Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/KrQvju8wsP_1pgegWQDfP_dBbsE.roa
File: KrQvju8wsP_1pgegWQDfP_dBbsE.roa (raw, json)
Hash identifier: 41ILiMyCbiBXLBStCWRCt8ZnN2evNZdt0aku7rFi6gM=
Subject key identifier: 2A:B4:2F:8E:EF:30:B0:FF:F5:A6:07:A0:59:00:DF:3F:F7:41:6E:C1
Certificate issuer: /CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Certificate serial: 01942368FBA1F4AAEDEE55D578F4CAD55A3E
Authority key identifier: D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/KrQvju8wsP_1pgegWQDfP_dBbsE.roa
Signing time: Wed 01 Jan 2025 19:47:50 +0000
ROA not before: Wed 01 Jan 2025 19:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137457
IP address blocks: 145.34.152.0/21 maxlen: 24
145.34.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:fb:a1:f4:aa:ed:ee:55:d5:78:f4:ca:d5:5a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Validity
Not Before: Jan 1 19:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ab42f8eef30b0fff5a607a05900df3ff7416ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d5:09:50:a1:89:17:4c:9a:4c:b1:79:1c:04:
a2:6b:db:04:a1:1b:90:f5:43:2f:ca:33:d3:b1:38:
7a:0c:14:eb:c1:c5:a9:2c:ae:54:fa:c9:21:33:ca:
a3:b9:a3:4a:01:40:f6:84:46:70:03:70:2b:4b:40:
d1:74:65:98:04:df:c7:d0:35:ea:cd:b0:2b:1c:8a:
5c:2c:09:1c:aa:27:91:a7:0f:1d:2e:f0:be:7c:32:
ed:bc:96:5b:85:75:6a:96:47:2e:17:6b:e8:57:9f:
cd:ce:0b:be:91:50:b9:a9:7d:81:d1:4b:e8:06:d7:
30:e4:77:b7:d1:63:19:dc:c0:39:e9:cd:09:c2:e8:
dd:2d:9f:2a:24:83:d6:5a:a0:cb:7d:de:ae:8f:b3:
d4:93:07:fd:58:03:e1:28:de:0a:da:21:56:29:5b:
fa:82:1d:35:22:7c:dd:50:ae:7a:2a:33:ce:5c:78:
19:a4:a4:f3:81:37:fa:be:10:ad:52:08:4a:6c:fa:
9c:5e:e0:38:87:f0:51:bf:1d:c3:96:7f:96:88:4f:
36:c3:27:a5:a8:23:14:2b:61:e4:df:e5:6c:95:e6:
75:aa:9e:b3:09:37:e2:84:31:71:e7:c7:4e:6a:53:
90:d2:e9:67:93:0b:26:30:2b:0c:12:dd:73:8c:b9:
44:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B4:2F:8E:EF:30:B0:FF:F5:A6:07:A0:59:00:DF:3F:F7:41:6E:C1
X509v3 Authority Key Identifier:
keyid:D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/KrQvju8wsP_1pgegWQDfP_dBbsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.34.152.0/21
Signature Algorithm: sha256WithRSAEncryption
7b:ab:df:64:3b:84:14:48:29:4b:ff:e9:43:68:5e:43:41:f5:
7c:8e:0e:38:93:69:4d:1e:1b:2f:eb:dc:32:b5:f7:ca:af:09:
93:00:c9:17:83:55:c5:07:24:a3:ef:3d:55:a2:95:fe:99:02:
93:4a:28:68:d4:e3:f2:8e:7f:1d:ea:7a:17:bf:52:88:92:d2:
2e:03:de:b5:27:88:1b:73:4b:4c:82:8f:db:3e:79:8d:c9:f8:
ef:d2:61:3a:7d:25:94:ed:57:87:bc:55:65:49:44:3a:8f:df:
08:0e:33:4b:b0:aa:81:ac:55:bf:cd:ea:35:12:3b:ee:9b:c8:
01:c0:cd:c5:e4:0c:97:94:6f:72:a0:4e:ab:15:2e:c1:64:83:
bb:c6:ad:51:26:32:2a:6a:03:19:ad:55:4f:c5:51:97:47:f4:
2a:61:85:a2:1c:36:c3:1f:f8:2d:5e:95:f7:03:82:e1:6d:5c:
9a:75:29:90:61:49:fa:cb:70:d6:05:29:c3:7c:01:1a:28:9b:
8b:1b:14:79:c9:e7:6e:4a:c5:74:79:ca:07:f9:65:10:69:6e:
b7:1a:a6:7c:39:8c:22:ed:76:22:a5:f1:c2:0c:bb:3f:24:03:
07:ca:b1:6c:b4:b0:b7:bc:6a:79:91:51:e4:f9:0b:96:10:5c:
55:6b:81:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaPuh9Krt7lXVePTK1Vo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYTM4NTQyY2ZkYjFlZTZlMDc1ZWFlNmIxMDFlN2JiNWIx
NGM0MzYwHhcNMjUwMTAxMTk0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWI0MmY4ZWVmMzBiMGZmZjVhNjA3YTA1OTAwZGYzZmY3NDE2ZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNUJUKGJF0yaTLF5HASia9sEoRuQ
9UMvyjPTsTh6DBTrwcWpLK5U+skhM8qjuaNKAUD2hEZwA3ArS0DRdGWYBN/H0DXq
zbArHIpcLAkcqieRpw8dLvC+fDLtvJZbhXVqlkcuF2voV5/Nzgu+kVC5qX2B0Uvo
Btcw5He30WMZ3MA56c0JwujdLZ8qJIPWWqDLfd6uj7PUkwf9WAPhKN4K2iFWKVv6
gh01InzdUK56KjPOXHgZpKTzgTf6vhCtUghKbPqcXuA4h/BRvx3Dln+WiE82wyel
qCMUK2Hk3+VsleZ1qp6zCTfihDFx58dOalOQ0ulnkwsmMCsMEt1zjLlEFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCq0L47vMLD/9aYHoFkA3z/3QW7BMB8GA1UdIwQY
MBaAFNCjhULP2x7m4HXq5rEB57tbFMQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8zZjA0YzktZTZlMS00NTA2LWI4ZmEt
NDBkMTkxMWZhN2YzLzEvS3JRdmp1OHdzUF8xcGdlZ1dRRGZQX2RCYnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8zZjA0YzktZTZlMS00NTA2LWI4ZmEtNDBkMTkxMWZhN2Yz
LzEvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDkSKYMA0G
CSqGSIb3DQEBCwUAA4IBAQB7q99kO4QUSClL/+lDaF5DQfV8jg44k2lNHhsv69wy
tffKrwmTAMkXg1XFBySj7z1VopX+mQKTSiho1OPyjn8d6noXv1KIktIuA961J4gb
c0tMgo/bPnmNyfjv0mE6fSWU7VeHvFVlSUQ6j98IDjNLsKqBrFW/zeo1Ejvum8gB
wM3F5AyXlG9yoE6rFS7BZIO7xq1RJjIqagMZrVVPxVGXR/QqYYWiHDbDH/gtXpX3
A4LhbVyadSmQYUn6y3DWBSnDfAEaKJuLGxR5yeduSsV0ecoH+WUQaW63GqZ8OYwi
7XYipfHCDLs/JAMHyrFstLC3vGp5kVHk+QuWEFxVa4Eb
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:54:26 2025 by rpki-client