Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/kCLeoG8a5Q66ZOgtS-XRFUs7kNM.roa
File: kCLeoG8a5Q66ZOgtS-XRFUs7kNM.roa (raw, json)
Hash identifier: KWVZVZ2FA9Mj1LJCZnEX0KxarYr5r/DKMI5XPYuwPVk=
Subject key identifier: 90:22:DE:A0:6F:1A:E5:0E:BA:64:E8:2D:4B:E5:D1:15:4B:3B:90:D3
Certificate issuer: /CN=fd261d45319e8375187436da44bf5b9adb044a7f
Certificate serial: 01942827CBC5DAE112D349670061B7047655
Authority key identifier: FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/kCLeoG8a5Q66ZOgtS-XRFUs7kNM.roa
Signing time: Thu 02 Jan 2025 17:54:44 +0000
ROA not before: Thu 02 Jan 2025 17:54:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8758
IP address blocks: 31.24.8.0/21 maxlen: 24
37.46.144.0/22 maxlen: 24
77.74.96.0/21 maxlen: 24
80.89.208.0/20 maxlen: 24
83.150.0.0/18 maxlen: 24
84.254.80.0/20 maxlen: 24
84.254.96.0/20 maxlen: 24
87.239.200.0/21 maxlen: 24
88.218.24.0/22 maxlen: 24
91.84.64.0/19 maxlen: 24
95.143.48.0/20 maxlen: 24
109.70.112.0/21 maxlen: 24
109.70.115.0/24 maxlen: 24
109.70.116.0/22 maxlen: 24
145.40.192.0/19 maxlen: 24
157.143.0.0/17 maxlen: 24
178.22.104.0/21 maxlen: 24
178.250.130.0/23 maxlen: 24
185.109.164.0/22 maxlen: 24
185.160.244.0/22 maxlen: 24
194.31.128.0/23 maxlen: 24
194.246.118.0/23 maxlen: 24
212.25.0.0/19 maxlen: 24
217.22.128.0/20 maxlen: 24
217.71.240.0/20 maxlen: 24
217.150.224.0/20 maxlen: 24
2001:8e0::/29 maxlen: 32
2a00:10c0::/32 maxlen: 32
2a01:bd00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:cb:c5:da:e1:12:d3:49:67:00:61:b7:04:76:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd261d45319e8375187436da44bf5b9adb044a7f
Validity
Not Before: Jan 2 17:54:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9022dea06f1ae50eba64e82d4be5d1154b3b90d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5b:d3:e3:2d:c8:86:ca:e8:d0:0c:d6:f3:92:
f9:ae:f4:1f:18:14:87:90:4f:4d:5e:2f:6c:fb:6e:
97:30:58:41:9e:70:8e:83:6c:2f:84:9e:ed:47:a3:
e1:a5:07:4f:ad:2e:57:cb:38:48:94:52:66:5f:12:
d6:cf:6a:42:9f:85:f3:e9:51:f9:30:30:09:ce:d2:
8f:eb:6d:bf:aa:27:10:cf:eb:ee:c8:a2:b4:d8:c2:
27:2a:cd:52:c0:97:02:4a:d0:36:8e:c9:68:10:e5:
76:4f:3a:8c:41:b2:8c:0a:d4:8a:f5:5d:b2:28:45:
4d:d4:8c:31:f5:61:30:f6:33:ca:fc:80:27:d0:c2:
ca:c0:db:3c:9e:ea:8a:14:13:d9:ab:17:5a:b1:71:
4d:74:4b:e6:31:8d:0d:6b:9a:96:6b:ef:6a:d7:c0:
91:f8:42:b8:2f:73:cb:6c:f1:ed:73:79:67:e6:ed:
35:45:13:f7:95:4a:62:33:d6:37:41:ff:26:cf:44:
ad:c5:a1:5a:c5:16:7b:4d:a6:64:4b:25:ad:90:51:
49:19:9b:ba:10:5f:03:c0:22:59:fc:c7:91:79:68:
44:5b:50:89:bc:99:c2:4b:c3:7d:06:fd:24:e5:69:
c5:90:13:68:21:5a:4c:7c:ec:97:8b:56:88:c5:c4:
d8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:22:DE:A0:6F:1A:E5:0E:BA:64:E8:2D:4B:E5:D1:15:4B:3B:90:D3
X509v3 Authority Key Identifier:
keyid:FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/kCLeoG8a5Q66ZOgtS-XRFUs7kNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.8.0/21
37.46.144.0/22
77.74.96.0/21
80.89.208.0/20
83.150.0.0/18
84.254.80.0-84.254.111.255
87.239.200.0/21
88.218.24.0/22
91.84.64.0/19
95.143.48.0/20
109.70.112.0/21
145.40.192.0/19
157.143.0.0/17
178.22.104.0/21
178.250.130.0/23
185.109.164.0/22
185.160.244.0/22
194.31.128.0/23
194.246.118.0/23
212.25.0.0/19
217.22.128.0/20
217.71.240.0/20
217.150.224.0/20
IPv6:
2001:8e0::/29
2a00:10c0::/32
2a01:bd00::/32
Signature Algorithm: sha256WithRSAEncryption
b9:2d:05:95:4d:14:f0:23:be:6b:ea:e3:d9:af:f4:24:4d:5b:
aa:98:06:84:00:06:57:bb:15:d3:ef:fe:33:08:65:88:6a:c5:
94:83:83:b5:67:ed:a9:4a:e7:27:57:a1:53:6f:79:e3:2b:33:
bb:ee:53:a5:d9:b2:b6:51:6e:2c:3e:69:d3:30:34:ab:0f:b4:
bc:59:98:be:b7:76:17:5c:29:b5:4b:9b:8e:37:d2:bd:e4:e3:
92:1a:de:be:f3:2c:a6:b5:42:4a:3f:67:b3:b2:43:be:c6:5b:
ba:79:12:c9:09:23:c2:b3:a3:26:21:2a:7c:16:9a:34:04:8b:
25:bd:d4:2f:56:ac:96:53:d9:b4:49:69:c0:43:4d:16:7a:c3:
e8:c2:89:2e:47:7b:43:87:71:39:6c:47:b5:6f:23:f5:ae:18:
75:b2:51:ff:29:16:22:fc:e5:72:cc:f3:b6:16:ea:a4:35:12:
e5:0b:43:51:fa:0b:89:eb:f2:f0:8b:79:e6:0c:6b:b2:d2:d1:
4e:50:00:71:3d:ba:52:ee:4c:57:c2:42:e8:18:a7:76:23:2c:
a8:5a:e4:5a:68:09:1f:7c:2f:40:46:0a:04:e3:39:c4:7d:84:
5d:84:90:c1:41:c1:51:10:6a:75:1c:f8:9e:ed:ba:e6:e7:e5:
cd:bd:fd:d0
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAZQoJ8vF2uES00lnAGG3BHZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjYxZDQ1MzE5ZTgzNzUxODc0MzZkYTQ0YmY1YjlhZGIw
NDRhN2YwHhcNMjUwMTAyMTc1NDQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDIyZGVhMDZmMWFlNTBlYmE2NGU4MmQ0YmU1ZDExNTRiM2I5MGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlvT4y3Ihsro0AzW85L5rvQfGBSH
kE9NXi9s+26XMFhBnnCOg2wvhJ7tR6PhpQdPrS5XyzhIlFJmXxLWz2pCn4Xz6VH5
MDAJztKP622/qicQz+vuyKK02MInKs1SwJcCStA2jsloEOV2TzqMQbKMCtSK9V2y
KEVN1Iwx9WEw9jPK/IAn0MLKwNs8nuqKFBPZqxdasXFNdEvmMY0Na5qWa+9q18CR
+EK4L3PLbPHtc3ln5u01RRP3lUpiM9Y3Qf8mz0StxaFaxRZ7TaZkSyWtkFFJGZu6
EF8DwCJZ/MeReWhEW1CJvJnCS8N9Bv0k5WnFkBNoIVpMfOyXi1aIxcTYpQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFJAi3qBvGuUOumToLUvl0RVLO5DTMB8GA1UdIwQY
MBaAFP0mHUUxnoN1GHQ22kS/W5rbBEp/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQt
ZWI1MDkzYjIzMWMxLzEva0NMZW9HOGE1UTY2Wk9ndFMtWFJGVXM3a05NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQtZWI1MDkzYjIzMWMx
LzEvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBmQQCAAEwgZIDBAMf
GAgDBAIlLpADBANNSmADBARQWdADBAZTlgAwDAMEBFT+UAMEBFT+YAMEA1fvyAME
AljaGAMEBVtUQAMEBF+PMAMEA21GcAMEBZEowAMEB52PAAMEA7IWaAMEAbL6ggME
ArltpAMEArmg9AMEAcIfgAMEAcL2dgMEBdQZAAMEBNkWgAMEBNlH8AMEBNmW4DAb
BAIAAjAVAwUDIAEI4AMFACoAEMADBQAqAb0AMA0GCSqGSIb3DQEBCwUAA4IBAQC5
LQWVTRTwI75r6uPZr/QkTVuqmAaEAAZXuxXT7/4zCGWIasWUg4O1Z+2pSucnV6FT
b3njKzO77lOl2bK2UW4sPmnTMDSrD7S8WZi+t3YXXCm1S5uON9K95OOSGt6+8yym
tUJKP2ezskO+xlu6eRLJCSPCs6MmISp8Fpo0BIslvdQvVqyWU9m0SWnAQ00WesPo
wokuR3tDh3E5bEe1byP1rhh1slH/KRYi/OVyzPO2FuqkNRLlC0NR+guJ6/Lwi3nm
DGuy0tFOUABxPbpS7kxXwkLoGKd2IyyoWuRaaAkffC9ARgoE4znEfYRdhJDBQcFR
EGp1HPie7brm5+XNvf3Q
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:26:57 2025 by rpki-client