Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/KmT0zBeAxHbx64CqcJ4Kw-HSMGw.roa
File: KmT0zBeAxHbx64CqcJ4Kw-HSMGw.roa (raw, json)
Hash identifier: g294VQOsqRVKkLhlE8NKqam6KvGQ9H8e4fukJsFTk1Y=
Subject key identifier: 2A:64:F4:CC:17:80:C4:76:F1:EB:80:AA:70:9E:0A:C3:E1:D2:30:6C
Certificate issuer: /CN=ca78aa7e316b21f843cfb95810c680cddbfa6e6f
Certificate serial: 0194221F8C6ADE92BECC0122E0524A361F40
Authority key identifier: CA:78:AA:7E:31:6B:21:F8:43:CF:B9:58:10:C6:80:CD:DB:FA:6E:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yniqfjFrIfhDz7lYEMaAzdv6bm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/KmT0zBeAxHbx64CqcJ4Kw-HSMGw.roa
Signing time: Wed 01 Jan 2025 13:48:00 +0000
ROA not before: Wed 01 Jan 2025 13:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41307
IP address blocks: 88.133.192.0/19 maxlen: 19
89.28.136.0/21 maxlen: 21
109.69.96.0/21 maxlen: 21
185.39.64.0/22 maxlen: 22
2a02:ca00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:8c:6a:de:92:be:cc:01:22:e0:52:4a:36:1f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca78aa7e316b21f843cfb95810c680cddbfa6e6f
Validity
Not Before: Jan 1 13:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a64f4cc1780c476f1eb80aa709e0ac3e1d2306c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9c:d4:19:20:7d:80:ce:49:cd:d4:fc:8c:de:
53:1f:9a:b4:45:2f:f2:03:c8:d4:b5:ac:06:dc:e5:
cf:96:02:08:67:f5:df:04:c0:00:33:7a:0b:ee:a4:
31:e9:15:97:04:f8:66:97:11:66:26:3b:18:64:f2:
6b:58:ca:4b:35:f6:41:50:c6:17:f9:00:cd:d3:28:
01:88:9f:43:70:25:b8:1c:16:05:3d:25:1b:84:57:
ca:ab:21:b5:e2:6d:53:bb:2a:d6:27:39:4c:2a:4b:
d5:eb:0a:be:04:c2:fc:cf:b2:50:68:6a:df:0f:ad:
ca:10:f1:41:d5:52:56:19:5a:b4:06:cb:87:23:c5:
15:ff:7b:f7:0e:80:43:2d:8a:9f:07:89:a0:93:ed:
e7:41:3e:5b:60:97:d6:f5:cb:85:ab:24:0f:02:92:
ac:fb:a6:26:b9:ee:2d:fe:23:40:c2:d4:b9:12:a1:
2f:87:5f:04:da:65:a1:ff:8e:c4:c6:8d:a8:9e:c7:
33:af:35:56:f3:46:f6:24:03:11:24:a5:9b:46:35:
c4:56:9d:a0:48:db:6b:b5:bb:eb:b9:dc:01:cc:b1:
51:8f:73:57:be:2f:f2:18:56:4f:13:14:34:94:ce:
ef:08:2a:0a:bf:78:b2:f2:aa:8b:d1:fd:ed:c0:72:
f5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:64:F4:CC:17:80:C4:76:F1:EB:80:AA:70:9E:0A:C3:E1:D2:30:6C
X509v3 Authority Key Identifier:
keyid:CA:78:AA:7E:31:6B:21:F8:43:CF:B9:58:10:C6:80:CD:DB:FA:6E:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yniqfjFrIfhDz7lYEMaAzdv6bm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/KmT0zBeAxHbx64CqcJ4Kw-HSMGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/7da34c-3984-4442-b646-e3138ff1e899/1/yniqfjFrIfhDz7lYEMaAzdv6bm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.133.192.0/19
89.28.136.0/21
109.69.96.0/21
185.39.64.0/22
IPv6:
2a02:ca00::/29
Signature Algorithm: sha256WithRSAEncryption
75:00:d9:3a:dd:e3:50:82:b0:a9:fc:ff:d5:cf:d6:3c:4e:15:
33:65:18:96:f2:e3:f3:15:30:1e:59:8f:9c:7a:98:95:fa:36:
87:78:0d:18:21:50:27:b0:50:d6:ab:d6:f6:4b:71:63:c5:02:
5d:9f:04:85:67:1f:94:b8:8f:15:6f:80:39:2e:bb:2d:af:08:
58:d8:59:51:d6:63:e7:f5:e8:1d:ca:c2:03:0b:61:0f:b6:05:
7d:82:a4:c9:f9:89:41:d7:18:5a:2a:db:14:61:37:2d:db:1b:
cc:86:35:da:3f:e2:b9:33:ec:20:8a:af:45:86:cb:4c:46:c4:
f3:3f:46:9a:65:90:44:92:be:be:02:33:2c:38:39:35:2d:a0:
c6:63:a1:b1:28:39:55:32:9f:b9:80:8a:a9:bb:23:8b:1a:f4:
6c:fb:72:8d:55:f3:a0:31:5f:56:79:b2:14:2c:bd:9d:b3:96:
67:cd:94:36:c5:fd:d4:d4:ee:79:14:b1:61:c8:87:b1:68:8e:
c1:ac:ba:65:23:c6:98:1e:6b:26:7b:ac:68:18:5e:e5:c5:00:
3c:3f:ea:f7:d1:68:c3:a4:42:35:27:d8:2b:13:1f:cb:83:51:
76:63:d7:81:24:55:db:85:31:89:e7:8d:f8:9f:25:38:2d:92:
63:be:78:ec
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQiH4xq3pK+zAEi4FJKNh9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNzhhYTdlMzE2YjIxZjg0M2NmYjk1ODEwYzY4MGNkZGJm
YTZlNmYwHhcNMjUwMTAxMTM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTY0ZjRjYzE3ODBjNDc2ZjFlYjgwYWE3MDllMGFjM2UxZDIzMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppzUGSB9gM5JzdT8jN5TH5q0RS/y
A8jUtawG3OXPlgIIZ/XfBMAAM3oL7qQx6RWXBPhmlxFmJjsYZPJrWMpLNfZBUMYX
+QDN0ygBiJ9DcCW4HBYFPSUbhFfKqyG14m1TuyrWJzlMKkvV6wq+BML8z7JQaGrf
D63KEPFB1VJWGVq0BsuHI8UV/3v3DoBDLYqfB4mgk+3nQT5bYJfW9cuFqyQPApKs
+6Ymue4t/iNAwtS5EqEvh18E2mWh/47Exo2onsczrzVW80b2JAMRJKWbRjXEVp2g
SNtrtbvrudwBzLFRj3NXvi/yGFZPExQ0lM7vCCoKv3iy8qqL0f3twHL1CQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCpk9MwXgMR28euAqnCeCsPh0jBsMB8GA1UdIwQY
MBaAFMp4qn4xayH4Q8+5WBDGgM3b+m5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW5pcWZqRnJJZmhEejdsWUVNYUF6ZHY2Ym04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy83ZGEzNGMtMzk4NC00NDQyLWI2NDYt
ZTMxMzhmZjFlODk5LzEvS21UMHpCZUF4SGJ4NjRDcWNKNEt3LUhTTUd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy83ZGEzNGMtMzk4NC00NDQyLWI2NDYtZTMxMzhmZjFlODk5
LzEveW5pcWZqRnJJZmhEejdsWUVNYUF6ZHY2Ym04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFWIXAAwQD
WRyIAwQDbUVgAwQCuSdAMA0EAgACMAcDBQMqAsoAMA0GCSqGSIb3DQEBCwUAA4IB
AQB1ANk63eNQgrCp/P/Vz9Y8ThUzZRiW8uPzFTAeWY+cepiV+jaHeA0YIVAnsFDW
q9b2S3FjxQJdnwSFZx+UuI8Vb4A5LrstrwhY2FlR1mPn9egdysIDC2EPtgV9gqTJ
+YlB1xhaKtsUYTct2xvMhjXaP+K5M+wgiq9FhstMRsTzP0aaZZBEkr6+AjMsODk1
LaDGY6GxKDlVMp+5gIqpuyOLGvRs+3KNVfOgMV9WebIULL2ds5ZnzZQ2xf3U1O55
FLFhyIexaI7BrLplI8aYHmsme6xoGF7lxQA8P+r30WjDpEI1J9grEx/Lg1F2Y9eB
JFXbhTGJ5434nyU4LZJjvnjs
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:43 2025 by rpki-client on console.sobornost.net