Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xKrMJAxBVj3HOdO8cO4Ycop4coo.roa
File: xKrMJAxBVj3HOdO8cO4Ycop4coo.roa (raw, json)
Hash identifier: PN3DERQEIy8N+TDIQd6BRPHqt0b1PN2+GdkxeNsx324=
Subject key identifier: C4:AA:CC:24:0C:41:56:3D:C7:39:D3:BC:70:EE:18:72:8A:78:72:8A
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019625DAD25484B352B27B9A4C6F08B12661
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xKrMJAxBVj3HOdO8cO4Ycop4coo.roa
Signing time: Fri 11 Apr 2025 17:16:59 +0000
ROA not before: Fri 11 Apr 2025 17:16:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 147.45.34.0/24 maxlen: 24
147.45.36.0/24 maxlen: 24
147.45.64.0/24 maxlen: 24
147.45.192.0/24 maxlen: 24
147.45.207.0/24 maxlen: 24
193.233.30.0/24 maxlen: 24
193.233.61.0/24 maxlen: 24
193.233.197.0/24 maxlen: 24
193.233.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:25:da:d2:54:84:b3:52:b2:7b:9a:4c:6f:08:b1:26:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 11 17:16:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4aacc240c41563dc739d3bc70ee18728a78728a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6c:bf:6d:43:e7:8c:1d:61:6a:66:4a:9b:3f:
b0:a3:f8:45:d5:8f:42:d2:85:c7:c7:eb:ed:f9:0b:
c8:52:d6:e7:ff:20:c9:2e:82:cf:b2:1f:34:04:e1:
57:03:a5:87:1a:e9:b2:7d:8e:6a:ce:c7:26:ab:43:
9a:ae:f9:9e:7b:6b:77:2e:31:36:5b:be:60:c7:d4:
00:6c:e8:4f:5b:55:6a:57:77:e7:2c:6d:a0:6b:5b:
9c:53:c4:c4:b4:cd:7b:a7:2e:6f:a2:dd:fa:74:f4:
33:38:46:cd:07:0e:aa:d6:ad:bf:03:7d:1d:2a:f5:
93:00:e5:92:cf:58:5a:44:11:21:71:2a:51:44:b3:
1c:7c:94:ed:79:85:29:6f:db:24:eb:1a:4d:bf:00:
5c:ad:68:87:a0:c0:2d:68:ac:7a:3e:42:06:ab:99:
7d:05:22:33:cd:4f:12:91:12:5b:91:4e:b5:f5:bb:
ac:a6:48:e4:9e:66:13:46:d6:ce:24:45:ce:d7:2d:
b4:c6:6e:cf:34:5c:30:84:b4:e4:80:4f:34:50:33:
24:82:48:17:5a:4c:f7:c5:d4:45:4f:4b:71:2b:d6:
da:bd:cb:ae:15:db:d5:00:71:41:8f:ae:1c:36:79:
de:d1:98:df:85:42:c5:04:f4:e7:cf:41:53:61:c7:
95:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AA:CC:24:0C:41:56:3D:C7:39:D3:BC:70:EE:18:72:8A:78:72:8A
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xKrMJAxBVj3HOdO8cO4Ycop4coo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.34.0/24
147.45.36.0/24
147.45.64.0/24
147.45.192.0/24
147.45.207.0/24
193.233.30.0/24
193.233.61.0/24
193.233.197.0/24
193.233.234.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:35:2e:81:ab:fd:fd:60:93:de:15:5f:08:8e:75:4f:20:e8:
8a:39:a7:41:49:2a:c4:78:6f:12:ee:53:c6:4b:6a:93:2a:02:
e4:4d:03:2a:6f:6e:79:06:61:eb:5d:b1:d4:c9:79:49:14:c7:
c4:fc:81:a1:cb:98:84:67:73:6a:45:ac:e4:ad:a1:fb:4c:58:
bd:6d:53:1a:60:08:56:4e:5a:95:b4:62:0d:59:1d:4c:2f:90:
53:44:8f:51:a3:7f:7f:06:8f:8d:73:3b:b8:f8:82:9c:c7:52:
75:bb:41:85:13:38:10:c1:bf:0b:e7:17:58:4a:de:87:9b:08:
f9:87:ed:70:0d:4d:13:d9:3e:75:69:76:e6:1a:c6:81:b7:30:
8d:67:1b:d7:17:0c:95:97:bf:0e:77:d7:23:58:62:63:04:7f:
88:2e:38:c9:01:12:03:a2:f8:06:d0:8f:14:15:bf:fb:91:d9:
4e:d6:e3:f6:f1:31:40:e6:c1:1d:2b:f5:c1:48:fe:6e:30:47:
ff:b7:7c:e4:38:82:6e:a7:54:5e:0a:13:da:85:59:0c:ae:df:
af:0b:a3:a0:c1:4f:80:28:ec:5c:4c:fa:2f:7a:75:83:a9:fd:
21:4c:b4:a2:6b:06:3a:10:0c:e7:1c:97:9e:42:eb:81:36:3b:
1d:f2:d5:ea
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZYl2tJUhLNSsnuaTG8IsSZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwNDExMTcxNjU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGFhY2MyNDBjNDE1NjNkYzczOWQzYmM3MGVlMTg3MjhhNzg3MjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWy/bUPnjB1hamZKmz+wo/hF1Y9C
0oXHx+vt+QvIUtbn/yDJLoLPsh80BOFXA6WHGumyfY5qzscmq0Oarvmee2t3LjE2
W75gx9QAbOhPW1VqV3fnLG2ga1ucU8TEtM17py5vot36dPQzOEbNBw6q1q2/A30d
KvWTAOWSz1haRBEhcSpRRLMcfJTteYUpb9sk6xpNvwBcrWiHoMAtaKx6PkIGq5l9
BSIzzU8SkRJbkU619buspkjknmYTRtbOJEXO1y20xm7PNFwwhLTkgE80UDMkgkgX
Wkz3xdRFT0txK9bavcuuFdvVAHFBj64cNnne0ZjfhULFBPTnz0FTYceV4wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMSqzCQMQVY9xznTvHDuGHKKeHKKMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEveEtyTUpBeEJWajNIT2RPOGNPNFljb3A0Y29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAky0iAwQA
ky0kAwQAky1AAwQAky3AAwQAky3PAwQAwekeAwQAwek9AwQAwenFAwQAwenqMA0G
CSqGSIb3DQEBCwUAA4IBAQBaNS6Bq/39YJPeFV8IjnVPIOiKOadBSSrEeG8S7lPG
S2qTKgLkTQMqb255BmHrXbHUyXlJFMfE/IGhy5iEZ3NqRazkraH7TFi9bVMaYAhW
TlqVtGINWR1ML5BTRI9Ro39/Bo+Nczu4+IKcx1J1u0GFEzgQwb8L5xdYSt6Hmwj5
h+1wDU0T2T51aXbmGsaBtzCNZxvXFwyVl78Od9cjWGJjBH+ILjjJARIDovgG0I8U
Fb/7kdlO1uP28TFA5sEdK/XBSP5uMEf/t3zkOIJup1ReChPahVkMrt+vC6OgwU+A
KOxcTPovenWDqf0hTLSiawY6EAznHJeeQuuBNjsd8tXq
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:50 2025 by rpki-client on console.sobornost.net