Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Klunaw_xMRk2ZhRJC_lu0IqESvo.roa
File: Klunaw_xMRk2ZhRJC_lu0IqESvo.roa (raw, json)
Hash identifier: MBr0u18pcPu0rdEyt7SCDeyM/c4kjP26RLxb6DYrx9k=
Subject key identifier: 2A:5B:A7:6B:0F:F1:31:19:36:66:14:49:0B:F9:6E:D0:8A:84:4A:FA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195AD1CA36F2BA95544997E44B9D88B0035
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Klunaw_xMRk2ZhRJC_lu0IqESvo.roa
Signing time: Wed 19 Mar 2025 06:34:49 +0000
ROA not before: Wed 19 Mar 2025 06:34:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 151.242.92.0/24 maxlen: 24
151.242.93.0/24 maxlen: 24
151.242.94.0/24 maxlen: 24
151.242.95.0/24 maxlen: 24
151.242.96.0/24 maxlen: 24
151.242.98.0/24 maxlen: 24
151.242.100.0/24 maxlen: 24
151.242.101.0/24 maxlen: 24
151.242.103.0/24 maxlen: 24
151.242.105.0/24 maxlen: 24
151.242.107.0/24 maxlen: 24
151.242.109.0/24 maxlen: 24
151.242.112.0/24 maxlen: 24
151.242.113.0/24 maxlen: 24
151.242.115.0/24 maxlen: 24
151.242.184.0/22 maxlen: 22
151.242.196.0/22 maxlen: 22
151.243.168.0/24 maxlen: 24
151.243.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ad:1c:a3:6f:2b:a9:55:44:99:7e:44:b9:d8:8b:00:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 19 06:34:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a5ba76b0ff13119366614490bf96ed08a844afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:05:ba:20:c6:4c:8d:75:d2:fd:9f:de:78:a5:
40:20:eb:cb:a3:54:46:22:72:6d:ba:8b:65:be:ac:
39:ef:52:c0:18:e1:6d:7d:ce:1e:09:96:6c:50:cd:
a7:83:bc:cd:a9:57:af:46:24:55:85:c0:a7:ea:db:
2a:83:df:73:ac:86:f2:19:bb:6a:08:92:f6:78:22:
f5:dd:06:2c:9d:f8:80:b2:ad:82:12:22:b0:c7:7b:
54:04:61:fb:f6:4c:f0:a6:a7:ef:18:60:a5:30:ee:
8c:cf:6e:12:68:9d:e8:ec:49:a3:98:16:38:8b:a4:
94:8d:b2:9c:2a:00:3a:6c:d0:26:7d:29:d3:9f:f9:
e7:59:21:b8:e9:b3:07:b3:18:6a:49:7c:60:30:9a:
38:7d:ec:ef:c6:49:f2:4f:22:57:04:d9:1a:e3:b6:
f1:13:9d:6d:f0:59:d0:d5:5e:1d:7b:55:f2:05:c5:
a9:2f:fa:6f:1f:51:8e:53:b5:01:95:d6:72:d2:33:
8d:d2:43:97:c3:7d:77:d7:8c:bc:9e:9c:a0:24:3a:
82:39:7c:da:61:71:f4:00:e4:eb:5d:36:ec:48:d8:
7c:1b:c7:c1:70:69:84:28:2f:83:38:08:1c:e2:e6:
77:dd:8f:2a:b6:1c:a6:01:12:1a:3d:ae:3d:d6:18:
62:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:5B:A7:6B:0F:F1:31:19:36:66:14:49:0B:F9:6E:D0:8A:84:4A:FA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Klunaw_xMRk2ZhRJC_lu0IqESvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.92.0-151.242.96.255
151.242.98.0/24
151.242.100.0/23
151.242.103.0/24
151.242.105.0/24
151.242.107.0/24
151.242.109.0/24
151.242.112.0/23
151.242.115.0/24
151.242.184.0/22
151.242.196.0/22
151.243.168.0/24
151.243.173.0/24
Signature Algorithm: sha256WithRSAEncryption
95:4b:7b:64:bf:ed:07:a1:76:90:1f:b4:04:26:82:2b:4f:f9:
ed:fa:99:d8:6b:e8:67:cf:43:a3:d1:3a:3b:b7:d2:9e:2f:5f:
da:93:9a:1b:6e:26:f8:85:6a:04:53:6e:59:be:55:4d:3d:8d:
00:fd:bf:09:c1:86:a0:4b:b8:73:89:a9:7c:0b:ab:96:1b:9f:
8d:1f:95:dd:b7:bb:9d:99:97:89:c7:c9:9b:29:9d:8c:be:35:
10:be:6c:65:45:4b:06:51:a2:44:20:10:29:88:03:26:f2:6b:
e3:56:29:65:d5:49:92:d1:c6:b7:02:53:a7:c7:16:26:1b:0e:
18:18:f3:29:48:21:25:53:55:36:a5:8e:b3:83:2e:10:3a:0d:
fc:71:7b:63:8b:fc:82:48:7f:1a:48:5a:b8:b1:73:40:2d:a4:
e6:d8:c1:99:82:f9:19:1a:eb:ad:46:48:3b:44:3c:d0:ff:f2:
08:c8:7d:c2:98:04:47:cf:d3:a5:ff:fa:c7:ac:61:6d:ae:a5:
34:f1:af:04:b8:e2:08:19:ae:64:83:8d:61:05:eb:cb:90:77:
0c:e5:32:44:d8:0a:25:a6:75:ae:cc:79:8a:1e:6c:7f:68:88:
44:21:81:36:1c:5e:b0:48:41:2d:4a:1c:93:bd:2e:b2:88:2e:
92:ba:e2:07
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZWtHKNvK6lVRJl+RLnYiwA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzE5MDYzNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTViYTc2YjBmZjEzMTE5MzY2NjE0NDkwYmY5NmVkMDhhODQ0YWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gW6IMZMjXXS/Z/eeKVAIOvLo1RG
InJtuotlvqw571LAGOFtfc4eCZZsUM2ng7zNqVevRiRVhcCn6tsqg99zrIbyGbtq
CJL2eCL13QYsnfiAsq2CEiKwx3tUBGH79kzwpqfvGGClMO6Mz24SaJ3o7EmjmBY4
i6SUjbKcKgA6bNAmfSnTn/nnWSG46bMHsxhqSXxgMJo4fezvxknyTyJXBNka47bx
E51t8FnQ1V4de1XyBcWpL/pvH1GOU7UBldZy0jON0kOXw31314y8npygJDqCOXza
YXH0AOTrXTbsSNh8G8fBcGmEKC+DOAgc4uZ33Y8qthymARIaPa491hhiCwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFCpbp2sP8TEZNmYUSQv5btCKhEr6MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvS2x1bmF3X3hNUmsyWmhSSkNfbHUwSXFFU3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWMAwDBAKX8lwD
BACX8mADBACX8mIDBAGX8mQDBACX8mcDBACX8mkDBACX8msDBACX8m0DBAGX8nAD
BACX8nMDBAKX8rgDBAKX8sQDBACX86gDBACX860wDQYJKoZIhvcNAQELBQADggEB
AJVLe2S/7QehdpAftAQmgitP+e36mdhr6GfPQ6PROju30p4vX9qTmhtuJviFagRT
blm+VU09jQD9vwnBhqBLuHOJqXwLq5Ybn40fld23u52Zl4nHyZspnYy+NRC+bGVF
SwZRokQgECmIAybya+NWKWXVSZLRxrcCU6fHFiYbDhgY8ylIISVTVTaljrODLhA6
Dfxxe2OL/IJIfxpIWrixc0AtpObYwZmC+Rka661GSDtEPND/8gjIfcKYBEfP06X/
+sesYW2upTTxrwS44ggZrmSDjWEF68uQdwzlMkTYCiWmda7MeYoebH9oiEQhgTYc
XrBIQS1KHJO9LrKILpK64gc=
-----END CERTIFICATE-----
Generated at Thu Apr 10 18:37:19 2025 by rpki-client