Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/K1RZ-_Fg9dSZIebCMUhpe6gbgJc.roa
File: K1RZ-_Fg9dSZIebCMUhpe6gbgJc.roa (raw, json)
Hash identifier: DeEJ/lwM2EUWvyFmV2osr5NnI9rnfMu9oAVwUv2cQPg=
Subject key identifier: 2B:54:59:FB:F1:60:F5:D4:99:21:E6:C2:31:48:69:7B:A8:1B:80:97
Certificate issuer: /CN=9a48c1d8008cdc059db0b27aa9514799c06d5443
Certificate serial: 0194228E3F55E931F3C24F421F7B5F3BE80E
Authority key identifier: 9A:48:C1:D8:00:8C:DC:05:9D:B0:B2:7A:A9:51:47:99:C0:6D:54:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/K1RZ-_Fg9dSZIebCMUhpe6gbgJc.roa
Signing time: Wed 01 Jan 2025 15:48:55 +0000
ROA not before: Wed 01 Jan 2025 15:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56694
IP address blocks: 31.177.108.0/22 maxlen: 24
91.219.148.0/22 maxlen: 24
94.198.50.0/23 maxlen: 24
94.198.52.0/22 maxlen: 24
109.238.92.0/22 maxlen: 24
152.89.216.0/22 maxlen: 24
178.255.126.0/23 maxlen: 24
185.9.144.0/22 maxlen: 24
185.130.248.0/22 maxlen: 24
188.127.224.0/20 maxlen: 24
188.127.240.0/22 maxlen: 24
188.127.244.0/23 maxlen: 24
188.127.248.0/22 maxlen: 24
188.127.253.0/24 maxlen: 24
188.127.254.0/23 maxlen: 24
213.171.16.0/21 maxlen: 24
2a06:dd00::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3f:55:e9:31:f3:c2:4f:42:1f:7b:5f:3b:e8:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a48c1d8008cdc059db0b27aa9514799c06d5443
Validity
Not Before: Jan 1 15:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b5459fbf160f5d49921e6c23148697ba81b8097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ca:c4:ef:2a:5d:ec:90:0b:57:f3:2b:e7:93:
05:09:2c:00:4b:50:ec:cd:0e:ea:6b:b8:e6:d1:53:
53:b1:69:79:2c:f8:3a:4d:0f:70:df:23:d0:45:87:
e0:4a:0f:16:84:5b:ba:e4:43:b5:cf:c5:8b:53:35:
3a:a6:18:a1:56:41:01:60:20:29:b2:d3:35:14:1c:
06:93:4f:04:5a:e0:71:26:22:10:46:59:9e:90:d4:
86:34:41:9f:a6:77:e5:57:52:17:59:76:a6:dd:36:
08:ae:30:ed:bc:9e:91:b1:88:ac:9e:b8:8f:b7:12:
02:4a:15:47:22:bd:40:b2:ae:d4:b5:92:a6:85:ce:
ef:6a:01:44:81:67:59:2a:ff:09:52:ce:d5:0f:2c:
05:a4:f0:7b:76:94:65:17:da:f1:5a:41:98:bf:f6:
72:84:69:67:99:ad:ae:56:b5:21:e5:9a:01:46:fb:
20:c8:30:58:be:a6:af:e1:39:9e:48:7c:e1:cf:a4:
40:fe:c7:bd:db:79:88:8c:5b:39:b3:b1:87:23:71:
41:aa:ca:ae:a9:b6:8f:50:65:ce:94:99:2b:3c:98:
9b:eb:f7:4c:b0:9a:5f:ba:0d:56:eb:51:06:d7:88:
5c:74:4f:f0:90:9f:d2:71:64:e5:d6:9c:98:8b:cb:
94:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:54:59:FB:F1:60:F5:D4:99:21:E6:C2:31:48:69:7B:A8:1B:80:97
X509v3 Authority Key Identifier:
keyid:9A:48:C1:D8:00:8C:DC:05:9D:B0:B2:7A:A9:51:47:99:C0:6D:54:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/K1RZ-_Fg9dSZIebCMUhpe6gbgJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.108.0/22
91.219.148.0/22
94.198.50.0-94.198.55.255
109.238.92.0/22
152.89.216.0/22
178.255.126.0/23
185.9.144.0/22
185.130.248.0/22
188.127.224.0-188.127.245.255
188.127.248.0/22
188.127.253.0-188.127.255.255
213.171.16.0/21
IPv6:
2a06:dd00::/32
Signature Algorithm: sha256WithRSAEncryption
0c:f2:79:e7:07:d1:01:54:2a:f6:a5:52:f7:cf:df:26:cc:b4:
99:04:80:bd:08:0c:71:31:94:d5:a5:d2:3f:a4:e5:c4:49:cd:
e2:7a:53:7d:22:30:b2:57:b1:31:b7:8f:0c:ff:f0:e7:d8:5d:
fa:dd:fe:5a:7b:f8:86:0c:8f:59:cd:82:5d:4c:ec:07:f1:08:
1a:23:f8:e3:c2:92:df:bb:bf:6a:a6:9c:c1:ee:38:63:12:69:
96:5a:98:68:57:5b:ad:8e:f9:8a:86:45:49:82:c0:52:05:21:
fc:c8:7b:7c:69:40:91:52:99:54:a6:95:89:3d:3b:d6:1e:dc:
2b:09:c9:b2:73:0a:99:c8:11:e9:c7:2b:4e:d7:07:ce:f6:77:
50:2a:1b:f3:f5:5a:3d:fe:14:b9:29:33:e1:c1:58:0e:5c:60:
19:95:d5:93:3f:58:c8:03:e9:d5:dd:e2:9e:3d:20:68:1b:d4:
6d:93:29:94:02:18:b7:12:d4:3c:83:e2:23:45:7d:b2:0f:b7:
d6:1a:19:bc:68:1c:b1:a9:cd:76:3c:ea:8c:cc:cb:06:23:d8:
5d:72:f6:36:89:f0:e7:c5:b1:34:df:9e:6f:58:d9:fd:f6:ec:
c4:70:a5:e3:be:45:a9:27:65:a5:78:86:09:88:0e:76:86:98:
eb:45:f9:a5
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZQijj9V6THzwk9CH3tfO+gOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNDhjMWQ4MDA4Y2RjMDU5ZGIwYjI3YWE5NTE0Nzk5YzA2
ZDU0NDMwHhcNMjUwMTAxMTU0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjU0NTlmYmYxNjBmNWQ0OTkyMWU2YzIzMTQ4Njk3YmE4MWI4MDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncrE7ypd7JALV/Mr55MFCSwAS1Ds
zQ7qa7jm0VNTsWl5LPg6TQ9w3yPQRYfgSg8WhFu65EO1z8WLUzU6phihVkEBYCAp
stM1FBwGk08EWuBxJiIQRlmekNSGNEGfpnflV1IXWXam3TYIrjDtvJ6RsYisnriP
txICShVHIr1Asq7UtZKmhc7vagFEgWdZKv8JUs7VDywFpPB7dpRlF9rxWkGYv/Zy
hGlnma2uVrUh5ZoBRvsgyDBYvqav4TmeSHzhz6RA/se923mIjFs5s7GHI3FBqsqu
qbaPUGXOlJkrPJib6/dMsJpfug1W61EG14hcdE/wkJ/ScWTl1pyYi8uU1wIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFCtUWfvxYPXUmSHmwjFIaXuoG4CXMB8GA1UdIwQY
MBaAFJpIwdgAjNwFnbCyeqlRR5nAbVRDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWtqQjJBQ00zQVdkc0xKNnFWRkhtY0J0VkVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jYjYxNGMtNDk1ZS00MTBlLTg3MzAt
NWEzNjYzMTVjMTY2LzEvSzFSWi1fRmc5ZFNaSWViQ01VaHBlNmdiZ0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9jYjYxNGMtNDk1ZS00MTBlLTg3MzAtNWEzNjYzMTVjMTY2
LzEvbWtqQjJBQ00zQVdkc0xKNnFWRkhtY0J0VkVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwZQQCAAEwXwMEAh+xbAME
AlvblDAMAwQBXsYyAwQDXsYwAwQCbe5cAwQCmFnYAwQBsv9+AwQCuQmQAwQCuYL4
MAwDBAW8f+ADBAG8f/QDBAK8f/gwCwMEALx//QMDB7wAAwQD1asQMA0EAgACMAcD
BQAqBt0AMA0GCSqGSIb3DQEBCwUAA4IBAQAM8nnnB9EBVCr2pVL3z98mzLSZBIC9
CAxxMZTVpdI/pOXESc3ielN9IjCyV7Ext48M//Dn2F363f5ae/iGDI9ZzYJdTOwH
8QgaI/jjwpLfu79qppzB7jhjEmmWWphoV1utjvmKhkVJgsBSBSH8yHt8aUCRUplU
ppWJPTvWHtwrCcmycwqZyBHpxytO1wfO9ndQKhvz9Vo9/hS5KTPhwVgOXGAZldWT
P1jIA+nV3eKePSBoG9RtkymUAhi3EtQ8g+IjRX2yD7fWGhm8aByxqc12POqMzMsG
I9hdcvY2ifDnxbE0355vWNn99uzEcKXjvkWpJ2WleIYJiA52hpjrRfml
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:21:47 2025 by rpki-client