Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KwMRh7wVN1t12R9tiMfDB-pKRWU.roa
File: KwMRh7wVN1t12R9tiMfDB-pKRWU.roa (raw, json)
Hash identifier: oWuBndb2jrG2Et4poynlqonQZJHg8hHGxvNPRAwExwI=
Subject key identifier: 2B:03:11:87:BC:15:37:5B:75:D9:1F:6D:88:C7:C3:07:EA:4A:45:65
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01959FD8F2437FEFAA33BBE5D8D93726B584
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KwMRh7wVN1t12R9tiMfDB-pKRWU.roa
Signing time: Sun 16 Mar 2025 16:45:49 +0000
ROA not before: Sun 16 Mar 2025 16:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213005
IP address blocks: 81.21.228.0/22 maxlen: 24
85.115.192.0/22 maxlen: 24
88.135.64.0/22 maxlen: 24
92.60.34.0/24 maxlen: 24
93.92.228.0/22 maxlen: 24
95.214.144.0/22 maxlen: 24
185.106.124.0/22 maxlen: 24
185.179.228.0/22 maxlen: 22
185.189.64.0/22 maxlen: 24
185.211.180.0/22 maxlen: 22
185.223.220.0/22 maxlen: 22
185.227.128.0/22 maxlen: 22
185.245.34.0/23 maxlen: 23
193.26.152.0/22 maxlen: 24
193.35.88.0/22 maxlen: 24
194.38.56.0/22 maxlen: 24
212.80.208.0/22 maxlen: 24
212.115.44.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9f:d8:f2:43:7f:ef:aa:33:bb:e5:d8:d9:37:26:b5:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 16 16:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b031187bc15375b75d91f6d88c7c307ea4a4565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:63:7a:ae:18:5e:66:51:2f:5c:fa:da:7c:e4:
e1:64:b1:22:35:6f:21:71:62:05:89:eb:b8:eb:d8:
ff:89:f4:a5:04:7a:04:5f:12:5b:06:0d:fe:6e:c8:
75:84:c9:d7:93:34:bb:15:28:ab:dd:37:d4:4c:7e:
d9:11:c7:74:b5:ba:4c:db:07:ba:0b:41:8d:a6:23:
7b:c0:41:f2:34:ad:51:43:e0:47:3f:2d:56:80:00:
b6:e5:25:01:b8:e2:80:59:65:55:32:e0:4b:b2:25:
40:05:6f:0e:76:36:36:5c:ae:ca:eb:a3:7a:ac:06:
8e:7c:55:1c:47:ff:de:3b:fd:bb:00:e6:e1:a8:bb:
e4:f5:53:ad:d5:2a:f6:8d:12:83:41:6b:d3:06:c6:
ac:7e:b9:2f:75:33:e0:12:b5:4a:11:bb:18:0c:46:
c8:0b:b1:e2:96:a8:39:55:4a:ff:ce:56:56:e8:3f:
34:dc:15:b1:f3:c6:0e:0e:91:68:75:e0:db:60:5f:
37:f3:37:dc:d6:50:37:0d:35:ba:6f:81:18:61:57:
65:4c:ae:a4:57:ef:32:dc:f7:f6:9b:2d:df:97:6c:
20:a9:07:44:d6:24:6a:28:de:39:98:c2:5f:59:69:
bd:a3:f2:46:2b:ea:58:36:b6:32:fb:c1:7b:f0:6f:
a1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:03:11:87:BC:15:37:5B:75:D9:1F:6D:88:C7:C3:07:EA:4A:45:65
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KwMRh7wVN1t12R9tiMfDB-pKRWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.228.0/22
85.115.192.0/22
88.135.64.0/22
92.60.34.0/24
93.92.228.0/22
95.214.144.0/22
185.106.124.0/22
185.179.228.0/22
185.189.64.0/22
185.211.180.0/22
185.223.220.0/22
185.227.128.0/22
185.245.34.0/23
193.26.152.0/22
193.35.88.0/22
194.38.56.0/22
212.80.208.0/22
212.115.44.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:c4:0e:bf:8c:b0:43:3b:84:8d:71:ca:52:63:aa:56:83:31:
e8:9b:ed:d7:94:36:3f:f2:58:ce:51:e5:dd:fa:67:e4:fd:d7:
01:c3:1d:01:5a:1d:e5:c9:9d:27:3d:7e:e7:ac:c7:e4:71:d7:
bf:ec:de:b6:40:23:01:70:c7:11:a2:48:a1:f5:0c:6c:53:29:
42:51:6b:be:8b:3a:76:ad:fd:79:42:6e:bf:7d:c3:8f:b2:1c:
76:c0:c6:39:d4:a9:55:a3:d3:b9:51:d3:c8:6e:59:a9:36:42:
4f:9c:1c:fb:eb:03:e3:38:da:12:2f:2d:7d:5c:e7:65:ae:a3:
f2:04:88:12:35:03:55:fe:c5:da:f7:2f:6b:75:91:1f:20:7c:
18:9e:80:b2:dc:50:05:f4:2b:e1:5d:63:f5:1d:ce:5b:8a:12:
ea:d8:ee:36:a9:36:ac:0a:88:0c:21:26:f3:c5:ca:5d:83:d4:
8c:54:91:81:84:7d:8b:05:0a:7b:5c:00:79:d2:6a:f3:0f:a2:
ba:f8:4c:15:54:5b:a2:c8:8c:50:fa:1d:e1:b5:ba:86:0c:34:
fb:b9:12:a8:16:72:8b:1a:5a:7d:ec:5c:13:dd:07:88:42:2e:
df:de:40:e9:9d:f8:12:d8:dd:9f:01:f2:c0:8f:4f:9e:28:2d:
0f:13:34:6a
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZWf2PJDf++qM7vl2Nk3JrWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMzE2MTY0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjAzMTE4N2JjMTUzNzViNzVkOTFmNmQ4OGM3YzMwN2VhNGE0NTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGN6rhheZlEvXPrafOThZLEiNW8h
cWIFieu469j/ifSlBHoEXxJbBg3+bsh1hMnXkzS7FSir3TfUTH7ZEcd0tbpM2we6
C0GNpiN7wEHyNK1RQ+BHPy1WgAC25SUBuOKAWWVVMuBLsiVABW8OdjY2XK7K66N6
rAaOfFUcR//eO/27AObhqLvk9VOt1Sr2jRKDQWvTBsasfrkvdTPgErVKEbsYDEbI
C7Hilqg5VUr/zlZW6D803BWx88YODpFodeDbYF838zfc1lA3DTW6b4EYYVdlTK6k
V+8y3Pf2my3fl2wgqQdE1iRqKN45mMJfWWm9o/JGK+pYNrYy+8F78G+hZQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFCsDEYe8FTdbddkfbYjHwwfqSkVlMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvS3dNUmg3d1ZOMXQxMlI5dGlNZkRCLXBLUldVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAlEV5AME
AlVzwAMEAliHQAMEAFw8IgMEAl1c5AMEAl/WkAMEArlqfAMEArmz5AMEArm9QAME
ArnTtAMEArnf3AMEArnjgAMEAbn1IgMEAsEamAMEAsEjWAMEAsImOAMEAtRQ0AME
AtRzLDANBgkqhkiG9w0BAQsFAAOCAQEAnMQOv4ywQzuEjXHKUmOqVoMx6Jvt15Q2
P/JYzlHl3fpn5P3XAcMdAVod5cmdJz1+56zH5HHXv+zetkAjAXDHEaJIofUMbFMp
QlFrvos6dq39eUJuv33Dj7IcdsDGOdSpVaPTuVHTyG5ZqTZCT5wc++sD4zjaEi8t
fVznZa6j8gSIEjUDVf7F2vcva3WRHyB8GJ6AstxQBfQr4V1j9R3OW4oS6tjuNqk2
rAqIDCEm88XKXYPUjFSRgYR9iwUKe1wAedJq8w+iuvhMFVRbosiMUPod4bW6hgw0
+7kSqBZyixpafexcE90HiEIu395A6Z34EtjdnwHywI9PnigtDxM0ag==
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:32:25 2025 by rpki-client