Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/Ki-l0-NqB3-W8rebOsp5Nz1tUCQ.roa
File: Ki-l0-NqB3-W8rebOsp5Nz1tUCQ.roa (raw, json)
Hash identifier: mOSRLmnG86S35tEBG8q88cLaUeF47X7BqzDM8g9ROLA=
Subject key identifier: 2A:2F:A5:D3:E3:6A:07:7F:96:F2:B7:9B:3A:CA:79:37:3D:6D:50:24
Certificate issuer: /CN=61ba0be7cce380e6bb74e3c5fcea081e9799ae54
Certificate serial: 019426D973C453F0A3D6B6C6C735592F554A
Authority key identifier: 61:BA:0B:E7:CC:E3:80:E6:BB:74:E3:C5:FC:EA:08:1E:97:99:AE:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YboL58zjgOa7dOPF_OoIHpeZrlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/Ki-l0-NqB3-W8rebOsp5Nz1tUCQ.roa
Signing time: Thu 02 Jan 2025 11:49:32 +0000
ROA not before: Thu 02 Jan 2025 11:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51431
IP address blocks: 185.137.24.0/24 maxlen: 24
185.137.25.0/24 maxlen: 24
185.137.26.0/24 maxlen: 24
185.137.27.0/24 maxlen: 24
185.191.76.0/22 maxlen: 24
185.191.76.0/24 maxlen: 24
185.191.77.0/24 maxlen: 24
185.191.78.0/24 maxlen: 24
185.191.79.0/24 maxlen: 24
2a0c:99c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:73:c4:53:f0:a3:d6:b6:c6:c7:35:59:2f:55:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61ba0be7cce380e6bb74e3c5fcea081e9799ae54
Validity
Not Before: Jan 2 11:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a2fa5d3e36a077f96f2b79b3aca79373d6d5024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:64:0d:49:20:3b:83:a0:9e:5e:80:bd:e9:a1:
7d:4d:b1:a5:21:71:7b:85:4b:45:97:bb:b2:dc:7d:
9f:49:da:4a:20:40:7a:bc:47:95:d8:25:ca:fb:c1:
78:74:aa:db:1f:c0:38:dc:1e:f5:83:6a:9b:42:55:
fc:15:61:68:9d:ce:21:3a:f7:98:ac:3b:b3:9e:58:
fb:34:82:8e:47:eb:f8:d8:10:4c:8a:89:c2:b7:19:
b3:74:18:8c:63:7f:0d:90:7a:54:21:f1:6e:3b:dd:
84:69:47:66:ec:3c:59:1f:6c:ba:da:e4:ed:31:11:
87:3e:a7:74:4b:b2:ad:fd:40:30:2f:f5:eb:6e:07:
d2:b9:48:34:5a:8d:2b:a8:46:b2:a8:d1:4f:c9:81:
52:99:63:47:f7:1f:ec:28:2c:23:ab:d5:c8:7d:f0:
58:7a:90:0b:02:8d:4d:60:f6:b0:b8:7a:9e:99:ca:
1f:9a:0b:50:d1:5a:1b:47:b5:63:27:36:72:30:c0:
b3:df:b6:38:18:f1:65:37:2e:08:38:85:a2:cb:64:
07:66:c0:d5:ef:cb:d7:ef:8a:8f:01:89:9c:2b:f9:
46:67:57:9c:a2:dd:0e:fe:fc:28:62:f7:a7:c4:e9:
dd:dd:ad:40:3a:a1:5b:aa:23:eb:54:d6:7a:da:25:
d7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2F:A5:D3:E3:6A:07:7F:96:F2:B7:9B:3A:CA:79:37:3D:6D:50:24
X509v3 Authority Key Identifier:
keyid:61:BA:0B:E7:CC:E3:80:E6:BB:74:E3:C5:FC:EA:08:1E:97:99:AE:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YboL58zjgOa7dOPF_OoIHpeZrlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/Ki-l0-NqB3-W8rebOsp5Nz1tUCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/YboL58zjgOa7dOPF_OoIHpeZrlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.24.0/22
185.191.76.0/22
IPv6:
2a0c:99c0::/29
Signature Algorithm: sha256WithRSAEncryption
cb:4b:ca:51:62:0e:36:1c:a4:e5:a1:4d:79:18:04:54:00:f8:
8a:5e:b0:b7:1a:c2:76:70:8e:09:9f:dd:e6:93:a6:f2:43:7c:
0f:2d:d5:63:d1:af:fb:2f:b9:a4:c6:d0:05:c1:8d:c6:31:d2:
9d:36:25:31:a9:e6:8d:fc:37:4c:77:0d:99:61:5c:07:6c:1f:
19:c8:99:0e:77:21:c2:d1:71:6a:82:25:9c:76:ca:4a:83:89:
97:c7:5b:c8:96:65:df:76:f2:e4:99:a5:1b:a9:7b:c9:cf:51:
4c:a9:fa:02:9e:c6:bc:24:dd:3c:29:7f:c1:6c:2d:c7:05:fc:
3a:77:c9:69:e2:24:7e:7b:a7:01:1d:2b:16:0a:65:a6:50:ae:
10:b3:4d:1d:33:d2:20:b1:91:78:61:ad:d4:98:b4:83:29:09:
bd:03:1d:53:12:77:de:86:01:e9:49:e8:62:06:e9:31:7f:f7:
9e:42:5c:63:d2:34:03:65:32:07:95:57:f1:9d:7c:e5:c0:e4:
de:5c:c2:18:60:c8:88:74:5d:14:c5:3b:37:a1:8a:d3:3c:db:
37:1b:ec:4f:d1:c5:c1:0c:c5:d9:7d:ad:d7:2e:9c:91:d7:6b:
aa:2f:f1:bd:50:8e:02:c1:a3:2d:7d:1f:e2:a2:6e:51:e5:95:
de:e5:5f:a3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2XPEU/Cj1rbGxzVZL1VKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYmEwYmU3Y2NlMzgwZTZiYjc0ZTNjNWZjZWEwODFlOTc5
OWFlNTQwHhcNMjUwMTAyMTE0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTJmYTVkM2UzNmEwNzdmOTZmMmI3OWIzYWNhNzkzNzNkNmQ1MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2QNSSA7g6CeXoC96aF9TbGlIXF7
hUtFl7uy3H2fSdpKIEB6vEeV2CXK+8F4dKrbH8A43B71g2qbQlX8FWFonc4hOveY
rDuznlj7NIKOR+v42BBMionCtxmzdBiMY38NkHpUIfFuO92EaUdm7DxZH2y62uTt
MRGHPqd0S7Kt/UAwL/XrbgfSuUg0Wo0rqEayqNFPyYFSmWNH9x/sKCwjq9XIffBY
epALAo1NYPawuHqemcofmgtQ0VobR7VjJzZyMMCz37Y4GPFlNy4IOIWiy2QHZsDV
78vX74qPAYmcK/lGZ1ecot0O/vwoYvenxOnd3a1AOqFbqiPrVNZ62iXXzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCovpdPjagd/lvK3mzrKeTc9bVAkMB8GA1UdIwQY
MBaAFGG6C+fM44Dmu3TjxfzqCB6Xma5UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJvTDU4empnT2E3ZE9QRl9Pb0lIcGVacmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9hMmUzN2QtNGJhNS00MTY1LTlmZDIt
MjEwZDQ4MmE0YjkzLzEvS2ktbDAtTnFCMy1XOHJlYk9zcDVOejF0VUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9hMmUzN2QtNGJhNS00MTY1LTlmZDItMjEwZDQ4MmE0Yjkz
LzEvWWJvTDU4empnT2E3ZE9QRl9Pb0lIcGVacmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYkYAwQC
ub9MMA0EAgACMAcDBQMqDJnAMA0GCSqGSIb3DQEBCwUAA4IBAQDLS8pRYg42HKTl
oU15GARUAPiKXrC3GsJ2cI4Jn93mk6byQ3wPLdVj0a/7L7mkxtAFwY3GMdKdNiUx
qeaN/DdMdw2ZYVwHbB8ZyJkOdyHC0XFqgiWcdspKg4mXx1vIlmXfdvLkmaUbqXvJ
z1FMqfoCnsa8JN08KX/BbC3HBfw6d8lp4iR+e6cBHSsWCmWmUK4Qs00dM9IgsZF4
Ya3UmLSDKQm9Ax1TEnfehgHpSehiBukxf/eeQlxj0jQDZTIHlVfxnXzlwOTeXMIY
YMiIdF0UxTs3oYrTPNs3G+xP0cXBDMXZfa3XLpyR12uqL/G9UI4CwaMtfR/iom5R
5ZXe5V+j
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:19:20 2025 by rpki-client