Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/KMe75VLXZokwL2kemGRZB7L6oN8.roa
File: KMe75VLXZokwL2kemGRZB7L6oN8.roa (raw, json)
Hash identifier: xlf6IO6a2AQYVmnqnu4hVw/U0VPvpTL4IwpI35qfYyw=
Subject key identifier: 28:C7:BB:E5:52:D7:66:89:30:2F:69:1E:98:64:59:07:B2:FA:A0:DF
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 019420D5EC98AB417AAE29B900F74C92BE89
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/KMe75VLXZokwL2kemGRZB7L6oN8.roa
Signing time: Wed 01 Jan 2025 07:47:58 +0000
ROA not before: Wed 01 Jan 2025 07:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8412
IP address blocks: 86.62.32.0/22 maxlen: 24
94.16.18.0/23 maxlen: 24
94.16.28.0/23 maxlen: 24
185.81.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ec:98:ab:41:7a:ae:29:b9:00:f7:4c:92:be:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 1 07:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28c7bbe552d76689302f691e98645907b2faa0df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8c:10:e6:19:d6:46:28:ca:df:7c:34:0e:2b:
8c:34:2c:77:d0:4a:63:dd:e7:0a:f6:7a:90:d3:dc:
0b:dc:da:76:08:cf:0a:e7:31:4f:e7:92:ff:cc:dc:
20:65:d9:26:67:52:88:74:da:5d:12:57:1a:97:65:
64:42:2b:4d:2f:f4:09:99:fa:78:58:61:81:b6:29:
2a:29:d3:cb:f5:10:fb:fe:07:4f:50:b0:41:f0:d0:
7a:ba:9d:29:06:6b:bd:aa:da:50:d5:47:3f:36:bb:
83:f9:02:23:60:ea:1b:80:eb:64:64:59:5a:da:e3:
78:c3:58:09:e3:47:46:73:4d:2f:ba:08:f2:2c:cd:
52:cd:e5:b5:34:de:34:7c:a3:1e:db:27:3e:70:2b:
b7:6e:b2:ef:6f:cd:3d:be:50:1a:26:11:97:7e:c0:
36:83:47:67:0e:53:9d:bc:20:2c:b8:53:b8:e6:2b:
4c:20:11:25:e3:85:35:25:bd:b8:f6:a8:67:28:bb:
3a:f2:71:79:3d:fd:60:37:42:2e:72:7b:89:7e:b0:
7d:e5:3a:5f:ed:e3:4b:5b:88:73:e4:c3:56:a0:6d:
1c:fa:1e:33:bc:4d:3d:20:12:3f:00:98:ee:5c:56:
b4:8d:5c:d7:ef:98:f6:1c:3e:54:5c:32:0c:d9:75:
98:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C7:BB:E5:52:D7:66:89:30:2F:69:1E:98:64:59:07:B2:FA:A0:DF
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/KMe75VLXZokwL2kemGRZB7L6oN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.32.0/22
94.16.18.0/23
94.16.28.0/23
185.81.210.0/23
Signature Algorithm: sha256WithRSAEncryption
75:f3:63:e4:f8:c9:34:64:6a:b9:65:f4:12:41:42:99:94:7b:
3f:a9:26:ba:3f:a4:5f:ca:de:c5:ab:b9:15:7b:a3:7e:06:4f:
00:bd:f2:82:a0:8e:b4:16:70:77:2d:2f:e3:b2:a9:b4:d6:5a:
c8:29:16:c1:36:1c:86:17:3d:06:1f:29:2d:c5:05:df:d9:7b:
3e:e6:a2:b2:a3:0e:2a:81:8c:32:6f:16:fd:b3:8e:9b:45:63:
b4:64:0d:7e:88:b0:a7:17:79:db:98:48:59:a8:44:4b:93:c6:
63:10:9b:11:8d:b9:8e:7d:45:ce:e3:c2:05:3f:58:f8:73:a8:
c7:39:43:17:17:56:27:85:38:e6:c4:ac:c9:16:56:89:0f:04:
ac:78:9f:55:16:f9:ba:15:64:0c:61:f9:f7:e1:52:7a:9c:df:
c9:9c:59:66:7c:c2:65:14:9e:cc:15:8c:1d:39:b6:8a:64:38:
09:fa:6f:15:97:c2:25:56:5c:36:01:e8:02:4e:e6:f2:4c:51:
a7:ea:c9:9b:c4:a7:24:9a:da:e7:31:47:2d:70:8c:ad:85:f5:
c6:40:95:8b:fd:d7:b4:ab:6b:4d:e9:ae:b8:3c:8f:78:ed:fe:
84:13:95:00:c2:f5:5a:7f:af:b3:0d:ad:c5:ef:8f:a6:a1:ac:
54:1b:0a:9e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQg1eyYq0F6rim5APdMkr6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjUwMTAxMDc0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM3YmJlNTUyZDc2Njg5MzAyZjY5MWU5ODY0NTkwN2IyZmFhMGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYwQ5hnWRijK33w0DiuMNCx30Epj
3ecK9nqQ09wL3Np2CM8K5zFP55L/zNwgZdkmZ1KIdNpdElcal2VkQitNL/QJmfp4
WGGBtikqKdPL9RD7/gdPULBB8NB6up0pBmu9qtpQ1Uc/NruD+QIjYOobgOtkZFla
2uN4w1gJ40dGc00vugjyLM1SzeW1NN40fKMe2yc+cCu3brLvb809vlAaJhGXfsA2
g0dnDlOdvCAsuFO45itMIBEl44U1Jb249qhnKLs68nF5Pf1gN0IucnuJfrB95Tpf
7eNLW4hz5MNWoG0c+h4zvE09IBI/AJjuXFa0jVzX75j2HD5UXDIM2XWYCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCjHu+VS12aJMC9pHphkWQey+qDfMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvS01lNzVWTFhab2t3TDJrZW1HUlpCN0w2b044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVj4gAwQB
XhASAwQBXhAcAwQBuVHSMA0GCSqGSIb3DQEBCwUAA4IBAQB182Pk+Mk0ZGq5ZfQS
QUKZlHs/qSa6P6Rfyt7Fq7kVe6N+Bk8AvfKCoI60FnB3LS/jsqm01lrIKRbBNhyG
Fz0GHyktxQXf2Xs+5qKyow4qgYwybxb9s46bRWO0ZA1+iLCnF3nbmEhZqERLk8Zj
EJsRjbmOfUXO48IFP1j4c6jHOUMXF1YnhTjmxKzJFlaJDwSseJ9VFvm6FWQMYfn3
4VJ6nN/JnFlmfMJlFJ7MFYwdObaKZDgJ+m8Vl8IlVlw2AegCTubyTFGn6smbxKck
mtrnMUctcIythfXGQJWL/de0q2tN6a64PI947f6EE5UAwvVaf6+zDa3F74+moaxU
Gwqe
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:00:32 2025 by rpki-client