Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/KD5CcVWdpeUY7OWEYsk8lC6D2hk.roa
File: KD5CcVWdpeUY7OWEYsk8lC6D2hk.roa (raw, json)
Hash identifier: H95zFft64npjWC1JHZ2t6hhvs8iKIUW0H9YWRNoYrAc=
Subject key identifier: 28:3E:42:71:55:9D:A5:E5:18:EC:E5:84:62:C9:3C:94:2E:83:DA:19
Certificate issuer: /CN=6daacc448c4a23afc94a45a79b76dfbe830b2598
Certificate serial: 01942368C87FE1F7ED7C94594C498A3161A6
Authority key identifier: 6D:AA:CC:44:8C:4A:23:AF:C9:4A:45:A7:9B:76:DF:BE:83:0B:25:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/barMRIxKI6_JSkWnm3bfvoMLJZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/KD5CcVWdpeUY7OWEYsk8lC6D2hk.roa
Signing time: Wed 01 Jan 2025 19:47:37 +0000
ROA not before: Wed 01 Jan 2025 19:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57704
IP address blocks: 5.133.24.0/21 maxlen: 24
5.253.68.0/22 maxlen: 22
5.253.68.0/24 maxlen: 24
5.253.69.0/24 maxlen: 24
5.253.70.0/24 maxlen: 24
5.253.71.0/24 maxlen: 24
45.146.12.0/24 maxlen: 24
45.146.13.0/24 maxlen: 24
45.146.14.0/24 maxlen: 24
45.146.15.0/24 maxlen: 24
185.132.248.0/22 maxlen: 24
193.7.220.0/24 maxlen: 32
193.7.221.0/24 maxlen: 24
193.7.222.0/24 maxlen: 24
193.7.223.0/24 maxlen: 24
2a09:9900::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:c8:7f:e1:f7:ed:7c:94:59:4c:49:8a:31:61:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6daacc448c4a23afc94a45a79b76dfbe830b2598
Validity
Not Before: Jan 1 19:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=283e4271559da5e518ece58462c93c942e83da19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ef:18:a1:af:94:15:6f:7b:0c:9f:8a:c1:f7:
17:be:20:6a:12:65:f7:4c:5f:cd:fd:a0:b8:73:28:
42:23:6f:5e:73:fc:f8:d8:f0:97:e1:b7:e7:f2:95:
2f:11:6d:b9:08:6a:f5:8f:fb:b1:d0:10:19:28:a2:
1e:8a:d6:6d:48:cc:e0:1c:e4:a8:30:a2:8f:f5:ab:
85:87:ae:91:d7:ce:26:15:10:d2:13:1a:2d:63:0d:
7f:9d:24:d6:71:4e:d1:83:4d:3b:3f:7d:a7:a7:c8:
ef:e6:50:13:47:89:bf:e8:0d:2c:a9:97:64:f2:db:
f8:e3:1a:fa:a5:51:fb:a4:f1:4c:a0:06:48:89:3d:
10:97:e7:9d:64:7c:2e:1b:7b:1a:d5:71:27:22:8f:
a8:fe:6b:f5:00:ef:52:6e:d2:bb:ce:4b:7a:49:b3:
c5:45:30:ee:24:d9:90:65:f8:89:0e:e6:03:dc:ac:
33:64:dc:1d:8c:c4:98:9d:f4:97:ae:a2:02:df:9e:
7b:e1:c8:c1:ad:d2:93:af:0e:9d:a1:18:48:2d:43:
9b:37:eb:fa:06:db:5c:66:42:70:73:c8:86:b8:c1:
31:b8:2d:42:24:fb:36:54:11:c9:a9:10:a7:61:20:
9e:6a:01:a0:a3:50:72:f2:6c:f8:52:81:1f:09:5b:
40:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:3E:42:71:55:9D:A5:E5:18:EC:E5:84:62:C9:3C:94:2E:83:DA:19
X509v3 Authority Key Identifier:
keyid:6D:AA:CC:44:8C:4A:23:AF:C9:4A:45:A7:9B:76:DF:BE:83:0B:25:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/barMRIxKI6_JSkWnm3bfvoMLJZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/KD5CcVWdpeUY7OWEYsk8lC6D2hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/barMRIxKI6_JSkWnm3bfvoMLJZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.24.0/21
5.253.68.0/22
45.146.12.0/22
185.132.248.0/22
193.7.220.0/22
IPv6:
2a09:9900::/32
Signature Algorithm: sha256WithRSAEncryption
1a:f3:dc:ce:74:1a:87:a8:82:72:98:21:f7:37:90:75:a9:45:
4d:08:3f:3b:31:79:eb:05:99:62:94:ea:ee:f9:9f:2a:c7:e5:
1d:da:49:39:f9:21:ab:89:49:37:bf:33:70:9d:ef:d4:13:c3:
f9:5f:c6:c7:dc:09:8d:f5:c5:30:89:e6:ca:0d:ce:2a:14:36:
4a:54:7e:81:59:3c:3e:a1:bc:87:45:6a:50:4d:09:76:e6:8e:
4c:0f:ee:42:83:99:30:34:69:25:b3:f0:6a:e2:7a:78:bc:6d:
76:96:47:fa:ee:af:6f:4c:81:73:8a:85:ce:88:db:35:f1:05:
8b:fa:5f:e7:3a:d4:cd:79:22:6a:38:84:f2:1c:7c:25:2f:f3:
a4:42:2c:a8:dd:60:63:f9:5e:0a:2f:10:21:8b:20:2b:9e:a8:
45:2a:2d:c9:06:87:ae:72:66:58:de:a2:64:9c:77:8c:f9:6e:
31:1d:9e:52:32:b8:3f:a1:8c:19:25:8e:c7:c9:61:a5:10:a5:
7b:ce:9d:00:57:b5:d3:58:e7:f1:47:38:a9:e3:1f:67:c7:42:
e6:95:90:cc:18:e2:52:d6:70:80:36:06:91:33:fd:bd:12:ba:
24:20:a3:f0:5c:86:79:05:96:ed:86:19:29:ec:e5:f7:65:1d:
db:80:b8:e5
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQjaMh/4fftfJRZTEmKMWGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWFjYzQ0OGM0YTIzYWZjOTRhNDVhNzliNzZkZmJlODMw
YjI1OTgwHhcNMjUwMTAxMTk0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODNlNDI3MTU1OWRhNWU1MThlY2U1ODQ2MmM5M2M5NDJlODNkYTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+8Yoa+UFW97DJ+KwfcXviBqEmX3
TF/N/aC4cyhCI29ec/z42PCX4bfn8pUvEW25CGr1j/ux0BAZKKIeitZtSMzgHOSo
MKKP9auFh66R184mFRDSExotYw1/nSTWcU7Rg007P32np8jv5lATR4m/6A0sqZdk
8tv44xr6pVH7pPFMoAZIiT0Ql+edZHwuG3sa1XEnIo+o/mv1AO9SbtK7zkt6SbPF
RTDuJNmQZfiJDuYD3KwzZNwdjMSYnfSXrqIC35574cjBrdKTrw6doRhILUObN+v6
BttcZkJwc8iGuMExuC1CJPs2VBHJqRCnYSCeagGgo1By8mz4UoEfCVtA1QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCg+QnFVnaXlGOzlhGLJPJQug9oZMB8GA1UdIwQY
MBaAFG2qzESMSiOvyUpFp5t2376DCyWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmFyTVJJeEtJNl9KU2tXbm0zYmZ2b01MSlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zNDY0OWUtOWJjNC00MDE4LWIzYTAt
NzU2ZjNjYzNlYzMzLzEvS0Q1Q2NWV2RwZVVZN09XRVlzazhsQzZEMmhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zNDY0OWUtOWJjNC00MDE4LWIzYTAtNzU2ZjNjYzNlYzMz
LzEvYmFyTVJJeEtJNl9KU2tXbm0zYmZ2b01MSlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBYUYAwQC
Bf1EAwQCLZIMAwQCuYT4AwQCwQfcMA0EAgACMAcDBQAqCZkAMA0GCSqGSIb3DQEB
CwUAA4IBAQAa89zOdBqHqIJymCH3N5B1qUVNCD87MXnrBZlilOru+Z8qx+Ud2kk5
+SGriUk3vzNwne/UE8P5X8bH3AmN9cUwiebKDc4qFDZKVH6BWTw+obyHRWpQTQl2
5o5MD+5Cg5kwNGkls/Bq4np4vG12lkf67q9vTIFzioXOiNs18QWL+l/nOtTNeSJq
OITyHHwlL/OkQiyo3WBj+V4KLxAhiyArnqhFKi3JBoeucmZY3qJknHeM+W4xHZ5S
Mrg/oYwZJY7HyWGlEKV7zp0AV7XTWOfxRzip4x9nx0LmlZDMGOJS1nCANgaRM/29
ErokIKPwXIZ5BZbthhkp7OX3ZR3bgLjl
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:41:15 2025 by rpki-client