Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/6b9c00-cbe0-4f88-aed5-99f5491c4447/1/KNLMZRHuzkuHmMkDVQ7lBvYBrms.roa
File: KNLMZRHuzkuHmMkDVQ7lBvYBrms.roa (raw, json)
Hash identifier: xJcC96s98S67P94P8DJZWPZ8RFBM8L4+AYeH22NFh/0=
Subject key identifier: 28:D2:CC:65:11:EE:CE:4B:87:98:C9:03:55:0E:E5:06:F6:01:AE:6B
Certificate issuer: /CN=720606eddbcec7a57211941a67cc729b42915c5e
Certificate serial: 018D8431D98B5493BFCC8FA0D22853FCACA3
Authority key identifier: 72:06:06:ED:DB:CE:C7:A5:72:11:94:1A:67:CC:72:9B:42:91:5C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgYG7dvOx6VyEZQaZ8xym0KRXF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/6b9c00-cbe0-4f88-aed5-99f5491c4447/1/KNLMZRHuzkuHmMkDVQ7lBvYBrms.roa
Signing time: Wed 07 Feb 2024 15:31:15 +0000
ROA not before: Wed 07 Feb 2024 15:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 45.157.136.0/24 maxlen: 24
80.68.145.0/24 maxlen: 24
91.242.236.0/24 maxlen: 24
146.19.150.0/24 maxlen: 24
185.140.172.0/24 maxlen: 24
212.18.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:31:d9:8b:54:93:bf:cc:8f:a0:d2:28:53:fc:ac:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=720606eddbcec7a57211941a67cc729b42915c5e
Validity
Not Before: Feb 7 15:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28d2cc6511eece4b8798c903550ee506f601ae6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:11:e3:cd:e4:32:8b:22:67:c5:d9:8d:58:5e:
61:44:8a:ca:83:5a:d1:bb:c0:e0:79:62:b4:a5:e7:
bf:39:04:a8:c0:4d:4b:44:87:cb:b0:2e:6f:48:07:
d6:5a:e5:f4:b1:35:7d:3e:12:eb:6b:07:76:80:e1:
9f:98:64:da:3e:3e:97:a0:b2:40:a1:4d:ea:6c:db:
5f:23:87:01:5f:a7:93:2d:55:7c:4a:0c:94:85:f9:
cc:12:eb:39:16:6a:bd:af:b3:52:07:16:dc:67:52:
97:00:de:70:fd:59:f5:89:ad:78:12:ac:71:50:e0:
45:50:6b:0f:7c:08:d2:ea:68:8f:e3:42:19:96:a9:
0c:3e:2a:40:b2:58:e7:9c:05:2d:48:88:7c:7c:ae:
f2:24:54:85:0d:96:ba:9a:83:95:1a:d6:88:1b:41:
d2:c3:2a:27:bc:2f:79:27:b8:e4:2a:74:21:d1:60:
98:d9:04:1d:12:52:96:e7:aa:de:15:19:86:dd:fa:
ad:28:d6:84:36:17:d1:69:96:26:24:8b:28:23:1a:
57:d0:77:c1:f7:40:48:25:14:e9:a2:aa:10:f3:3f:
2b:ba:cf:7e:b5:df:9c:e7:0f:cc:0b:61:dc:99:26:
e9:5f:00:c0:bc:d3:e3:8b:7b:ad:59:31:9d:58:79:
9b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D2:CC:65:11:EE:CE:4B:87:98:C9:03:55:0E:E5:06:F6:01:AE:6B
X509v3 Authority Key Identifier:
keyid:72:06:06:ED:DB:CE:C7:A5:72:11:94:1A:67:CC:72:9B:42:91:5C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgYG7dvOx6VyEZQaZ8xym0KRXF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6b9c00-cbe0-4f88-aed5-99f5491c4447/1/KNLMZRHuzkuHmMkDVQ7lBvYBrms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6b9c00-cbe0-4f88-aed5-99f5491c4447/1/cgYG7dvOx6VyEZQaZ8xym0KRXF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.136.0/24
80.68.145.0/24
91.242.236.0/24
146.19.150.0/24
185.140.172.0/24
212.18.96.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:47:31:b9:b8:4a:54:58:c7:4d:8a:f8:e3:83:23:e7:71:ef:
7b:dd:94:32:e4:fe:cb:48:78:ba:5f:9a:9f:a9:6c:f9:19:01:
c1:9e:14:c9:f0:72:44:59:9b:07:24:cd:5a:b8:d8:61:ae:94:
57:67:af:c2:c8:7d:5b:87:9e:50:2b:62:bf:ff:62:e4:e4:57:
34:fb:ba:cd:30:9b:dc:29:10:9a:33:1e:62:5c:74:79:88:01:
58:a0:91:40:a2:81:39:bc:71:96:c4:0b:68:0e:c7:dc:dc:02:
14:d5:4c:dc:32:9e:58:f8:39:f1:d7:78:9c:66:c0:5b:1a:fc:
72:0e:39:15:b8:f6:36:2b:16:a0:53:53:2a:fd:52:81:2f:25:
75:86:c8:ad:cb:c0:65:09:18:d1:55:c1:01:50:68:12:44:eb:
e9:87:13:35:06:15:11:d8:e7:a2:92:f0:db:21:40:44:c1:10:
be:19:96:f0:ed:08:58:f9:4b:23:5e:2e:e6:3a:50:74:ab:18:
df:18:39:16:52:4b:5a:c2:fe:f3:fe:e5:8c:10:8e:3a:88:61:
e6:5e:64:03:f9:04:02:c2:c6:8f:33:77:7f:20:ff:19:36:5d:
15:cc:4d:33:85:c0:f1:ad:e5:11:2c:80:cf:d8:f3:ad:1e:d1:
64:d4:ab:5c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY2EMdmLVJO/zI+g0ihT/KyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDYwNmVkZGJjZWM3YTU3MjExOTQxYTY3Y2M3MjliNDI5
MTVjNWUwHhcNMjQwMjA3MTUzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQyY2M2NTExZWVjZTRiODc5OGM5MDM1NTBlZTUwNmY2MDFhZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRHjzeQyiyJnxdmNWF5hRIrKg1rR
u8DgeWK0pee/OQSowE1LRIfLsC5vSAfWWuX0sTV9PhLrawd2gOGfmGTaPj6XoLJA
oU3qbNtfI4cBX6eTLVV8SgyUhfnMEus5Fmq9r7NSBxbcZ1KXAN5w/Vn1ia14Eqxx
UOBFUGsPfAjS6miP40IZlqkMPipAsljnnAUtSIh8fK7yJFSFDZa6moOVGtaIG0HS
wyonvC95J7jkKnQh0WCY2QQdElKW56reFRmG3fqtKNaENhfRaZYmJIsoIxpX0HfB
90BIJRTpoqoQ8z8rus9+td+c5w/MC2HcmSbpXwDAvNPji3utWTGdWHmbCwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCjSzGUR7s5Lh5jJA1UO5Qb2Aa5rMB8GA1UdIwQY
MBaAFHIGBu3bzselchGUGmfMcptCkVxeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dZRzdkdk94NlZ5RVpRYVo4eHltMEtSWEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82YjljMDAtY2JlMC00Zjg4LWFlZDUt
OTlmNTQ5MWM0NDQ3LzEvS05MTVpSSHV6a3VIbU1rRFZRN2xCdllCcm1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82YjljMDAtY2JlMC00Zjg4LWFlZDUtOTlmNTQ5MWM0NDQ3
LzEvY2dZRzdkdk94NlZ5RVpRYVo4eHltMEtSWEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZ2IAwQA
UESRAwQAW/LsAwQAkhOWAwQAuYysAwQA1BJgMA0GCSqGSIb3DQEBCwUAA4IBAQCO
RzG5uEpUWMdNivjjgyPnce973ZQy5P7LSHi6X5qfqWz5GQHBnhTJ8HJEWZsHJM1a
uNhhrpRXZ6/CyH1bh55QK2K//2Lk5Fc0+7rNMJvcKRCaMx5iXHR5iAFYoJFAooE5
vHGWxAtoDsfc3AIU1UzcMp5Y+Dnx13icZsBbGvxyDjkVuPY2KxagU1Mq/VKBLyV1
hsity8BlCRjRVcEBUGgSROvphxM1BhUR2OeikvDbIUBEwRC+GZbw7QhY+UsjXi7m
OlB0qxjfGDkWUktawv7z/uWMEI46iGHmXmQD+QQCwsaPM3d/IP8ZNl0VzE0zhcDx
reURLIDP2POtHtFk1Ktc
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:08:13 2025 by rpki-client