Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/kr3FPTrUbvprQB5gOzb6Xm9In9I.roa
File: kr3FPTrUbvprQB5gOzb6Xm9In9I.roa (raw, json)
Hash identifier: hZOcB5l1wSRFBsah9a6wwCM7j6k84PdiP/Urp0eSJlg=
Subject key identifier: 92:BD:C5:3D:3A:D4:6E:FA:6B:40:1E:60:3B:36:FA:5E:6F:48:9F:D2
Certificate issuer: /CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Certificate serial: 019420682BDBD14A00BD53E46FE2B98F9589
Authority key identifier: BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/kr3FPTrUbvprQB5gOzb6Xm9In9I.roa
Signing time: Wed 01 Jan 2025 05:48:05 +0000
ROA not before: Wed 01 Jan 2025 05:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34691
IP address blocks: 45.136.110.0/24 maxlen: 24
91.233.252.0/23 maxlen: 23
91.233.254.0/23 maxlen: 23
194.69.60.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2b:db:d1:4a:00:bd:53:e4:6f:e2:b9:8f:95:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Validity
Not Before: Jan 1 05:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92bdc53d3ad46efa6b401e603b36fa5e6f489fd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b2:f7:b4:5c:8a:8b:16:00:4b:5a:e9:c9:4e:
cb:a8:cd:34:5a:08:f6:42:20:3e:2e:75:e1:f4:78:
93:31:a4:00:bb:0c:13:2e:86:93:7f:2e:84:ac:c6:
a4:ec:15:26:97:98:ea:64:4c:30:36:ae:ec:0f:77:
87:48:88:df:55:9d:8e:9d:3f:a5:7c:d4:8e:e8:10:
b8:d6:81:9c:30:af:36:06:8a:12:66:d8:87:73:f0:
bb:44:8b:d6:b5:30:a8:38:b0:95:3f:86:ac:e8:1f:
2f:bb:29:9a:7d:5a:f2:d5:16:7a:fa:1e:56:3c:b6:
dd:88:47:14:8c:07:76:8f:09:32:04:85:be:fb:ae:
fd:a8:e6:30:10:55:b3:64:ee:d1:75:a3:ea:3a:63:
82:87:4e:fd:29:13:e6:cb:86:1e:27:36:9c:a2:1b:
a0:4c:51:e0:8b:c2:b5:a8:56:92:26:74:4f:81:82:
1c:3c:2a:e3:01:db:8d:bb:e3:e3:68:bb:05:6a:79:
69:63:6f:61:c0:90:2a:17:c0:af:b7:31:d5:72:46:
3b:48:f3:9e:8e:43:e2:78:4b:98:ed:db:87:ea:31:
90:94:d0:37:e9:1d:53:17:f7:ec:f6:f3:cf:09:a1:
d4:06:74:ba:2c:20:44:a0:52:c1:6e:13:c9:ae:25:
ec:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:BD:C5:3D:3A:D4:6E:FA:6B:40:1E:60:3B:36:FA:5E:6F:48:9F:D2
X509v3 Authority Key Identifier:
keyid:BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/kr3FPTrUbvprQB5gOzb6Xm9In9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.110.0/24
91.233.252.0/22
194.69.60.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:e7:e4:4c:a9:d3:69:cd:77:1d:ea:aa:b1:82:5c:7b:a4:14:
6f:a4:6b:68:3e:da:94:55:ac:89:d2:fb:be:2a:b8:18:cf:dc:
ab:89:b9:51:cd:ec:a1:65:73:63:96:7c:27:6b:da:dc:35:af:
d0:ae:74:b9:64:6c:75:ce:93:32:9b:26:0c:8c:e1:3b:63:6d:
d8:e2:96:9f:fb:ee:98:d2:6c:e1:24:77:6d:80:88:98:36:4a:
ad:95:26:50:d0:cf:49:48:95:a0:10:90:e1:13:e3:1c:41:5d:
41:30:9d:95:15:4c:3f:47:29:ac:e6:76:37:dc:34:a3:77:c1:
15:61:c0:5b:cf:6c:b5:59:dd:3d:ca:90:64:6a:24:33:8b:40:
2a:eb:c4:bb:f4:d2:86:3b:29:f1:24:41:1b:ff:40:84:35:1b:
ae:98:af:bf:ab:ce:8b:ca:47:04:c5:c4:88:0d:d6:82:86:8d:
3e:8f:49:0e:6f:37:5b:ae:97:9b:c2:c9:41:a6:aa:a7:eb:3c:
9f:18:11:a0:3a:66:80:21:d0:fa:31:7f:25:41:ed:a2:22:bd:
8a:fe:eb:77:94:1c:d1:29:f6:59:ef:ca:ab:79:6d:8b:0f:12:
99:e9:6a:ca:11:5b:72:64:2f:db:f1:fe:5c:c1:71:9d:80:9f:
a9:b3:30:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQgaCvb0UoAvVPkb+K5j5WJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYjg2NWZkNmRmYWFiYTc3MTI0OWI3ZWJhZThlYmQ1Mjgw
YTBjOTcwHhcNMjUwMTAxMDU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmJkYzUzZDNhZDQ2ZWZhNmI0MDFlNjAzYjM2ZmE1ZTZmNDg5ZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7L3tFyKixYAS1rpyU7LqM00Wgj2
QiA+LnXh9HiTMaQAuwwTLoaTfy6ErMak7BUml5jqZEwwNq7sD3eHSIjfVZ2OnT+l
fNSO6BC41oGcMK82BooSZtiHc/C7RIvWtTCoOLCVP4as6B8vuymafVry1RZ6+h5W
PLbdiEcUjAd2jwkyBIW++679qOYwEFWzZO7RdaPqOmOCh079KRPmy4YeJzacohug
TFHgi8K1qFaSJnRPgYIcPCrjAduNu+PjaLsFanlpY29hwJAqF8CvtzHVckY7SPOe
jkPieEuY7duH6jGQlNA36R1TF/fs9vPPCaHUBnS6LCBEoFLBbhPJriXsaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJK9xT061G76a0AeYDs2+l5vSJ/SMB8GA1UdIwQY
MBaAFLu4Zf1t+quncSSbfrro69UoCgyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzIt
NWZjZmE0MjE5NzVjLzEva3IzRlBUclVidnByUUI1Z096YjZYbTlJbjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzItNWZjZmE0MjE5NzVj
LzEvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYhuAwQC
W+n8AwQCwkU8MA0GCSqGSIb3DQEBCwUAA4IBAQCc5+RMqdNpzXcd6qqxglx7pBRv
pGtoPtqUVayJ0vu+KrgYz9yriblRzeyhZXNjlnwna9rcNa/QrnS5ZGx1zpMymyYM
jOE7Y23Y4paf++6Y0mzhJHdtgIiYNkqtlSZQ0M9JSJWgEJDhE+McQV1BMJ2VFUw/
Ryms5nY33DSjd8EVYcBbz2y1Wd09ypBkaiQzi0Aq68S79NKGOynxJEEb/0CENRuu
mK+/q86LykcExcSIDdaCho0+j0kObzdbrpebwslBpqqn6zyfGBGgOmaAIdD6MX8l
Qe2iIr2K/ut3lBzRKfZZ78qreW2LDxKZ6WrKEVtyZC/b8f5cwXGdgJ+pszDF
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:27:00 2025 by rpki-client