Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b83ab5-cdb2-4174-8093-802d09cfc835/1/KkzZdtSbSgev6F4EciFP374t71M.roa
File: KkzZdtSbSgev6F4EciFP374t71M.roa (raw, json)
Hash identifier: RKNA7btFBFTKM+7ILEeu2plNQgmHlkDMuCESaQkp038=
Subject key identifier: 2A:4C:D9:76:D4:9B:4A:07:AF:E8:5E:04:72:21:4F:DF:BE:2D:EF:53
Certificate issuer: /CN=5a8f81366ffc43c71f5bb521f81501760ebeb074
Certificate serial: 019427B689EE64E1002C87142C1B8B5CA12E
Authority key identifier: 5A:8F:81:36:6F:FC:43:C7:1F:5B:B5:21:F8:15:01:76:0E:BE:B0:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wo-BNm_8Q8cfW7Uh-BUBdg6-sHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b83ab5-cdb2-4174-8093-802d09cfc835/1/KkzZdtSbSgev6F4EciFP374t71M.roa
Signing time: Thu 02 Jan 2025 15:51:01 +0000
ROA not before: Thu 02 Jan 2025 15:51:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61345
IP address blocks: 185.8.12.0/22 maxlen: 24
185.144.76.0/22 maxlen: 24
185.144.248.0/22 maxlen: 24
2a03:3140::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:89:ee:64:e1:00:2c:87:14:2c:1b:8b:5c:a1:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a8f81366ffc43c71f5bb521f81501760ebeb074
Validity
Not Before: Jan 2 15:51:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a4cd976d49b4a07afe85e0472214fdfbe2def53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:18:57:54:aa:ed:25:02:72:e8:1a:dd:9b:74:
57:6e:f9:07:28:35:d6:2f:8d:cd:31:62:4b:aa:25:
06:ac:3c:64:1c:4f:df:26:c5:83:d2:40:34:98:e1:
75:ef:a7:b4:e3:60:46:80:01:70:19:4a:ef:8c:85:
d1:df:2c:ec:a1:58:6b:cb:a5:39:89:b3:85:57:e6:
14:3b:b2:99:d7:51:dd:1e:16:62:6e:9f:27:bf:38:
f1:ad:c3:5a:8f:5a:af:06:4e:dd:92:81:fa:2f:d5:
b0:8d:91:af:61:01:78:ba:36:ce:eb:e8:a7:0b:8d:
53:2d:10:76:a7:7e:78:fe:b7:70:74:4a:68:43:24:
88:ce:8d:07:8c:1f:5d:51:9f:95:c6:c9:47:84:ce:
4f:af:83:4c:37:58:95:0f:ca:47:22:4b:fd:f0:4f:
6b:88:4c:aa:bd:d7:01:52:45:10:7c:06:e5:c1:5d:
d3:9e:49:59:35:3a:7c:a1:4e:10:2f:7e:25:01:5d:
80:38:03:26:65:fb:41:25:68:05:bd:f3:d0:bd:44:
10:99:9c:6e:ba:51:a8:f0:53:5c:53:05:46:62:a6:
e1:a6:89:82:02:fa:e3:5f:32:7b:5a:84:b3:01:f1:
60:38:81:d8:a7:89:26:bc:56:2c:7a:df:aa:81:09:
e7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:4C:D9:76:D4:9B:4A:07:AF:E8:5E:04:72:21:4F:DF:BE:2D:EF:53
X509v3 Authority Key Identifier:
keyid:5A:8F:81:36:6F:FC:43:C7:1F:5B:B5:21:F8:15:01:76:0E:BE:B0:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wo-BNm_8Q8cfW7Uh-BUBdg6-sHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b83ab5-cdb2-4174-8093-802d09cfc835/1/KkzZdtSbSgev6F4EciFP374t71M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b83ab5-cdb2-4174-8093-802d09cfc835/1/Wo-BNm_8Q8cfW7Uh-BUBdg6-sHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.12.0/22
185.144.76.0/22
185.144.248.0/22
IPv6:
2a03:3140::/32
Signature Algorithm: sha256WithRSAEncryption
7e:df:4b:cf:25:c9:91:8f:b8:70:aa:f8:f8:50:54:a6:d3:95:
32:60:38:87:67:93:d9:a2:0b:a7:7a:3b:04:2c:60:3b:94:44:
2b:a5:f9:d1:8d:75:13:bf:4b:73:6e:cc:f9:50:1f:49:3f:08:
d4:c5:61:80:04:32:a4:bc:92:03:09:c1:ac:0e:61:13:90:a1:
73:7f:ee:31:a1:3f:c4:ae:e8:10:c6:bf:94:29:72:f5:a9:05:
dc:a7:3d:d3:d9:90:b0:ae:4e:8f:97:20:6f:95:04:07:1c:5d:
2f:c4:ad:b4:27:f4:99:f7:79:b5:af:ef:f9:a4:1d:b0:bc:5f:
b1:93:ae:73:7c:34:df:ed:21:6c:15:0b:f7:5e:18:23:15:9e:
9d:36:18:53:5c:82:6a:89:79:04:34:3e:33:9e:40:6e:ad:09:
97:1c:72:cf:ce:0b:f9:3f:7a:68:6a:f2:28:30:d8:18:8a:de:
18:60:72:72:0d:4f:60:b9:d1:2f:cc:71:43:d0:46:d2:8b:6a:
bf:7e:14:ff:28:48:cc:91:ae:0c:d6:36:b2:9a:04:bc:7c:03:
f4:c4:aa:dc:8f:a5:ce:09:97:a9:1d:96:2f:80:0c:12:b1:ef:
8d:2d:2a:29:eb:3f:38:7d:02:54:80:3a:e6:69:de:6c:33:ed:
ea:d9:f3:63
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQntonuZOEALIcULBuLXKEuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOGY4MTM2NmZmYzQzYzcxZjViYjUyMWY4MTUwMTc2MGVi
ZWIwNzQwHhcNMjUwMTAyMTU1MTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTRjZDk3NmQ0OWI0YTA3YWZlODVlMDQ3MjIxNGZkZmJlMmRlZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRhXVKrtJQJy6Brdm3RXbvkHKDXW
L43NMWJLqiUGrDxkHE/fJsWD0kA0mOF176e042BGgAFwGUrvjIXR3yzsoVhry6U5
ibOFV+YUO7KZ11HdHhZibp8nvzjxrcNaj1qvBk7dkoH6L9WwjZGvYQF4ujbO6+in
C41TLRB2p354/rdwdEpoQySIzo0HjB9dUZ+VxslHhM5Pr4NMN1iVD8pHIkv98E9r
iEyqvdcBUkUQfAblwV3TnklZNTp8oU4QL34lAV2AOAMmZftBJWgFvfPQvUQQmZxu
ulGo8FNcUwVGYqbhpomCAvrjXzJ7WoSzAfFgOIHYp4kmvFYset+qgQnnpQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCpM2XbUm0oHr+heBHIhT9++Le9TMB8GA1UdIwQY
MBaAFFqPgTZv/EPHH1u1IfgVAXYOvrB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV28tQk5tXzhROGNmVzdVaC1CVUJkZzYtc0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iODNhYjUtY2RiMi00MTc0LTgwOTMt
ODAyZDA5Y2ZjODM1LzEvS2t6WmR0U2JTZ2V2NkY0RWNpRlAzNzR0NzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iODNhYjUtY2RiMi00MTc0LTgwOTMtODAyZDA5Y2ZjODM1
LzEvV28tQk5tXzhROGNmVzdVaC1CVUJkZzYtc0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQgMAwQC
uZBMAwQCuZD4MA0EAgACMAcDBQAqAzFAMA0GCSqGSIb3DQEBCwUAA4IBAQB+30vP
JcmRj7hwqvj4UFSm05UyYDiHZ5PZogunejsELGA7lEQrpfnRjXUTv0tzbsz5UB9J
PwjUxWGABDKkvJIDCcGsDmETkKFzf+4xoT/ErugQxr+UKXL1qQXcpz3T2ZCwrk6P
lyBvlQQHHF0vxK20J/SZ93m1r+/5pB2wvF+xk65zfDTf7SFsFQv3XhgjFZ6dNhhT
XIJqiXkEND4znkBurQmXHHLPzgv5P3poavIoMNgYit4YYHJyDU9gudEvzHFD0EbS
i2q/fhT/KEjMka4M1jaymgS8fAP0xKrcj6XOCZepHZYvgAwSse+NLSop6z84fQJU
gDrmad5sM+3q2fNj
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:24:12 2025 by rpki-client