Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/ktaokuPl5jOXxjmENV6Nzr3jvRE.roa
File: ktaokuPl5jOXxjmENV6Nzr3jvRE.roa (raw, json)
Hash identifier: QCRewanHdBrJ4jBO5+8cVb/CCKaBft0aBHc179F+ba4=
Subject key identifier: 92:D6:A8:92:E3:E5:E6:33:97:C6:39:84:35:5E:8D:CE:BD:E3:BD:11
Certificate issuer: /CN=4568d0a7204560b6356d837bbf1510d9636df63a
Certificate serial: 0194266B40725B1DCFC5F55205E82C211DEB
Authority key identifier: 45:68:D0:A7:20:45:60:B6:35:6D:83:7B:BF:15:10:D9:63:6D:F6:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/ktaokuPl5jOXxjmENV6Nzr3jvRE.roa
Signing time: Thu 02 Jan 2025 09:49:10 +0000
ROA not before: Thu 02 Jan 2025 09:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203
IP address blocks: 37.114.72.0/21 maxlen: 32
78.110.16.0/20 maxlen: 32
80.245.208.0/20 maxlen: 32
95.131.232.0/21 maxlen: 32
185.56.252.0/22 maxlen: 32
195.38.30.0/24 maxlen: 32
217.168.160.0/20 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:40:72:5b:1d:cf:c5:f5:52:05:e8:2c:21:1d:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4568d0a7204560b6356d837bbf1510d9636df63a
Validity
Not Before: Jan 2 09:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92d6a892e3e5e63397c63984355e8dcebde3bd11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:75:f7:74:5d:58:0a:f2:ba:36:a4:46:b5:b5:
4f:79:69:94:b7:41:1a:20:66:2c:27:bb:e2:f9:11:
db:3f:77:c7:b8:5d:a9:d0:a7:87:9b:c7:19:94:1c:
04:6e:42:8d:b6:e6:95:db:89:be:b5:bf:98:d7:ce:
ab:17:07:93:d2:02:42:85:cd:da:8e:a1:bc:60:c8:
c0:37:e7:23:b8:f5:63:c4:fe:7e:a6:11:6e:74:9f:
d0:7f:61:1a:48:95:26:4e:de:56:7a:09:3d:8f:da:
dd:ca:30:8b:0a:fc:72:cf:f7:f2:67:16:1b:c9:19:
84:55:5f:36:bd:42:40:30:90:80:57:9c:23:5a:5f:
5e:d0:3a:9a:08:b5:4b:f0:7b:6f:26:aa:32:b4:01:
38:97:5d:0c:f1:d2:10:bd:39:28:5f:5b:b7:be:00:
ce:49:16:ed:d9:6c:f6:56:65:94:b2:27:55:af:ec:
68:85:6d:00:2b:1f:29:ca:84:b5:00:4c:00:5f:46:
3b:66:20:37:5a:7d:45:6a:26:1e:7e:9f:8d:8d:d4:
3b:61:fd:3e:da:84:f1:ec:0d:51:ce:fe:75:0d:97:
0d:dd:9f:bc:3f:a9:e6:33:9d:ee:ec:cb:83:19:80:
78:96:8f:dc:6e:ae:8c:ef:ad:74:0a:81:ee:c6:62:
44:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:D6:A8:92:E3:E5:E6:33:97:C6:39:84:35:5E:8D:CE:BD:E3:BD:11
X509v3 Authority Key Identifier:
keyid:45:68:D0:A7:20:45:60:B6:35:6D:83:7B:BF:15:10:D9:63:6D:F6:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/ktaokuPl5jOXxjmENV6Nzr3jvRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.72.0/21
78.110.16.0/20
80.245.208.0/20
95.131.232.0/21
185.56.252.0/22
195.38.30.0/24
217.168.160.0/20
Signature Algorithm: sha256WithRSAEncryption
42:bb:4a:10:b5:81:61:eb:38:9f:f1:49:58:d0:ac:14:33:9f:
87:d0:62:5d:eb:cf:be:0b:4f:3f:19:6e:d5:4d:f0:9f:ac:92:
87:0e:c1:fa:a6:5f:da:0d:b8:99:1c:15:94:f0:c7:73:48:1e:
8c:2a:0e:9c:18:69:a7:75:1b:e2:f4:e8:17:ff:4e:e0:c7:94:
c5:07:a8:b2:e0:43:ba:2e:64:76:fe:de:9a:81:70:ca:0c:39:
34:1b:ec:41:ae:7a:4f:fb:62:21:37:0f:4e:54:7b:77:6e:ec:
29:1c:6e:5b:92:ee:42:cb:7d:43:3e:9d:a4:41:82:d0:24:17:
59:82:ed:ef:bc:64:bf:d5:f2:6c:92:27:71:e8:8c:ea:00:7d:
cb:b6:b0:f1:63:56:a3:d8:5b:4e:40:bb:80:d4:83:92:bc:d5:
de:25:50:e7:98:ee:07:b0:e8:04:c4:1f:a1:5a:bc:cf:44:e5:
28:a2:c4:2c:6b:b3:d8:ad:8f:d2:8b:b6:88:27:0a:46:ed:ac:
0c:b4:1d:ea:f0:80:a0:e9:e0:3c:53:c8:3f:20:36:86:fc:63:
23:7b:83:f9:08:77:93:29:88:82:b1:b6:ae:ea:c7:e2:15:1b:
2e:10:7b:4f:28:26:fd:0d:61:32:1b:cb:ac:ee:c5:07:70:5d:
48:7a:49:fb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQma0ByWx3PxfVSBegsIR3rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NjhkMGE3MjA0NTYwYjYzNTZkODM3YmJmMTUxMGQ5NjM2
ZGY2M2EwHhcNMjUwMTAyMDk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmQ2YTg5MmUzZTVlNjMzOTdjNjM5ODQzNTVlOGRjZWJkZTNiZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9nX3dF1YCvK6NqRGtbVPeWmUt0Ea
IGYsJ7vi+RHbP3fHuF2p0KeHm8cZlBwEbkKNtuaV24m+tb+Y186rFweT0gJChc3a
jqG8YMjAN+cjuPVjxP5+phFudJ/Qf2EaSJUmTt5Wegk9j9rdyjCLCvxyz/fyZxYb
yRmEVV82vUJAMJCAV5wjWl9e0DqaCLVL8HtvJqoytAE4l10M8dIQvTkoX1u3vgDO
SRbt2Wz2VmWUsidVr+xohW0AKx8pyoS1AEwAX0Y7ZiA3Wn1FaiYefp+NjdQ7Yf0+
2oTx7A1Rzv51DZcN3Z+8P6nmM53u7MuDGYB4lo/cbq6M7610CoHuxmJEyQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJLWqJLj5eYzl8Y5hDVejc69470RMB8GA1UdIwQY
MBaAFEVo0KcgRWC2NW2De78VENljbfY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUldqUXB5QkZZTFkxYllON3Z4VVEyV050OWpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iMGZiMGItYjk2YS00MzkwLTg2YTgt
NmZlMzVhZTU0YTViLzEva3Rhb2t1UGw1ak9YeGptRU5WNk56cjNqdlJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iMGZiMGItYjk2YS00MzkwLTg2YTgtNmZlMzVhZTU0YTVi
LzEvUldqUXB5QkZZTFkxYllON3Z4VVEyV050OWpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJXJIAwQE
Tm4QAwQEUPXQAwQDX4PoAwQCuTj8AwQAwyYeAwQE2aigMA0GCSqGSIb3DQEBCwUA
A4IBAQBCu0oQtYFh6zif8UlY0KwUM5+H0GJd68++C08/GW7VTfCfrJKHDsH6pl/a
DbiZHBWU8MdzSB6MKg6cGGmndRvi9OgX/07gx5TFB6iy4EO6LmR2/t6agXDKDDk0
G+xBrnpP+2IhNw9OVHt3buwpHG5bku5Cy31DPp2kQYLQJBdZgu3vvGS/1fJskidx
6IzqAH3LtrDxY1aj2FtOQLuA1IOSvNXeJVDnmO4HsOgExB+hWrzPROUoosQsa7PY
rY/Si7aIJwpG7awMtB3q8ICg6eA8U8g/IDaG/GMje4P5CHeTKYiCsbau6sfiFRsu
EHtPKCb9DWEyG8us7sUHcF1Iekn7
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:36:44 2025 by rpki-client