Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/kKreilVZ98mCE6qg5IcJvMPMCcM.roa
File: kKreilVZ98mCE6qg5IcJvMPMCcM.roa (raw, json)
Hash identifier: nnm83jFx2ukSqxJkqYReRSVveVI2MP9/RX2milhxjy4=
Subject key identifier: 90:AA:DE:8A:55:59:F7:C9:82:13:AA:A0:E4:87:09:BC:C3:CC:09:C3
Certificate issuer: /CN=198204d1c25a011236bea0741e4c60139d349b10
Certificate serial: 01951D539CF8864AB15893864F1F848D6598
Authority key identifier: 19:82:04:D1:C2:5A:01:12:36:BE:A0:74:1E:4C:60:13:9D:34:9B:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GYIE0cJaARI2vqB0HkxgE500mxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/kKreilVZ98mCE6qg5IcJvMPMCcM.roa
Signing time: Wed 19 Feb 2025 08:29:33 +0000
ROA not before: Wed 19 Feb 2025 08:29:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34790
IP address blocks: 185.188.172.0/22 maxlen: 22
195.162.20.0/23 maxlen: 23
217.72.112.0/20 maxlen: 20
2a00:d000::/29 maxlen: 29
2a00:df00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1d:53:9c:f8:86:4a:b1:58:93:86:4f:1f:84:8d:65:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=198204d1c25a011236bea0741e4c60139d349b10
Validity
Not Before: Feb 19 08:29:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90aade8a5559f7c98213aaa0e48709bcc3cc09c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:53:2f:5f:7d:01:9c:1e:7b:b8:22:b2:34:fd:
15:48:ac:57:41:7a:1d:b5:b9:d3:f7:50:f8:fb:72:
92:89:d5:20:19:ec:c1:af:c4:38:6f:57:95:8b:77:
4f:56:4d:7e:22:1d:50:bf:41:a0:a2:dc:73:11:0c:
94:23:93:07:6a:b5:1d:a7:05:d8:41:79:f3:a6:f8:
45:db:24:4e:04:46:d7:28:9b:97:14:be:fe:12:64:
95:bb:80:b5:ba:4c:00:77:61:85:08:75:31:95:23:
82:31:e1:20:38:76:e3:ec:4a:14:42:d4:41:f9:b2:
1e:c6:1c:d8:c1:03:72:9f:f8:d1:71:3c:5a:20:20:
33:8e:ca:aa:33:e7:70:87:2a:90:af:cc:11:c0:ca:
f4:5c:80:db:8e:d3:91:a2:ec:6a:55:cb:9e:00:11:
30:cc:fa:18:5e:8e:b6:fc:74:5e:d8:df:08:28:5a:
c5:5c:d9:b0:cb:42:83:cd:c3:1e:76:9a:16:3c:98:
b8:1d:69:98:55:b8:39:46:e2:9c:7c:de:6e:8e:06:
bb:07:b2:9d:cb:3a:d6:c0:f8:9d:89:1f:f2:27:ab:
a2:73:8e:d9:a0:7a:0c:ac:a0:cd:6e:2d:3e:d6:19:
c1:61:25:02:5d:1a:d5:69:ab:c5:8f:13:0a:92:c5:
33:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:AA:DE:8A:55:59:F7:C9:82:13:AA:A0:E4:87:09:BC:C3:CC:09:C3
X509v3 Authority Key Identifier:
keyid:19:82:04:D1:C2:5A:01:12:36:BE:A0:74:1E:4C:60:13:9D:34:9B:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GYIE0cJaARI2vqB0HkxgE500mxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/kKreilVZ98mCE6qg5IcJvMPMCcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/GYIE0cJaARI2vqB0HkxgE500mxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.172.0/22
195.162.20.0/23
217.72.112.0/20
IPv6:
2a00:d000::/29
2a00:df00::/29
Signature Algorithm: sha256WithRSAEncryption
9c:74:c8:53:35:48:db:83:82:fa:4e:91:9c:ec:d7:24:3d:21:
58:11:ac:01:49:e9:13:c6:96:c3:e9:b3:3f:06:15:34:4b:da:
48:91:23:f3:f3:b6:93:0b:46:0c:68:16:e9:55:bf:86:35:ab:
f6:84:fe:97:05:65:ed:c0:33:90:0e:aa:91:d3:e3:5c:ba:6c:
d2:93:25:74:27:fd:2b:1f:86:1e:78:ef:40:d2:1a:eb:5e:ce:
98:b8:bc:76:48:3f:f8:ef:36:fd:03:06:8a:eb:71:23:03:56:
60:cf:98:ab:ee:43:ad:00:af:d9:79:8c:e7:8e:d6:56:73:22:
f7:c2:f6:42:93:cb:dc:7f:e1:76:1a:33:f4:21:1d:81:8c:c7:
29:59:97:35:7e:ec:b5:7d:f4:20:55:fe:76:11:58:38:ad:08:
96:4a:98:bb:6e:a0:f2:c1:08:6e:17:25:9c:4d:7d:32:62:eb:
d7:97:db:95:ed:8a:ab:e6:d6:84:0c:5e:08:22:59:6d:dc:0b:
53:aa:5f:e6:29:1d:d9:c0:53:f8:b1:93:09:18:04:bb:b7:48:
2f:f1:2a:3b:c8:31:80:18:c5:97:5c:fc:46:d7:e0:ab:7e:b2:
3d:e0:e0:36:d2:9f:02:9e:eb:c9:c9:1b:b9:bd:64:9e:0b:d0:
23:73:41:02
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZUdU5z4hkqxWJOGTx+EjWWYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ODIwNGQxYzI1YTAxMTIzNmJlYTA3NDFlNGM2MDEzOWQz
NDliMTAwHhcNMjUwMjE5MDgyOTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGFhZGU4YTU1NTlmN2M5ODIxM2FhYTBlNDg3MDliY2MzY2MwOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVMvX30BnB57uCKyNP0VSKxXQXod
tbnT91D4+3KSidUgGezBr8Q4b1eVi3dPVk1+Ih1Qv0GgotxzEQyUI5MHarUdpwXY
QXnzpvhF2yROBEbXKJuXFL7+EmSVu4C1ukwAd2GFCHUxlSOCMeEgOHbj7EoUQtRB
+bIexhzYwQNyn/jRcTxaICAzjsqqM+dwhyqQr8wRwMr0XIDbjtORouxqVcueABEw
zPoYXo62/HRe2N8IKFrFXNmwy0KDzcMedpoWPJi4HWmYVbg5RuKcfN5ujga7B7Kd
yzrWwPidiR/yJ6uic47ZoHoMrKDNbi0+1hnBYSUCXRrVaavFjxMKksUzqQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJCq3opVWffJghOqoOSHCbzDzAnDMB8GA1UdIwQY
MBaAFBmCBNHCWgESNr6gdB5MYBOdNJsQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1lJRTBjSmFBUkkydnFCMEhreGdFNTAwbXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNmYwYTgtOThmMi00OWZiLTg1MDYt
NDJhZDNiNGM4ZDBjLzEva0tyZWlsVlo5OG1DRTZxZzVJY0p2TVBNQ2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNmYwYTgtOThmMi00OWZiLTg1MDYtNDJhZDNiNGM4ZDBj
LzEvR1lJRTBjSmFBUkkydnFCMEhreGdFNTAwbXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCubysAwQB
w6IUAwQE2UhwMBQEAgACMA4DBQMqANAAAwUDKgDfADANBgkqhkiG9w0BAQsFAAOC
AQEAnHTIUzVI24OC+k6RnOzXJD0hWBGsAUnpE8aWw+mzPwYVNEvaSJEj8/O2kwtG
DGgW6VW/hjWr9oT+lwVl7cAzkA6qkdPjXLps0pMldCf9Kx+GHnjvQNIa617OmLi8
dkg/+O82/QMGiutxIwNWYM+Yq+5DrQCv2XmM547WVnMi98L2QpPL3H/hdhoz9CEd
gYzHKVmXNX7stX30IFX+dhFYOK0IlkqYu26g8sEIbhclnE19MmLr15fble2Kq+bW
hAxeCCJZbdwLU6pf5ikd2cBT+LGTCRgEu7dIL/EqO8gxgBjFl1z8Rtfgq36yPeDg
NtKfAp7ryckbub1kngvQI3NBAg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:43 2025 by rpki-client on console.sobornost.net