Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/kubkTN8FMP9d-Mo63ocBIKQM-Lc.roa
File: kubkTN8FMP9d-Mo63ocBIKQM-Lc.roa (raw, json)
Hash identifier: keKknVV6p3wikzpiPvb9HlIVLJ5zBFrwVTTK+JW8U4o=
Subject key identifier: 92:E6:E4:4C:DF:05:30:FF:5D:F8:CA:3A:DE:87:01:20:A4:0C:F8:B7
Certificate issuer: /CN=caf44942a29fac612cd44f83ad317a1c0f5b8eea
Certificate serial: 0194228E2DF0BFBF7B891FA8798D33E06C43
Authority key identifier: CA:F4:49:42:A2:9F:AC:61:2C:D4:4F:83:AD:31:7A:1C:0F:5B:8E:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvRJQqKfrGEs1E-DrTF6HA9bjuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/kubkTN8FMP9d-Mo63ocBIKQM-Lc.roa
Signing time: Wed 01 Jan 2025 15:48:50 +0000
ROA not before: Wed 01 Jan 2025 15:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35372
IP address blocks: 185.136.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:2d:f0:bf:bf:7b:89:1f:a8:79:8d:33:e0:6c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf44942a29fac612cd44f83ad317a1c0f5b8eea
Validity
Not Before: Jan 1 15:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92e6e44cdf0530ff5df8ca3ade870120a40cf8b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:67:d0:6c:08:cf:a0:5b:12:53:28:c7:46:25:
eb:b7:f3:e7:81:22:9b:44:98:90:d6:c0:a2:c0:59:
46:b4:01:1b:aa:ec:47:0b:34:3b:f8:1f:d5:69:ff:
8d:e8:41:e0:ee:8a:55:9d:95:fc:05:35:b5:a2:2d:
63:fb:a4:fe:3a:0d:75:4c:25:fc:8f:42:7b:d3:5e:
f4:44:b5:c0:4b:38:22:a6:32:f8:80:9a:f6:98:9c:
33:b3:4e:4d:7b:66:8d:60:73:0b:9d:5e:31:7f:ac:
0c:09:d1:f3:69:7e:1e:ac:8b:6d:f8:f2:10:e7:e8:
01:b9:38:05:2a:5c:24:7b:4e:d4:2b:58:28:eb:b4:
1f:ae:a5:09:86:33:ee:63:53:05:43:6e:d0:77:27:
a3:9e:88:23:82:f8:42:eb:bc:95:cb:5b:a9:bd:0d:
36:97:00:ec:cc:04:2b:fb:c7:ea:fd:db:8f:1b:a4:
8d:6e:ad:83:f2:0d:72:21:7b:28:1f:9b:ab:6d:08:
ac:ff:24:4c:14:25:b6:18:28:c2:7d:61:03:29:58:
00:40:a7:50:dd:2f:4c:75:e0:d8:3f:a9:3a:ec:97:
a1:05:28:e1:6d:3d:b8:c2:80:86:d1:d2:12:2a:29:
f9:1a:91:c6:f0:90:85:be:d0:b1:44:04:f3:f6:32:
8c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E6:E4:4C:DF:05:30:FF:5D:F8:CA:3A:DE:87:01:20:A4:0C:F8:B7
X509v3 Authority Key Identifier:
keyid:CA:F4:49:42:A2:9F:AC:61:2C:D4:4F:83:AD:31:7A:1C:0F:5B:8E:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvRJQqKfrGEs1E-DrTF6HA9bjuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/kubkTN8FMP9d-Mo63ocBIKQM-Lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/yvRJQqKfrGEs1E-DrTF6HA9bjuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.135.0/24
Signature Algorithm: sha256WithRSAEncryption
10:fa:4e:49:fc:76:8e:38:dd:3d:e0:f6:2e:4e:11:0b:e7:67:
a1:3c:37:fe:06:91:43:c1:c5:9f:be:14:b4:d7:71:fe:a2:ce:
f0:1f:2d:ed:f8:5e:d4:ff:64:8f:98:07:ea:cb:6b:01:2f:c6:
a2:28:be:2f:c8:d1:a5:58:e1:c0:a3:5d:69:82:aa:8d:e6:69:
a6:18:b5:9d:b2:0c:9b:3d:52:c4:28:4a:3a:1f:e3:8a:09:f5:
2c:e6:50:3d:e0:50:e9:18:a0:ec:eb:b0:0b:aa:aa:94:d9:e9:
7d:e3:c9:00:5a:5c:98:bb:35:47:10:92:88:8a:3c:7c:44:d8:
f1:9d:a7:de:22:8d:7f:55:db:09:26:cb:29:09:b8:5c:ec:5d:
62:ce:4c:fe:0e:f0:16:c7:5f:c8:ad:d0:bc:55:da:85:16:28:
36:27:bd:49:d7:51:3e:f6:13:7b:0b:8a:2d:4f:d4:69:e5:ac:
cb:82:c9:08:e2:2f:cf:0f:7e:91:4d:0d:13:db:e5:99:f6:f6:
ee:14:8c:82:70:25:c9:37:8a:90:0f:8d:d7:d7:9d:da:55:e2:
27:a1:28:a1:e3:eb:a1:e6:c8:fd:02:2b:4c:54:ab:99:c8:f6:
f6:ce:cd:3c:64:82:85:41:18:80:be:18:b0:23:a3:14:62:20:
7b:f0:44:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiji3wv797iR+oeY0z4GxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZjQ0OTQyYTI5ZmFjNjEyY2Q0NGY4M2FkMzE3YTFjMGY1
YjhlZWEwHhcNMjUwMTAxMTU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmU2ZTQ0Y2RmMDUzMGZmNWRmOGNhM2FkZTg3MDEyMGE0MGNmOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWfQbAjPoFsSUyjHRiXrt/PngSKb
RJiQ1sCiwFlGtAEbquxHCzQ7+B/Vaf+N6EHg7opVnZX8BTW1oi1j+6T+Og11TCX8
j0J70170RLXASzgipjL4gJr2mJwzs05Ne2aNYHMLnV4xf6wMCdHzaX4erItt+PIQ
5+gBuTgFKlwke07UK1go67QfrqUJhjPuY1MFQ27QdyejnogjgvhC67yVy1upvQ02
lwDszAQr+8fq/duPG6SNbq2D8g1yIXsoH5urbQis/yRMFCW2GCjCfWEDKVgAQKdQ
3S9MdeDYP6k67JehBSjhbT24woCG0dISKin5GpHG8JCFvtCxRATz9jKM7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJLm5EzfBTD/XfjKOt6HASCkDPi3MB8GA1UdIwQY
MBaAFMr0SUKin6xhLNRPg60xehwPW47qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZSSlFxS2ZyR0VzMUUtRHJURjZIQTlianVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wMmNiNWYtYzY2OS00ZmIwLTkyZTUt
NDgzNmJhZDYxYmEyLzEva3Via1ROOEZNUDlkLU1vNjNvY0JJS1FNLUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wMmNiNWYtYzY2OS00ZmIwLTkyZTUtNDgzNmJhZDYxYmEy
LzEveXZSSlFxS2ZyR0VzMUUtRHJURjZIQTlianVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYiHMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ+k5J/HaOON094PYuThEL52ehPDf+BpFDwcWfvhS0
13H+os7wHy3t+F7U/2SPmAfqy2sBL8aiKL4vyNGlWOHAo11pgqqN5mmmGLWdsgyb
PVLEKEo6H+OKCfUs5lA94FDpGKDs67ALqqqU2el948kAWlyYuzVHEJKIijx8RNjx
nafeIo1/VdsJJsspCbhc7F1izkz+DvAWx1/IrdC8VdqFFig2J71J11E+9hN7C4ot
T9Rp5azLgskI4i/PD36RTQ0T2+WZ9vbuFIyCcCXJN4qQD43X153aVeInoSih4+uh
5sj9AitMVKuZyPb2zs08ZIKFQRiAvhiwI6MUYiB78ET7
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:53 2025 by rpki-client