Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/KTz87Ii306kCrtBGQ5-4prHl2KE.roa
File: KTz87Ii306kCrtBGQ5-4prHl2KE.roa (raw, json)
Hash identifier: 6gk/KdzORYczgKREuCN11bUc44VRINkc9GPxPIAUU0E=
Subject key identifier: 29:3C:FC:EC:88:B7:D3:A9:02:AE:D0:46:43:9F:B8:A6:B1:E5:D8:A1
Certificate issuer: /CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Certificate serial: 019427B60B6C294024F42B3418599468183A
Authority key identifier: D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/KTz87Ii306kCrtBGQ5-4prHl2KE.roa
Signing time: Thu 02 Jan 2025 15:50:29 +0000
ROA not before: Thu 02 Jan 2025 15:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49740
IP address blocks: 85.187.160.0/20 maxlen: 20
85.187.176.0/22 maxlen: 22
194.69.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:0b:6c:29:40:24:f4:2b:34:18:59:94:68:18:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Validity
Not Before: Jan 2 15:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=293cfcec88b7d3a902aed046439fb8a6b1e5d8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:28:52:34:21:e7:62:32:b0:b8:3b:8d:99:3a:
db:38:41:53:91:18:f6:ba:0f:98:dc:37:a4:4e:92:
b9:18:bc:19:87:e8:eb:cb:ec:63:1d:b6:ed:b4:14:
e6:3e:e7:d7:c8:d2:42:28:51:3f:8f:4a:6b:05:b0:
f3:9a:59:94:b5:69:bf:b8:06:a7:64:68:8a:57:08:
12:b9:94:17:ea:cf:0d:ea:32:e2:9b:2f:d9:7d:75:
59:56:55:30:a4:2a:d6:87:e5:bb:ac:7e:6f:c9:f3:
87:c9:eb:d2:b3:3d:df:40:9e:3b:32:22:3d:c7:41:
c2:15:de:1e:52:14:6a:31:da:6b:92:65:cf:0e:93:
ac:8e:e0:bb:fd:83:c1:7a:40:52:c9:55:9e:cf:c2:
0b:fb:5d:e0:33:06:b9:13:b5:68:1e:e6:58:16:e7:
d6:fb:56:67:28:ef:d5:7d:cd:17:aa:4c:d6:13:e4:
ed:3f:ce:59:21:d6:2c:9b:2f:e7:3f:3e:2e:a3:90:
cc:85:02:2d:19:83:2e:23:fa:89:71:f0:84:39:ef:
8b:06:6f:ac:c3:6e:a7:bd:41:6d:2f:4e:5c:74:e6:
c5:54:bb:03:ba:52:14:c3:49:47:ac:cf:46:bd:55:
b7:0b:6a:16:eb:59:61:42:79:d0:de:69:ed:69:5a:
1e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:3C:FC:EC:88:B7:D3:A9:02:AE:D0:46:43:9F:B8:A6:B1:E5:D8:A1
X509v3 Authority Key Identifier:
keyid:D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/KTz87Ii306kCrtBGQ5-4prHl2KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.160.0-85.187.179.255
194.69.202.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:0f:43:93:9b:76:3c:8e:7b:24:00:0a:1a:58:d4:c2:93:53:
c4:19:5a:b9:e3:e9:c3:cd:aa:e6:83:77:4d:aa:41:0a:8f:8d:
fc:7e:d5:52:80:28:8a:d1:dc:dc:93:f1:69:e5:2e:5a:7b:bf:
37:08:35:78:b6:dd:b7:11:28:fb:6e:ba:04:71:82:97:b6:aa:
ce:e6:75:38:9d:5b:4e:96:14:c8:50:94:4c:50:3e:67:53:1e:
16:44:08:9a:7d:33:14:44:68:b1:5c:e6:c0:48:5b:8b:6d:07:
e5:9a:c4:84:07:98:fa:67:b7:07:9f:7b:83:ac:25:2f:25:b4:
ea:59:79:32:e6:36:bc:31:65:d7:da:ea:ca:59:6f:87:d7:b0:
33:24:03:fc:5e:93:5a:50:a2:aa:1a:5c:80:a0:ee:3d:76:7d:
bf:35:d2:0d:79:a3:4a:44:e0:a6:84:37:22:0e:26:95:10:87:
5e:32:c9:81:16:fc:be:e0:c2:2f:06:39:1d:f7:7e:18:6a:c2:
8d:51:2c:ee:da:7c:56:b4:a6:a4:1e:18:53:74:4d:fa:58:e6:
49:87:91:b5:e0:57:a2:e5:86:bc:c5:19:8b:a9:57:5e:f5:85:
2f:6c:62:83:a7:35:ef:ea:e9:62:fb:6b:c6:1e:a7:c0:b5:fe:
65:d7:f8:c0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQntgtsKUAk9Cs0GFmUaBg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNjIyZmRlYzhmYWRmY2E1OGU3NTc1YzI5ZjEwZTczYWU3
NzU3MTUwHhcNMjUwMTAyMTU1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTNjZmNlYzg4YjdkM2E5MDJhZWQwNDY0MzlmYjhhNmIxZTVkOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyhSNCHnYjKwuDuNmTrbOEFTkRj2
ug+Y3DekTpK5GLwZh+jry+xjHbbttBTmPufXyNJCKFE/j0prBbDzmlmUtWm/uAan
ZGiKVwgSuZQX6s8N6jLimy/ZfXVZVlUwpCrWh+W7rH5vyfOHyevSsz3fQJ47MiI9
x0HCFd4eUhRqMdprkmXPDpOsjuC7/YPBekBSyVWez8IL+13gMwa5E7VoHuZYFufW
+1ZnKO/Vfc0XqkzWE+TtP85ZIdYsmy/nPz4uo5DMhQItGYMuI/qJcfCEOe+LBm+s
w26nvUFtL05cdObFVLsDulIUw0lHrM9GvVW3C2oW61lhQnnQ3mntaVoe9wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCk8/OyIt9OpAq7QRkOfuKax5dihMB8GA1UdIwQY
MBaAFNJiL97I+t/KWOdXXCnxDnOud1cVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWIt
ZjA1YWEyMjlkNjM4LzEvS1R6ODdJaTMwNmtDcnRCR1E1LTRwckhsMktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWItZjA1YWEyMjlkNjM4
LzEvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVVu6AD
BAJVu7ADBADCRcowDQYJKoZIhvcNAQELBQADggEBAIwPQ5ObdjyOeyQAChpY1MKT
U8QZWrnj6cPNquaDd02qQQqPjfx+1VKAKIrR3NyT8WnlLlp7vzcINXi23bcRKPtu
ugRxgpe2qs7mdTidW06WFMhQlExQPmdTHhZECJp9MxREaLFc5sBIW4ttB+WaxIQH
mPpntwefe4OsJS8ltOpZeTLmNrwxZdfa6spZb4fXsDMkA/xek1pQoqoaXICg7j12
fb810g15o0pE4KaENyIOJpUQh14yyYEW/L7gwi8GOR33fhhqwo1RLO7afFa0pqQe
GFN0TfpY5kmHkbXgV6LlhrzFGYupV171hS9sYoOnNe/q6WL7a8Yep8C1/mXX+MA=
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:04:27 2025 by rpki-client