Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/kRJQb1l8os5CIqMOU8LBEruOTx4.roa
File: kRJQb1l8os5CIqMOU8LBEruOTx4.roa (raw, json)
Hash identifier: TdXs2Jpp+ognrukNFJlpBqk3DPNKW0kibHKNgBtL5tg=
Subject key identifier: 91:12:50:6F:59:7C:A2:CE:42:22:A3:0E:53:C2:C1:12:BB:8E:4F:1E
Certificate issuer: /CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Certificate serial: 019423D6C0F2462FD8481E7611F360614D95
Authority key identifier: 58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/kRJQb1l8os5CIqMOU8LBEruOTx4.roa
Signing time: Wed 01 Jan 2025 21:47:44 +0000
ROA not before: Wed 01 Jan 2025 21:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208041
IP address blocks: 185.222.4.0/22 maxlen: 22
185.222.4.0/24 maxlen: 24
185.222.5.0/24 maxlen: 24
185.222.6.0/24 maxlen: 24
185.222.7.0/24 maxlen: 24
193.160.10.0/23 maxlen: 23
193.160.14.0/23 maxlen: 23
2a0c:8440::/48 maxlen: 48
2a0f:d180::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c0:f2:46:2f:d8:48:1e:76:11:f3:60:61:4d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Validity
Not Before: Jan 1 21:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9112506f597ca2ce4222a30e53c2c112bb8e4f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:21:64:93:6c:5b:1a:8a:5a:bc:90:88:94:5e:
45:5a:6a:a0:f5:ce:1f:80:db:70:65:2a:4e:42:b5:
55:c5:81:2c:42:2e:ce:30:92:a4:42:38:7e:e5:76:
13:79:b2:4e:0f:54:f6:b3:16:8e:35:5e:ce:5b:24:
86:46:d0:44:3c:49:72:3c:ff:14:d0:e6:0d:62:70:
c5:74:68:17:d6:04:a1:01:68:da:1b:1f:da:0c:c1:
f9:80:6b:9b:9f:95:a8:8d:af:4d:f3:56:1f:f5:3b:
86:f3:ce:20:2d:7e:a2:ca:d4:7e:d9:5d:05:e4:40:
a5:9a:4a:8b:61:cb:56:86:52:09:f5:53:38:82:a3:
c3:0e:1f:2d:e4:8e:3f:8d:af:ad:96:e4:da:6d:8b:
d3:43:51:6a:02:0a:04:de:86:42:0b:74:00:99:b2:
09:e3:ef:7e:47:a6:f1:59:2b:c1:ca:68:57:70:a9:
3a:28:7c:74:82:80:46:e3:b3:88:d6:10:c7:0a:74:
12:52:c9:00:16:33:b7:31:19:cf:9b:95:b1:95:f8:
81:78:f4:74:1c:c0:1f:6e:6d:a8:ce:fc:c6:3a:71:
16:ce:4b:eb:cc:c9:56:54:bb:15:aa:64:5b:38:ed:
04:65:c1:ab:0c:35:0b:bd:d5:0c:30:f7:2c:84:5d:
c7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:12:50:6F:59:7C:A2:CE:42:22:A3:0E:53:C2:C1:12:BB:8E:4F:1E
X509v3 Authority Key Identifier:
keyid:58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/kRJQb1l8os5CIqMOU8LBEruOTx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/WB7MGnTPkqthnF9xASOTfOUNnEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.4.0/22
193.160.10.0/23
193.160.14.0/23
IPv6:
2a0c:8440::/48
2a0f:d180::/29
Signature Algorithm: sha256WithRSAEncryption
41:63:7d:48:45:58:88:ad:a2:65:8e:5a:d1:06:56:df:19:9a:
98:f0:1c:69:e3:b9:6f:a4:9b:e8:af:cb:63:95:32:c0:ca:f9:
57:56:5e:a2:dc:9f:0c:fc:73:a8:40:e1:87:18:a1:19:57:93:
fe:f6:fb:67:75:dd:9b:30:58:1d:0a:32:df:ca:0b:3c:d1:09:
27:07:c4:2b:91:df:d8:55:da:4a:57:ba:6f:5d:27:88:8c:83:
d3:06:e7:85:55:6e:3d:11:b3:c4:31:05:ba:ac:42:c6:82:ee:
b7:b8:54:ec:35:61:b1:14:ea:b0:f0:67:89:84:e6:38:06:fa:
54:59:ba:f7:0e:71:90:f3:c2:44:ad:86:c4:b7:aa:f5:ab:c4:
10:52:b2:29:bb:46:df:92:25:60:8c:a4:9e:61:18:29:cd:aa:
25:30:90:e5:45:01:bd:f1:74:0d:04:ce:d4:fc:71:b6:7f:06:
15:fb:ef:22:c6:a4:79:33:b0:62:06:73:d0:7b:f6:c8:17:24:
a9:42:c6:ec:c5:e6:21:52:6a:a9:94:f4:20:40:33:98:02:a2:
7b:6e:22:a4:a6:ad:09:6e:2e:5e:6f:85:56:51:0c:13:f5:ea:
c6:48:b4:4e:4a:31:43:8c:53:f4:07:af:e0:57:06:2c:58:68:
a1:00:21:ef
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQj1sDyRi/YSB52EfNgYU2VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MWVjYzFhNzRjZjkyYWI2MTljNWY3MTAxMjM5MzdjZTUw
ZDljNDMwHhcNMjUwMTAxMjE0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTEyNTA2ZjU5N2NhMmNlNDIyMmEzMGU1M2MyYzExMmJiOGU0ZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iFkk2xbGopavJCIlF5FWmqg9c4f
gNtwZSpOQrVVxYEsQi7OMJKkQjh+5XYTebJOD1T2sxaONV7OWySGRtBEPElyPP8U
0OYNYnDFdGgX1gShAWjaGx/aDMH5gGubn5Woja9N81Yf9TuG884gLX6iytR+2V0F
5EClmkqLYctWhlIJ9VM4gqPDDh8t5I4/ja+tluTabYvTQ1FqAgoE3oZCC3QAmbIJ
4+9+R6bxWSvBymhXcKk6KHx0goBG47OI1hDHCnQSUskAFjO3MRnPm5WxlfiBePR0
HMAfbm2ozvzGOnEWzkvrzMlWVLsVqmRbOO0EZcGrDDULvdUMMPcshF3HLQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJESUG9ZfKLOQiKjDlPCwRK7jk8eMB8GA1UdIwQY
MBaAFFgezBp0z5KrYZxfcQEjk3zlDZxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYt
ZGE4OGI2YmRiMzE2LzEva1JKUWIxbDhvczVDSXFNT1U4TEJFcnVPVHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYtZGE4OGI2YmRiMzE2
LzEvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCud4EAwQB
waAKAwQBwaAOMBYEAgACMBADBwAqDIRAAAADBQMqD9GAMA0GCSqGSIb3DQEBCwUA
A4IBAQBBY31IRViIraJljlrRBlbfGZqY8Bxp47lvpJvor8tjlTLAyvlXVl6i3J8M
/HOoQOGHGKEZV5P+9vtndd2bMFgdCjLfygs80QknB8Qrkd/YVdpKV7pvXSeIjIPT
BueFVW49EbPEMQW6rELGgu63uFTsNWGxFOqw8GeJhOY4BvpUWbr3DnGQ88JErYbE
t6r1q8QQUrIpu0bfkiVgjKSeYRgpzaolMJDlRQG98XQNBM7U/HG2fwYV++8ixqR5
M7BiBnPQe/bIFySpQsbsxeYhUmqplPQgQDOYAqJ7biKkpq0Jbi5eb4VWUQwT9erG
SLROSjFDjFP0B6/gVwYsWGihACHv
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:39 2025 by rpki-client