Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/KML_hA1pizVhEIN7f877pA6o17I.roa
File: KML_hA1pizVhEIN7f877pA6o17I.roa (raw, json)
Hash identifier: mPt9GeV0y8ENs4Lz1UL4Oj0gaP0ztnD/yr/Nmb/aj0I=
Subject key identifier: 28:C2:FF:84:0D:69:8B:35:61:10:83:7B:7F:CE:FB:A4:0E:A8:D7:B2
Certificate issuer: /CN=c1b050211219d18e996e086cb7f6309178804860
Certificate serial: 019423D734652CDFB8437FFCF11DBC39A586
Authority key identifier: C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/KML_hA1pizVhEIN7f877pA6o17I.roa
Signing time: Wed 01 Jan 2025 21:48:13 +0000
ROA not before: Wed 01 Jan 2025 21:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202772
IP address blocks: 89.108.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:34:65:2c:df:b8:43:7f:fc:f1:1d:bc:39:a5:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1b050211219d18e996e086cb7f6309178804860
Validity
Not Before: Jan 1 21:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28c2ff840d698b356110837b7fcefba40ea8d7b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:78:c8:43:68:30:4f:c9:ac:9a:e2:4d:a5:1c:
ea:f0:54:e2:06:3f:40:cc:68:44:19:e1:2e:1f:4a:
89:fc:03:bf:9a:a2:b4:36:76:ff:a2:48:67:1d:11:
af:81:67:13:a5:5d:92:e9:8c:6a:3a:b8:00:06:c2:
e6:fb:1d:4d:15:e7:b9:97:22:c8:7f:22:a0:93:7a:
7e:09:b3:e5:23:1d:4e:02:c9:2d:af:09:fb:db:29:
50:4a:d9:5a:8b:ec:10:ab:87:a6:66:8f:61:59:8e:
13:ca:1f:b4:d7:45:c5:14:e2:e2:92:6a:d4:ee:82:
0c:d1:4c:a1:ba:dd:56:b0:2a:34:00:f6:73:74:53:
f8:f2:79:04:9e:be:24:fc:5c:5c:90:19:80:f5:c7:
9d:80:43:4d:9a:ce:22:da:2e:f4:e2:b3:b8:6b:3d:
73:83:59:97:da:6c:5b:28:d4:0c:7e:9f:1f:03:bb:
42:88:63:0b:d9:14:41:a0:50:e5:7c:a2:1d:d0:58:
5c:9b:14:b9:a0:b2:e0:6e:45:3a:47:be:9b:9c:d7:
1e:5e:23:db:7c:68:f0:bf:1a:74:c6:56:d8:94:89:
c6:d3:8c:c4:45:72:c9:69:03:92:e6:6e:68:c2:38:
25:9e:3e:ea:16:cb:d8:ba:e2:ea:93:4a:06:5e:4c:
05:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C2:FF:84:0D:69:8B:35:61:10:83:7B:7F:CE:FB:A4:0E:A8:D7:B2
X509v3 Authority Key Identifier:
keyid:C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/KML_hA1pizVhEIN7f877pA6o17I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.108.132.0/24
Signature Algorithm: sha256WithRSAEncryption
25:41:08:aa:0a:b7:e9:ba:54:33:81:23:8d:d1:c3:6f:30:cc:
ea:21:30:11:b3:b3:05:73:36:04:d9:7a:cd:f8:5b:76:9f:78:
0f:a4:2a:5c:e9:7a:f5:19:4a:a0:94:9b:2e:07:d0:6e:67:28:
86:19:fd:3c:ab:4a:46:95:7f:e2:eb:c1:38:57:42:d2:07:16:
0a:90:8a:11:76:64:1a:d9:d1:8f:5e:8b:6d:a1:fe:6e:a1:7b:
f3:46:b6:f0:0e:88:af:76:ea:d7:65:12:d8:0c:41:ae:36:e2:
89:58:c7:9f:4e:b3:3e:f1:de:2f:5d:13:d2:a6:e9:24:7d:e2:
30:26:9e:9c:88:61:6b:f6:90:53:ca:13:cf:9b:21:51:61:47:
16:88:3f:41:73:78:58:42:25:38:41:f0:85:5a:39:26:bf:08:
a7:f2:b3:a7:4f:94:55:e5:2a:97:d0:42:12:f4:67:6c:02:cc:
5e:73:ce:ab:42:aa:d3:36:9e:67:e1:49:af:6f:72:15:28:57:
54:22:03:f2:20:e3:de:b7:a1:12:75:84:12:28:b1:61:68:f4:
1d:74:35:d1:00:0b:db:76:08:8a:13:ce:d6:23:dd:af:c3:65:
8f:64:39:ce:6e:41:bc:d0:45:04:53:ee:34:39:57:90:08:33:
27:5a:ce:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1zRlLN+4Q3/88R28OaWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYjA1MDIxMTIxOWQxOGU5OTZlMDg2Y2I3ZjYzMDkxNzg4
MDQ4NjAwHhcNMjUwMTAxMjE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGMyZmY4NDBkNjk4YjM1NjExMDgzN2I3ZmNlZmJhNDBlYThkN2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHjIQ2gwT8msmuJNpRzq8FTiBj9A
zGhEGeEuH0qJ/AO/mqK0Nnb/okhnHRGvgWcTpV2S6YxqOrgABsLm+x1NFee5lyLI
fyKgk3p+CbPlIx1OAsktrwn72ylQStlai+wQq4emZo9hWY4Tyh+010XFFOLikmrU
7oIM0Uyhut1WsCo0APZzdFP48nkEnr4k/FxckBmA9cedgENNms4i2i704rO4az1z
g1mX2mxbKNQMfp8fA7tCiGML2RRBoFDlfKId0FhcmxS5oLLgbkU6R76bnNceXiPb
fGjwvxp0xlbYlInG04zERXLJaQOS5m5owjglnj7qFsvYuuLqk0oGXkwFAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjC/4QNaYs1YRCDe3/O+6QOqNeyMB8GA1UdIwQY
MBaAFMGwUCESGdGOmW4IbLf2MJF4gEhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUt
Y2UyMjUxODdmYzM4LzEvS01MX2hBMXBpelZoRUlON2Y4NzdwQTZvMTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUtY2UyMjUxODdmYzM4
LzEvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWyEMA0G
CSqGSIb3DQEBCwUAA4IBAQAlQQiqCrfpulQzgSON0cNvMMzqITARs7MFczYE2XrN
+Ft2n3gPpCpc6Xr1GUqglJsuB9BuZyiGGf08q0pGlX/i68E4V0LSBxYKkIoRdmQa
2dGPXottof5uoXvzRrbwDoivdurXZRLYDEGuNuKJWMefTrM+8d4vXRPSpukkfeIw
Jp6ciGFr9pBTyhPPmyFRYUcWiD9Bc3hYQiU4QfCFWjkmvwin8rOnT5RV5SqX0EIS
9GdsAsxec86rQqrTNp5n4Umvb3IVKFdUIgPyIOPet6ESdYQSKLFhaPQddDXRAAvb
dgiKE87WI92vw2WPZDnObkG80EUEU+40OVeQCDMnWs5v
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:09 2025 by rpki-client on console.sobornost.net