Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/kgvQeuMFnpm71yFFkUtyuHKbgrU.roa
File: kgvQeuMFnpm71yFFkUtyuHKbgrU.roa (raw, json)
Hash identifier: k95HlMqQar5+b3rA9fCpRj2CpcllsEQdIJpXrOKaoaE=
Subject key identifier: 92:0B:D0:7A:E3:05:9E:99:BB:D7:21:45:91:4B:72:B8:72:9B:82:B5
Certificate issuer: /CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Certificate serial: 018571309D56519851A4B260F5907158F82E
Authority key identifier: 80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/kgvQeuMFnpm71yFFkUtyuHKbgrU.roa
Signing time: Mon 02 Jan 2023 06:34:49 +0000
ROA not before: Mon 02 Jan 2023 06:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48950
IP address blocks: 104.160.2.0/24 maxlen: 24
104.160.10.0/24 maxlen: 24
104.160.6.0/24 maxlen: 24
104.160.5.0/24 maxlen: 24
5.157.21.0/24 maxlen: 24
158.222.3.0/24 maxlen: 24
158.222.5.0/24 maxlen: 24
158.222.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:9d:56:51:98:51:a4:b2:60:f5:90:71:58:f8:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Validity
Not Before: Jan 2 06:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=920bd07ae3059e99bbd72145914b72b8729b82b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7d:4a:b3:c3:11:ba:55:71:83:81:25:39:04:
55:57:ff:b9:02:de:3f:a5:64:e9:68:3a:66:23:d3:
74:a2:d9:86:dd:26:1a:3b:08:e5:cd:63:f8:31:6b:
f1:84:1d:cf:ad:48:f8:29:0f:f2:73:15:f0:7e:0d:
79:10:13:67:8e:a1:14:94:94:07:65:8c:a2:f5:70:
f5:82:f9:ac:b9:31:dc:59:d7:19:65:c3:4f:a4:98:
14:47:53:94:0b:7b:d3:10:79:5e:93:3e:85:3a:a3:
55:c9:40:3b:18:d4:89:65:ff:08:94:4c:cc:ca:de:
a7:5d:22:69:8e:c4:50:59:be:1b:fe:56:8a:21:db:
3a:2e:65:28:42:bd:76:be:70:b6:2c:9d:e9:86:cd:
04:ea:e7:40:19:95:bd:3c:d6:fc:81:c5:86:b9:63:
54:af:b7:57:3c:a0:48:b3:7d:d8:93:1b:59:1b:33:
13:72:25:f3:b0:32:eb:43:8d:b8:f9:69:c3:d5:ec:
3e:2e:d8:55:83:a7:92:d3:3f:95:ee:13:81:12:c6:
ae:fc:29:37:37:60:80:40:be:4e:07:c0:90:c7:37:
38:f0:f0:b2:ee:e7:50:89:de:e8:48:20:f2:50:a9:
e0:ba:f9:6a:1c:43:73:53:78:df:ec:86:64:96:18:
20:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0B:D0:7A:E3:05:9E:99:BB:D7:21:45:91:4B:72:B8:72:9B:82:B5
X509v3 Authority Key Identifier:
keyid:80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/kgvQeuMFnpm71yFFkUtyuHKbgrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/gPN231-e9IfIKzGodcakltecoNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.21.0/24
104.160.2.0/24
104.160.5.0-104.160.6.255
104.160.10.0/24
158.222.3.0/24
158.222.5.0/24
158.222.7.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:67:67:30:ef:c0:26:63:c3:e9:65:9d:6a:f9:e9:06:4f:f0:
02:96:a7:b3:0f:b1:9b:20:f4:3e:d3:0a:f8:26:6c:42:60:cd:
41:5d:59:50:ea:97:19:03:db:2f:f6:39:ad:1e:c9:85:9d:11:
95:0c:31:ac:df:1b:d1:a2:04:7b:ec:b4:83:9c:4b:a5:92:58:
48:89:5f:1c:4b:57:be:cc:cd:a8:e9:8d:27:e1:5f:4c:fe:3a:
65:39:d2:a7:4e:5e:6e:53:50:a8:6c:93:ba:38:93:26:0e:90:
e2:76:a0:d7:08:e0:2e:c2:74:e3:9a:d0:ff:38:21:e1:9a:24:
37:ad:74:f4:d9:4c:53:24:4f:33:34:74:2a:7c:1a:08:fe:26:
02:06:63:4a:7e:18:4e:e4:15:6d:87:76:7b:db:c6:97:ff:60:
90:36:04:e4:95:9c:4c:23:4c:19:c9:58:29:67:ed:f5:ae:6e:
77:7e:ad:e6:db:4f:25:29:c3:47:e9:5b:84:48:5c:b1:55:3b:
ae:7b:fc:7d:c7:af:b6:66:ad:f5:5a:26:88:af:43:6e:41:97:
6c:64:0c:d1:c3:1e:cf:f5:0c:31:4a:b8:6e:03:53:4d:2f:55:
32:4a:e0:7b:a7:b0:f0:96:e4:cb:ce:2e:3b:34:a9:f6:3a:f9:
9d:5b:ea:20
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVxMJ1WUZhRpLJg9ZBxWPguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjM3NmRmNWY5ZWY0ODdjODJiMzFhODc1YzZhNDk2ZDc5
Y2EwZDcwHhcNMjMwMTAyMDYzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjBiZDA3YWUzMDU5ZTk5YmJkNzIxNDU5MTRiNzJiODcyOWI4MmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH1Ks8MRulVxg4ElOQRVV/+5At4/
pWTpaDpmI9N0otmG3SYaOwjlzWP4MWvxhB3PrUj4KQ/ycxXwfg15EBNnjqEUlJQH
ZYyi9XD1gvmsuTHcWdcZZcNPpJgUR1OUC3vTEHlekz6FOqNVyUA7GNSJZf8IlEzM
yt6nXSJpjsRQWb4b/laKIds6LmUoQr12vnC2LJ3phs0E6udAGZW9PNb8gcWGuWNU
r7dXPKBIs33YkxtZGzMTciXzsDLrQ424+WnD1ew+LthVg6eS0z+V7hOBEsau/Ck3
N2CAQL5OB8CQxzc48PCy7udQid7oSCDyUKnguvlqHENzU3jf7IZklhggDQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJIL0HrjBZ6Zu9chRZFLcrhym4K1MB8GA1UdIwQY
MBaAFIDzdt9fnvSHyCsxqHXGpJbXnKDXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMt
YTRiYzI4MTY2NDNhLzEva2d2UWV1TUZucG03MXlGRmtVdHl1SEtiZ3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMtYTRiYzI4MTY2NDNh
LzEvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQABZ0VAwQA
aKACMAwDBABooAUDBABooAYDBABooAoDBACe3gMDBACe3gUDBACe3gcwDQYJKoZI
hvcNAQELBQADggEBAGtnZzDvwCZjw+llnWr56QZP8AKWp7MPsZsg9D7TCvgmbEJg
zUFdWVDqlxkD2y/2Oa0eyYWdEZUMMazfG9GiBHvstIOcS6WSWEiJXxxLV77Mzajp
jSfhX0z+OmU50qdOXm5TUKhsk7o4kyYOkOJ2oNcI4C7CdOOa0P84IeGaJDetdPTZ
TFMkTzM0dCp8Ggj+JgIGY0p+GE7kFW2Hdnvbxpf/YJA2BOSVnEwjTBnJWCln7fWu
bnd+rebbTyUpw0fpW4RIXLFVO657/H3Hr7ZmrfVaJoivQ25Bl2xkDNHDHs/1DDFK
uG4DU00vVTJK4HunsPCW5MvOLjs0qfY6+Z1b6iA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 06:24:15 2025 by rpki-client