Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/8f3b6f-e86f-467d-aa90-18b1a937a567/1/kgtXMGVq_yiG6jbCmetTa_cdZEI.roa
File: kgtXMGVq_yiG6jbCmetTa_cdZEI.roa (raw, json)
Hash identifier: 6jOU2wUAoyQfpjSCtb3mycfBqwA3lOt9bOnarXx4iMo=
Subject key identifier: 92:0B:57:30:65:6A:FF:28:86:EA:36:C2:99:EB:53:6B:F7:1D:64:42
Certificate issuer: /CN=8bfca7c96e804505a48b99603d9b2124f1dd3702
Certificate serial: 019428231FA56FEE95D182F00724930D46EA
Authority key identifier: 8B:FC:A7:C9:6E:80:45:05:A4:8B:99:60:3D:9B:21:24:F1:DD:37:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i_ynyW6ARQWki5lgPZshJPHdNwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/8f3b6f-e86f-467d-aa90-18b1a937a567/1/kgtXMGVq_yiG6jbCmetTa_cdZEI.roa
Signing time: Thu 02 Jan 2025 17:49:37 +0000
ROA not before: Thu 02 Jan 2025 17:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34209
IP address blocks: 46.28.240.0/21 maxlen: 21
46.28.241.0/24 maxlen: 24
46.28.243.0/24 maxlen: 24
46.28.244.0/24 maxlen: 24
46.28.245.0/24 maxlen: 24
46.28.246.0/24 maxlen: 24
193.22.169.0/24 maxlen: 24
193.41.210.0/23 maxlen: 23
195.80.237.0/24 maxlen: 24
2a02:2978::/32 maxlen: 32
2a02:2978::/36 maxlen: 36
2a02:2978:a000::/36 maxlen: 36
2a02:2978:b000::/36 maxlen: 36
2a02:2978:c000::/36 maxlen: 36
2a02:2978:e000::/36 maxlen: 36
2a02:2978:f000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:1f:a5:6f:ee:95:d1:82:f0:07:24:93:0d:46:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bfca7c96e804505a48b99603d9b2124f1dd3702
Validity
Not Before: Jan 2 17:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=920b5730656aff2886ea36c299eb536bf71d6442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:dc:8b:95:5a:c8:44:4f:ab:36:48:8c:b7:72:
12:67:1f:95:f1:63:62:1b:03:a1:02:71:0c:bb:dd:
fe:23:64:ba:40:54:0b:9c:e7:54:5f:9c:06:61:84:
44:e5:fa:ec:64:73:a8:94:ee:bb:ce:ce:69:69:c1:
67:33:fb:1c:1c:07:e4:d0:79:95:79:ce:3b:3e:2a:
ab:9e:58:09:e9:16:b1:3e:fe:e8:c5:25:f1:c3:15:
23:a6:7c:37:c3:93:a2:dd:2d:9a:3b:a3:c7:06:61:
aa:d0:d3:6b:99:16:a2:9e:5a:2d:50:40:0d:56:bd:
5b:90:04:ee:16:65:83:59:5a:38:f5:df:42:5c:0b:
52:45:1e:e4:f8:28:96:47:9c:10:aa:4a:22:10:44:
02:13:dc:af:ea:29:3b:63:c5:a4:31:c0:05:ca:df:
c5:e2:8f:7a:09:0d:e1:a0:00:d4:61:e0:81:50:10:
1e:e5:65:59:e5:4a:4b:86:e9:65:07:e4:00:bf:19:
fd:03:bf:bf:98:05:de:4a:62:72:90:33:57:e2:f8:
03:10:c9:d3:9d:dd:aa:cf:c5:af:d9:96:e0:6f:79:
6b:fb:d1:98:c3:86:3b:15:c5:e4:3f:bf:8f:b8:77:
91:32:19:68:bd:c8:cd:82:79:5a:77:7f:36:6e:30:
2d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0B:57:30:65:6A:FF:28:86:EA:36:C2:99:EB:53:6B:F7:1D:64:42
X509v3 Authority Key Identifier:
keyid:8B:FC:A7:C9:6E:80:45:05:A4:8B:99:60:3D:9B:21:24:F1:DD:37:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i_ynyW6ARQWki5lgPZshJPHdNwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/8f3b6f-e86f-467d-aa90-18b1a937a567/1/kgtXMGVq_yiG6jbCmetTa_cdZEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/8f3b6f-e86f-467d-aa90-18b1a937a567/1/i_ynyW6ARQWki5lgPZshJPHdNwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.240.0/21
193.22.169.0/24
193.41.210.0/23
195.80.237.0/24
IPv6:
2a02:2978::/32
Signature Algorithm: sha256WithRSAEncryption
91:a6:1e:8c:ff:bf:ad:95:d0:c8:75:c6:f9:9a:c1:e5:a4:1d:
d4:9d:50:df:69:25:3d:e5:26:f1:52:34:6c:37:8b:87:57:d1:
1b:b2:77:75:de:00:27:24:ba:37:aa:a6:c9:90:e9:33:9a:09:
b8:ab:1a:72:05:cc:c8:7c:e9:08:e0:92:f5:d6:40:bf:c5:eb:
b5:58:4f:2f:26:83:6b:21:b5:3b:e3:2d:fe:88:ca:97:18:1a:
6f:43:38:75:89:a4:73:d7:a9:27:b4:03:9f:22:53:4d:16:46:
7c:18:19:a6:88:59:cf:dd:c9:41:7e:3f:37:66:a3:34:fc:5f:
88:39:47:1f:97:77:de:f7:a9:81:ca:c4:d5:64:bf:31:68:e6:
26:4d:eb:1d:ad:43:9e:5b:7f:6c:9e:69:2c:06:35:1e:ab:ff:
69:d1:7e:83:7c:86:d2:9f:6a:15:c0:ec:fd:ba:aa:f5:85:40:
40:1b:13:73:d7:1f:b2:25:43:14:21:b9:ff:ff:73:4f:0f:b9:
d6:16:25:03:20:70:67:34:e0:13:ae:be:f7:28:1d:17:62:97:
78:b0:d5:c8:e8:60:82:ca:19:f3:54:1f:90:11:d9:a5:49:48:
6e:ce:5e:dc:98:c3:44:1b:4f:9a:33:10:89:ad:2e:a8:25:c2:
84:8e:74:7a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQoIx+lb+6V0YLwBySTDUbqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZmNhN2M5NmU4MDQ1MDVhNDhiOTk2MDNkOWIyMTI0ZjFk
ZDM3MDIwHhcNMjUwMTAyMTc0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjBiNTczMDY1NmFmZjI4ODZlYTM2YzI5OWViNTM2YmY3MWQ2NDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NyLlVrIRE+rNkiMt3ISZx+V8WNi
GwOhAnEMu93+I2S6QFQLnOdUX5wGYYRE5frsZHOolO67zs5pacFnM/scHAfk0HmV
ec47PiqrnlgJ6RaxPv7oxSXxwxUjpnw3w5Oi3S2aO6PHBmGq0NNrmRainlotUEAN
Vr1bkATuFmWDWVo49d9CXAtSRR7k+CiWR5wQqkoiEEQCE9yv6ik7Y8WkMcAFyt/F
4o96CQ3hoADUYeCBUBAe5WVZ5UpLhullB+QAvxn9A7+/mAXeSmJykDNX4vgDEMnT
nd2qz8Wv2Zbgb3lr+9GYw4Y7FcXkP7+PuHeRMhlovcjNgnlad382bjAtgwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJILVzBlav8ohuo2wpnrU2v3HWRCMB8GA1UdIwQY
MBaAFIv8p8lugEUFpIuZYD2bISTx3TcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaV95bnlXNkFSUVdraTVsZ1Bac2hKUEhkTndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84ZjNiNmYtZTg2Zi00NjdkLWFhOTAt
MThiMWE5MzdhNTY3LzEva2d0WE1HVnFfeWlHNmpiQ21ldFRhX2NkWkVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84ZjNiNmYtZTg2Zi00NjdkLWFhOTAtMThiMWE5MzdhNTY3
LzEvaV95bnlXNkFSUVdraTVsZ1Bac2hKUEhkTndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhzwAwQA
wRapAwQBwSnSAwQAw1DtMA0EAgACMAcDBQAqAil4MA0GCSqGSIb3DQEBCwUAA4IB
AQCRph6M/7+tldDIdcb5msHlpB3UnVDfaSU95SbxUjRsN4uHV9Ebsnd13gAnJLo3
qqbJkOkzmgm4qxpyBczIfOkI4JL11kC/xeu1WE8vJoNrIbU74y3+iMqXGBpvQzh1
iaRz16kntAOfIlNNFkZ8GBmmiFnP3clBfj83ZqM0/F+IOUcfl3fe96mBysTVZL8x
aOYmTesdrUOeW39snmksBjUeq/9p0X6DfIbSn2oVwOz9uqr1hUBAGxNz1x+yJUMU
Ibn//3NPD7nWFiUDIHBnNOATrr73KB0XYpd4sNXI6GCCyhnzVB+QEdmlSUhuzl7c
mMNEG0+aMxCJrS6oJcKEjnR6
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:36 2025 by rpki-client