Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/KpZlsfuIftWarUMo0x4PMGF-pM8.roa
File: KpZlsfuIftWarUMo0x4PMGF-pM8.roa (raw, json)
Hash identifier: zeq+D9wMp2yuFj5oNLhYKnlhD3CKLWHJORXp4Ld5QWw=
Subject key identifier: 2A:96:65:B1:FB:88:7E:D5:9A:AD:43:28:D3:1E:0F:30:61:7E:A4:CF
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 0183CECBF46096759081FF1AD4EBB2FB49CB
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/KpZlsfuIftWarUMo0x4PMGF-pM8.roa
Signing time: Thu 13 Oct 2022 00:43:36 +0000
ROA not before: Thu 13 Oct 2022 00:43:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 109.94.144.0/20 maxlen: 24
84.247.4.0/22 maxlen: 24
192.109.205.0/24 maxlen: 24
185.200.204.0/22 maxlen: 24
193.17.225.0/24 maxlen: 24
84.247.40.0/22 maxlen: 24
89.40.220.0/23 maxlen: 24
86.106.152.0/22 maxlen: 24
86.104.20.0/22 maxlen: 24
176.223.172.0/22 maxlen: 24
94.24.24.0/22 maxlen: 24
195.128.136.0/24 maxlen: 24
86.104.248.0/22 maxlen: 24
91.227.240.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ce:cb:f4:60:96:75:90:81:ff:1a:d4:eb:b2:fb:49:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Oct 13 00:43:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a9665b1fb887ed59aad4328d31e0f30617ea4cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b8:1d:44:0a:e0:53:64:f7:04:60:d5:62:21:
b4:69:77:79:0d:cf:ee:a7:e0:c4:4c:06:a9:95:ff:
b9:ab:b7:8f:34:ab:01:2c:cf:fd:ec:64:cb:07:8b:
f3:a7:35:45:43:d2:96:2d:f3:f2:cf:3f:77:45:e7:
8d:bb:5f:ba:4f:3a:1e:6e:78:4c:7f:58:6f:69:62:
4b:00:c6:4f:cc:ad:8a:5f:14:11:11:7a:9e:56:57:
07:14:63:ce:ad:36:7d:58:a9:7d:ae:a7:a7:03:6f:
0c:86:c7:a0:62:8d:a6:d4:f3:82:1f:61:99:54:7a:
da:b0:33:54:bd:5b:32:c1:4d:93:3f:85:fd:34:2d:
d3:c6:68:30:6a:7a:df:7d:47:40:88:89:89:e9:47:
43:72:ce:69:5e:1b:a0:6b:c4:0e:b0:a3:9c:06:6f:
7d:f4:0f:40:20:fe:c9:70:b0:2a:91:6c:6c:f1:50:
c2:46:b8:b3:7e:ce:eb:86:de:ea:82:29:51:ff:39:
a0:ee:96:1a:fc:79:be:6f:6f:dd:b3:39:59:07:0c:
bd:4f:0f:e8:62:f0:0b:ac:36:ac:3a:f4:21:d6:82:
4f:6f:74:bc:68:c6:f5:07:7d:63:5a:50:40:22:28:
2d:77:c6:1f:47:2b:98:d2:b6:f6:35:e3:0e:41:07:
9a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:96:65:B1:FB:88:7E:D5:9A:AD:43:28:D3:1E:0F:30:61:7E:A4:CF
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/KpZlsfuIftWarUMo0x4PMGF-pM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.4.0/22
84.247.40.0/22
86.104.20.0/22
86.104.248.0/22
86.106.152.0/22
89.40.220.0/23
91.227.240.0/23
94.24.24.0/22
109.94.144.0/20
176.223.172.0/22
185.200.204.0/22
192.109.205.0/24
193.17.225.0/24
195.128.136.0/24
Signature Algorithm: sha256WithRSAEncryption
66:4a:69:45:55:80:24:a5:17:1d:2f:56:bb:df:46:e5:9a:dd:
30:ec:e5:7a:7c:99:ac:f9:e9:90:48:da:82:37:18:d4:9f:80:
90:ac:5d:ce:e6:30:9a:57:54:67:4d:6c:f4:d5:43:0b:88:b2:
84:30:21:fb:5b:8c:45:20:c1:0c:f1:3c:35:c5:16:f0:15:49:
fe:29:70:2b:e5:03:78:13:47:13:cd:d4:4c:9d:b3:db:66:09:
f1:26:76:c7:50:bb:5b:92:29:a5:d0:85:36:e6:3e:1c:41:fa:
09:17:d5:c9:5d:51:b4:65:87:a9:2d:cc:42:bd:d7:55:ad:d0:
b9:e9:a6:b3:52:16:48:4c:d8:d8:ce:f9:37:45:c0:92:89:94:
cf:23:d7:76:72:7c:13:b1:b1:1b:ca:b8:99:69:06:3c:81:b5:
f5:e3:9e:42:e3:48:1e:d4:13:4d:6f:e7:52:56:d1:a8:a5:65:
ac:ba:f7:21:b1:16:e8:94:86:2b:b1:07:e9:af:b0:6e:9c:35:
bf:16:79:c9:3b:be:61:cd:ee:72:79:33:b3:46:78:2e:31:38:
4a:da:dd:6b:b4:75:0e:ce:55:ff:67:03:4d:2d:55:93:c3:5f:
82:f7:30:14:9e:ea:30:a8:0a:ca:e8:1f:63:e2:47:ae:09:b1:
d2:6a:fc:2e
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYPOy/RglnWQgf8a1Ouy+0nLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjIxMDEzMDA0MzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTk2NjViMWZiODg3ZWQ1OWFhZDQzMjhkMzFlMGYzMDYxN2VhNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbgdRArgU2T3BGDVYiG0aXd5Dc/u
p+DETAaplf+5q7ePNKsBLM/97GTLB4vzpzVFQ9KWLfPyzz93ReeNu1+6TzoebnhM
f1hvaWJLAMZPzK2KXxQREXqeVlcHFGPOrTZ9WKl9rqenA28MhsegYo2m1POCH2GZ
VHrasDNUvVsywU2TP4X9NC3TxmgwanrffUdAiImJ6UdDcs5pXhuga8QOsKOcBm99
9A9AIP7JcLAqkWxs8VDCRrizfs7rht7qgilR/zmg7pYa/Hm+b2/dszlZBwy9Tw/o
YvALrDasOvQh1oJPb3S8aMb1B31jWlBAIigtd8YfRyuY0rb2NeMOQQeagwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFCqWZbH7iH7Vmq1DKNMeDzBhfqTPMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvS3BabHNmdUlmdFdhclVNbzB4NFBNR0YtcE04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCVPcEAwQC
VPcoAwQCVmgUAwQCVmj4AwQCVmqYAwQBWSjcAwQBW+PwAwQCXhgYAwQEbV6QAwQC
sN+sAwQCucjMAwQAwG3NAwQAwRHhAwQAw4CIMA0GCSqGSIb3DQEBCwUAA4IBAQBm
SmlFVYAkpRcdL1a730blmt0w7OV6fJms+emQSNqCNxjUn4CQrF3O5jCaV1RnTWz0
1UMLiLKEMCH7W4xFIMEM8Tw1xRbwFUn+KXAr5QN4E0cTzdRMnbPbZgnxJnbHULtb
kiml0IU25j4cQfoJF9XJXVG0ZYepLcxCvddVrdC56aazUhZITNjYzvk3RcCSiZTP
I9d2cnwTsbEbyriZaQY8gbX1455C40ge1BNNb+dSVtGopWWsuvchsRbolIYrsQfp
r7BunDW/FnnJO75hze5yeTOzRnguMThK2t1rtHUOzlX/ZwNNLVWTw1+C9zAUnuow
qArK6B9j4keuCbHSavwu
-----END CERTIFICATE-----
Generated at Wed Mar 12 07:03:48 2025 by rpki-client