Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/KcgCScsM5v7p6vKS8rOSX9Ho3RU.roa
File: KcgCScsM5v7p6vKS8rOSX9Ho3RU.roa (raw, json)
Hash identifier: Qk3LJ9YPrTkJaQrqlLUWCESFb5TBYL9+BqXBP2LnE8w=
Subject key identifier: 29:C8:02:49:CB:0C:E6:FE:E9:EA:F2:92:F2:B3:92:5F:D1:E8:DD:15
Certificate issuer: /CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Certificate serial: 0194214419416773C88D738665AD014FDD44
Authority key identifier: 8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/KcgCScsM5v7p6vKS8rOSX9Ho3RU.roa
Signing time: Wed 01 Jan 2025 09:48:18 +0000
ROA not before: Wed 01 Jan 2025 09:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35489
IP address blocks: 45.133.100.0/24 maxlen: 24
45.133.101.0/24 maxlen: 24
193.8.4.0/23 maxlen: 23
193.8.4.0/24 maxlen: 24
193.8.5.0/24 maxlen: 24
193.8.6.0/24 maxlen: 24
193.8.7.0/24 maxlen: 24
2a0c:7cc0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:19:41:67:73:c8:8d:73:86:65:ad:01:4f:dd:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Validity
Not Before: Jan 1 09:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29c80249cb0ce6fee9eaf292f2b3925fd1e8dd15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4a:f8:18:8f:02:19:20:78:14:e3:c3:51:21:
1a:df:ba:da:00:93:bd:b8:e2:81:f0:aa:7a:16:62:
98:23:9b:54:eb:3a:a9:1c:36:8a:8d:ba:c8:e6:9f:
2b:77:33:99:c3:6a:87:06:53:ad:84:fd:9b:46:c6:
a8:93:5e:63:d8:78:0b:68:93:42:db:94:be:b3:64:
da:4e:c2:60:50:ba:e6:30:bd:f0:4f:ad:47:74:26:
7b:3d:1b:a6:ae:da:75:e2:d7:f9:fa:29:63:1c:ab:
76:30:b3:a7:94:b7:32:09:0c:a6:59:d3:8e:22:00:
8e:53:20:16:cd:0d:83:e1:a7:23:df:25:7e:78:b7:
f6:48:5e:9d:03:2a:5e:4b:e6:8b:f1:c1:4a:00:11:
56:e0:45:db:16:12:ef:9d:d6:29:96:a9:8f:56:9c:
86:46:0b:2f:96:60:a6:f6:b0:72:8d:0e:7a:67:19:
07:35:6c:41:98:02:71:8f:a2:49:4a:f6:ad:33:07:
20:54:bd:d7:f1:56:a0:ff:d0:2b:a2:79:24:e7:e3:
4e:5a:5b:03:7e:b5:e7:36:f4:67:46:8e:b0:8c:cb:
46:49:3b:d1:15:0d:13:26:9b:56:dc:10:b8:3b:ff:
3d:78:bf:8c:e8:3e:85:7e:72:cf:5b:cb:7a:d8:4e:
01:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C8:02:49:CB:0C:E6:FE:E9:EA:F2:92:F2:B3:92:5F:D1:E8:DD:15
X509v3 Authority Key Identifier:
keyid:8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/KcgCScsM5v7p6vKS8rOSX9Ho3RU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.100.0/23
193.8.4.0/22
IPv6:
2a0c:7cc0::/48
Signature Algorithm: sha256WithRSAEncryption
9d:a3:7f:fc:19:50:9a:18:69:ab:9b:71:b4:3c:1d:3a:6f:06:
23:13:71:1d:cc:79:36:37:f6:94:7d:08:e4:8c:35:85:66:15:
c9:7e:9a:69:3f:bd:dc:9d:3e:f2:6d:da:3a:33:be:cb:b6:f8:
22:80:b8:f5:a3:45:fb:e7:21:cd:5b:c5:8e:95:e8:ee:f8:67:
46:ab:ef:4b:ef:70:dd:ee:47:48:fd:3a:d9:a7:06:89:07:63:
68:13:82:0d:8b:17:1f:0b:50:11:10:fc:d1:7b:d2:68:49:aa:
86:76:c1:04:33:77:35:cb:fc:d1:7e:8f:4b:7e:de:70:36:bd:
11:e8:80:1d:c1:55:c3:79:5e:67:b5:87:2f:01:28:c6:2e:29:
0c:19:dd:a0:f5:c5:7f:56:c5:ce:71:40:93:42:05:b6:6a:c9:
84:24:3f:31:60:50:5f:55:05:8a:e2:4a:c0:7e:d5:33:06:2f:
1d:71:fc:de:8e:31:56:46:95:f5:b5:a2:28:eb:88:18:b7:4e:
2d:85:cc:36:f1:25:30:57:c9:fc:a2:b4:0e:14:de:fa:1b:52:
24:16:45:1a:e4:64:34:db:e6:ee:94:80:15:f0:e3:b9:04:a0:
c4:90:fe:3d:a2:19:f4:f8:0a:e7:70:42:36:59:03:2a:da:a4:
75:cc:97:e5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQhRBlBZ3PIjXOGZa0BT91EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNlMWQxMzViZjJjZjhlOGMxM2YzM2VjMTFjODUyMzcw
M2RjNzUwHhcNMjUwMTAxMDk0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWM4MDI0OWNiMGNlNmZlZTllYWYyOTJmMmIzOTI1ZmQxZThkZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUr4GI8CGSB4FOPDUSEa37raAJO9
uOKB8Kp6FmKYI5tU6zqpHDaKjbrI5p8rdzOZw2qHBlOthP2bRsaok15j2HgLaJNC
25S+s2TaTsJgULrmML3wT61HdCZ7PRumrtp14tf5+iljHKt2MLOnlLcyCQymWdOO
IgCOUyAWzQ2D4acj3yV+eLf2SF6dAypeS+aL8cFKABFW4EXbFhLvndYplqmPVpyG
RgsvlmCm9rByjQ56ZxkHNWxBmAJxj6JJSvatMwcgVL3X8Vag/9Aronkk5+NOWlsD
frXnNvRnRo6wjMtGSTvRFQ0TJptW3BC4O/89eL+M6D6FfnLPW8t62E4B/wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCnIAknLDOb+6erykvKzkl/R6N0VMB8GA1UdIwQY
MBaAFIoc4dE1vyz46ME/M+wRyFI3A9x1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDIt
ZGVlMjkyZWE4N2EzLzEvS2NnQ1Njc001djdwNnZLUzhyT1NYOUhvM1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDItZGVlMjkyZWE4N2Ez
LzEvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBLYVkAwQC
wQgEMA8EAgACMAkDBwAqDHzAAAAwDQYJKoZIhvcNAQELBQADggEBAJ2jf/wZUJoY
aaubcbQ8HTpvBiMTcR3MeTY39pR9COSMNYVmFcl+mmk/vdydPvJt2jozvsu2+CKA
uPWjRfvnIc1bxY6V6O74Z0ar70vvcN3uR0j9OtmnBokHY2gTgg2LFx8LUBEQ/NF7
0mhJqoZ2wQQzdzXL/NF+j0t+3nA2vRHogB3BVcN5Xme1hy8BKMYuKQwZ3aD1xX9W
xc5xQJNCBbZqyYQkPzFgUF9VBYriSsB+1TMGLx1x/N6OMVZGlfW1oijriBi3Ti2F
zDbxJTBXyfyitA4U3vobUiQWRRrkZDTb5u6UgBXw47kEoMSQ/j2iGfT4CudwQjZZ
AyrapHXMl+U=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:41 2025 by rpki-client