Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/62c92a-5c23-48d7-bca2-63f04095a4c4/1/KfvqJ792oMd34Pp7PugqoZjhvkw.roa
File: KfvqJ792oMd34Pp7PugqoZjhvkw.roa (raw, json)
Hash identifier: S302iUZeOLpzdWoDN+iw2GhCZ0Q0jKKUkWWXOnKtMnU=
Subject key identifier: 29:FB:EA:27:BF:76:A0:C7:77:E0:FA:7B:3E:E8:2A:A1:98:E1:BE:4C
Certificate issuer: /CN=3aedd3c7273d9ab364a314da481e5ba51f84296f
Certificate serial: 0194274740CA5F2996D2C3A7DC672F08F528
Authority key identifier: 3A:ED:D3:C7:27:3D:9A:B3:64:A3:14:DA:48:1E:5B:A5:1F:84:29:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ou3Txyc9mrNkoxTaSB5bpR-EKW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/62c92a-5c23-48d7-bca2-63f04095a4c4/1/KfvqJ792oMd34Pp7PugqoZjhvkw.roa
Signing time: Thu 02 Jan 2025 13:49:28 +0000
ROA not before: Thu 02 Jan 2025 13:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21161
IP address blocks: 178.249.80.0/22 maxlen: 22
178.249.84.0/22 maxlen: 22
185.195.180.0/22 maxlen: 22
193.138.83.0/24 maxlen: 24
194.110.196.0/24 maxlen: 24
194.121.11.0/24 maxlen: 24
2a02:2198::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:40:ca:5f:29:96:d2:c3:a7:dc:67:2f:08:f5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aedd3c7273d9ab364a314da481e5ba51f84296f
Validity
Not Before: Jan 2 13:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29fbea27bf76a0c777e0fa7b3ee82aa198e1be4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:07:78:64:79:ec:cf:54:bf:80:1a:37:45:34:
3a:02:c1:26:38:09:af:42:83:ec:78:65:cb:f0:13:
7c:1e:30:ec:92:f5:3e:65:b1:57:5a:ad:e1:c6:5e:
70:43:3c:bf:08:b3:bd:44:f4:14:93:75:51:bc:cb:
14:69:0a:16:34:02:d3:d1:19:d1:a8:89:9f:eb:cf:
ca:30:38:ec:fb:24:4f:64:6e:de:e8:ba:9e:e2:8a:
8d:9e:51:d7:3a:35:00:60:8d:02:58:a4:d9:21:bf:
10:73:23:28:e5:3d:5f:2a:cb:f5:f7:d6:68:63:53:
85:e5:97:8a:0c:ca:af:d9:58:6c:ec:f5:36:38:3e:
13:73:4a:68:79:3d:f6:c2:30:af:56:c9:88:12:2c:
ab:23:e0:b4:4e:f0:93:88:bd:0d:ef:05:b4:70:57:
48:84:af:25:f4:78:62:d9:fc:50:0d:0a:6e:7b:18:
62:75:f3:43:82:0b:cf:eb:6c:b5:d5:77:e0:4f:ac:
c0:5f:f1:b8:44:a6:83:43:7a:10:78:c8:fc:9f:eb:
b3:d1:44:78:bd:d5:58:db:9c:3a:2b:db:de:28:22:
2c:96:50:5f:e0:6d:a6:3b:75:54:58:57:c8:4f:79:
8a:b7:4d:ad:98:6d:3b:4d:f6:56:19:5e:6c:66:19:
09:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:FB:EA:27:BF:76:A0:C7:77:E0:FA:7B:3E:E8:2A:A1:98:E1:BE:4C
X509v3 Authority Key Identifier:
keyid:3A:ED:D3:C7:27:3D:9A:B3:64:A3:14:DA:48:1E:5B:A5:1F:84:29:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou3Txyc9mrNkoxTaSB5bpR-EKW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/62c92a-5c23-48d7-bca2-63f04095a4c4/1/KfvqJ792oMd34Pp7PugqoZjhvkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/62c92a-5c23-48d7-bca2-63f04095a4c4/1/Ou3Txyc9mrNkoxTaSB5bpR-EKW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.249.80.0/21
185.195.180.0/22
193.138.83.0/24
194.110.196.0/24
194.121.11.0/24
IPv6:
2a02:2198::/32
Signature Algorithm: sha256WithRSAEncryption
2c:60:26:17:e4:6f:24:62:db:ec:5f:71:1e:d3:35:21:97:37:
82:62:2a:f8:06:6d:2b:b3:77:e3:46:28:bf:63:82:31:17:8e:
18:b8:62:26:c6:d7:a5:a8:a7:ea:78:f1:5e:70:5e:a1:cf:9f:
de:20:55:4a:90:13:61:25:ec:95:51:40:91:bd:ad:d5:2d:af:
62:80:4f:a6:89:dc:ae:25:be:02:46:74:8c:66:69:78:6d:a9:
cf:a7:b9:61:3e:34:55:e0:2d:40:bb:bb:97:12:bd:c0:e0:01:
10:a5:1e:1a:e5:c4:b2:4a:71:bd:1e:d7:35:6f:54:bd:13:9f:
76:a2:48:2d:fc:a8:30:6c:93:1a:03:74:6a:f5:ad:30:9c:f3:
80:f0:74:c9:e3:0f:e1:2b:93:e8:d8:a7:bc:8d:db:53:77:65:
71:8f:27:8f:41:56:bb:2a:8d:8a:45:4f:fc:ed:57:23:ad:de:
0f:fa:9f:4c:32:c8:93:ec:f2:05:9e:fd:6c:4a:2c:05:35:b6:
de:a4:ab:98:34:76:d6:c2:c0:74:1d:2d:40:5c:2f:26:5a:bb:
86:10:cf:a5:42:2b:8f:cd:28:7c:c4:6b:95:99:c4:62:44:8d:
2a:ee:6c:7b:c1:e0:8f:53:45:93:67:46:14:11:bb:fc:59:a9:
dd:0a:0a:74
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQnR0DKXymW0sOn3GcvCPUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWRkM2M3MjczZDlhYjM2NGEzMTRkYTQ4MWU1YmE1MWY4
NDI5NmYwHhcNMjUwMTAyMTM0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWZiZWEyN2JmNzZhMGM3NzdlMGZhN2IzZWU4MmFhMTk4ZTFiZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQd4ZHnsz1S/gBo3RTQ6AsEmOAmv
QoPseGXL8BN8HjDskvU+ZbFXWq3hxl5wQzy/CLO9RPQUk3VRvMsUaQoWNALT0RnR
qImf68/KMDjs+yRPZG7e6Lqe4oqNnlHXOjUAYI0CWKTZIb8QcyMo5T1fKsv199Zo
Y1OF5ZeKDMqv2Vhs7PU2OD4Tc0poeT32wjCvVsmIEiyrI+C0TvCTiL0N7wW0cFdI
hK8l9Hhi2fxQDQpuexhidfNDggvP62y11XfgT6zAX/G4RKaDQ3oQeMj8n+uz0UR4
vdVY25w6K9veKCIsllBf4G2mO3VUWFfIT3mKt02tmG07TfZWGV5sZhkJJwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCn76ie/dqDHd+D6ez7oKqGY4b5MMB8GA1UdIwQY
MBaAFDrt08cnPZqzZKMU2kgeW6UfhClvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3UzVHh5Yzltck5rb3hUYVNCNWJwUi1FS1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS82MmM5MmEtNWMyMy00OGQ3LWJjYTIt
NjNmMDQwOTVhNGM0LzEvS2Z2cUo3OTJvTWQzNFBwN1B1Z3FvWmpodmt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS82MmM5MmEtNWMyMy00OGQ3LWJjYTItNjNmMDQwOTVhNGM0
LzEvT3UzVHh5Yzltck5rb3hUYVNCNWJwUi1FS1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDsvlQAwQC
ucO0AwQAwYpTAwQAwm7EAwQAwnkLMA0EAgACMAcDBQAqAiGYMA0GCSqGSIb3DQEB
CwUAA4IBAQAsYCYX5G8kYtvsX3Ee0zUhlzeCYir4Bm0rs3fjRii/Y4IxF44YuGIm
xtelqKfqePFecF6hz5/eIFVKkBNhJeyVUUCRva3VLa9igE+midyuJb4CRnSMZml4
banPp7lhPjRV4C1Au7uXEr3A4AEQpR4a5cSySnG9Htc1b1S9E592okgt/KgwbJMa
A3Rq9a0wnPOA8HTJ4w/hK5Po2Ke8jdtTd2VxjyePQVa7Ko2KRU/87Vcjrd4P+p9M
MsiT7PIFnv1sSiwFNbbepKuYNHbWwsB0HS1AXC8mWruGEM+lQiuPzSh8xGuVmcRi
RI0q7mx7weCPU0WTZ0YUEbv8WandCgp0
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:05:56 2025 by rpki-client