Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KGFZMHijFuEKCLXmBgYMuAaj2pw.roa
File: KGFZMHijFuEKCLXmBgYMuAaj2pw.roa (raw, json)
Hash identifier: WX6lAUpMw5OwA6xHl06M733dkt2W6L4Rs/S+YNyo2KI=
Subject key identifier: 28:61:59:30:78:A3:16:E1:0A:08:B5:E6:06:06:0C:B8:06:A3:DA:9C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194ACDA4E3AE3F8C8EB51C09A5819BDEB68
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KGFZMHijFuEKCLXmBgYMuAaj2pw.roa
Signing time: Tue 28 Jan 2025 12:19:35 +0000
ROA not before: Tue 28 Jan 2025 12:19:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201021
IP address blocks: 62.76.224.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.87.66.0/24 maxlen: 24
194.87.67.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:da:4e:3a:e3:f8:c8:eb:51:c0:9a:58:19:bd:eb:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 28 12:19:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2861593078a316e10a08b5e606060cb806a3da9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:52:d7:10:b4:bb:c9:fd:fa:00:9d:91:3c:43:
25:c9:5f:5c:22:a8:52:82:d5:6d:cd:2d:29:52:aa:
40:70:bd:3e:7b:2f:c4:db:9a:7c:b2:0d:e6:77:3d:
0e:97:56:59:25:d1:47:a3:9e:07:f4:d0:3e:41:ed:
b5:b2:f5:86:c2:74:b0:59:ac:ba:a2:45:4a:24:df:
2d:d7:9d:29:f4:02:b1:f0:c4:49:7d:13:c7:b7:30:
74:08:cc:31:5e:16:b6:b4:c0:bc:51:8e:56:2c:16:
85:be:a9:0d:20:79:75:b5:eb:32:f9:95:ad:c1:75:
22:50:e6:62:b6:97:11:22:57:c6:37:f9:eb:4b:7d:
10:60:4a:ba:ee:78:34:0c:79:87:cf:f4:7a:d4:bc:
5c:4b:3b:2a:d4:3a:53:f1:75:ed:ea:93:89:b6:dd:
a9:66:1f:fe:5b:43:00:fa:c6:c5:66:a4:7f:66:78:
03:65:96:4c:19:78:c7:8f:be:91:c9:75:6f:ee:a0:
f6:7c:d3:65:be:22:f2:2a:93:82:44:0f:b5:d9:0d:
42:8a:b1:45:96:16:c5:16:08:1d:e0:05:b9:26:98:
68:cd:fe:c2:95:eb:63:f2:54:3c:0a:6c:09:95:49:
05:56:0d:f1:2e:7d:4c:79:7b:cd:bd:6c:1f:d9:20:
48:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:61:59:30:78:A3:16:E1:0A:08:B5:E6:06:06:0C:B8:06:A3:DA:9C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KGFZMHijFuEKCLXmBgYMuAaj2pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.224.0/24
193.124.95.0/24
193.124.200.0/24
193.124.202.0/24
194.87.66.0/23
194.87.81.0/24
194.87.149.0/24
194.87.170.0/24
194.87.172.0/24
194.135.32.0/24
195.58.60.0/24
212.192.244.0/24
212.193.12.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:1b:ec:41:19:e0:1d:2e:30:58:fa:2d:30:80:57:eb:0b:7a:
89:85:46:4c:50:df:a0:2d:a3:98:8b:f5:0e:63:c3:3c:d5:9e:
76:2a:88:76:6e:6b:70:2f:a7:48:19:b4:b1:ce:58:a6:c6:ac:
21:ed:b1:d5:99:f3:9b:b3:dc:b4:ad:de:89:37:8a:63:74:a1:
96:0b:c9:b3:93:99:81:cb:ad:5e:f3:e3:ae:80:b2:a6:e3:c0:
04:0b:26:ba:a5:48:0c:93:05:b7:bd:65:1a:fd:37:af:d1:77:
56:4a:33:78:30:cb:ae:04:0e:15:2e:75:95:b2:cc:5c:29:fa:
47:5e:af:51:8e:b2:08:1f:8c:cc:20:76:25:6a:08:0b:ac:0a:
96:b3:d2:05:be:6e:cc:ff:64:56:c2:bf:95:3e:24:f3:60:c3:
5f:01:ce:6e:1c:d8:e7:b4:f6:ae:66:64:54:84:85:84:1d:98:
91:21:1c:b8:51:0e:29:03:62:8b:9d:a5:53:49:c8:a6:af:af:
e7:a2:1f:48:f4:03:b2:ac:33:bd:d2:fe:0f:1d:34:4f:fb:b0:
1b:f2:4e:23:5d:2b:97:49:3c:fb:ee:8f:6b:8d:ed:bf:0c:d0:
c8:9e:4c:4b:0a:92:3e:cb:f8:5d:64:5a:ba:03:69:f7:f7:b4:
c3:59:4b:51
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZSs2k464/jI61HAmlgZvetoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTI4MTIxOTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODYxNTkzMDc4YTMxNmUxMGEwOGI1ZTYwNjA2MGNiODA2YTNkYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulLXELS7yf36AJ2RPEMlyV9cIqhS
gtVtzS0pUqpAcL0+ey/E25p8sg3mdz0Ol1ZZJdFHo54H9NA+Qe21svWGwnSwWay6
okVKJN8t150p9AKx8MRJfRPHtzB0CMwxXha2tMC8UY5WLBaFvqkNIHl1tesy+ZWt
wXUiUOZitpcRIlfGN/nrS30QYEq67ng0DHmHz/R61LxcSzsq1DpT8XXt6pOJtt2p
Zh/+W0MA+sbFZqR/ZngDZZZMGXjHj76RyXVv7qD2fNNlviLyKpOCRA+12Q1CirFF
lhbFFggd4AW5Jphozf7Cletj8lQ8CmwJlUkFVg3xLn1MeXvNvWwf2SBIYQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFChhWTB4oxbhCgi15gYGDLgGo9qcMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS0dGWk1IaWpGdUVLQ0xYbUJnWU11QWFqMnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAPkzgAwQA
wXxfAwQAwXzIAwQAwXzKAwQBwldCAwQAwldRAwQAwleVAwQAwleqAwQAwlesAwQA
wocgAwQAwzo8AwQA1MD0AwQB1MEMMA0GCSqGSIb3DQEBCwUAA4IBAQAbG+xBGeAd
LjBY+i0wgFfrC3qJhUZMUN+gLaOYi/UOY8M81Z52Koh2bmtwL6dIGbSxzlimxqwh
7bHVmfObs9y0rd6JN4pjdKGWC8mzk5mBy61e8+OugLKm48AECya6pUgMkwW3vWUa
/Tev0XdWSjN4MMuuBA4VLnWVssxcKfpHXq9RjrIIH4zMIHYlaggLrAqWs9IFvm7M
/2RWwr+VPiTzYMNfAc5uHNjntPauZmRUhIWEHZiRIRy4UQ4pA2KLnaVTScimr6/n
oh9I9AOyrDO90v4PHTRP+7Ab8k4jXSuXSTz77o9rje2/DNDInkxLCpI+y/hdZFq6
A2n397TDWUtR
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:15:38 2025 by rpki-client