Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/kgq39cG2-THrWvpc0x3M2SFDQTk.roa
File: kgq39cG2-THrWvpc0x3M2SFDQTk.roa (raw, json)
Hash identifier: 3gB7a3Q32qGjK2EZEKxa95uj+Y7WZ3y01C1TiOtuHMM=
Subject key identifier: 92:0A:B7:F5:C1:B6:F9:31:EB:5A:FA:5C:D3:1D:CC:D9:21:43:41:39
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 0194266BD885DA9E5A17A8A47F82D9CC5C37
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/kgq39cG2-THrWvpc0x3M2SFDQTk.roa
Signing time: Thu 02 Jan 2025 09:49:49 +0000
ROA not before: Thu 02 Jan 2025 09:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 31.24.224.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
46.23.64.0/20 maxlen: 24
77.92.64.0/19 maxlen: 23
82.163.72.0/21 maxlen: 24
83.170.64.0/18 maxlen: 24
88.202.176.0/20 maxlen: 24
88.202.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 24
109.123.64.0/18 maxlen: 24
176.67.160.0/20 maxlen: 24
176.67.169.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
185.7.224.0/22 maxlen: 24
2a02:2498::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:d8:85:da:9e:5a:17:a8:a4:7f:82:d9:cc:5c:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Jan 2 09:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=920ab7f5c1b6f931eb5afa5cd31dccd921434139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ec:96:89:4a:28:07:c0:06:43:e2:80:98:2d:
2a:f7:08:f0:f2:64:39:0a:cf:5e:68:3b:eb:ce:8f:
91:43:9e:c2:d8:61:13:68:52:9e:b1:e2:6b:a7:65:
a8:76:65:b7:79:74:b6:8d:01:2b:35:60:04:32:24:
d1:34:0d:b6:36:95:4c:79:27:28:57:ff:8b:ae:a3:
ee:54:56:a8:58:c0:5f:04:06:2c:35:a2:9e:42:2a:
d3:d5:99:81:e1:70:9f:4f:2a:c2:80:55:f5:c0:7c:
59:bb:c7:f0:3d:ae:c2:af:15:67:bf:8e:6c:e7:72:
02:4a:53:4d:91:fc:d6:ab:61:50:ca:02:4c:1a:9a:
b7:f6:fa:8a:30:19:f8:d2:c7:8b:b7:cb:de:3b:6d:
3a:e7:fd:23:0f:ae:c1:0f:c0:33:6c:34:43:4c:10:
2c:dd:32:12:78:0b:1f:1f:9b:f8:ae:f6:f2:d8:b1:
39:17:0b:bf:2d:d6:01:20:bc:c8:2e:6e:53:5c:d5:
5e:8e:d5:5b:c2:eb:17:ea:b1:63:6c:f2:fe:92:f9:
25:bf:91:72:ff:5c:cc:8c:a7:90:a5:c5:0c:e3:35:
68:a4:8c:dd:f0:f0:b2:b0:d9:4e:b7:50:bd:aa:c4:
84:15:98:47:59:67:e6:d8:c3:34:81:c0:af:1b:8e:
8c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0A:B7:F5:C1:B6:F9:31:EB:5A:FA:5C:D3:1D:CC:D9:21:43:41:39
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/kgq39cG2-THrWvpc0x3M2SFDQTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/20
185.7.224.0/22
IPv6:
2a02:2498::/32
Signature Algorithm: sha256WithRSAEncryption
af:ce:b9:7b:8b:bb:5b:a4:4e:ca:95:84:3a:a7:06:b1:ae:02:
6a:17:0e:58:f7:d1:62:0d:1c:67:3f:56:e1:c6:b9:ef:6c:b4:
26:b4:02:97:6c:6e:8f:11:2e:d3:96:38:c2:c7:cf:0e:19:c9:
ed:d7:93:0e:16:3b:c9:38:6a:b7:d2:5e:5a:6d:a4:69:f2:92:
f5:d5:f0:d2:f4:07:94:ce:c2:76:1f:b1:20:9e:27:df:e3:7a:
fe:3b:d8:16:04:50:1e:aa:45:3b:3a:c1:44:53:18:88:52:a2:
34:48:2e:a5:77:ae:af:8b:11:93:69:83:1b:b5:1a:71:8a:02:
16:c4:33:21:db:4f:17:b9:2e:28:00:56:47:65:62:1c:83:7f:
d3:15:0b:b4:5c:61:f2:75:90:7f:ff:fc:02:86:09:f2:3e:13:
84:99:51:49:54:0c:be:3f:e8:8f:bc:5a:be:03:04:d9:70:b0:
84:68:1d:a9:eb:87:ce:d8:05:f4:1f:75:46:7e:0a:da:b9:b7:
e6:84:4b:d7:11:95:54:95:7d:9a:35:77:1a:25:c6:c5:a8:a1:
67:98:b7:9f:ad:c9:7a:83:3b:53:2b:bf:3a:6f:36:5b:5e:7b:
33:cc:ca:2a:aa:06:40:0f:fb:90:93:a3:93:26:0c:db:d8:f1:
1d:fc:56:8f
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZQma9iF2p5aF6ikf4LZzFw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjUwMTAyMDk0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjBhYjdmNWMxYjZmOTMxZWI1YWZhNWNkMzFkY2NkOTIxNDM0MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+yWiUooB8AGQ+KAmC0q9wjw8mQ5
Cs9eaDvrzo+RQ57C2GETaFKeseJrp2WodmW3eXS2jQErNWAEMiTRNA22NpVMeSco
V/+LrqPuVFaoWMBfBAYsNaKeQirT1ZmB4XCfTyrCgFX1wHxZu8fwPa7CrxVnv45s
53ICSlNNkfzWq2FQygJMGpq39vqKMBn40seLt8veO2065/0jD67BD8AzbDRDTBAs
3TISeAsfH5v4rvby2LE5Fwu/LdYBILzILm5TXNVejtVbwusX6rFjbPL+kvklv5Fy
/1zMjKeQpcUM4zVopIzd8PCysNlOt1C9qsSEFZhHWWfm2MM0gcCvG46MIwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFJIKt/XBtvkx61r6XNMdzNkhQ0E5MB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEva2dxMzljRzItVEhyV3ZwYzB4M00yU0ZEUVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDHxjgAwQD
JXtwAwQELhdAAwQFTVxAAwQDUqNIAwQGU6pAAwQEWMqwAwQDWMrgAwQDW23wAwQG
bXtAAwQEsEOgAwQCuQfgMA0EAgACMAcDBQAqAiSYMA0GCSqGSIb3DQEBCwUAA4IB
AQCvzrl7i7tbpE7KlYQ6pwaxrgJqFw5Y99FiDRxnP1bhxrnvbLQmtAKXbG6PES7T
ljjCx88OGcnt15MOFjvJOGq30l5abaRp8pL11fDS9AeUzsJ2H7Egniff43r+O9gW
BFAeqkU7OsFEUxiIUqI0SC6ld66vixGTaYMbtRpxigIWxDMh208XuS4oAFZHZWIc
g3/TFQu0XGHydZB///wChgnyPhOEmVFJVAy+P+iPvFq+AwTZcLCEaB2p64fO2AX0
H3VGfgraubfmhEvXEZVUlX2aNXcaJcbFqKFnmLefrcl6gztTK786bzZbXnszzMoq
qgZAD/uQk6OTJgzb2PEd/FaP
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:01:24 2025 by rpki-client