Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/KGkiu_v0VLQmN7S0ksdeT71QkrU.roa
File: KGkiu_v0VLQmN7S0ksdeT71QkrU.roa (raw, json)
Hash identifier: JLkvT5B6nB370rTNimZvN5bMsuGtWZVcc7r812WnkMQ=
Subject key identifier: 28:69:22:BB:FB:F4:54:B4:26:37:B4:B4:92:C7:5E:4F:BD:50:92:B5
Certificate issuer: /CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Certificate serial: 019424B373573B1BE3052BA20C61CE04BDFE
Authority key identifier: A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/KGkiu_v0VLQmN7S0ksdeT71QkrU.roa
Signing time: Thu 02 Jan 2025 01:48:47 +0000
ROA not before: Thu 02 Jan 2025 01:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42652
IP address blocks: 5.45.0.0/21 maxlen: 21
5.100.128.0/20 maxlen: 20
37.157.40.0/21 maxlen: 21
46.165.128.0/18 maxlen: 18
77.244.96.0/20 maxlen: 20
89.21.96.0/19 maxlen: 19
109.75.208.0/20 maxlen: 20
128.0.96.0/21 maxlen: 21
128.0.100.0/22 maxlen: 22
131.117.144.0/20 maxlen: 20
156.67.128.0/20 maxlen: 20
156.67.132.0/22 maxlen: 22
156.67.140.0/22 maxlen: 22
178.76.128.0/18 maxlen: 18
185.7.208.0/22 maxlen: 22
185.18.128.0/22 maxlen: 22
185.74.180.0/22 maxlen: 22
188.210.0.0/18 maxlen: 18
188.210.60.0/22 maxlen: 22
212.43.64.0/19 maxlen: 19
2a01:5c0::/32 maxlen: 32
2a02:6d40::/32 maxlen: 32
2a03:4920::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:73:57:3b:1b:e3:05:2b:a2:0c:61:ce:04:bd:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Validity
Not Before: Jan 2 01:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=286922bbfbf454b42637b4b492c75e4fbd5092b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:04:dd:54:ee:ce:1a:74:57:81:94:92:e7:ce:
26:0c:fd:8b:b4:03:67:bd:f2:5b:2d:b0:7e:25:a9:
9b:a4:d3:13:2e:d2:d2:cc:d7:d9:2a:da:94:0d:f4:
85:f8:c7:5a:32:9b:77:61:36:8a:b1:81:70:15:9a:
b0:d2:2c:54:88:b9:71:cd:11:a7:04:c2:bb:2d:ae:
2e:5d:03:bd:dd:b9:02:97:ae:f3:c5:ce:18:7d:11:
23:00:aa:7f:36:9a:bf:34:80:f9:11:7d:f9:d7:09:
1d:89:fc:99:e8:36:44:ab:a0:c7:21:22:37:cf:98:
ea:d6:fc:33:fa:c4:26:a2:13:b0:29:58:d8:d6:c8:
90:34:c9:3a:c1:f9:5a:f1:79:6d:fa:cb:12:e3:fb:
f4:de:4e:ce:10:3f:db:f3:b7:6a:e8:a3:ee:74:83:
b2:0e:e4:8d:8a:42:a7:e9:42:a4:1a:64:4f:87:c4:
ad:4d:7a:62:3c:39:46:45:21:cd:59:12:45:3f:d2:
09:5c:d6:9d:d9:fc:c0:f4:d4:ad:26:c3:cf:23:df:
d2:68:81:8a:91:da:92:ef:80:db:3d:fb:7d:3d:6d:
6a:ec:f9:2b:b1:7c:37:3b:53:3f:35:eb:e1:f6:fb:
bc:9e:88:f2:86:5a:69:87:34:97:d0:80:90:b7:be:
eb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:69:22:BB:FB:F4:54:B4:26:37:B4:B4:92:C7:5E:4F:BD:50:92:B5
X509v3 Authority Key Identifier:
keyid:A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/KGkiu_v0VLQmN7S0ksdeT71QkrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.0.0/21
5.100.128.0/20
37.157.40.0/21
46.165.128.0/18
77.244.96.0/20
89.21.96.0/19
109.75.208.0/20
128.0.96.0/21
131.117.144.0/20
156.67.128.0/20
178.76.128.0/18
185.7.208.0/22
185.18.128.0/22
185.74.180.0/22
188.210.0.0/18
212.43.64.0/19
IPv6:
2a01:5c0::/32
2a02:6d40::/32
2a03:4920::/32
Signature Algorithm: sha256WithRSAEncryption
0a:33:20:d1:01:7d:52:e2:8d:49:38:f0:66:38:2a:bb:01:ac:
3c:8a:56:76:2e:f7:34:83:e8:aa:74:36:5c:bf:44:3c:83:5a:
94:21:0b:6f:ac:15:8f:ce:89:c7:29:d8:9c:94:54:ca:f7:3f:
b0:80:14:22:21:02:b5:e1:ac:5b:d1:be:22:3b:19:2b:17:b5:
65:ae:45:0e:20:8a:0a:52:e4:43:bd:c9:d4:14:74:a5:a2:8f:
f5:6d:24:38:da:86:22:1b:57:19:d4:4d:45:eb:7e:3c:08:4c:
6a:33:32:b2:46:9b:a5:79:9b:c0:4d:3b:af:80:c0:3d:89:23:
68:b5:87:dc:8c:96:6c:da:60:fc:12:d3:d4:3e:ba:6c:09:d5:
f8:8d:ab:c1:f9:16:9f:8d:14:65:3a:3b:68:3f:45:f8:56:6b:
e1:44:9e:e6:de:02:b8:f6:50:f7:d4:29:47:e6:93:03:79:e9:
ce:ce:f8:c3:23:b3:97:1b:63:50:55:04:2e:73:68:e9:9e:71:
4a:87:47:46:c7:d5:41:37:13:62:c7:1a:81:89:50:97:e3:f2:
5b:5f:55:99:f5:52:f0:a1:c3:04:6b:a9:7c:e9:66:22:d1:9a:
c7:d1:59:37:7c:28:28:af:b9:1e:c1:1a:e3:f1:25:a9:a5:1f:
d3:0f:55:62
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZQks3NXOxvjBSuiDGHOBL3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODE2NGQ5OTYxYTE2ZDJlZmY3NzNmNTAyNzgyMWU5ZDJi
ZDM3NDAwHhcNMjUwMTAyMDE0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODY5MjJiYmZiZjQ1NGI0MjYzN2I0YjQ5MmM3NWU0ZmJkNTA5MmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wTdVO7OGnRXgZSS584mDP2LtANn
vfJbLbB+JambpNMTLtLSzNfZKtqUDfSF+MdaMpt3YTaKsYFwFZqw0ixUiLlxzRGn
BMK7La4uXQO93bkCl67zxc4YfREjAKp/Npq/NID5EX351wkdifyZ6DZEq6DHISI3
z5jq1vwz+sQmohOwKVjY1siQNMk6wfla8Xlt+ssS4/v03k7OED/b87dq6KPudIOy
DuSNikKn6UKkGmRPh8StTXpiPDlGRSHNWRJFP9IJXNad2fzA9NStJsPPI9/SaIGK
kdqS74DbPft9PW1q7PkrsXw3O1M/Nevh9vu8nojyhlpphzSX0ICQt77rjwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFChpIrv79FS0Jje0tJLHXk+9UJK1MB8GA1UdIwQY
MBaAFKGBZNmWGhbS7/dz9QJ4IenSvTdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUt
MTUyMzgwM2ZhZGFmLzEvS0draXVfdjBWTFFtTjdTMGtzZGVUNzFRa3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUtMTUyMzgwM2ZhZGFm
LzEvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTBmBAIAATBgAwQDBS0A
AwQEBWSAAwQDJZ0oAwQGLqWAAwQETfRgAwQFWRVgAwQEbUvQAwQDgABgAwQEg3WQ
AwQEnEOAAwQGskyAAwQCuQfQAwQCuRKAAwQCuUq0AwQGvNIAAwQF1CtAMBsEAgAC
MBUDBQAqAQXAAwUAKgJtQAMFACoDSSAwDQYJKoZIhvcNAQELBQADggEBAAozINEB
fVLijUk48GY4KrsBrDyKVnYu9zSD6Kp0Nly/RDyDWpQhC2+sFY/Oiccp2JyUVMr3
P7CAFCIhArXhrFvRviI7GSsXtWWuRQ4gigpS5EO9ydQUdKWij/VtJDjahiIbVxnU
TUXrfjwITGozMrJGm6V5m8BNO6+AwD2JI2i1h9yMlmzaYPwS09Q+umwJ1fiNq8H5
Fp+NFGU6O2g/RfhWa+FEnubeArj2UPfUKUfmkwN56c7O+MMjs5cbY1BVBC5zaOme
cUqHR0bH1UE3E2LHGoGJUJfj8ltfVZn1UvChwwRrqXzpZiLRmsfRWTd8KCivuR7B
GuPxJamlH9MPVWI=
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:18 2025 by rpki-client