Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/kgTLGOsUBsYOKbWXNc3cqPzwgb4.roa
File: kgTLGOsUBsYOKbWXNc3cqPzwgb4.roa (raw, json)
Hash identifier: ST4s4BtTU2rODHYfq5kax5E8/vHW7595/W9otyGkb80=
Subject key identifier: 92:04:CB:18:EB:14:06:C6:0E:29:B5:97:35:CD:DC:A8:FC:F0:81:BE
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 01942444E0C1E319DA76D29483877BA8C0EA
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/kgTLGOsUBsYOKbWXNc3cqPzwgb4.roa
Signing time: Wed 01 Jan 2025 23:48:01 +0000
ROA not before: Wed 01 Jan 2025 23:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200590
IP address blocks: 185.116.192.0/24 maxlen: 24
185.116.193.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:e0:c1:e3:19:da:76:d2:94:83:87:7b:a8:c0:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Jan 1 23:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9204cb18eb1406c60e29b59735cddca8fcf081be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d7:c7:e2:b9:fe:c5:24:dc:fc:8b:aa:63:22:
59:7d:e4:4c:1a:fe:ed:4e:e7:45:0f:21:2a:4c:02:
96:7b:b1:7e:08:7b:96:9b:87:29:90:88:7d:ff:d9:
95:70:c7:c2:84:e9:c2:b4:b8:e9:5d:78:ed:8c:cb:
25:a3:c3:27:53:67:4e:df:64:fa:f1:65:92:02:72:
d9:5b:97:fb:e5:27:0c:c0:1b:e2:fe:7d:35:a4:40:
dc:19:ef:62:db:0b:dc:87:b7:c4:e2:3e:5f:67:ff:
a8:80:59:e4:8c:7d:fe:7e:e1:85:43:7b:f6:bb:47:
a0:dc:9a:e6:4f:f6:79:2d:ba:15:aa:70:89:07:99:
98:f8:b1:65:f5:d5:f6:d2:31:a5:21:f8:78:d2:b1:
5d:d4:77:51:8b:ef:b3:79:b6:22:ed:d1:b4:66:56:
db:77:ba:73:43:09:b9:77:a0:35:cb:75:bd:36:75:
92:69:75:b1:90:e9:64:57:b7:c4:79:7f:06:89:70:
aa:c5:be:5d:9f:0a:bd:d4:bd:92:24:23:10:ff:2f:
29:aa:c5:68:13:79:27:73:f5:3d:1c:b7:b2:e2:cf:
1c:c2:6f:c9:07:ae:9d:c1:c1:2a:e1:75:7a:83:37:
71:57:d6:49:92:e2:ac:94:ba:b5:81:ea:ee:ec:15:
b2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:04:CB:18:EB:14:06:C6:0E:29:B5:97:35:CD:DC:A8:FC:F0:81:BE
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/kgTLGOsUBsYOKbWXNc3cqPzwgb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.192.0/22
185.121.80.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:d7:bf:8b:37:ba:9d:c6:92:90:a7:d0:51:e7:fb:3f:2c:99:
91:fb:30:d0:53:af:60:ef:76:cf:58:ea:41:a8:5b:c1:e4:5a:
93:fa:c5:33:d7:2e:97:28:6d:9a:5c:8e:f3:ce:e0:86:42:6d:
20:4a:8f:ca:65:5f:90:05:b4:94:3f:e7:1e:e6:45:ee:72:50:
23:61:6a:62:c0:e1:14:b4:2a:7e:53:26:b8:4d:83:5e:f9:d6:
1a:3d:93:19:9a:3a:d5:08:8e:b7:69:bd:d9:4c:00:0e:63:4d:
63:60:0a:a0:56:38:99:62:de:d8:71:f9:36:ef:76:76:9c:e3:
08:fc:76:68:c8:3e:4c:ce:51:d6:df:2e:61:41:fb:ad:d3:59:
c5:5b:51:28:56:66:0a:ad:d4:6c:19:65:f3:c1:99:07:a8:3f:
79:9e:98:f1:e7:5c:61:d0:04:05:d9:60:a1:36:db:82:81:63:
3b:d3:81:ee:d7:53:e0:7b:ba:a0:6c:84:aa:b6:aa:99:1a:f9:
ad:3b:06:87:02:14:3f:2e:91:61:a7:46:5d:d1:97:f4:f6:06:
46:e2:0d:5f:b6:ea:bd:18:22:7b:75:88:0e:2f:45:f5:93:6f:
27:be:81:b8:70:00:2d:99:ea:a9:ef:d3:43:ee:72:95:73:b1:
e5:25:28:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRODB4xnadtKUg4d7qMDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjUwMTAxMjM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjA0Y2IxOGViMTQwNmM2MGUyOWI1OTczNWNkZGNhOGZjZjA4MWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNfH4rn+xSTc/IuqYyJZfeRMGv7t
TudFDyEqTAKWe7F+CHuWm4cpkIh9/9mVcMfChOnCtLjpXXjtjMslo8MnU2dO32T6
8WWSAnLZW5f75ScMwBvi/n01pEDcGe9i2wvch7fE4j5fZ/+ogFnkjH3+fuGFQ3v2
u0eg3JrmT/Z5LboVqnCJB5mY+LFl9dX20jGlIfh40rFd1HdRi++zebYi7dG0Zlbb
d7pzQwm5d6A1y3W9NnWSaXWxkOlkV7fEeX8GiXCqxb5dnwq91L2SJCMQ/y8pqsVo
E3knc/U9HLey4s8cwm/JB66dwcEq4XV6gzdxV9ZJkuKslLq1geru7BWyFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJIEyxjrFAbGDim1lzXN3Kj88IG+MB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEva2dUTEdPc1VCc1lPS2JXWE5jM2NxUHp3Z2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXTAAwQC
uXlQMA0GCSqGSIb3DQEBCwUAA4IBAQBb17+LN7qdxpKQp9BR5/s/LJmR+zDQU69g
73bPWOpBqFvB5FqT+sUz1y6XKG2aXI7zzuCGQm0gSo/KZV+QBbSUP+ce5kXuclAj
YWpiwOEUtCp+Uya4TYNe+dYaPZMZmjrVCI63ab3ZTAAOY01jYAqgVjiZYt7Ycfk2
73Z2nOMI/HZoyD5MzlHW3y5hQfut01nFW1EoVmYKrdRsGWXzwZkHqD95npjx51xh
0AQF2WChNtuCgWM704Hu11Pge7qgbISqtqqZGvmtOwaHAhQ/LpFhp0Zd0Zf09gZG
4g1ftuq9GCJ7dYgOL0X1k28nvoG4cAAtmeqp79ND7nKVc7HlJSjt
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:28:34 2025 by rpki-client