Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/KZVmJI2HwZu0a_VuFeubWXFctas.roa
File: KZVmJI2HwZu0a_VuFeubWXFctas.roa (raw, json)
Hash identifier: 95XuLgvfUB1sUEayQLgwqcgK0HAJwM/X4DfTHBPTNMU=
Subject key identifier: 29:95:66:24:8D:87:C1:9B:B4:6B:F5:6E:15:EB:9B:59:71:5C:B5:AB
Certificate issuer: /CN=624039399017fa093dc8d503799f6ca403f0bd05
Certificate serial: 018260E9FBC3F2631E8C3702BD572D59E03E
Authority key identifier: 62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/KZVmJI2HwZu0a_VuFeubWXFctas.roa
Signing time: Tue 02 Aug 2022 23:35:23 +0000
ROA not before: Tue 02 Aug 2022 23:35:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 85.209.228.0/22 maxlen: 24
45.95.212.0/22 maxlen: 24
45.95.212.0/23 maxlen: 24
45.95.214.0/23 maxlen: 24
2.59.60.0/22 maxlen: 24
45.8.218.0/23 maxlen: 24
45.8.216.0/23 maxlen: 24
194.31.196.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:60:e9:fb:c3:f2:63:1e:8c:37:02:bd:57:2d:59:e0:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624039399017fa093dc8d503799f6ca403f0bd05
Validity
Not Before: Aug 2 23:35:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=299566248d87c19bb46bf56e15eb9b59715cb5ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:cc:49:ed:ee:ad:d2:08:f4:77:0a:da:d2:15:
13:24:ca:80:d0:6d:18:63:4c:5d:f8:f7:1e:cb:53:
ab:bc:5b:29:23:43:89:64:ea:4b:0b:5e:ba:89:dd:
81:a4:28:81:8e:a1:15:de:09:26:76:40:17:34:a5:
da:54:cd:d3:85:19:5e:0d:e1:71:8f:ab:e3:d3:37:
2e:c4:66:0a:2a:ef:0c:55:0a:3f:c8:51:8a:bd:ce:
4c:7d:10:2f:aa:96:a0:a1:bd:a6:ee:a5:7b:c8:e2:
e3:f9:de:91:37:e1:33:c9:4b:56:67:28:43:2d:c8:
22:4d:df:96:ae:fc:c5:e3:28:af:d7:ec:70:7c:cc:
30:c3:41:e0:75:a2:f1:bb:fe:e4:53:ea:0a:46:40:
69:b8:61:40:25:ec:12:54:35:56:65:ac:79:13:0f:
6f:04:f9:8b:f2:7b:f1:d3:86:8f:31:ee:ed:3c:85:
f3:b1:12:2a:a0:18:03:c3:18:25:dd:d8:4a:e8:ca:
57:59:f2:c9:5d:7e:7e:de:31:45:aa:dc:49:99:2a:
9c:f3:88:39:22:9c:0f:02:2e:08:59:5e:c1:e7:f2:
8e:e3:9e:c7:4e:e5:94:ae:cd:41:d4:bd:8c:29:11:
b7:4a:55:cf:79:d0:b3:df:15:ea:89:a1:44:21:5b:
5c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:95:66:24:8D:87:C1:9B:B4:6B:F5:6E:15:EB:9B:59:71:5C:B5:AB
X509v3 Authority Key Identifier:
keyid:62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/KZVmJI2HwZu0a_VuFeubWXFctas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/YkA5OZAX-gk9yNUDeZ9spAPwvQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.60.0/22
45.8.216.0/22
45.95.212.0/22
85.209.228.0/22
194.31.196.0/23
Signature Algorithm: sha256WithRSAEncryption
65:0a:b5:55:a9:89:8c:8b:66:9c:2e:71:74:42:dd:df:30:1a:
1e:f2:5c:a4:59:16:d2:55:0b:e2:1a:3c:2a:2e:b8:59:97:fc:
d8:af:93:dc:ca:96:9c:09:77:c6:8e:f2:10:86:ac:28:32:37:
2e:22:4d:f0:7e:f2:03:62:47:6a:79:7f:c6:4e:31:76:fc:a6:
68:35:05:b5:ad:27:eb:2d:cb:02:41:fb:d5:64:0a:ab:f0:0e:
ee:f2:e5:bd:41:b0:af:17:2b:5b:ac:9e:90:64:c0:fd:fd:e0:
53:57:5b:5e:da:2b:85:43:08:fe:44:de:cb:1e:01:35:7a:c1:
04:5c:ab:66:b0:28:21:3b:08:50:f7:fa:e5:89:c5:0a:30:dd:
04:71:82:71:bc:d1:04:cc:ac:c8:d9:52:b5:11:88:6d:7d:ba:
c4:9e:e3:1f:c1:7a:82:97:0f:e8:29:64:65:5e:aa:73:5d:6c:
6d:e9:2b:9c:d1:5f:7b:6e:d9:e7:2e:8c:ec:72:b5:18:fe:70:
d1:be:82:b0:bb:b6:0c:60:ad:cb:63:91:60:b4:14:e1:a7:df:
11:ab:35:a7:bf:1b:31:b9:6a:cf:ad:c6:af:38:5d:72:04:cc:
c7:fb:2c:61:cc:d9:30:0b:54:e4:e8:cc:72:ff:f9:b0:79:50:
a6:f3:33:07
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYJg6fvD8mMejDcCvVctWeA+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNDAzOTM5OTAxN2ZhMDkzZGM4ZDUwMzc5OWY2Y2E0MDNm
MGJkMDUwHhcNMjIwODAyMjMzNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk1NjYyNDhkODdjMTliYjQ2YmY1NmUxNWViOWI1OTcxNWNiNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8xJ7e6t0gj0dwra0hUTJMqA0G0Y
Y0xd+Pcey1OrvFspI0OJZOpLC166id2BpCiBjqEV3gkmdkAXNKXaVM3ThRleDeFx
j6vj0zcuxGYKKu8MVQo/yFGKvc5MfRAvqpagob2m7qV7yOLj+d6RN+EzyUtWZyhD
LcgiTd+WrvzF4yiv1+xwfMwww0HgdaLxu/7kU+oKRkBpuGFAJewSVDVWZax5Ew9v
BPmL8nvx04aPMe7tPIXzsRIqoBgDwxgl3dhK6MpXWfLJXX5+3jFFqtxJmSqc84g5
IpwPAi4IWV7B5/KO457HTuWUrs1B1L2MKRG3SlXPedCz3xXqiaFEIVtcXwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCmVZiSNh8GbtGv1bhXrm1lxXLWrMB8GA1UdIwQY
MBaAFGJAOTmQF/oJPcjVA3mfbKQD8L0FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtBNU9aQVgtZ2s5eU5VRGVaOXNwQVB3dlFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lYjIzOWEtMzNjOC00ZGJkLWJjOTYt
MzI1OTQ5NmU3YzVmLzEvS1pWbUpJMkh3WnUwYV9WdUZldWJXWEZjdGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lYjIzOWEtMzNjOC00ZGJkLWJjOTYtMzI1OTQ5NmU3YzVm
LzEvWWtBNU9aQVgtZ2s5eU5VRGVaOXNwQVB3dlFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjs8AwQC
LQjYAwQCLV/UAwQCVdHkAwQBwh/EMA0GCSqGSIb3DQEBCwUAA4IBAQBlCrVVqYmM
i2acLnF0Qt3fMBoe8lykWRbSVQviGjwqLrhZl/zYr5PcypacCXfGjvIQhqwoMjcu
Ik3wfvIDYkdqeX/GTjF2/KZoNQW1rSfrLcsCQfvVZAqr8A7u8uW9QbCvFytbrJ6Q
ZMD9/eBTV1te2iuFQwj+RN7LHgE1esEEXKtmsCghOwhQ9/rlicUKMN0EcYJxvNEE
zKzI2VK1EYhtfbrEnuMfwXqClw/oKWRlXqpzXWxt6Suc0V97btnnLozscrUY/nDR
voKwu7YMYK3LY5FgtBThp98RqzWnvxsxuWrPrcavOF1yBMzH+yxhzNkwC1Tk6Mxy
//mweVCm8zMH
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:03:58 2025 by rpki-client