Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/281edb-0d42-407a-b459-05f09ef86e7b/1/KzggZS0_EU2z31ZVy2dRybNt5fE.roa
File: KzggZS0_EU2z31ZVy2dRybNt5fE.roa (raw, json)
Hash identifier: 0/EVa9A1y2LsZKtv+12bHp3FGMOEZd7rpEDZ7/wagAQ=
Subject key identifier: 2B:38:20:65:2D:3F:11:4D:B3:DF:56:55:CB:67:51:C9:B3:6D:E5:F1
Certificate issuer: /CN=d6f357c54949f20b400883ed8c98d3731c3cb495
Certificate serial: 019425FDB4CFE22DC37FFC33DC2229AB0484
Authority key identifier: D6:F3:57:C5:49:49:F2:0B:40:08:83:ED:8C:98:D3:73:1C:3C:B4:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1vNXxUlJ8gtACIPtjJjTcxw8tJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/281edb-0d42-407a-b459-05f09ef86e7b/1/KzggZS0_EU2z31ZVy2dRybNt5fE.roa
Signing time: Thu 02 Jan 2025 07:49:31 +0000
ROA not before: Thu 02 Jan 2025 07:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31631
IP address blocks: 185.249.80.0/22 maxlen: 22
2a0c:140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b4:cf:e2:2d:c3:7f:fc:33:dc:22:29:ab:04:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6f357c54949f20b400883ed8c98d3731c3cb495
Validity
Not Before: Jan 2 07:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b3820652d3f114db3df5655cb6751c9b36de5f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d2:c2:7e:87:0c:43:e7:84:ad:d3:af:08:15:
a0:1c:94:ba:15:29:10:17:54:fa:52:c1:30:e8:52:
11:40:08:d0:9a:78:1b:9c:43:da:af:05:65:e2:ca:
cb:4f:75:2f:c5:78:f5:b6:8d:09:95:2b:34:13:1a:
b8:91:3b:f4:5c:e5:f7:99:da:37:b4:40:53:bf:84:
64:9e:07:e8:ed:1f:7e:9f:d5:d4:d7:fb:09:e9:a3:
ba:6d:94:59:42:28:58:ea:94:f4:0c:e7:e8:31:93:
ea:8b:62:71:76:98:c2:68:fc:1f:ec:61:df:37:70:
b8:bf:23:ef:71:1c:be:de:1d:4e:7c:5d:81:ac:7a:
fe:2a:bb:c3:5b:b3:cd:90:25:a7:6a:84:59:d2:3c:
15:24:0a:74:d0:3b:3f:88:9d:5d:71:30:da:45:e5:
00:71:a7:02:67:26:cc:d8:db:c5:aa:36:8d:80:0c:
c7:36:5b:ed:5c:fa:6f:49:05:71:ec:97:2e:a6:81:
68:7a:44:9d:19:a6:df:f4:27:62:ee:5e:08:b6:0e:
40:b8:d0:47:80:4f:46:b9:9d:e8:7d:27:97:0f:f4:
7b:e0:8e:98:80:cc:11:d1:90:8a:1d:95:a5:36:dd:
40:c3:45:10:14:3d:8b:f7:e7:95:b4:75:74:f1:69:
45:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:38:20:65:2D:3F:11:4D:B3:DF:56:55:CB:67:51:C9:B3:6D:E5:F1
X509v3 Authority Key Identifier:
keyid:D6:F3:57:C5:49:49:F2:0B:40:08:83:ED:8C:98:D3:73:1C:3C:B4:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1vNXxUlJ8gtACIPtjJjTcxw8tJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/281edb-0d42-407a-b459-05f09ef86e7b/1/KzggZS0_EU2z31ZVy2dRybNt5fE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/281edb-0d42-407a-b459-05f09ef86e7b/1/1vNXxUlJ8gtACIPtjJjTcxw8tJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.80.0/22
IPv6:
2a0c:140::/29
Signature Algorithm: sha256WithRSAEncryption
60:69:f1:91:db:c5:e6:e2:25:6c:4a:c1:6f:a8:30:64:30:14:
59:dd:1d:b0:79:92:22:8b:6c:b7:02:88:74:73:84:49:2f:d5:
58:84:6b:62:53:bf:44:f3:9d:01:df:c5:ee:a7:64:0e:40:d4:
c0:8d:60:a3:02:c4:20:fa:a0:fc:6a:22:e0:6c:cd:3e:39:12:
63:ba:06:bd:8c:88:ab:a3:d7:fd:10:32:4b:32:2c:de:e4:dc:
fa:64:c4:03:3f:3c:36:0a:60:9a:c2:16:a3:97:22:e0:09:da:
2f:37:f5:96:dd:38:41:fc:c6:40:57:88:e9:ff:05:02:c9:1d:
25:14:db:83:7a:38:a1:99:63:b0:82:1b:f4:43:fc:f9:30:b6:
7e:a6:03:e2:a6:56:60:8f:d6:cf:d4:1d:16:89:f5:8c:4a:63:
af:fb:b0:5d:a4:7e:8f:31:ff:36:e1:60:20:fb:8c:e1:c6:46:
dd:70:e6:a1:8e:0c:4e:91:f3:23:27:24:af:fc:c6:93:f2:43:
06:11:6d:e2:5c:f3:83:f4:48:f9:66:e3:aa:34:02:26:87:70:
55:7f:37:8d:88:5f:9a:2a:19:06:df:d9:70:76:8f:36:66:b6:
07:83:f3:53:ec:a8:35:92:3e:27:7d:a9:82:a8:ec:31:f1:fd:
87:aa:cf:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/bTP4i3Df/wz3CIpqwSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZjM1N2M1NDk0OWYyMGI0MDA4ODNlZDhjOThkMzczMWMz
Y2I0OTUwHhcNMjUwMTAyMDc0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjM4MjA2NTJkM2YxMTRkYjNkZjU2NTVjYjY3NTFjOWIzNmRlNWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tLCfocMQ+eErdOvCBWgHJS6FSkQ
F1T6UsEw6FIRQAjQmngbnEParwVl4srLT3UvxXj1to0JlSs0Exq4kTv0XOX3mdo3
tEBTv4Rkngfo7R9+n9XU1/sJ6aO6bZRZQihY6pT0DOfoMZPqi2JxdpjCaPwf7GHf
N3C4vyPvcRy+3h1OfF2BrHr+KrvDW7PNkCWnaoRZ0jwVJAp00Ds/iJ1dcTDaReUA
cacCZybM2NvFqjaNgAzHNlvtXPpvSQVx7JcupoFoekSdGabf9Cdi7l4Itg5AuNBH
gE9GuZ3ofSeXD/R74I6YgMwR0ZCKHZWlNt1Aw0UQFD2L9+eVtHV08WlFtwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCs4IGUtPxFNs99WVctnUcmzbeXxMB8GA1UdIwQY
MBaAFNbzV8VJSfILQAiD7YyY03McPLSVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXZOWHhVbEo4Z3RBQ0lQdGpKalRjeHc4dEpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yODFlZGItMGQ0Mi00MDdhLWI0NTkt
MDVmMDllZjg2ZTdiLzEvS3pnZ1pTMF9FVTJ6MzFaVnkyZFJ5Yk50NWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yODFlZGItMGQ0Mi00MDdhLWI0NTktMDVmMDllZjg2ZTdi
LzEvMXZOWHhVbEo4Z3RBQ0lQdGpKalRjeHc4dEpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuflQMA0E
AgACMAcDBQMqDAFAMA0GCSqGSIb3DQEBCwUAA4IBAQBgafGR28Xm4iVsSsFvqDBk
MBRZ3R2weZIii2y3Aoh0c4RJL9VYhGtiU79E850B38Xup2QOQNTAjWCjAsQg+qD8
aiLgbM0+ORJjuga9jIiro9f9EDJLMize5Nz6ZMQDPzw2CmCawhajlyLgCdovN/WW
3ThB/MZAV4jp/wUCyR0lFNuDejihmWOwghv0Q/z5MLZ+pgPiplZgj9bP1B0WifWM
SmOv+7BdpH6PMf824WAg+4zhxkbdcOahjgxOkfMjJySv/MaT8kMGEW3iXPOD9Ej5
ZuOqNAImh3BVfzeNiF+aKhkG39lwdo82ZrYHg/NT7Kg1kj4nfamCqOwx8f2Hqs+1
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:53 2025 by rpki-client