Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KFBxXmzrfiE6JhoBXJk-jJusIPI.roa
File: KFBxXmzrfiE6JhoBXJk-jJusIPI.roa (raw, json)
Hash identifier: ZM6Tv4KIi62W6zlGLZ6fM7ONrhfI3MGAqhmiTRUIM9U=
Subject key identifier: 28:50:71:5E:6C:EB:7E:21:3A:26:1A:01:5C:99:3E:8C:9B:AC:20:F2
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 07202DEF
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KFBxXmzrfiE6JhoBXJk-jJusIPI.roa
Signing time: Wed 16 Feb 2022 11:04:50 +0000
ROA not before: Wed 16 Feb 2022 11:04:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 31.170.55.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.145.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.157.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
94.74.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119549423 (0x7202def)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Feb 16 11:04:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2850715e6ceb7e213a261a015c993e8c9bac20f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2b:92:98:48:36:e2:37:c2:46:3b:fd:75:bc:
19:39:8b:32:c6:28:bc:e6:04:04:98:28:ec:37:e0:
17:d4:1b:8d:7b:01:4e:58:a4:bc:a7:48:23:38:96:
42:d2:db:7b:e1:0f:c6:cd:8a:66:a8:9f:d3:25:cf:
0d:4f:3a:ce:cb:7e:50:fa:72:72:e1:f9:62:a7:15:
7b:96:d6:5f:95:b7:00:ad:85:e7:db:9c:a2:2e:e5:
84:93:c6:21:aa:ac:e3:2d:18:35:a4:4e:b6:ff:dd:
5f:13:ce:9f:7d:79:4a:47:e5:3e:22:5b:eb:be:f5:
cb:98:7d:cd:12:7c:8e:b3:6f:39:55:66:52:4b:48:
78:92:4d:f1:c9:50:8e:61:a9:92:1c:fe:59:4c:52:
d7:c2:14:be:dd:b4:6c:0b:25:84:94:9b:80:9e:f2:
8b:fb:6d:4b:2d:09:76:d5:f8:de:be:f7:41:80:a6:
e6:af:d8:d4:fb:1e:36:96:f6:77:90:2e:c7:37:36:
db:89:79:22:42:0b:29:9a:5e:93:29:78:50:b8:68:
3b:7c:eb:da:ea:b2:a1:5a:ef:24:20:44:2b:e6:0e:
53:90:9d:88:2b:9e:a0:07:37:dc:9e:93:03:c8:21:
49:14:9d:78:09:2f:8a:cd:fc:08:5b:d2:0f:d8:da:
b4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:50:71:5E:6C:EB:7E:21:3A:26:1A:01:5C:99:3E:8C:9B:AC:20:F2
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KFBxXmzrfiE6JhoBXJk-jJusIPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
94.74.140.0/24
94.74.145.0/24
94.74.147.0/24
94.74.156.0/22
94.74.164.0/24
94.74.168.0/24
94.74.171.0/24
94.74.173.0/24
94.74.182.0/24
94.74.187.0/24
94.74.191.0/24
Signature Algorithm: sha256WithRSAEncryption
39:9e:a5:91:1c:0c:d6:0d:b0:0d:74:ac:f2:6f:b6:1b:56:d2:
ee:4f:7f:e0:52:64:9a:cd:dd:d9:f0:c7:3c:5a:52:df:64:6f:
02:46:92:f0:ef:0d:39:4b:a8:17:24:64:19:39:fd:d2:af:7c:
2e:b1:db:1e:8c:63:37:9b:69:51:0f:6e:c7:df:7d:bb:c0:9b:
a7:9f:29:c0:e4:96:ab:b9:ae:79:3e:1e:86:28:4d:1c:9c:2f:
d5:15:8a:de:c3:04:8d:1d:de:00:43:b5:af:55:cc:01:8a:cf:
b3:3b:ae:a3:30:05:5a:e5:f5:57:66:68:50:2a:3d:13:ab:03:
32:8d:ad:75:e3:86:05:5e:6a:84:0c:ae:77:f9:85:25:d6:28:
74:13:cd:a0:1c:b6:13:6d:00:65:86:a0:f2:cc:48:e3:43:98:
32:19:3b:1a:ba:d2:d4:31:b0:51:28:3e:85:f7:d2:60:ae:2e:
f5:54:2a:9f:be:58:6c:71:31:44:f1:2c:47:39:80:4b:9a:ef:
22:cb:dc:48:f2:49:f0:45:e4:35:6c:a5:d3:55:86:cb:a5:fc:
c1:0a:2d:cd:43:eb:97:40:01:45:36:a8:69:07:b3:ce:51:09:
22:83:dd:83:0a:9e:18:fd:f6:f3:f7:cb:1f:49:70:97:68:5c:
43:78:4f:ba
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEByAt7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjA0NzVlYmU3ZjA3ZDc0MTUzY2IxY2NhMzM4YzE2ZDgwMWY0NWY3MB4XDTIyMDIx
NjExMDQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjg1MDcxNWU2Y2Vi
N2UyMTNhMjYxYTAxNWM5OTNlOGM5YmFjMjBmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwrkphINuI3wkY7/XW8GTmLMsYovOYEBJgo7DfgF9QbjXsB
TlikvKdIIziWQtLbe+EPxs2KZqif0yXPDU86zst+UPpycuH5YqcVe5bWX5W3AK2F
59ucoi7lhJPGIaqs4y0YNaROtv/dXxPOn315SkflPiJb6771y5h9zRJ8jrNvOVVm
UktIeJJN8clQjmGpkhz+WUxS18IUvt20bAslhJSbgJ7yi/ttSy0JdtX43r73QYCm
5q/Y1PseNpb2d5Auxzc224l5IkILKZpekyl4ULhoO3zr2uqyoVrvJCBEK+YOU5Cd
iCueoAc33J6TA8ghSRSdeAkvis38CFvSD9jatCsCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBQoUHFebOt+ITomGgFcmT6Mm6wg8jAfBgNVHSMEGDAWgBTWBHXr5/B9dBU8
scyjOMFtgB9F9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFnUjE2LWZ3ZlhRVlBMSE1vempCYllBZlJmYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvNTJlYmFlLWUwMDYtNDc3OC1hYzNjLTQ5NmY4ZWJiMmQ2MS8x
L0tGQnhYbXpyZmlFNkpob0JYSmstakp1c0lQSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
NTJlYmFlLWUwMDYtNDc3OC1hYzNjLTQ5NmY4ZWJiMmQ2MS8xLzFnUjE2LWZ3ZlhR
VlBMSE1vempCYllBZlJmYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAB+qNwMEAF5KjAMEAF5KkQMEAF5K
kwMEAl5KnAMEAF5KpAMEAF5KqAMEAF5KqwMEAF5KrQMEAF5KtgMEAF5KuwMEAF5K
vzANBgkqhkiG9w0BAQsFAAOCAQEAOZ6lkRwM1g2wDXSs8m+2G1bS7k9/4FJkms3d
2fDHPFpS32RvAkaS8O8NOUuoFyRkGTn90q98LrHbHoxjN5tpUQ9ux999u8Cbp58p
wOSWq7mueT4ehihNHJwv1RWK3sMEjR3eAEO1r1XMAYrPszuuozAFWuX1V2ZoUCo9
E6sDMo2tdeOGBV5qhAyud/mFJdYodBPNoBy2E20AZYag8sxI40OYMhk7GrrS1DGw
USg+hffSYK4u9VQqn75YbHExRPEsRzmAS5rvIsvcSPJJ8EXkNWyl01WGy6X8wQot
zUPrl0ABRTaoaQezzlEJIoPdgwqeGP328/fLH0lwl2hcQ3hPug==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:41 2025 by rpki-client