Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/kZoxclDODrqno7bzuwJo5kd5EC8.roa
File: kZoxclDODrqno7bzuwJo5kd5EC8.roa (raw, json)
Hash identifier: HR4k2gGsfr+vjhIPEGTk4xuSSHYkt/91zGBLji1+jIM=
Subject key identifier: 91:9A:31:72:50:CE:0E:BA:A7:A3:B6:F3:BB:02:68:E6:47:79:10:2F
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0194206810767FDE5CFDD1C770781A2B9DFB
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/kZoxclDODrqno7bzuwJo5kd5EC8.roa
Signing time: Wed 01 Jan 2025 05:47:58 +0000
ROA not before: Wed 01 Jan 2025 05:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211750
IP address blocks: 45.128.157.0/24 maxlen: 24
45.128.158.0/24 maxlen: 24
185.228.81.0/24 maxlen: 24
185.228.82.0/24 maxlen: 24
195.88.190.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:10:76:7f:de:5c:fd:d1:c7:70:78:1a:2b:9d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 05:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=919a317250ce0ebaa7a3b6f3bb0268e64779102f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:31:a1:77:94:e1:5d:27:60:dc:22:1d:c0:06:
2b:0c:9e:24:0c:a5:8f:0f:2e:d0:00:d4:c5:a9:24:
1c:78:4c:1f:6f:66:42:ce:4d:55:89:9d:3f:e9:51:
96:84:74:92:ed:9a:6b:9c:05:4a:fd:52:f6:2a:2b:
5e:db:15:b8:9c:41:1f:2e:92:78:cd:67:25:90:c0:
5d:dd:ad:a2:12:35:ca:d0:06:30:de:ce:46:3e:c4:
ad:94:b5:b5:7a:54:e4:98:3c:cc:56:db:3f:6c:f8:
d3:6c:08:45:6e:e8:d1:1f:45:63:15:32:a5:ab:df:
a3:bf:31:6f:e6:5a:1d:82:ce:49:27:e3:bf:c9:f1:
d8:80:3d:63:ce:1f:a2:d5:e8:e8:9c:9e:51:f8:23:
24:bb:b1:33:6d:50:e3:c3:a9:e2:73:d2:0a:cc:4b:
9e:3d:4a:03:37:c0:f8:55:26:2a:16:32:01:55:f5:
51:90:52:77:7f:a3:c4:24:85:a8:5f:e1:72:96:ae:
3a:36:f4:4c:bc:22:38:1e:f5:31:26:10:a1:ca:f7:
30:2d:86:16:75:06:bb:13:5c:23:c6:25:97:3f:88:
db:bf:2f:49:01:d4:2c:cc:5a:75:21:15:c4:1b:83:
2b:8f:f2:75:00:93:9a:03:8e:b6:99:8e:bf:f7:5a:
56:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9A:31:72:50:CE:0E:BA:A7:A3:B6:F3:BB:02:68:E6:47:79:10:2F
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/kZoxclDODrqno7bzuwJo5kd5EC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.157.0-45.128.158.255
185.228.81.0-185.228.82.255
195.88.190.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:61:9c:18:07:b0:c8:3e:aa:00:cc:ac:f6:01:5d:2f:a7:9c:
ec:47:67:21:cc:01:18:80:6b:e4:b7:ad:52:1c:5d:15:3d:ff:
c4:7e:fa:58:64:cd:70:17:e0:ae:0f:7a:73:29:2c:53:19:9a:
4e:b0:5e:ab:ff:21:53:f2:82:a7:b6:09:8e:4b:0b:6c:e1:9f:
c6:0c:2b:c2:8e:82:7f:5a:96:b5:da:75:00:a5:b6:91:33:e6:
60:29:79:98:95:15:46:d7:46:04:03:85:ec:fc:bb:5d:6e:0a:
1f:bf:e8:70:cc:76:f1:45:f0:36:4f:b4:73:2d:c2:de:f5:58:
b5:72:43:c8:54:c9:17:24:a9:45:dd:ae:c6:9a:b7:82:73:45:
79:87:73:f0:43:2f:6a:b5:63:73:07:89:bd:39:ad:af:2d:73:
fc:3d:ed:1c:56:fb:6b:f0:99:94:ce:72:62:51:c9:2f:ff:3a:
28:82:73:ff:56:87:dc:79:ce:45:c4:df:59:89:81:95:83:d7:
6b:68:29:5c:44:8e:32:87:4d:30:a6:9d:02:c4:c0:9b:a0:d0:
7a:12:54:de:6a:b4:70:12:65:77:3d:84:f5:c5:a6:34:be:1e:
3f:cf:43:f1:50:e7:3e:ad:59:ed:8c:50:a3:79:bc:4c:5f:70:
aa:ec:bb:bd
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQgaBB2f95c/dHHcHgaK537MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwMTAxMDU0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTlhMzE3MjUwY2UwZWJhYTdhM2I2ZjNiYjAyNjhlNjQ3NzkxMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjGhd5ThXSdg3CIdwAYrDJ4kDKWP
Dy7QANTFqSQceEwfb2ZCzk1ViZ0/6VGWhHSS7ZprnAVK/VL2Kite2xW4nEEfLpJ4
zWclkMBd3a2iEjXK0AYw3s5GPsStlLW1elTkmDzMVts/bPjTbAhFbujRH0VjFTKl
q9+jvzFv5lodgs5JJ+O/yfHYgD1jzh+i1ejonJ5R+CMku7EzbVDjw6nic9IKzEue
PUoDN8D4VSYqFjIBVfVRkFJ3f6PEJIWoX+Fylq46NvRMvCI4HvUxJhChyvcwLYYW
dQa7E1wjxiWXP4jbvy9JAdQszFp1IRXEG4Mrj/J1AJOaA462mY6/91pW2QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJGaMXJQzg66p6O287sCaOZHeRAvMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEva1pveGNsRE9EcnFubzdienV3Sm81a2Q1RUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAAtgJ0D
BAAtgJ4wDAMEALnkUQMEALnkUgMEAMNYvjANBgkqhkiG9w0BAQsFAAOCAQEAXmGc
GAewyD6qAMys9gFdL6ec7EdnIcwBGIBr5LetUhxdFT3/xH76WGTNcBfgrg96cyks
UxmaTrBeq/8hU/KCp7YJjksLbOGfxgwrwo6Cf1qWtdp1AKW2kTPmYCl5mJUVRtdG
BAOF7Py7XW4KH7/ocMx28UXwNk+0cy3C3vVYtXJDyFTJFySpRd2uxpq3gnNFeYdz
8EMvarVjcweJvTmtry1z/D3tHFb7a/CZlM5yYlHJL/86KIJz/1aH3HnORcTfWYmB
lYPXa2gpXESOModNMKadAsTAm6DQehJU3mq0cBJldz2E9cWmNL4eP89D8VDnPq1Z
7YxQo3m8TF9wquy7vQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:55:43 2025 by rpki-client