Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/2864c8-c042-428f-a02d-3b34c23b9c5a/1/KGLhnOtOH4dX4vgy-roccfFwMa0.roa
File: KGLhnOtOH4dX4vgy-roccfFwMa0.roa (raw, json)
Hash identifier: Q+cux+R5PAR0o25xtkFz855zy5Yln4wHE6v90utYbJQ=
Subject key identifier: 28:62:E1:9C:EB:4E:1F:87:57:E2:F8:32:FA:BA:1C:71:F1:70:31:AD
Certificate issuer: /CN=5d6c15ca903d7d25453eaeb5f724a04e3aa65908
Certificate serial: 019422FB1B8ACC7C887F134DB03519A79DC7
Authority key identifier: 5D:6C:15:CA:90:3D:7D:25:45:3E:AE:B5:F7:24:A0:4E:3A:A6:59:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XWwVypA9fSVFPq619ySgTjqmWQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/2864c8-c042-428f-a02d-3b34c23b9c5a/1/KGLhnOtOH4dX4vgy-roccfFwMa0.roa
Signing time: Wed 01 Jan 2025 17:47:49 +0000
ROA not before: Wed 01 Jan 2025 17:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60728
IP address blocks: 185.22.52.0/22 maxlen: 22
185.22.52.0/24 maxlen: 24
185.22.53.0/24 maxlen: 24
185.22.54.0/24 maxlen: 24
185.22.55.0/24 maxlen: 24
2a04:1d40::/29 maxlen: 29
2a04:1d40::/32 maxlen: 32
2a04:1d41::/32 maxlen: 32
2a04:1d42::/32 maxlen: 32
2a04:1d43::/32 maxlen: 32
2a04:1d44::/32 maxlen: 32
2a04:1d45::/32 maxlen: 32
2a04:1d46::/32 maxlen: 32
2a04:1d47::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:1b:8a:cc:7c:88:7f:13:4d:b0:35:19:a7:9d:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d6c15ca903d7d25453eaeb5f724a04e3aa65908
Validity
Not Before: Jan 1 17:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2862e19ceb4e1f8757e2f832faba1c71f17031ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:f3:51:31:54:d1:66:9a:b7:6a:6a:91:0d:3d:
77:bf:34:62:53:c2:9c:21:93:d2:94:bf:54:8d:3e:
dd:0f:29:36:4f:c5:32:40:9c:f3:46:f2:ca:00:85:
37:e3:9e:dd:9e:07:9c:5f:cf:46:69:47:d4:cd:e1:
60:bd:7b:6e:7b:17:f1:d3:4b:73:11:cb:08:d1:df:
c8:e1:51:6f:8e:85:47:ab:e6:a2:a2:96:5c:90:2a:
59:4a:5d:c1:73:ce:3c:c7:26:2d:3e:84:92:d9:3d:
aa:3c:3c:ec:b2:9a:35:52:4e:76:1f:fc:89:33:f3:
58:b9:75:b9:41:d5:a9:2a:3c:68:63:f1:f2:06:81:
da:f5:3e:4f:b9:05:0c:eb:0a:0d:82:e0:e5:2e:35:
36:2d:1b:98:61:56:55:81:78:21:56:61:f7:85:ab:
f7:a7:4f:aa:b3:d4:16:eb:b4:af:0e:5f:c9:e1:3d:
b4:f8:fb:c3:04:e7:9e:02:76:62:a4:5a:9f:82:3c:
54:aa:9c:fb:bf:40:52:c8:2a:43:8d:75:14:3c:96:
d4:7d:7c:eb:68:91:20:4f:31:72:51:61:de:cf:b5:
6f:f8:b8:34:d8:ca:bf:a6:29:b6:46:38:0f:9e:4d:
26:7f:b0:9d:cf:87:77:50:91:2d:c7:83:07:3a:13:
1a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:62:E1:9C:EB:4E:1F:87:57:E2:F8:32:FA:BA:1C:71:F1:70:31:AD
X509v3 Authority Key Identifier:
keyid:5D:6C:15:CA:90:3D:7D:25:45:3E:AE:B5:F7:24:A0:4E:3A:A6:59:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XWwVypA9fSVFPq619ySgTjqmWQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2864c8-c042-428f-a02d-3b34c23b9c5a/1/KGLhnOtOH4dX4vgy-roccfFwMa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2864c8-c042-428f-a02d-3b34c23b9c5a/1/XWwVypA9fSVFPq619ySgTjqmWQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.52.0/22
IPv6:
2a04:1d40::/29
Signature Algorithm: sha256WithRSAEncryption
76:ce:6c:cb:2d:f3:5d:6f:9a:07:31:76:fe:42:2b:71:1e:3e:
4b:94:41:a4:c7:9a:95:7c:a5:1d:9e:12:c3:0c:70:64:f2:8a:
bd:97:df:de:33:8d:c6:7d:b9:61:a1:e9:0b:28:71:7e:e4:e8:
a2:a6:ca:17:43:06:c4:1c:d0:26:e2:0c:61:14:46:87:b3:9e:
eb:4a:e4:21:32:49:ee:a9:3d:39:0b:54:59:8b:9f:cb:7c:13:
68:4c:bc:06:e2:e2:0c:b6:76:19:1d:45:17:04:29:91:d7:8a:
58:1e:cd:cb:bf:bd:26:7b:02:b9:d6:e0:06:97:eb:11:1a:57:
f8:89:c9:14:cc:e0:2e:22:88:7a:5e:2a:bf:98:f1:0f:43:11:
c4:ae:72:30:56:88:0e:f8:74:7b:47:ca:ef:64:8c:43:b0:8e:
cb:19:2e:fb:7b:8a:76:a0:0b:cc:22:53:43:d7:33:5d:d1:6c:
d6:1b:64:dc:52:28:7d:15:ff:85:63:77:a0:fe:49:b2:eb:cf:
c7:2f:44:3a:19:e9:b3:ea:b0:3b:27:c9:1f:27:48:18:3c:da:
d4:0e:a4:10:35:86:cc:67:e3:8d:76:db:f1:59:1d:3b:30:4b:
7b:95:a7:bf:d0:69:30:38:2d:20:24:e7:fc:d5:2c:39:cc:00:
f4:10:73:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+xuKzHyIfxNNsDUZp53HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNmMxNWNhOTAzZDdkMjU0NTNlYWViNWY3MjRhMDRlM2Fh
NjU5MDgwHhcNMjUwMTAxMTc0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODYyZTE5Y2ViNGUxZjg3NTdlMmY4MzJmYWJhMWM3MWYxNzAzMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6vNRMVTRZpq3amqRDT13vzRiU8Kc
IZPSlL9UjT7dDyk2T8UyQJzzRvLKAIU3457dngecX89GaUfUzeFgvXtuexfx00tz
EcsI0d/I4VFvjoVHq+aiopZckCpZSl3Bc848xyYtPoSS2T2qPDzsspo1Uk52H/yJ
M/NYuXW5QdWpKjxoY/HyBoHa9T5PuQUM6woNguDlLjU2LRuYYVZVgXghVmH3hav3
p0+qs9QW67SvDl/J4T20+PvDBOeeAnZipFqfgjxUqpz7v0BSyCpDjXUUPJbUfXzr
aJEgTzFyUWHez7Vv+Lg02Mq/pim2RjgPnk0mf7Cdz4d3UJEtx4MHOhMa4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFChi4ZzrTh+HV+L4Mvq6HHHxcDGtMB8GA1UdIwQY
MBaAFF1sFcqQPX0lRT6utfckoE46plkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFd3VnlwQTlmU1ZGUHE2MTl5U2dUanFtV1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yODY0YzgtYzA0Mi00MjhmLWEwMmQt
M2IzNGMyM2I5YzVhLzEvS0dMaG5PdE9INGRYNHZneS1yb2NjZkZ3TWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yODY0YzgtYzA0Mi00MjhmLWEwMmQtM2IzNGMyM2I5YzVh
LzEvWFd3VnlwQTlmU1ZGUHE2MTl5U2dUanFtV1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRY0MA0E
AgACMAcDBQMqBB1AMA0GCSqGSIb3DQEBCwUAA4IBAQB2zmzLLfNdb5oHMXb+Qitx
Hj5LlEGkx5qVfKUdnhLDDHBk8oq9l9/eM43GfblhoekLKHF+5OiipsoXQwbEHNAm
4gxhFEaHs57rSuQhMknuqT05C1RZi5/LfBNoTLwG4uIMtnYZHUUXBCmR14pYHs3L
v70mewK51uAGl+sRGlf4ickUzOAuIoh6Xiq/mPEPQxHErnIwVogO+HR7R8rvZIxD
sI7LGS77e4p2oAvMIlND1zNd0WzWG2TcUih9Ff+FY3eg/kmy68/HL0Q6Gemz6rA7
J8kfJ0gYPNrUDqQQNYbMZ+ONdtvxWR07MEt7lae/0GkwOC0gJOf81Sw5zAD0EHMz
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:31 2025 by rpki-client on console.sobornost.net