Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/kDxnmkry6GSjGehsL9ntYXTgGms.roa
File: kDxnmkry6GSjGehsL9ntYXTgGms.roa (raw, json)
Hash identifier: wkEfOOZJ9TKbc6rsvn871D/mFlSMnjRucRMB/y4Wzco=
Subject key identifier: 90:3C:67:9A:4A:F2:E8:64:A3:19:E8:6C:2F:D9:ED:61:74:E0:1A:6B
Certificate issuer: /CN=40479ea562dd3a7d0cf2a6e978b6bbf378f73ce4
Certificate serial: 0194221FA87042C94ACE9FB4140FA23EE381
Authority key identifier: 40:47:9E:A5:62:DD:3A:7D:0C:F2:A6:E9:78:B6:BB:F3:78:F7:3C:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QEeepWLdOn0M8qbpeLa783j3POQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/kDxnmkry6GSjGehsL9ntYXTgGms.roa
Signing time: Wed 01 Jan 2025 13:48:07 +0000
ROA not before: Wed 01 Jan 2025 13:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60407
IP address blocks: 185.31.124.0/22 maxlen: 22
185.31.124.0/23 maxlen: 23
185.31.124.0/24 maxlen: 24
185.31.125.0/24 maxlen: 24
185.31.126.0/23 maxlen: 23
185.31.126.0/24 maxlen: 24
185.31.127.0/24 maxlen: 24
2a00:bc60::/30 maxlen: 30
2a00:bc60::/32 maxlen: 32
2a00:bc61::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a8:70:42:c9:4a:ce:9f:b4:14:0f:a2:3e:e3:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40479ea562dd3a7d0cf2a6e978b6bbf378f73ce4
Validity
Not Before: Jan 1 13:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=903c679a4af2e864a319e86c2fd9ed6174e01a6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4e:d1:51:6f:38:4c:dc:ec:f8:20:07:ee:8a:
ec:7e:0a:18:8f:fd:ff:3e:f1:a6:72:5d:1f:bb:40:
d4:8e:17:29:1a:b3:91:df:e0:85:06:29:62:91:9c:
a1:09:4e:20:bb:8c:90:44:b3:03:ec:8e:fd:72:87:
f4:3b:5c:b1:4a:b2:ab:d1:b7:66:ff:82:de:7c:f0:
49:3b:cc:db:34:73:57:93:72:a1:9f:eb:d0:9c:ea:
b5:5a:81:26:b4:fe:d2:28:72:0f:7a:7e:31:38:80:
4f:c9:04:8d:7c:c9:68:8b:42:b5:13:36:ef:36:d4:
2e:13:a0:8d:35:fe:6f:30:a2:fb:00:cc:8c:f7:21:
45:c8:b8:55:d6:b9:45:5d:1d:40:1b:95:ba:31:87:
44:f6:b0:61:1f:29:0d:f3:1e:29:d3:12:f2:f1:37:
7a:b8:e8:b2:55:54:b2:22:74:78:a5:ed:d1:96:e6:
f9:3c:5a:07:1a:0e:b4:d2:2d:41:08:1b:0c:06:2c:
19:db:9e:73:d5:c3:14:74:83:b5:f9:7d:d3:c4:6b:
b8:4b:95:b3:fb:be:61:bf:4e:d3:db:ab:67:5f:e2:
26:42:34:f5:70:50:bc:e4:ee:e5:90:96:83:64:55:
46:6c:00:d2:ff:11:0d:3a:31:48:37:59:a8:78:53:
ff:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:3C:67:9A:4A:F2:E8:64:A3:19:E8:6C:2F:D9:ED:61:74:E0:1A:6B
X509v3 Authority Key Identifier:
keyid:40:47:9E:A5:62:DD:3A:7D:0C:F2:A6:E9:78:B6:BB:F3:78:F7:3C:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEeepWLdOn0M8qbpeLa783j3POQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/kDxnmkry6GSjGehsL9ntYXTgGms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/QEeepWLdOn0M8qbpeLa783j3POQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.124.0/22
IPv6:
2a00:bc60::/30
Signature Algorithm: sha256WithRSAEncryption
c9:58:84:f3:b7:7d:2f:f9:22:ca:21:81:b3:86:ea:41:2e:c0:
fb:b7:a5:e1:4b:08:f1:75:2a:58:c1:50:85:66:69:ac:b1:e6:
d8:42:28:11:e9:75:bc:eb:3a:88:96:b5:d3:a8:d1:93:e6:29:
76:68:33:f6:a0:41:4f:74:5a:50:91:98:95:d4:90:a5:27:cf:
90:dc:c2:1f:db:52:94:9c:20:7d:31:ed:fa:e3:5f:6e:db:a4:
9e:38:bf:0a:f0:08:75:d8:46:0f:66:9a:a8:34:48:99:c8:3e:
49:61:71:fd:b6:18:f1:e3:dc:6e:a0:ee:cc:5a:75:a9:ea:7a:
4e:4d:11:54:15:10:57:c0:eb:93:53:21:b6:f1:8a:18:91:53:
53:e4:74:da:bc:60:fa:b5:d8:e0:8c:f6:29:17:6c:fe:0a:64:
5d:2a:14:ca:ad:a1:95:29:6d:22:66:ae:7d:46:06:d9:ec:3e:
be:a7:d7:c5:53:54:be:20:02:c6:bb:75:05:ea:7c:06:cd:c2:
65:ca:b3:05:68:4f:29:14:c9:66:9b:92:7f:48:b5:2b:e3:e5:
2f:e1:f8:19:6a:4a:8f:e1:80:1b:4a:f5:3b:ef:e5:d6:a9:f3:
12:cb:9a:a4:95:c9:0e:44:56:f0:d3:cb:b1:bb:48:29:a7:21:
95:ab:7f:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH6hwQslKzp+0FA+iPuOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDc5ZWE1NjJkZDNhN2QwY2YyYTZlOTc4YjZiYmYzNzhm
NzNjZTQwHhcNMjUwMTAxMTM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDNjNjc5YTRhZjJlODY0YTMxOWU4NmMyZmQ5ZWQ2MTc0ZTAxYTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE7RUW84TNzs+CAH7orsfgoYj/3/
PvGmcl0fu0DUjhcpGrOR3+CFBilikZyhCU4gu4yQRLMD7I79cof0O1yxSrKr0bdm
/4LefPBJO8zbNHNXk3Khn+vQnOq1WoEmtP7SKHIPen4xOIBPyQSNfMloi0K1Ezbv
NtQuE6CNNf5vMKL7AMyM9yFFyLhV1rlFXR1AG5W6MYdE9rBhHykN8x4p0xLy8Td6
uOiyVVSyInR4pe3Rlub5PFoHGg600i1BCBsMBiwZ255z1cMUdIO1+X3TxGu4S5Wz
+75hv07T26tnX+ImQjT1cFC85O7lkJaDZFVGbADS/xENOjFIN1moeFP/PwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJA8Z5pK8uhkoxnobC/Z7WF04BprMB8GA1UdIwQY
MBaAFEBHnqVi3Tp9DPKm6Xi2u/N49zzkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVlZXBXTGRPbjBNOHFicGVMYTc4M2ozUE9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lNzRhNTgtYmI5ZS00YWU5LWE3NDYt
ODkzNmYwOTFmNGY0LzEva0R4bm1rcnk2R1NqR2Voc0w5bnRZWFRnR21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9lNzRhNTgtYmI5ZS00YWU5LWE3NDYtODkzNmYwOTFmNGY0
LzEvUUVlZXBXTGRPbjBNOHFicGVMYTc4M2ozUE9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR98MA0E
AgACMAcDBQIqALxgMA0GCSqGSIb3DQEBCwUAA4IBAQDJWITzt30v+SLKIYGzhupB
LsD7t6XhSwjxdSpYwVCFZmmssebYQigR6XW86zqIlrXTqNGT5il2aDP2oEFPdFpQ
kZiV1JClJ8+Q3MIf21KUnCB9Me36419u26SeOL8K8Ah12EYPZpqoNEiZyD5JYXH9
thjx49xuoO7MWnWp6npOTRFUFRBXwOuTUyG28YoYkVNT5HTavGD6tdjgjPYpF2z+
CmRdKhTKraGVKW0iZq59RgbZ7D6+p9fFU1S+IALGu3UF6nwGzcJlyrMFaE8pFMlm
m5J/SLUr4+Uv4fgZakqP4YAbSvU77+XWqfMSy5qklckORFbw08uxu0gppyGVq38B
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:15 2025 by rpki-client