Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/KXS37zwUpIo1ryCxG4GcBojyrcE.roa
File: KXS37zwUpIo1ryCxG4GcBojyrcE.roa (raw, json)
Hash identifier: jZ636Vtrfs1Ry9c+xpsKefK7jn+U3VnqrKq2F6BHDmE=
Subject key identifier: 29:74:B7:EF:3C:14:A4:8A:35:AF:20:B1:1B:81:9C:06:88:F2:AD:C1
Certificate issuer: /CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Certificate serial: 01942369A050B109829620ED5CF7D7897DE6
Authority key identifier: 6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/KXS37zwUpIo1ryCxG4GcBojyrcE.roa
Signing time: Wed 01 Jan 2025 19:48:32 +0000
ROA not before: Wed 01 Jan 2025 19:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25192
IP address blocks: 185.43.132.0/22 maxlen: 22
185.43.132.0/24 maxlen: 24
185.43.133.0/24 maxlen: 24
185.43.134.0/24 maxlen: 24
185.43.135.0/24 maxlen: 24
193.29.206.0/24 maxlen: 30
194.0.12.0/23 maxlen: 30
194.0.14.0/24 maxlen: 30
212.237.229.0/24 maxlen: 24
217.31.192.0/20 maxlen: 30
2001:678:1::/48 maxlen: 64
2001:678:f::/48 maxlen: 64
2001:678:10::/47 maxlen: 64
2001:1488::/32 maxlen: 64
2001:148f:fffb::/48 maxlen: 48
2001:148f:fffd::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:a0:50:b1:09:82:96:20:ed:5c:f7:d7:89:7d:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Validity
Not Before: Jan 1 19:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2974b7ef3c14a48a35af20b11b819c0688f2adc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:07:fc:dd:55:17:12:86:59:1b:90:99:0a:25:
f8:90:6d:66:bb:1f:1c:cc:49:2f:85:f1:6f:0b:df:
a7:ff:10:85:5c:ab:f2:fb:46:55:3e:53:ee:bc:27:
b4:2a:a3:e1:36:36:45:02:c3:29:0e:d8:83:c9:b2:
cc:b7:d7:e6:61:65:13:2d:ba:bf:65:b0:1d:fd:f2:
3b:80:3b:2e:ad:ac:a9:3c:60:14:15:52:28:1f:99:
e3:20:f9:87:7b:f2:1f:72:62:6f:7c:ef:8b:aa:ca:
74:a1:3c:ad:07:a4:52:3e:3d:ca:16:ca:0a:fd:a9:
a5:05:71:be:fe:d7:e7:ea:86:d6:64:a7:03:0c:3a:
9e:8f:c7:09:a4:ec:4b:d8:69:b5:c3:64:c9:b9:68:
e5:d6:97:42:b6:86:9b:61:9a:55:38:02:b7:23:6d:
99:34:7a:9e:0a:f8:37:b1:90:2f:be:a8:1a:74:fd:
7a:ab:00:90:1b:2c:b8:73:fd:bb:c3:3f:54:f8:3a:
d4:55:1d:a8:20:81:84:4b:4d:ee:d9:1f:3b:94:68:
56:60:be:8d:56:24:44:0b:21:9a:cd:d3:d1:fa:77:
58:e4:8b:55:51:ad:e0:98:9f:c1:9b:80:d4:20:6e:
b3:35:51:1e:0e:a3:db:e8:f3:92:62:8c:8d:7d:f9:
32:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:74:B7:EF:3C:14:A4:8A:35:AF:20:B1:1B:81:9C:06:88:F2:AD:C1
X509v3 Authority Key Identifier:
keyid:6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/KXS37zwUpIo1ryCxG4GcBojyrcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.132.0/22
193.29.206.0/24
194.0.12.0-194.0.14.255
212.237.229.0/24
217.31.192.0/20
IPv6:
2001:678:1::/48
2001:678:f::-2001:678:11:ffff:ffff:ffff:ffff:ffff
2001:1488::/32
2001:148f:fffb::/48
2001:148f:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
4d:4b:29:1c:d8:32:3b:fa:e6:5e:0d:5f:40:02:9b:ee:09:a7:
9c:a6:5d:f3:44:29:78:e1:f9:db:bc:bd:18:94:bf:3d:c8:c5:
c7:6f:01:cf:94:64:00:a5:0a:bd:ec:4d:7b:b3:cc:21:a2:a1:
65:96:f5:02:5a:31:cb:5c:63:b9:ab:c5:e8:55:db:31:dc:f0:
10:1d:5d:5b:5c:17:d0:16:b6:f1:b3:3c:4d:92:bf:30:98:38:
76:ac:ba:84:f5:63:61:93:8a:ec:40:6c:da:0c:e2:4f:0e:25:
7d:5f:e9:5d:52:ed:c1:83:7b:39:77:b7:51:7a:c2:23:01:b7:
a5:36:0c:af:11:0d:65:ff:20:be:54:e0:08:92:1a:b6:2a:08:
d6:dc:5c:81:ab:e5:09:6d:32:fa:a6:8d:52:9a:58:5d:d5:73:
3e:4e:a7:bb:57:8a:4f:9a:67:8a:94:ec:9d:f7:27:fe:4c:14:
56:ac:99:63:64:31:31:e6:6a:52:6a:49:2a:6e:79:07:2a:f0:
34:68:b6:68:45:6f:5d:b1:ed:9f:d4:ee:d0:52:f6:1f:d6:10:
78:1d:19:14:22:eb:2f:3b:9a:fb:e2:9c:27:b5:44:6a:51:3b:
81:ec:ba:62:25:43:3b:51:0d:cf:74:2e:a1:ac:5c:13:bf:38:
5e:72:6a:d3
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZQjaaBQsQmCliDtXPfXiX3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTdmZmU4MjJiM2JhN2JjMTk0ZGI3YTczNGM4NWVmY2Vm
MmYyODMwHhcNMjUwMTAxMTk0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTc0YjdlZjNjMTRhNDhhMzVhZjIwYjExYjgxOWMwNjg4ZjJhZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgf83VUXEoZZG5CZCiX4kG1mux8c
zEkvhfFvC9+n/xCFXKvy+0ZVPlPuvCe0KqPhNjZFAsMpDtiDybLMt9fmYWUTLbq/
ZbAd/fI7gDsuraypPGAUFVIoH5njIPmHe/IfcmJvfO+Lqsp0oTytB6RSPj3KFsoK
/amlBXG+/tfn6obWZKcDDDqej8cJpOxL2Gm1w2TJuWjl1pdCtoabYZpVOAK3I22Z
NHqeCvg3sZAvvqgadP16qwCQGyy4c/27wz9U+DrUVR2oIIGES03u2R87lGhWYL6N
ViRECyGazdPR+ndY5ItVUa3gmJ/Bm4DUIG6zNVEeDqPb6POSYoyNffkyXQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFCl0t+88FKSKNa8gsRuBnAaI8q3BMB8GA1UdIwQY
MBaAFGpX/+gis7p7wZTbenNMhe/O8vKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2It
Y2EwYzYyNjIxMDk4LzEvS1hTMzd6d1VwSW8xcnlDeEc0R2NCb2p5cmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2ItY2EwYzYyNjIxMDk4
LzEvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDAsBAIAATAmAwQCuSuEAwQA
wR3OMAwDBALCAAwDBADCAA4DBADU7eUDBATZH8AwPAQCAAIwNgMHACABBngAATAS
AwcAIAEGeAAPAwcBIAEGeAAQAwUAIAEUiAMHACABFI//+wMHACABFI///TANBgkq
hkiG9w0BAQsFAAOCAQEATUspHNgyO/rmXg1fQAKb7gmnnKZd80QpeOH527y9GJS/
PcjFx28Bz5RkAKUKvexNe7PMIaKhZZb1Aloxy1xjuavF6FXbMdzwEB1dW1wX0Ba2
8bM8TZK/MJg4dqy6hPVjYZOK7EBs2gziTw4lfV/pXVLtwYN7OXe3UXrCIwG3pTYM
rxENZf8gvlTgCJIatioI1txcgavlCW0y+qaNUppYXdVzPk6nu1eKT5pnipTsnfcn
/kwUVqyZY2QxMeZqUmpJKm55ByrwNGi2aEVvXbHtn9Tu0FL2H9YQeB0ZFCLrLzua
++KcJ7VEalE7gey6YiVDO1ENz3QuoaxcE784XnJq0w==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:32 2025 by rpki-client on console.sobornost.net