Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/k8SmLkdRoGivF16GFM2hqIOouBo.roa
File: k8SmLkdRoGivF16GFM2hqIOouBo.roa (raw, json)
Hash identifier: Ktq3us91dVySgQu0CPwEqVesPVx0pk3gPFhcWjBn49E=
Subject key identifier: 93:C4:A6:2E:47:51:A0:68:AF:17:5E:86:14:CD:A1:A8:83:A8:B8:1A
Certificate issuer: /CN=db239685409f64ba1c3a54a8ef141c924e71d892
Certificate serial: 01953777A446141A6CEE1BD96B516309EECD
Authority key identifier: DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/k8SmLkdRoGivF16GFM2hqIOouBo.roa
Signing time: Mon 24 Feb 2025 10:19:02 +0000
ROA not before: Mon 24 Feb 2025 10:19:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8426
IP address blocks: 31.3.136.0/21 maxlen: 21
46.18.128.0/21 maxlen: 21
62.240.224.0/19 maxlen: 19
79.99.32.0/21 maxlen: 21
89.185.32.0/19 maxlen: 19
91.208.181.0/24 maxlen: 24
94.198.144.0/21 maxlen: 21
95.131.136.0/21 maxlen: 24
146.185.40.0/21 maxlen: 24
185.7.36.0/22 maxlen: 24
185.29.40.0/22 maxlen: 22
185.29.43.0/24 maxlen: 24
185.88.104.0/22 maxlen: 22
185.93.36.0/22 maxlen: 22
194.146.172.0/22 maxlen: 22
212.43.192.0/18 maxlen: 18
2001:a70::/32 maxlen: 32
2a01:4580::/29 maxlen: 29
2a02:1f8::/32 maxlen: 32
2a02:c70::/32 maxlen: 32
2a02:2328::/32 maxlen: 32
2a03:7300::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:77:a4:46:14:1a:6c:ee:1b:d9:6b:51:63:09:ee:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db239685409f64ba1c3a54a8ef141c924e71d892
Validity
Not Before: Feb 24 10:19:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93c4a62e4751a068af175e8614cda1a883a8b81a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3a:66:9b:70:ea:5d:b8:29:78:f3:b6:58:6a:
6a:c4:43:55:92:dc:2a:06:f2:3c:3b:99:cd:25:0e:
e9:4c:ae:e0:0d:4a:ae:6a:17:c2:9b:b3:7f:0d:0c:
68:01:aa:ed:ee:ad:ac:68:e6:01:fa:be:3e:5b:e9:
56:5b:2b:23:42:46:78:c9:33:37:4e:a9:03:4d:20:
e1:b9:bd:0c:88:a8:f9:93:5b:e3:74:4e:be:dd:a2:
2c:27:cd:38:b3:a3:68:d9:4c:ec:01:f7:7f:05:d7:
4c:c7:3d:f5:fc:18:15:7e:f4:82:6a:3b:3a:b7:23:
3a:bf:bb:e8:65:2f:9a:4c:2b:62:65:fc:ae:b9:77:
ac:55:0e:52:f9:f2:8c:e8:15:34:25:70:48:90:2b:
59:8c:cf:7c:9f:a0:26:e3:3b:fa:ad:37:59:0e:d7:
89:11:2b:3a:c9:30:52:57:27:11:51:31:c4:a7:bd:
64:ec:b0:04:c6:e0:e2:51:93:96:14:59:47:ef:72:
c6:34:3e:37:53:da:50:02:2e:d2:d5:89:9d:30:54:
9e:da:a7:d1:71:16:f7:f5:f8:97:74:da:45:f0:fd:
91:69:6c:8a:87:33:d4:83:e0:f1:f1:89:a0:86:ce:
11:79:cf:29:3b:01:23:c6:b0:9b:fd:89:a2:ad:15:
92:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:C4:A6:2E:47:51:A0:68:AF:17:5E:86:14:CD:A1:A8:83:A8:B8:1A
X509v3 Authority Key Identifier:
keyid:DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/k8SmLkdRoGivF16GFM2hqIOouBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.136.0/21
46.18.128.0/21
62.240.224.0/19
79.99.32.0/21
89.185.32.0/19
91.208.181.0/24
94.198.144.0/21
95.131.136.0/21
146.185.40.0/21
185.7.36.0/22
185.29.40.0/22
185.88.104.0/22
185.93.36.0/22
194.146.172.0/22
212.43.192.0/18
IPv6:
2001:a70::/32
2a01:4580::/29
2a02:1f8::/32
2a02:c70::/32
2a02:2328::/32
2a03:7300::/32
Signature Algorithm: sha256WithRSAEncryption
3c:e3:53:db:0b:49:98:9d:04:c3:c6:30:9c:03:80:92:38:e8:
a7:ba:8e:8a:85:0e:4a:27:d3:62:86:f8:d4:e0:87:40:0d:20:
09:1d:65:5f:f9:cc:97:d4:27:e0:dc:48:2c:db:61:7f:9f:06:
38:5e:de:e1:ea:c9:b1:43:68:fd:33:f1:64:3b:7e:81:e6:e6:
82:fa:03:55:f4:49:0d:ed:9a:e3:27:6f:e1:10:cc:d2:e9:6d:
ac:86:36:d1:c2:b4:18:0f:10:38:e1:eb:d0:e2:10:dd:96:64:
7e:36:ea:86:49:b2:0f:4f:b5:3d:00:7b:b3:c0:89:99:99:36:
35:67:90:92:b2:c9:e1:fc:3e:24:3d:2d:b2:b0:0e:22:e7:84:
b7:44:cf:e3:a3:54:46:5d:8f:ff:10:3d:85:44:03:70:b1:69:
4f:b2:b5:a4:be:23:4b:de:81:93:4b:d7:f1:15:c8:ea:f5:01:
9f:06:ba:f1:04:c6:ea:30:7a:e6:bd:4c:ff:56:89:30:2a:9b:
b9:24:3a:5f:8c:f8:19:57:b0:8d:9e:bb:f2:0e:10:c8:07:90:
11:1c:c3:3c:b8:43:0d:13:56:6e:0e:2c:67:83:3a:b9:c1:43:
52:c4:37:b0:99:87:f0:85:0e:0c:3a:b3:76:b9:6f:d3:ea:44:
35:f0:72:26
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZU3d6RGFBps7hvZa1FjCe7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM5Njg1NDA5ZjY0YmExYzNhNTRhOGVmMTQxYzkyNGU3
MWQ4OTIwHhcNMjUwMjI0MTAxOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2M0YTYyZTQ3NTFhMDY4YWYxNzVlODYxNGNkYTFhODgzYThiODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jpmm3DqXbgpePO2WGpqxENVktwq
BvI8O5nNJQ7pTK7gDUquahfCm7N/DQxoAart7q2saOYB+r4+W+lWWysjQkZ4yTM3
TqkDTSDhub0MiKj5k1vjdE6+3aIsJ804s6No2UzsAfd/BddMxz31/BgVfvSCajs6
tyM6v7voZS+aTCtiZfyuuXesVQ5S+fKM6BU0JXBIkCtZjM98n6Am4zv6rTdZDteJ
ESs6yTBSVycRUTHEp71k7LAExuDiUZOWFFlH73LGND43U9pQAi7S1YmdMFSe2qfR
cRb39fiXdNpF8P2RaWyKhzPUg+Dx8Ymghs4Rec8pOwEjxrCb/YmirRWSuQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFJPEpi5HUaBorxdehhTNoaiDqLgaMB8GA1UdIwQY
MBaAFNsjloVAn2S6HDpUqO8UHJJOcdiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmIt
MmVmNDQ3ZTFiMDhjLzEvazhTbUxrZFJvR2l2RjE2R0ZNMmhxSU9vdUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmItMmVmNDQ3ZTFiMDhj
LzEvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDBgBAIAATBaAwQDHwOI
AwQDLhKAAwQFPvDgAwQDT2MgAwQFWbkgAwQAW9C1AwQDXsaQAwQDX4OIAwQDkrko
AwQCuQckAwQCuR0oAwQCuVhoAwQCuV0kAwQCwpKsAwQG1CvAMDAEAgACMCoDBQAg
AQpwAwUDKgFFgAMFACoCAfgDBQAqAgxwAwUAKgIjKAMFACoDcwAwDQYJKoZIhvcN
AQELBQADggEBADzjU9sLSZidBMPGMJwDgJI46Ke6joqFDkon02KG+NTgh0ANIAkd
ZV/5zJfUJ+DcSCzbYX+fBjhe3uHqybFDaP0z8WQ7foHm5oL6A1X0SQ3tmuMnb+EQ
zNLpbayGNtHCtBgPEDjh69DiEN2WZH426oZJsg9PtT0Ae7PAiZmZNjVnkJKyyeH8
PiQ9LbKwDiLnhLdEz+OjVEZdj/8QPYVEA3CxaU+ytaS+I0vegZNL1/EVyOr1AZ8G
uvEExuoweua9TP9WiTAqm7kkOl+M+BlXsI2eu/IOEMgHkBEcwzy4Qw0TVm4OLGeD
OrnBQ1LEN7CZh/CFDgw6s3a5b9PqRDXwciY=
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:50:49 2025 by rpki-client