Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/SpkwJhVPw8mGNKoTneZSgo30dUU.roa
File: SpkwJhVPw8mGNKoTneZSgo30dUU.roa (raw, json)
Hash identifier: zTtfkj6oNvOhbo9YtwFpiSDyewh0S0U+yIR7W9GafZk=
Subject key identifier: 4A:99:30:26:15:4F:C3:C9:86:34:AA:13:9D:E6:52:82:8D:F4:75:45
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 01955D9598B0F89E8F4E29FEFF0C35F0A9FA
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/SpkwJhVPw8mGNKoTneZSgo30dUU.roa
Signing time: Mon 03 Mar 2025 19:57:19 +0000
ROA not before: Mon 03 Mar 2025 19:57:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.136.36.0/24 maxlen: 24
45.136.37.0/24 maxlen: 24
45.136.39.0/24 maxlen: 24
185.38.26.0/24 maxlen: 24
185.38.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5d:95:98:b0:f8:9e:8f:4e:29:fe:ff:0c:35:f0:a9:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Mar 3 19:57:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a993026154fc3c98634aa139de652828df47545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:58:94:1a:2e:56:af:67:29:57:cc:46:32:20:
87:8b:ce:46:a3:47:a8:d7:1e:e7:3e:63:22:19:33:
9b:a5:05:44:09:43:f5:0a:07:5c:d9:9e:4e:6f:9e:
d4:cc:9a:2e:f1:e3:3c:3d:02:6d:b4:26:de:25:03:
bd:1d:57:8c:e5:96:a8:d0:36:87:3f:2d:1e:8e:56:
cc:a7:7b:86:2a:ca:4c:6f:5d:2f:dd:75:4b:f6:3b:
db:c8:96:1e:b3:9a:01:7a:9e:e1:ac:2d:d2:5e:33:
cc:bb:0b:23:c1:af:42:67:8c:c2:ec:93:ea:4b:3d:
b4:d9:2b:55:cf:3c:41:44:9c:6d:1c:c4:90:26:7e:
e5:73:37:eb:ed:d8:6d:60:df:9e:2c:36:20:1d:75:
0d:8b:a6:00:ab:9e:40:30:8f:6e:4e:b7:c0:16:0f:
ed:88:a8:00:3d:bf:df:9c:95:b1:67:c4:eb:03:47:
6d:ed:61:11:27:e6:41:7d:f1:d0:57:eb:08:09:42:
1b:08:22:5e:c2:2b:40:95:e2:e0:09:3b:27:b7:a3:
bb:a8:c6:70:0b:ef:62:cd:95:de:7a:7e:a1:5f:be:
26:b9:89:ec:bc:68:36:15:c8:b6:40:52:20:f1:3a:
aa:2a:cd:bd:54:87:b2:c8:e6:54:d4:04:af:1b:db:
b2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:99:30:26:15:4F:C3:C9:86:34:AA:13:9D:E6:52:82:8D:F4:75:45
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/SpkwJhVPw8mGNKoTneZSgo30dUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.36.0/23
45.136.39.0/24
185.38.26.0/23
Signature Algorithm: sha256WithRSAEncryption
71:f3:e7:a8:b9:ab:cf:cd:9a:48:41:b8:5e:88:93:02:b8:63:
a4:12:d3:36:9e:fc:6e:55:5e:67:82:a2:a2:a5:71:d7:84:cc:
06:b3:3c:78:b2:3f:89:4e:2a:cc:37:f1:87:42:0c:dd:63:0b:
00:a9:1e:64:54:df:48:41:dc:a3:5e:e5:72:9a:20:18:da:ef:
0c:bd:74:18:20:1c:db:a8:65:dd:48:95:16:21:4b:86:40:f5:
5e:41:1b:3d:b1:03:61:3f:42:b4:a0:fa:19:4e:d3:c2:a9:a8:
a7:ab:2f:53:2f:38:b2:f3:40:81:1b:f1:11:26:18:4a:ca:f2:
1e:de:8a:64:5d:a1:b8:7b:3b:5e:e6:ee:6b:30:52:09:e8:b6:
e2:74:a0:c7:63:7d:79:57:f4:78:b3:06:8a:30:6b:9b:2a:82:
da:84:9a:09:6f:1c:1a:85:5c:77:ce:b3:8c:5c:e4:ef:50:4b:
a1:fd:6d:56:52:6a:6d:da:1b:e5:d0:22:c2:dd:29:07:7b:fb:
cb:ca:2d:b4:10:a3:1a:46:55:d6:37:69:dd:23:25:77:11:e9:
91:93:2f:00:f7:48:7d:d8:af:46:df:54:e0:4f:79:92:25:2a:
c0:bd:49:eb:8b:c5:77:40:29:c4:24:26:af:fc:6b:8e:91:70:
82:d6:e8:a0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVdlZiw+J6PTin+/ww18Kn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwMzAzMTk1NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTk5MzAyNjE1NGZjM2M5ODYzNGFhMTM5ZGU2NTI4MjhkZjQ3NTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1iUGi5Wr2cpV8xGMiCHi85Go0eo
1x7nPmMiGTObpQVECUP1Cgdc2Z5Ob57UzJou8eM8PQJttCbeJQO9HVeM5Zao0DaH
Py0ejlbMp3uGKspMb10v3XVL9jvbyJYes5oBep7hrC3SXjPMuwsjwa9CZ4zC7JPq
Sz202StVzzxBRJxtHMSQJn7lczfr7dhtYN+eLDYgHXUNi6YAq55AMI9uTrfAFg/t
iKgAPb/fnJWxZ8TrA0dt7WERJ+ZBffHQV+sICUIbCCJewitAleLgCTsnt6O7qMZw
C+9izZXeen6hX74muYnsvGg2Fci2QFIg8TqqKs29VIeyyOZU1ASvG9uyVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEqZMCYVT8PJhjSqE53mUoKN9HVFMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvU3Brd0poVlB3OG1HTktvVG5lWlNnbzMwZFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLYgkAwQA
LYgnAwQBuSYaMA0GCSqGSIb3DQEBCwUAA4IBAQBx8+eouavPzZpIQbheiJMCuGOk
EtM2nvxuVV5ngqKipXHXhMwGszx4sj+JTirMN/GHQgzdYwsAqR5kVN9IQdyjXuVy
miAY2u8MvXQYIBzbqGXdSJUWIUuGQPVeQRs9sQNhP0K0oPoZTtPCqainqy9TLziy
80CBG/ERJhhKyvIe3opkXaG4ezte5u5rMFIJ6LbidKDHY315V/R4swaKMGubKoLa
hJoJbxwahVx3zrOMXOTvUEuh/W1WUmpt2hvl0CLC3SkHe/vLyi20EKMaRlXWN2nd
IyV3EemRky8A90h92K9G31TgT3mSJSrAvUnri8V3QCnEJCav/GuOkXCC1uig
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:43:24 2025 by rpki-client