Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/KE9N-Tk7mubeLC5raS5Ff4Yyxsc.roa
File: KE9N-Tk7mubeLC5raS5Ff4Yyxsc.roa (raw, json)
Hash identifier: D77W946/V6XIETtD4RSUdhKmCUlxziJzva7Z3f6LVUQ=
Subject key identifier: 28:4F:4D:F9:39:3B:9A:E6:DE:2C:2E:6B:69:2E:45:7F:86:32:C6:C7
Certificate issuer: /CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Certificate serial: 019424B3FADB5A52EF9A42F7A7C86606E93D
Authority key identifier: 85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/KE9N-Tk7mubeLC5raS5Ff4Yyxsc.roa
Signing time: Thu 02 Jan 2025 01:49:22 +0000
ROA not before: Thu 02 Jan 2025 01:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208397
IP address blocks: 185.135.180.0/23 maxlen: 23
185.135.182.0/23 maxlen: 23
185.135.183.0/24 maxlen: 24
185.138.200.0/23 maxlen: 23
185.138.202.0/23 maxlen: 23
185.141.40.0/23 maxlen: 23
185.141.42.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:fa:db:5a:52:ef:9a:42:f7:a7:c8:66:06:e9:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Validity
Not Before: Jan 2 01:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=284f4df9393b9ae6de2c2e6b692e457f8632c6c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ea:d5:8f:ed:23:e0:f8:77:cc:9a:47:99:d2:
1c:fa:4d:2b:92:fb:6e:fa:87:d5:66:9d:07:5d:73:
36:0f:3d:9e:12:50:6b:18:80:2c:c5:48:53:fe:b4:
15:59:15:83:d9:97:14:a8:2a:4a:9a:d7:e9:7e:18:
f0:48:a5:6c:33:28:b4:ca:ff:f1:ef:54:49:d5:a4:
cf:27:17:ab:9f:69:db:4b:53:5d:63:85:ad:50:1d:
06:5f:b7:c1:47:90:27:b7:14:df:e6:c1:67:eb:d9:
cc:5b:23:78:79:ab:0a:01:44:5c:ed:41:07:db:8e:
b3:7d:32:8f:93:f2:ed:7b:88:31:e3:a2:34:4d:3c:
c5:e4:ae:6e:5b:04:de:54:76:0e:da:82:42:e0:b8:
21:da:39:db:ba:5c:e2:6c:c0:1d:86:a0:34:a7:0a:
e1:d7:a7:1d:e0:31:29:01:57:75:22:87:21:7b:36:
f1:d7:e5:84:9d:35:eb:01:2d:a4:33:20:59:62:f8:
b2:06:0c:50:88:d2:9c:72:25:5f:5e:b8:62:c2:49:
4a:82:c4:f3:b8:15:04:b3:4a:91:2b:4a:5f:26:65:
66:6e:6c:b1:5b:8e:4b:70:b7:f2:92:20:ae:5b:ff:
66:d8:a3:ea:70:c7:44:8c:51:fc:35:a6:c2:a7:b7:
98:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:4F:4D:F9:39:3B:9A:E6:DE:2C:2E:6B:69:2E:45:7F:86:32:C6:C7
X509v3 Authority Key Identifier:
keyid:85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/KE9N-Tk7mubeLC5raS5Ff4Yyxsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.180.0/22
185.138.200.0/22
185.141.40.0/22
Signature Algorithm: sha256WithRSAEncryption
21:b4:d3:ea:f9:c8:de:fe:7c:64:91:11:61:a8:96:81:cd:aa:
ad:29:ec:44:fd:e3:f9:34:12:44:f8:df:c2:88:fb:33:d8:6b:
ca:18:2e:52:58:71:4d:d8:bc:29:b2:14:49:08:0b:db:0e:f2:
46:a0:9d:b0:82:4e:52:2c:e1:b0:60:be:35:f0:09:96:38:ee:
ea:b9:f3:12:03:06:36:44:d6:d5:5d:24:ed:48:a6:d4:d4:40:
2a:4a:de:ef:cb:a8:c8:7a:80:d2:b3:1b:ca:00:62:8e:a0:bd:
4a:ce:57:47:8e:22:15:3c:83:fd:09:36:65:2a:18:e6:7e:18:
16:5f:3a:21:e3:c5:f6:95:7e:7e:09:88:11:58:5e:5a:41:35:
9d:a8:7b:5e:0c:9a:90:2f:1b:c8:b2:4f:31:1e:59:91:ed:46:
6a:dd:2f:f8:d6:77:4f:79:10:6b:e6:35:6f:68:dd:4b:9b:ec:
c7:8e:e1:18:23:cc:ad:41:3d:50:25:04:09:ed:d5:ad:3c:ee:
c4:ef:87:dc:b5:af:26:9f:fe:97:19:2e:63:ea:49:be:4a:9f:
97:91:7b:a4:6c:05:92:2b:da:55:75:8d:f1:5e:a1:c0:7c:cd:
45:54:d8:f0:ad:61:1e:06:64:60:aa:94:57:1e:20:1e:bc:83:
e3:35:dc:bb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQks/rbWlLvmkL3p8hmBuk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MmVjZTljOWEzMjRkNDVjMzVmOTU1OWYzMjlkODg2OWRh
YjUzYmEwHhcNMjUwMTAyMDE0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODRmNGRmOTM5M2I5YWU2ZGUyYzJlNmI2OTJlNDU3Zjg2MzJjNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OrVj+0j4Ph3zJpHmdIc+k0rkvtu
+ofVZp0HXXM2Dz2eElBrGIAsxUhT/rQVWRWD2ZcUqCpKmtfpfhjwSKVsMyi0yv/x
71RJ1aTPJxern2nbS1NdY4WtUB0GX7fBR5AntxTf5sFn69nMWyN4easKAURc7UEH
246zfTKPk/Lte4gx46I0TTzF5K5uWwTeVHYO2oJC4Lgh2jnbulzibMAdhqA0pwrh
16cd4DEpAVd1Iochezbx1+WEnTXrAS2kMyBZYviyBgxQiNKcciVfXrhiwklKgsTz
uBUEs0qRK0pfJmVmbmyxW45LcLfykiCuW/9m2KPqcMdEjFH8NabCp7eYpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFChPTfk5O5rm3iwua2kuRX+GMsbHMB8GA1UdIwQY
MBaAFIUuzpyaMk1Fw1+VWfMp2Iadq1O6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFM3T25Kb3lUVVhEWDVWWjh5bllocDJyVTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kM2NjZTYtYjQ3Yi00ZDA2LWEzMGYt
ZWIyNDExZDIxMmFiLzEvS0U5Ti1UazdtdWJlTEM1cmFTNUZmNFl5eHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kM2NjZTYtYjQ3Yi00ZDA2LWEzMGYtZWIyNDExZDIxMmFi
LzEvaFM3T25Kb3lUVVhEWDVWWjh5bllocDJyVTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuYe0AwQC
uYrIAwQCuY0oMA0GCSqGSIb3DQEBCwUAA4IBAQAhtNPq+cje/nxkkRFhqJaBzaqt
KexE/eP5NBJE+N/CiPsz2GvKGC5SWHFN2LwpshRJCAvbDvJGoJ2wgk5SLOGwYL41
8AmWOO7qufMSAwY2RNbVXSTtSKbU1EAqSt7vy6jIeoDSsxvKAGKOoL1KzldHjiIV
PIP9CTZlKhjmfhgWXzoh48X2lX5+CYgRWF5aQTWdqHteDJqQLxvIsk8xHlmR7UZq
3S/41ndPeRBr5jVvaN1Lm+zHjuEYI8ytQT1QJQQJ7dWtPO7E74fcta8mn/6XGS5j
6km+Sp+XkXukbAWSK9pVdY3xXqHAfM1FVNjwrWEeBmRgqpRXHiAevIPjNdy7
-----END CERTIFICATE-----
Generated at Thu Apr 10 00:20:36 2025 by rpki-client