5e:c0:12:bb:31:e3:18:f5:
f9:57:44:78:b3:16:b5:14:9e:8e:49:c0:30:93:91:
51:d0:d0:0a:43:8d:63:e8:ba:c9:61:d0:1f:8c:fc:
b1:90:8b:0b:97:db:fb:01:51:fd:4c:50:53:2a:b6:
03:18:4f:11:31:17:ad:07:3e:01:85:97:5d:1d:ab:
f7:92:e8:d7:80:01:59:26:c7:0f:d7:71:cd:12:54:
b4:96:8e:72:c1:80:c2:32:10:87:09:f4:1b:d3:0a:
00:cd:3f:89:20:61:51:46:17:6e:7a:f9:d6:69:34:
64:3c:5c:1f:81:bf:e5:52:52:32:4f:25:97:c0:9c:
e3:de:0d:d6:24:8b:32:ea:6c:14:80:56:99:2e:0e:
14:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:53:68:1B:E3:52:7B:2D:F1:1C:55:29:8A:5D:E2:2C:7C:5E:60:FB
X509v3 Authority Key Identifier:
keyid:30:25:FE:F9:CA:64:04:58:2D:1A:74:DA:7F:8B:BE:92:B0:02:82:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCX--cpkBFgtGnTaf4u-krACgqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/fbad19-c87c-4f30-b0b6-e57163d41359/1/KVNoG-NSey3xHFUpil3iLHxeYPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/fbad19-c87c-4f30-b0b6-e57163d41359/1/MCX--cpkBFgtGnTaf4u-krACgqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.128.0/22
IPv6:
2a09:d940::/29
Signature Algorithm: sha256WithRSAEncryption
87:05:cd:17:cd:24:bd:6b:61:e5:38:c1:96:28:bc:86:db:91:
83:7c:a5:57:78:52:07:c8:e5:97:9c:9c:d1:c0:49:40:56:f8:
52:6b:ea:58:10:ea:c6:01:83:5a:27:3f:da:be:67:c7:a9:a5:
85:0c:ce:59:34:3d:d6:d5:5b:5d:5f:1a:fe:5f:45:f0:fa:15:
cd:79:f5:af:70:b6:9f:02:b3:b9:ca:b8:38:9d:71:d1:8a:7d:
00:58:65:15:b4:39:49:b4:71:70:97:eb:b6:19:82:be:98:ed:
32:ea:4b:7a:df:94:3e:3c:04:19:62:d0:f1:6e:e8:d3:33:d3:
f7:21:7f:84:c8:85:46:70:42:4e:d2:a6:a9:75:35:67:0c:83:
1f:89:48:22:79:2e:e8:1d:c0:c1:59:84:9a:80:34:d0:84:d2:
f3:62:b9:7b:57:fe:3a:36:bf:f5:a8:fc:cf:05:eb:8d:8e:a5:
9c:7f:ba:0c:f4:3a:99:dc:97:5e:20:bd:33:7c:21:3d:63:68:
ba:c6:2e:6e:e0:66:27:09:df:75:84:61:8f:5c:d4:b4:9f:92:
46:27:ca:f8:23:d2:15:be:ad:9d:bf:81:39:e5:52:4d:73:de:
31:16:f2:91:b6:50:0b:8a:70:1b:9c:0f:a1:a0:c6:33:c7:dd:
25:df:14:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYdTBbBWZ2zwRyO+s7aeTwKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjVmZWY5Y2E2NDA0NTgyZDFhNzRkYTdmOGJiZTkyYjAw
MjgyYWEwHhcNMjMwNDA1MjAwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTUzNjgxYmUzNTI3YjJkZjExYzU1Mjk4YTVkZTIyYzdjNWU2MGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj14exM/TmB6IFWxHSlDoYAH8yO5g
Zx4GbK4fNKBWibOGS/Mrl8EACnYl8LmyMmUp9gwcM9w6RQe8c8F2UbJwYgdI3cLf
bYPlKdXokKkhP/gvA8/t5XepbYEHO+Z1QMDmzMF7QvU1Rkltu0sExUHlXsASuzHj
GPX5V0R4sxa1FJ6OScAwk5FR0NAKQ41j6LrJYdAfjPyxkIsLl9v7AVH9TFBTKrYD
GE8RMRetBz4BhZddHav3kujXgAFZJscP13HNElS0lo5ywYDCMhCHCfQb0woAzT+J
IGFRRhduevnWaTRkPFwfgb/lUlIyTyWXwJzj3g3WJIsy6mwUgFaZLg4UfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFClTaBvjUnst8RxVKYpd4ix8XmD7MB8GA1UdIwQY
MBaAFDAl/vnKZARYLRp02n+LvpKwAoKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNYLS1jcGtCRmd0R25UYWY0dS1rckFDZ3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mYmFkMTktYzg3Yy00ZjMwLWIwYjYt
ZTU3MTYzZDQxMzU5LzEvS1ZOb0ctTlNleTN4SEZVcGlsM2lMSHhlWVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mYmFkMTktYzg3Yy00ZjMwLWIwYjYtZTU3MTYzZDQxMzU5
LzEvTUNYLS1jcGtCRmd0R25UYWY0dS1rckFDZ3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjmAMA0E
AgACMAcDBQMqCdlAMA0GCSqGSIb3DQEBCwUAA4IBAQCHBc0XzSS9a2HlOMGWKLyG
25GDfKVXeFIHyOWXnJzRwElAVvhSa+pYEOrGAYNaJz/avmfHqaWFDM5ZND3W1Vtd
Xxr+X0Xw+hXNefWvcLafArO5yrg4nXHRin0AWGUVtDlJtHFwl+u2GYK+mO0y6kt6
35Q+PAQZYtDxbujTM9P3IX+EyIVGcEJO0qapdTVnDIMfiUgieS7oHcDBWYSagDTQ
hNLzYrl7V/46Nr/1qPzPBeuNjqWcf7oM9DqZ3JdeIL0zfCE9Y2i6xi5u4GYnCd91
hGGPXNS0n5JGJ8r4I9IVvq2dv4E55VJNc94xFvKRtlALinAbnA+hoMYzx90l3xRf
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:07 2023 by rpki-client on console.sobornost.net