Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KadebYvLlqFktHSMC8VUknp8Bg4.roa
File: KadebYvLlqFktHSMC8VUknp8Bg4.roa (raw, json)
Hash identifier: w8TFwdb94VR/NPfO0/bCSx/9iQT4AWBZ+ZK0vRINP1c=
Subject key identifier: 29:A7:5E:6D:8B:CB:96:A1:64:B4:74:8C:0B:C5:54:92:7A:7C:06:0E
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0183D5DB373430580D5F38A5F005F038C704
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KadebYvLlqFktHSMC8VUknp8Bg4.roa
Signing time: Fri 14 Oct 2022 09:37:36 +0000
ROA not before: Fri 14 Oct 2022 09:37:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 109.203.164.0/22 maxlen: 24
37.49.148.0/22 maxlen: 24
94.74.168.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d5:db:37:34:30:58:0d:5f:38:a5:f0:05:f0:38:c7:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 14 09:37:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29a75e6d8bcb96a164b4748c0bc554927a7c060e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fb:e9:4c:48:ea:ba:b6:0d:1a:d4:4c:9d:91:
6c:81:12:5b:9a:c3:e1:6d:18:06:11:53:1f:69:a6:
45:bf:dc:e3:ab:0c:9f:a8:ef:3e:df:4b:59:a1:ab:
0d:ec:e9:cd:4e:32:e1:96:bd:fc:dd:ae:41:cd:43:
3a:d2:04:a0:34:b4:b9:36:65:11:76:84:18:7d:ed:
66:86:e7:95:ca:43:4f:58:6b:20:54:13:38:d7:2b:
03:19:31:31:81:27:3e:26:99:2c:fa:c3:14:85:32:
ba:0e:53:57:89:ba:bd:53:25:7d:e9:48:5e:54:ab:
46:22:28:28:e1:bf:9d:94:ef:29:d2:6a:1a:c5:a2:
82:fc:fc:84:2a:07:2c:e5:a5:ca:2d:11:c5:11:1e:
ec:6c:52:23:f4:b8:47:90:a3:b6:7c:5f:4e:77:ed:
ca:91:b2:d7:9c:95:fc:32:ee:18:45:af:3a:3c:57:
70:ca:b9:aa:a6:75:90:a7:41:a1:72:ae:37:e7:88:
88:3f:e0:68:a7:5f:47:ba:ce:a1:af:93:3e:59:9f:
de:df:02:3c:64:a1:20:f0:67:3b:08:e3:c3:e2:dc:
a4:fa:5f:04:03:4e:03:e2:7b:75:86:9e:b9:4c:5f:
1f:ac:87:cb:d1:be:f7:af:82:c6:30:80:3f:32:bf:
4a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A7:5E:6D:8B:CB:96:A1:64:B4:74:8C:0B:C5:54:92:7A:7C:06:0E
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KadebYvLlqFktHSMC8VUknp8Bg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.148.0/22
94.74.168.0/23
109.203.164.0/22
Signature Algorithm: sha256WithRSAEncryption
24:60:0d:18:e1:1b:54:f1:a9:27:34:8f:eb:31:b9:94:57:6c:
9b:ba:40:12:0b:49:5d:42:78:3f:1c:bd:50:6d:d3:bc:73:bc:
63:16:c7:5e:fa:ae:ff:88:09:8b:10:cf:94:58:f1:a4:6c:cb:
8d:19:40:75:09:11:4b:64:08:ff:d4:c9:f5:4f:b8:37:8b:40:
ad:8b:6e:36:11:b2:88:85:c5:e4:0e:ad:10:2d:d8:e4:54:9c:
a7:63:90:d7:99:d1:d5:f0:68:63:ad:2a:28:9e:32:3b:75:61:
02:97:e9:5e:08:e7:5c:2e:6b:2e:a3:7f:a7:96:70:43:25:e4:
d1:94:33:75:f2:2b:65:b3:cc:cb:13:3b:b8:41:7e:11:55:18:
0b:a9:b0:ec:07:84:f0:c1:94:9c:a1:b5:c3:b4:63:ce:54:3a:
c4:00:16:b9:ff:e0:1d:f1:1e:51:c4:d7:3d:2b:e2:11:8a:63:
01:76:e6:65:fa:85:c9:8c:51:2f:0d:3f:25:15:7e:7e:7f:f0:
61:92:cd:f3:75:9c:35:86:d6:5f:ed:b2:0d:82:6f:91:4d:5c:
25:47:48:b3:23:37:aa:cd:64:66:41:5e:47:e3:83:db:0f:c3:
7b:ed:a0:17:3e:1d:87:05:ef:d9:58:63:ea:12:84:10:5e:51:
ca:e2:6e:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPV2zc0MFgNXzil8AXwOMcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMDE0MDkzNzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE3NWU2ZDhiY2I5NmExNjRiNDc0OGMwYmM1NTQ5MjdhN2MwNjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/vpTEjqurYNGtRMnZFsgRJbmsPh
bRgGEVMfaaZFv9zjqwyfqO8+30tZoasN7OnNTjLhlr383a5BzUM60gSgNLS5NmUR
doQYfe1mhueVykNPWGsgVBM41ysDGTExgSc+Jpks+sMUhTK6DlNXibq9UyV96Uhe
VKtGIigo4b+dlO8p0moaxaKC/PyEKgcs5aXKLRHFER7sbFIj9LhHkKO2fF9Od+3K
kbLXnJX8Mu4YRa86PFdwyrmqpnWQp0Ghcq4354iIP+Bop19Hus6hr5M+WZ/e3wI8
ZKEg8Gc7COPD4tyk+l8EA04D4nt1hp65TF8frIfL0b73r4LGMIA/Mr9KtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCmnXm2Ly5ahZLR0jAvFVJJ6fAYOMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvS2FkZWJZdkxscUZrdEhTTUM4VlVrbnA4Qmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJTGUAwQB
XkqoAwQCbcukMA0GCSqGSIb3DQEBCwUAA4IBAQAkYA0Y4RtU8aknNI/rMbmUV2yb
ukASC0ldQng/HL1QbdO8c7xjFsde+q7/iAmLEM+UWPGkbMuNGUB1CRFLZAj/1Mn1
T7g3i0Cti242EbKIhcXkDq0QLdjkVJynY5DXmdHV8GhjrSoonjI7dWECl+leCOdc
Lmsuo3+nlnBDJeTRlDN18itls8zLEzu4QX4RVRgLqbDsB4TwwZScobXDtGPOVDrE
ABa5/+Ad8R5RxNc9K+IRimMBduZl+oXJjFEvDT8lFX5+f/Bhks3zdZw1htZf7bIN
gm+RTVwlR0izIzeqzWRmQV5H44PbD8N77aAXPh2HBe/ZWGPqEoQQXlHK4m4K
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:30 2025 by rpki-client