Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/k2-T-RgPdGBFLANRrfalT8UoH20.roa
File: k2-T-RgPdGBFLANRrfalT8UoH20.roa (raw, json)
Hash identifier: 6gyU214cWvgu2L0Bd7dfMCHaNCte6p/9k+3VXxfHPys=
Subject key identifier: 93:6F:93:F9:18:0F:74:60:45:2C:03:51:AD:F6:A5:4F:C5:28:1F:6D
Certificate issuer: /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial: 019423D7D405E1034546836BF1758243DB46
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/k2-T-RgPdGBFLANRrfalT8UoH20.roa
Signing time: Wed 01 Jan 2025 21:48:54 +0000
ROA not before: Wed 01 Jan 2025 21:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48918
IP address blocks: 80.66.96.0/20 maxlen: 20
80.66.96.0/23 maxlen: 23
80.66.98.0/24 maxlen: 24
80.66.101.0/24 maxlen: 24
80.66.102.0/24 maxlen: 24
80.66.104.0/23 maxlen: 23
80.66.107.0/24 maxlen: 24
80.66.110.0/24 maxlen: 24
185.198.200.0/22 maxlen: 24
195.20.20.0/22 maxlen: 24
2a0a:8ec0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:d4:05:e1:03:45:46:83:6b:f1:75:82:43:db:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Validity
Not Before: Jan 1 21:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=936f93f9180f7460452c0351adf6a54fc5281f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:75:1f:0c:7b:eb:4e:99:e1:a8:a1:76:43:dd:
01:7c:00:fb:02:fa:7b:e2:7c:cd:b6:12:46:4e:2b:
f5:95:0e:90:62:e1:dc:87:ea:0e:db:4c:60:01:7c:
bc:6c:e8:13:d1:a7:2c:e0:c4:b0:d6:a1:ef:50:9f:
40:f1:90:88:e3:e1:57:41:d1:4a:20:9b:8f:d7:6a:
0e:7e:8c:f8:9a:63:95:70:f3:92:46:41:0f:3e:ee:
3b:e4:bc:c3:06:d1:4c:de:64:0a:19:cd:16:1b:74:
94:8b:c8:92:1e:f8:21:7d:06:e8:7a:9d:24:9a:20:
10:ba:c9:f2:1e:84:c4:6b:c6:a4:7f:e4:65:35:22:
46:80:e7:c8:aa:43:c0:08:7b:85:d5:66:b6:b7:ad:
d6:70:e9:2d:fb:05:e0:0b:9e:ca:52:e0:6d:22:9f:
9a:43:a4:32:2f:72:b6:1e:45:1f:65:33:e3:f8:15:
4c:d6:de:fb:4c:a0:54:61:4d:b8:b9:bb:b3:a8:8e:
39:19:f7:8a:b5:80:cb:08:04:d4:39:3b:f8:98:af:
45:46:06:3b:f0:08:fd:aa:df:f4:fd:c2:29:ba:89:
55:4e:eb:f3:7f:cf:26:d6:e1:99:1e:51:7f:25:0e:
d0:78:5f:d3:d6:14:d0:f5:17:3e:e2:bd:01:13:e9:
da:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:6F:93:F9:18:0F:74:60:45:2C:03:51:AD:F6:A5:4F:C5:28:1F:6D
X509v3 Authority Key Identifier:
keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/k2-T-RgPdGBFLANRrfalT8UoH20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.96.0/20
185.198.200.0/22
195.20.20.0/22
IPv6:
2a0a:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
33:26:86:46:ed:d9:21:44:46:66:50:a7:f5:87:4f:60:27:1d:
18:1d:1b:29:c2:db:6a:76:79:a1:27:b5:53:ec:62:c3:05:26:
5a:8f:da:03:dd:b5:fe:a5:a0:ea:85:23:04:d4:27:d6:b4:dd:
49:44:22:48:4c:3b:c3:1b:e0:67:fa:77:07:fe:b1:10:8c:11:
be:af:0b:98:71:e0:7f:3b:e5:fd:1d:40:29:ef:1f:0c:4b:f3:
e0:8d:50:17:cc:f8:50:91:da:a2:5b:2c:2f:36:f3:43:07:da:
4e:3b:49:8b:5e:61:93:6e:9e:24:bc:0b:15:0d:8f:38:13:37:
22:22:06:2c:63:97:96:17:24:1f:d8:fc:1c:cd:c5:3e:39:d4:
35:43:8e:30:ea:f7:9c:7f:58:10:d9:c4:16:d7:fa:e1:8f:f1:
d9:bc:14:76:34:10:fd:91:45:a5:3f:b2:af:29:55:cc:f5:3e:
a9:f3:61:6a:e7:2a:2c:af:d4:bf:c7:bf:84:41:a6:e3:e1:73:
23:10:99:0e:7e:e5:69:c7:2c:b7:13:c4:62:c0:d3:cc:f9:1a:
87:43:35:6d:33:6a:a3:eb:81:b2:90:9f:68:d8:7a:40:8e:15:
30:d7:b1:09:ed:bc:d2:11:bb:25:23:8c:82:71:a4:29:0b:4b:
a4:b7:3a:52
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQj19QF4QNFRoNr8XWCQ9tGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzNiMTJjOGQ2MzUxOTBlYzkyODQzN2JiZDZjYjBlOGMz
OGY5YTkwHhcNMjUwMTAxMjE0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzZmOTNmOTE4MGY3NDYwNDUyYzAzNTFhZGY2YTU0ZmM1MjgxZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53UfDHvrTpnhqKF2Q90BfAD7Avp7
4nzNthJGTiv1lQ6QYuHch+oO20xgAXy8bOgT0acs4MSw1qHvUJ9A8ZCI4+FXQdFK
IJuP12oOfoz4mmOVcPOSRkEPPu475LzDBtFM3mQKGc0WG3SUi8iSHvghfQboep0k
miAQusnyHoTEa8akf+RlNSJGgOfIqkPACHuF1Wa2t63WcOkt+wXgC57KUuBtIp+a
Q6QyL3K2HkUfZTPj+BVM1t77TKBUYU24ubuzqI45GfeKtYDLCATUOTv4mK9FRgY7
8Aj9qt/0/cIpuolVTuvzf88m1uGZHlF/JQ7QeF/T1hTQ9Rc+4r0BE+naPQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJNvk/kYD3RgRSwDUa32pU/FKB9tMB8GA1UdIwQY
MBaAFNTDsSyNY1GQ7JKEN7vWyw6MOPmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTkt
MGY5ZDU3YTVkNGZhLzEvazItVC1SZ1BkR0JGTEFOUnJmYWxUOFVvSDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTktMGY5ZDU3YTVkNGZh
LzEvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUEJgAwQC
ucbIAwQCwxQUMA0EAgACMAcDBQMqCo7AMA0GCSqGSIb3DQEBCwUAA4IBAQAzJoZG
7dkhREZmUKf1h09gJx0YHRspwttqdnmhJ7VT7GLDBSZaj9oD3bX+paDqhSME1CfW
tN1JRCJITDvDG+Bn+ncH/rEQjBG+rwuYceB/O+X9HUAp7x8MS/PgjVAXzPhQkdqi
WywvNvNDB9pOO0mLXmGTbp4kvAsVDY84EzciIgYsY5eWFyQf2PwczcU+OdQ1Q44w
6vecf1gQ2cQW1/rhj/HZvBR2NBD9kUWlP7KvKVXM9T6p82Fq5yosr9S/x7+EQabj
4XMjEJkOfuVpxyy3E8RiwNPM+RqHQzVtM2qj64GykJ9o2HpAjhUw17EJ7bzSEbsl
I4yCcaQpC0uktzpS
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:24 2025 by rpki-client