Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/KPfJAcgx7L3A0aFCbGFayqyF-FY.roa
File: KPfJAcgx7L3A0aFCbGFayqyF-FY.roa (raw, json)
Hash identifier: xJj+dDH+N/nG56pXNQf9GMw4+lIOhhZqTxulM01CFMg=
Subject key identifier: 28:F7:C9:01:C8:31:EC:BD:C0:D1:A1:42:6C:61:5A:CA:AC:85:F8:56
Certificate issuer: /CN=a316c7659af1d56bc718faf614f092758f5edc7f
Certificate serial: 0194258F1366CA14BC77087028C8F10E3BA8
Authority key identifier: A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/KPfJAcgx7L3A0aFCbGFayqyF-FY.roa
Signing time: Thu 02 Jan 2025 05:48:41 +0000
ROA not before: Thu 02 Jan 2025 05:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.221.84.0/24 maxlen: 24
212.32.0.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:13:66:ca:14:bc:77:08:70:28:c8:f1:0e:3b:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a316c7659af1d56bc718faf614f092758f5edc7f
Validity
Not Before: Jan 2 05:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28f7c901c831ecbdc0d1a1426c615acaac85f856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4f:82:24:72:f5:d8:a5:6c:ec:5c:e8:d3:4f:
17:7b:bc:4c:6b:15:32:68:6d:06:8c:cc:5b:a8:54:
00:5e:fc:9d:a6:3f:06:bd:cf:76:a2:b4:46:4d:72:
17:3d:20:c4:b5:6d:20:ba:dd:63:9d:d0:e2:4f:2c:
7d:30:98:e3:59:25:30:94:91:db:b1:21:a3:4b:d1:
6a:b0:81:53:51:1c:39:e9:fd:f4:29:57:6d:5a:4b:
db:dd:c8:30:11:26:57:eb:37:bf:55:b8:c0:57:a9:
97:a4:78:d7:9b:b2:33:d7:57:92:d1:bf:e1:fc:a4:
ee:1e:84:54:ba:c4:43:d5:69:25:2c:3b:83:c6:77:
c3:25:15:af:e2:29:2c:b7:b0:79:f6:18:4b:cc:60:
84:5c:ff:1d:51:5c:1b:68:e3:d0:99:9b:00:bf:dd:
c1:14:08:da:10:c0:18:66:05:0a:bd:97:1c:87:9e:
ee:3f:bf:98:cf:72:b1:b0:24:b3:83:90:bc:ae:55:
00:8f:5f:d3:b8:cc:48:02:c4:7e:8b:96:1a:db:a5:
06:13:7d:cc:c8:3e:4c:ba:7b:bb:e2:e3:a1:81:e6:
ef:2a:b6:a4:a3:f9:ac:91:20:0f:06:ae:17:65:15:
6f:06:b0:1a:a5:d6:fe:30:1f:34:f4:f2:4e:6d:2c:
bb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F7:C9:01:C8:31:EC:BD:C0:D1:A1:42:6C:61:5A:CA:AC:85:F8:56
X509v3 Authority Key Identifier:
keyid:A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/KPfJAcgx7L3A0aFCbGFayqyF-FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/oxbHZZrx1WvHGPr2FPCSdY9e3H8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.84.0/24
212.32.0.0/21
Signature Algorithm: sha256WithRSAEncryption
30:c7:d0:47:b9:f8:2b:c0:4b:87:a7:bc:1a:79:6b:8a:3c:64:
8f:0c:c3:a1:33:91:54:6f:14:da:33:61:8b:9e:1f:fd:be:3a:
d3:9e:29:d5:4a:23:0b:2f:35:b6:81:41:34:20:24:26:87:ec:
d4:7d:32:11:cd:52:75:c3:3a:88:16:6b:d9:f6:0d:99:f7:f0:
67:15:c4:48:30:4d:77:36:ee:54:11:03:b1:47:5d:c0:ee:70:
e3:a7:46:5f:f3:2e:3e:eb:2a:26:73:ed:30:e3:07:6c:3c:3e:
f2:a1:ce:99:3d:6e:0e:34:60:77:4b:42:64:5f:8a:0f:59:26:
e4:77:2c:77:be:5d:10:e5:e0:55:14:e0:61:16:57:a7:89:d5:
85:bb:57:ba:7c:30:e5:73:bd:b1:5b:8f:09:72:e1:ba:2a:c7:
47:5b:92:95:a4:73:08:f8:0b:b1:60:88:ae:f1:a5:d3:62:df:
20:db:3c:38:b7:48:9f:f1:fe:47:17:ea:3e:8d:67:46:89:49:
74:b8:dc:16:68:1a:c2:7c:c0:f3:83:50:72:55:ef:70:e7:0b:
2d:12:bb:81:09:2d:87:bc:3b:b5:48:17:23:8f:7e:06:e7:cd:
84:09:20:f9:8c:d7:7a:30:df:56:66:0e:73:85:7f:09:62:2c:
ca:c0:46:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQljxNmyhS8dwhwKMjxDjuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTZjNzY1OWFmMWQ1NmJjNzE4ZmFmNjE0ZjA5Mjc1OGY1
ZWRjN2YwHhcNMjUwMTAyMDU0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGY3YzkwMWM4MzFlY2JkYzBkMWExNDI2YzYxNWFjYWFjODVmODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk+CJHL12KVs7Fzo008Xe7xMaxUy
aG0GjMxbqFQAXvydpj8Gvc92orRGTXIXPSDEtW0gut1jndDiTyx9MJjjWSUwlJHb
sSGjS9FqsIFTURw56f30KVdtWkvb3cgwESZX6ze/VbjAV6mXpHjXm7Iz11eS0b/h
/KTuHoRUusRD1WklLDuDxnfDJRWv4ikst7B59hhLzGCEXP8dUVwbaOPQmZsAv93B
FAjaEMAYZgUKvZcch57uP7+Yz3KxsCSzg5C8rlUAj1/TuMxIAsR+i5Ya26UGE33M
yD5Munu74uOhgebvKrako/mskSAPBq4XZRVvBrAapdb+MB809PJObSy7YQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCj3yQHIMey9wNGhQmxhWsqshfhWMB8GA1UdIwQY
MBaAFKMWx2Wa8dVrxxj69hTwknWPXtx/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUt
MzY4N2M4MThlZGU1LzEvS1BmSkFjZ3g3TDNBMGFGQ2JHRmF5cXlGLUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUtMzY4N2M4MThlZGU1
LzEvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAud1UAwQD
1CAAMA0GCSqGSIb3DQEBCwUAA4IBAQAwx9BHufgrwEuHp7waeWuKPGSPDMOhM5FU
bxTaM2GLnh/9vjrTninVSiMLLzW2gUE0ICQmh+zUfTIRzVJ1wzqIFmvZ9g2Z9/Bn
FcRIME13Nu5UEQOxR13A7nDjp0Zf8y4+6yomc+0w4wdsPD7yoc6ZPW4ONGB3S0Jk
X4oPWSbkdyx3vl0Q5eBVFOBhFlenidWFu1e6fDDlc72xW48JcuG6KsdHW5KVpHMI
+AuxYIiu8aXTYt8g2zw4t0if8f5HF+o+jWdGiUl0uNwWaBrCfMDzg1ByVe9w5wst
EruBCS2HvDu1SBcjj34G582ECSD5jNd6MN9WZg5zhX8JYizKwEZi
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:30:07 2025 by rpki-client