Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KLEoG88TZHMEtOmQZ-LleaNa0mg.roa
File: KLEoG88TZHMEtOmQZ-LleaNa0mg.roa (raw, json)
Hash identifier: x5gj2brfaBaBgUUqgUxJvzKQRqPOX+Rn6lIbf871fNY=
Subject key identifier: 28:B1:28:1B:CF:13:64:73:04:B4:E9:90:67:E2:E5:79:A3:5A:D2:68
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0191EA0A9A3B387C0FB01B202F8FCD660FAB
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KLEoG88TZHMEtOmQZ-LleaNa0mg.roa
Signing time: Fri 13 Sep 2024 06:20:48 +0000
ROA not before: Fri 13 Sep 2024 06:20:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 94.74.152.0/22 maxlen: 24
109.203.176.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.140.0/24 maxlen: 24
176.46.145.0/24 maxlen: 24
176.46.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ea:0a:9a:3b:38:7c:0f:b0:1b:20:2f:8f:cd:66:0f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 13 06:20:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28b1281bcf13647304b4e99067e2e579a35ad268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bb:29:3a:1e:f1:df:1b:9c:09:fc:ba:39:a8:
09:24:a5:90:cb:90:bb:79:d3:da:12:b9:7b:40:d1:
7e:84:12:3a:3b:03:1b:37:18:ad:d5:ba:a7:80:3d:
d5:7f:33:42:d6:85:81:64:b9:cc:f5:a4:d9:ac:c4:
7f:19:24:10:4e:1f:dd:d0:c0:4b:fd:44:3c:46:6a:
48:a5:b0:36:69:be:73:84:ec:bc:a6:5c:f0:09:76:
bd:ee:68:a1:71:92:74:22:3a:a0:d3:72:28:3b:f3:
f9:e0:81:46:1d:52:4f:0a:2f:2b:0e:28:84:22:58:
10:29:88:d6:95:f8:b3:f8:7a:76:66:14:89:3c:ef:
cf:37:3d:0b:b3:7a:07:09:40:bd:dd:e5:36:cc:ca:
72:7d:a5:02:8a:65:f6:dc:b2:25:b6:9e:0b:b0:79:
1d:37:93:4e:e0:f2:3b:e1:4b:5d:14:09:ed:7f:21:
19:2c:de:4c:b0:fd:1b:b8:e1:6e:83:01:84:15:f3:
54:46:cb:97:bf:20:2b:05:74:33:6c:b8:c4:14:a1:
8b:49:5b:33:ac:d1:6c:96:9b:cf:d8:22:66:a6:f2:
fa:ec:10:66:04:4e:d1:16:ee:fa:ca:7a:f9:8b:d1:
ed:93:17:8b:5a:6c:20:b0:3c:e9:93:83:39:78:4c:
57:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B1:28:1B:CF:13:64:73:04:B4:E9:90:67:E2:E5:79:A3:5A:D2:68
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KLEoG88TZHMEtOmQZ-LleaNa0mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.152.0/22
109.203.176.0/20
176.46.132.0/24
176.46.140.0/24
176.46.145.0/24
176.46.151.0/24
Signature Algorithm: sha256WithRSAEncryption
86:e8:eb:69:c9:c3:07:8c:dd:41:26:9d:42:5e:ac:71:c2:fe:
bd:ae:6c:26:6d:03:11:cd:ed:fa:e2:d5:03:56:ee:c1:9a:72:
b2:8f:30:c1:87:e5:27:90:07:73:53:14:c1:2a:77:76:7a:d4:
06:52:ed:54:15:9d:49:fd:44:26:98:ba:ea:ce:39:a9:8f:79:
1e:44:af:bd:4d:98:61:f1:87:df:8b:0b:44:2e:98:89:18:b0:
2a:ed:d4:ed:0d:25:e1:19:34:13:31:97:73:f1:62:46:c8:3b:
ae:83:77:b6:b2:93:da:37:8d:a2:86:ad:b7:7e:1e:67:51:bb:
e3:9c:45:8b:1c:ca:d1:b1:4e:69:67:72:1b:04:8b:9b:18:4f:
c3:26:f4:7c:32:7d:0c:7d:54:ef:0f:bd:bd:4f:76:89:59:3e:
b1:46:f2:96:60:1f:a2:35:00:8c:63:46:59:60:9a:77:70:24:
a9:55:84:1b:b5:23:1c:92:9d:64:cb:25:f0:84:f6:81:a2:d2:
21:b7:02:25:bf:53:6b:61:a7:05:3f:d5:5a:42:3f:01:c8:e9:
19:0e:6d:f7:91:42:b8:33:97:fd:c5:10:ae:71:f8:7d:83:5f:
c0:ed:a5:ae:61:57:d2:af:0f:9a:0e:95:c0:dd:73:d3:ef:30:
5b:2b:68:e6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZHqCpo7OHwPsBsgL4/NZg+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwOTEzMDYyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGIxMjgxYmNmMTM2NDczMDRiNGU5OTA2N2UyZTU3OWEzNWFkMjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrspOh7x3xucCfy6OagJJKWQy5C7
edPaErl7QNF+hBI6OwMbNxit1bqngD3VfzNC1oWBZLnM9aTZrMR/GSQQTh/d0MBL
/UQ8RmpIpbA2ab5zhOy8plzwCXa97mihcZJ0Ijqg03IoO/P54IFGHVJPCi8rDiiE
IlgQKYjWlfiz+Hp2ZhSJPO/PNz0Ls3oHCUC93eU2zMpyfaUCimX23LIltp4LsHkd
N5NO4PI74UtdFAntfyEZLN5MsP0buOFugwGEFfNURsuXvyArBXQzbLjEFKGLSVsz
rNFslpvP2CJmpvL67BBmBE7RFu76ynr5i9HtkxeLWmwgsDzpk4M5eExXiwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCixKBvPE2RzBLTpkGfi5XmjWtJoMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvS0xFb0c4OFRaSE1FdE9tUVotTGxlYU5hMG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCXkqYAwQE
bcuwAwQAsC6EAwQAsC6MAwQAsC6RAwQAsC6XMA0GCSqGSIb3DQEBCwUAA4IBAQCG
6OtpycMHjN1BJp1CXqxxwv69rmwmbQMRze364tUDVu7BmnKyjzDBh+UnkAdzUxTB
Knd2etQGUu1UFZ1J/UQmmLrqzjmpj3keRK+9TZhh8YffiwtELpiJGLAq7dTtDSXh
GTQTMZdz8WJGyDuug3e2spPaN42ihq23fh5nUbvjnEWLHMrRsU5pZ3IbBIubGE/D
JvR8Mn0MfVTvD729T3aJWT6xRvKWYB+iNQCMY0ZZYJp3cCSpVYQbtSMckp1kyyXw
hPaBotIhtwIlv1NrYacFP9VaQj8ByOkZDm33kUK4M5f9xRCucfh9g1/A7aWuYVfS
rw+aDpXA3XPT7zBbK2jm
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:20 2025 by rpki-client