Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/KwFiVQgCHTlXMY_TYL_laU7APsg.roa
File: KwFiVQgCHTlXMY_TYL_laU7APsg.roa (raw, json)
Hash identifier: qfYaVhKwplFB9wdvFF2eG+ZvwUUFbi4aeim7C9EVTCM=
Subject key identifier: 2B:01:62:55:08:02:1D:39:57:31:8F:D3:60:BF:E5:69:4E:C0:3E:C8
Certificate issuer: /CN=c8003c979603f7cea12aca01ebc2057c36fd7f30
Certificate serial: 0194236A3AD6190D89F9DE92A9B9813C399F
Authority key identifier: C8:00:3C:97:96:03:F7:CE:A1:2A:CA:01:EB:C2:05:7C:36:FD:7F:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/KwFiVQgCHTlXMY_TYL_laU7APsg.roa
Signing time: Wed 01 Jan 2025 19:49:11 +0000
ROA not before: Wed 01 Jan 2025 19:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48645
IP address blocks: 94.143.208.0/21 maxlen: 24
185.63.20.0/22 maxlen: 24
2a02:27c8::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:3a:d6:19:0d:89:f9:de:92:a9:b9:81:3c:39:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8003c979603f7cea12aca01ebc2057c36fd7f30
Validity
Not Before: Jan 1 19:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b01625508021d3957318fd360bfe5694ec03ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:36:84:09:58:f0:5e:75:41:c8:dc:4d:8a:4a:
10:e1:23:5f:a7:a7:b4:47:f0:2a:56:c2:fb:dc:20:
47:5b:57:7b:f1:f4:91:54:7b:96:71:38:2f:5b:aa:
94:0d:4c:63:aa:64:2f:a7:b0:7b:ae:90:a1:09:de:
aa:52:8f:a4:61:02:3d:f6:14:82:2e:64:1e:18:4c:
23:09:c6:4b:91:2f:3b:33:60:22:c8:cc:f4:7d:21:
76:4a:90:4f:5b:8c:25:a7:22:95:be:33:89:31:65:
04:82:ee:80:52:31:f1:fd:10:3e:b3:66:42:3f:14:
b3:98:2a:25:f7:3c:e5:b5:a3:1c:ed:ce:5e:83:d8:
f9:be:f4:31:6a:c9:1c:7c:87:c8:c8:46:ae:bd:a2:
b4:78:8c:c1:e3:5c:7e:fa:61:4a:40:44:47:26:f5:
a2:4d:be:08:ef:29:03:ba:ed:f1:9e:82:76:a0:e7:
3b:4c:ee:5f:53:a7:bd:c6:29:3d:74:a8:4a:c7:a1:
4f:53:f9:07:c6:14:3c:0b:b0:d0:35:7c:3b:87:ec:
86:6c:e4:4b:92:4e:c9:3a:b6:58:05:ee:e6:ca:58:
1f:74:2c:04:4b:35:ee:ce:4a:71:84:b1:16:4d:3d:
54:ab:d6:f3:4f:5b:32:c1:e2:69:01:67:a5:91:88:
44:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:01:62:55:08:02:1D:39:57:31:8F:D3:60:BF:E5:69:4E:C0:3E:C8
X509v3 Authority Key Identifier:
keyid:C8:00:3C:97:96:03:F7:CE:A1:2A:CA:01:EB:C2:05:7C:36:FD:7F:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/KwFiVQgCHTlXMY_TYL_laU7APsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/yAA8l5YD986hKsoB68IFfDb9fzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.208.0/21
185.63.20.0/22
IPv6:
2a02:27c8::/32
Signature Algorithm: sha256WithRSAEncryption
40:4a:7e:26:54:83:73:4b:0b:5c:f8:7e:6b:93:ac:1f:0d:30:
a6:f0:2d:e7:60:08:1d:84:0f:a7:dc:2b:a1:bb:39:06:47:e1:
19:a3:61:ed:3b:0a:de:74:0f:7a:32:ab:a2:76:7f:ad:0f:a6:
f5:62:30:d7:13:35:c3:f7:c8:a0:10:fd:62:62:50:c6:04:22:
76:39:81:f5:36:2f:56:d6:f5:2f:b7:2d:92:da:d5:d3:88:a2:
b0:16:4f:20:85:bd:b9:82:a8:98:d4:e0:93:67:8c:51:77:8e:
be:10:89:89:8d:cd:1a:16:8c:8a:cb:6d:a5:c7:a2:90:29:6b:
41:68:b2:11:b9:ea:d1:4e:54:c4:0c:4f:30:22:67:8f:01:73:
46:0b:f8:c3:f4:da:55:55:e6:9b:16:73:2b:60:02:69:98:0d:
f8:00:7c:34:be:43:e1:e6:98:ca:b4:ca:4b:b6:cc:50:03:8f:
69:66:a5:de:b7:e4:5c:a5:26:5e:49:e7:cb:e5:5b:e0:9f:40:
dd:15:10:7d:bd:eb:ed:2f:af:3f:3a:ce:6c:f0:52:71:26:08:
87:1c:38:5e:02:06:28:8c:cf:f3:f8:6e:93:65:13:b9:6f:63:
a6:2b:30:29:ab:65:df:d0:fd:bf:8a:90:4c:0c:a2:16:eb:f5:
bc:9c:7e:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjajrWGQ2J+d6SqbmBPDmfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDAzYzk3OTYwM2Y3Y2VhMTJhY2EwMWViYzIwNTdjMzZm
ZDdmMzAwHhcNMjUwMTAxMTk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjAxNjI1NTA4MDIxZDM5NTczMThmZDM2MGJmZTU2OTRlYzAzZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojaECVjwXnVByNxNikoQ4SNfp6e0
R/AqVsL73CBHW1d78fSRVHuWcTgvW6qUDUxjqmQvp7B7rpChCd6qUo+kYQI99hSC
LmQeGEwjCcZLkS87M2AiyMz0fSF2SpBPW4wlpyKVvjOJMWUEgu6AUjHx/RA+s2ZC
PxSzmCol9zzltaMc7c5eg9j5vvQxaskcfIfIyEauvaK0eIzB41x++mFKQERHJvWi
Tb4I7ykDuu3xnoJ2oOc7TO5fU6e9xik9dKhKx6FPU/kHxhQ8C7DQNXw7h+yGbORL
kk7JOrZYBe7mylgfdCwESzXuzkpxhLEWTT1Uq9bzT1syweJpAWelkYhENwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCsBYlUIAh05VzGP02C/5WlOwD7IMB8GA1UdIwQY
MBaAFMgAPJeWA/fOoSrKAevCBXw2/X8wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFBOGw1WUQ5ODZoS3NvQjY4SUZmRGI5ZnpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wM2NhMDEtYjk1OS00MWE2LTgxMzMt
MDcyMjg4MTJkMDE3LzEvS3dGaVZRZ0NIVGxYTVlfVFlMX2xhVTdBUHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8wM2NhMDEtYjk1OS00MWE2LTgxMzMtMDcyMjg4MTJkMDE3
LzEveUFBOGw1WUQ5ODZoS3NvQjY4SUZmRGI5ZnpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXo/QAwQC
uT8UMA0EAgACMAcDBQAqAifIMA0GCSqGSIb3DQEBCwUAA4IBAQBASn4mVINzSwtc
+H5rk6wfDTCm8C3nYAgdhA+n3CuhuzkGR+EZo2HtOwredA96Mquidn+tD6b1YjDX
EzXD98igEP1iYlDGBCJ2OYH1Ni9W1vUvty2S2tXTiKKwFk8ghb25gqiY1OCTZ4xR
d46+EImJjc0aFoyKy22lx6KQKWtBaLIRuerRTlTEDE8wImePAXNGC/jD9NpVVeab
FnMrYAJpmA34AHw0vkPh5pjKtMpLtsxQA49pZqXet+RcpSZeSefL5Vvgn0DdFRB9
vevtL68/Os5s8FJxJgiHHDheAgYojM/z+G6TZRO5b2OmKzApq2Xf0P2/ipBMDKIW
6/W8nH40
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:24 2025 by rpki-client