Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/kWKzlkscB7daOWDY4oKMbQrvmPM.roa
File: kWKzlkscB7daOWDY4oKMbQrvmPM.roa (raw, json)
Hash identifier: +UujkJtTO/f34wPNB9YifFEZtv6nz6r4CdVLpks93fU=
Subject key identifier: 91:62:B3:96:4B:1C:07:B7:5A:39:60:D8:E2:82:8C:6D:0A:EF:98:F3
Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial: 01942521D7AEE5D0B4AA540A6A0E430BCF06
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/kWKzlkscB7daOWDY4oKMbQrvmPM.roa
Signing time: Thu 02 Jan 2025 03:49:22 +0000
ROA not before: Thu 02 Jan 2025 03:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44534
IP address blocks: 5.45.209.0/24 maxlen: 24
5.255.232.0/24 maxlen: 24
5.255.234.0/23 maxlen: 23
37.140.168.0/24 maxlen: 24
77.88.42.0/23 maxlen: 23
77.88.61.0/24 maxlen: 24
87.250.232.0/24 maxlen: 24
87.250.238.0/24 maxlen: 24
90.156.176.0/20 maxlen: 24
90.156.176.0/24 maxlen: 24
93.158.155.0/24 maxlen: 24
93.158.184.0/24 maxlen: 24
93.158.185.0/24 maxlen: 24
93.158.186.0/24 maxlen: 24
93.158.187.0/24 maxlen: 24
95.108.168.0/22 maxlen: 22
95.108.170.0/24 maxlen: 24
141.8.130.0/23 maxlen: 23
178.154.152.0/24 maxlen: 24
2a02:6bf:8004::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d7:ae:e5:d0:b4:aa:54:0a:6a:0e:43:0b:cf:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Validity
Not Before: Jan 2 03:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9162b3964b1c07b75a3960d8e2828c6d0aef98f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b5:42:b2:eb:48:3e:61:2d:3a:84:d6:c2:e9:
57:9f:5a:9c:10:70:ed:83:1d:2b:99:d5:6d:76:2c:
3f:46:cb:b1:45:dd:15:c7:01:d5:ee:45:72:2f:4d:
41:5d:84:82:dd:95:f6:3e:5c:6b:fe:7e:c8:0d:a5:
e0:f6:17:db:ae:62:bc:fa:bd:21:8d:d8:cc:12:07:
7c:08:69:12:89:83:e1:50:84:8b:1c:f6:45:84:ca:
cc:30:a1:15:c7:0f:de:8d:39:28:5a:93:b7:27:c5:
47:62:52:51:b3:cd:db:c3:6d:6c:d1:af:9c:a0:4b:
7c:91:9d:29:68:0d:d1:d5:10:76:70:29:13:df:d0:
33:7d:48:ec:87:4f:5b:7c:a5:e2:aa:ed:92:78:ac:
bd:00:e0:86:3e:26:bd:f6:43:6e:07:01:24:b9:c4:
56:e6:96:63:74:92:db:8f:a8:ca:8e:af:ae:4a:24:
aa:97:ce:2b:bf:9b:2a:1d:93:48:e9:02:c1:d1:40:
ff:1e:f8:ed:60:9e:ac:c0:cc:aa:da:21:b5:b1:21:
b5:14:18:91:fe:89:d5:17:19:b7:0a:e9:68:b7:17:
66:3b:8b:27:74:20:cf:64:5f:60:c2:ec:12:68:59:
00:f7:f9:12:79:63:47:06:82:8e:df:ff:5f:75:b5:
79:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:62:B3:96:4B:1C:07:B7:5A:39:60:D8:E2:82:8C:6D:0A:EF:98:F3
X509v3 Authority Key Identifier:
keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/kWKzlkscB7daOWDY4oKMbQrvmPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.209.0/24
5.255.232.0/24
5.255.234.0/23
37.140.168.0/24
77.88.42.0/23
77.88.61.0/24
87.250.232.0/24
87.250.238.0/24
90.156.176.0/20
93.158.155.0/24
93.158.184.0/22
95.108.168.0/22
141.8.130.0/23
178.154.152.0/24
IPv6:
2a02:6bf:8004::/48
Signature Algorithm: sha256WithRSAEncryption
91:9f:41:cf:86:b2:87:b9:95:17:e7:94:a2:e6:c9:3f:78:10:
9e:11:7b:dc:ec:65:aa:df:1e:3a:09:7a:27:92:2d:e0:1a:e0:
6a:38:9e:2f:9f:39:6f:be:5b:85:c9:16:90:10:b1:5c:22:4a:
03:47:8d:63:9a:41:82:0a:f0:a7:a1:1e:56:53:ff:a8:c4:d8:
8d:fa:52:de:9a:83:ec:bd:0a:31:62:bd:ea:ac:c4:d5:aa:b3:
e6:4d:b3:57:1f:4c:95:a1:b9:47:57:48:f1:54:8c:33:3f:1a:
0c:dc:73:ca:52:f1:5c:80:08:3d:04:78:ab:5f:5e:ef:c6:7d:
15:43:28:10:f7:03:7c:96:7b:44:93:bd:2e:cf:82:26:1b:79:
a3:f3:c2:f8:da:42:f0:8e:9c:a0:1d:b8:cf:d1:58:fb:e3:77:
8b:38:8f:2b:89:7e:af:e2:ed:78:a6:c5:06:1c:06:37:fe:30:
a9:2f:31:1c:9f:03:a0:f2:91:55:9f:90:24:a2:e0:99:e3:ee:
76:5e:e3:c6:6b:ad:37:5b:62:00:4f:cd:09:5f:9a:4a:7e:6f:
b9:f8:78:48:db:c3:29:0e:37:0c:60:fb:c5:eb:e2:89:b6:3a:
f2:b3:2d:de:a6:9e:7d:76:f2:50:7e:44:a2:34:e6:eb:6d:de:
96:e9:4e:9d
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZQlIdeu5dC0qlQKag5DC88GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjUwMTAyMDM0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTYyYjM5NjRiMWMwN2I3NWEzOTYwZDhlMjgyOGM2ZDBhZWY5OGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrVCsutIPmEtOoTWwulXn1qcEHDt
gx0rmdVtdiw/RsuxRd0VxwHV7kVyL01BXYSC3ZX2Plxr/n7IDaXg9hfbrmK8+r0h
jdjMEgd8CGkSiYPhUISLHPZFhMrMMKEVxw/ejTkoWpO3J8VHYlJRs83bw21s0a+c
oEt8kZ0paA3R1RB2cCkT39AzfUjsh09bfKXiqu2SeKy9AOCGPia99kNuBwEkucRW
5pZjdJLbj6jKjq+uSiSql84rv5sqHZNI6QLB0UD/HvjtYJ6swMyq2iG1sSG1FBiR
/onVFxm3CulotxdmO4sndCDPZF9gwuwSaFkA9/kSeWNHBoKO3/9fdbV5VQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFJFis5ZLHAe3Wjlg2OKCjG0K75jzMB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEva1dLemxrc2NCN2RhT1dEWTRvS01iUXJ2bVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBaBAIAATBUAwQABS3RAwQA
Bf/oAwQBBf/qAwQAJYyoAwQBTVgqAwQATVg9AwQAV/roAwQAV/ruAwQEWpywAwQA
XZ6bAwQCXZ64AwQCX2yoAwQBjQiCAwQAspqYMA8EAgACMAkDBwAqAga/gAQwDQYJ
KoZIhvcNAQELBQADggEBAJGfQc+Gsoe5lRfnlKLmyT94EJ4Re9zsZarfHjoJeieS
LeAa4Go4ni+fOW++W4XJFpAQsVwiSgNHjWOaQYIK8KehHlZT/6jE2I36Ut6ag+y9
CjFiveqsxNWqs+ZNs1cfTJWhuUdXSPFUjDM/Ggzcc8pS8VyACD0EeKtfXu/GfRVD
KBD3A3yWe0STvS7PgiYbeaPzwvjaQvCOnKAduM/RWPvjd4s4jyuJfq/i7XimxQYc
Bjf+MKkvMRyfA6DykVWfkCSi4Jnj7nZe48ZrrTdbYgBPzQlfmkp+b7n4eEjbwykO
Nwxg+8Xr4om2OvKzLd6mnn128lB+RKI05utt3pbpTp0=
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:39:38 2025 by rpki-client