Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/Kiw_rRXvEr3ukKKsQhrB4GqRftU.roa
File: Kiw_rRXvEr3ukKKsQhrB4GqRftU.roa (raw, json)
Hash identifier: NIF23ooyYuT0FP+1LU5YHB5raA7/sRFIC/+274gQFO0=
Subject key identifier: 2A:2C:3F:AD:15:EF:12:BD:EE:90:A2:AC:42:1A:C1:E0:6A:91:7E:D5
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 01961534E3A788E29F7E4C6313CEEC840A82
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/Kiw_rRXvEr3ukKKsQhrB4GqRftU.roa
Signing time: Tue 08 Apr 2025 11:41:49 +0000
ROA not before: Tue 08 Apr 2025 11:41:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200088
IP address blocks: 78.40.216.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
89.191.228.0/24 maxlen: 24
90.156.228.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
185.247.16.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
193.201.115.0/24 maxlen: 24
194.35.116.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
194.35.118.0/24 maxlen: 24
194.35.119.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:15:34:e3:a7:88:e2:9f:7e:4c:63:13:ce:ec:84:0a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Apr 8 11:41:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a2c3fad15ef12bdee90a2ac421ac1e06a917ed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:62:52:99:34:a7:a7:ab:d1:45:38:18:60:a7:
3a:b3:a7:4e:93:1e:b2:28:14:c0:75:21:d6:eb:f2:
16:74:91:06:ef:1b:a4:04:1e:ae:5d:02:a2:95:7d:
09:ce:d1:a9:9a:18:e0:bf:5e:c5:08:c0:94:f8:5a:
d6:48:80:1c:60:16:b2:9e:5e:60:d1:0c:1e:94:f7:
73:ff:6e:6f:6d:af:47:cb:a8:61:f1:40:73:35:05:
96:db:51:e5:66:6f:8a:c7:a9:90:bf:b4:00:e4:b4:
22:f0:98:24:7f:8c:0e:ec:b4:47:52:7c:a8:49:21:
30:58:eb:b4:81:fe:9d:b8:b5:21:14:25:6a:b3:70:
3a:ec:b6:cc:ba:19:28:0a:32:c5:2d:2b:d9:e7:90:
29:75:4e:99:45:71:c3:34:38:e1:95:42:c1:4f:14:
b5:95:6a:db:4b:59:f4:a2:5e:b2:2e:b7:82:ea:b8:
52:44:da:05:a0:9b:de:d6:f0:b1:06:fd:22:ce:67:
46:7f:0d:dc:d0:3f:62:21:90:c6:0b:ba:ca:68:66:
4d:40:89:e9:cd:b4:4a:ef:85:20:50:3b:60:05:67:
e1:79:50:2f:8f:f1:aa:fb:92:4e:0d:7f:69:6c:f3:
92:a3:e7:e6:e3:78:91:db:56:2a:5d:3d:f0:a5:e3:
f8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2C:3F:AD:15:EF:12:BD:EE:90:A2:AC:42:1A:C1:E0:6A:91:7E:D5
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/Kiw_rRXvEr3ukKKsQhrB4GqRftU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
89.191.228.0/24
90.156.228.0/24
90.156.231.0/24
94.228.122.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
185.247.16.0/24
188.225.60.0/24
193.201.115.0/24
194.35.116.0/22
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
6f:37:cc:43:75:12:23:dc:9e:b0:c3:6d:19:e4:e2:17:a3:aa:
43:d4:3e:82:70:e5:72:5b:76:7b:7d:4e:9b:37:93:62:10:cb:
9e:18:5b:68:e6:59:34:3a:c6:7f:eb:8d:b2:5f:f6:91:2e:22:
5e:d4:67:e0:eb:d3:b7:c7:d9:4f:7a:26:9d:0b:54:b3:4d:ef:
55:98:f4:bc:09:20:4c:2f:e7:c0:f9:b6:d2:82:4b:55:c4:64:
1f:1c:39:1e:ae:5a:4b:68:56:33:1c:6b:89:ae:85:81:15:5c:
13:8e:ab:dc:c5:8d:39:d7:f2:19:57:33:b8:2e:37:ed:ff:1c:
d2:96:73:54:dc:56:90:6b:e7:6b:de:c9:e8:25:95:0c:cc:1d:
ec:f7:05:27:7e:45:5a:37:1a:46:bf:3c:89:c2:88:b7:66:ee:
46:9a:b8:db:e9:7e:02:f8:9b:1a:fd:e4:d6:7b:58:4c:74:77:
05:31:46:c5:57:f7:1b:65:21:aa:b2:18:47:5c:5c:2e:74:4e:
da:e4:fe:01:f3:18:c6:38:6a:f8:1e:20:f7:d7:d9:87:c8:b6:
9d:0e:ee:13:00:34:82:24:24:9b:61:62:4c:37:fd:cb:30:17:
e1:a4:b7:98:7e:35:fc:3c:9c:58:db:16:a0:7e:b6:91:57:15:
86:ae:c9:f1
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZYVNOOniOKffkxjE87shAqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjUwNDA4MTE0MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTJjM2ZhZDE1ZWYxMmJkZWU5MGEyYWM0MjFhYzFlMDZhOTE3ZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGJSmTSnp6vRRTgYYKc6s6dOkx6y
KBTAdSHW6/IWdJEG7xukBB6uXQKilX0JztGpmhjgv17FCMCU+FrWSIAcYBaynl5g
0QwelPdz/25vba9Hy6hh8UBzNQWW21HlZm+Kx6mQv7QA5LQi8Jgkf4wO7LRHUnyo
SSEwWOu0gf6duLUhFCVqs3A67LbMuhkoCjLFLSvZ55ApdU6ZRXHDNDjhlULBTxS1
lWrbS1n0ol6yLreC6rhSRNoFoJve1vCxBv0izmdGfw3c0D9iIZDGC7rKaGZNQInp
zbRK74UgUDtgBWfheVAvj/Gq+5JODX9pbPOSo+fm43iR21YqXT3wpeP4YQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFCosP60V7xK97pCirEIaweBqkX7VMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvS2l3X3JSWHZFcjN1a0tLc1FockI0R3FSZnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB4BAIAATByAwQATijY
AwQBVcFcAwQAVcFfAwQAV/kyAwQAWb/kAwQAWpzkAwQAWpznAwQAXuR6AwQAsDnd
AwQAuWhwAwQAuWhzAwQAufcQAwQAvOE8AwQAwclzAwQCwiN0AwQA2RlbAwQA2Rlf
AwQA2ZflAwQA2ZfnMA8EAgACMAkDBwAqA28AAAgwDQYJKoZIhvcNAQELBQADggEB
AG83zEN1EiPcnrDDbRnk4hejqkPUPoJw5XJbdnt9Tps3k2IQy54YW2jmWTQ6xn/r
jbJf9pEuIl7UZ+Dr07fH2U96Jp0LVLNN71WY9LwJIEwv58D5ttKCS1XEZB8cOR6u
WktoVjMca4muhYEVXBOOq9zFjTnX8hlXM7guN+3/HNKWc1TcVpBr52veyegllQzM
Hez3BSd+RVo3Gka/PInCiLdm7kaauNvpfgL4mxr95NZ7WEx0dwUxRsVX9xtlIaqy
GEdcXC50Ttrk/gHzGMY4avgeIPfX2YfItp0O7hMANIIkJJthYkw3/cswF+Gkt5h+
Nfw8nFjbFqB+tpFXFYauyfE=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:06 2025 by rpki-client on console.sobornost.net