Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/TKa-Nd8JEWldWvg98sutWDI3RIA.roa
File: TKa-Nd8JEWldWvg98sutWDI3RIA.roa (raw, json)
Hash identifier: 82IVKvDFs2OG395+wK1oSFFwJK842lfj9skryzz692U=
Subject key identifier: 4C:A6:BE:35:DF:09:11:69:5D:5A:F8:3D:F2:CB:AD:58:32:37:44:80
Certificate issuer: /CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Certificate serial: 0190A234E7ED3EA0F9A48E7DD19955B859AB
Authority key identifier: DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/TKa-Nd8JEWldWvg98sutWDI3RIA.roa
Signing time: Thu 11 Jul 2024 14:31:34 +0000
ROA not before: Thu 11 Jul 2024 14:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206805
IP address blocks: 45.84.152.0/23 maxlen: 24
45.84.154.0/24 maxlen: 24
45.84.155.0/24 maxlen: 24
45.145.188.0/23 maxlen: 23
45.145.190.0/23 maxlen: 23
45.145.190.0/24 maxlen: 24
45.145.191.0/24 maxlen: 24
80.85.248.0/23 maxlen: 23
80.85.250.0/23 maxlen: 23
80.85.252.0/24 maxlen: 24
80.85.253.0/24 maxlen: 24
80.85.254.0/23 maxlen: 24
178.159.32.0/23 maxlen: 24
185.159.111.0/24 maxlen: 24
185.228.48.0/22 maxlen: 24
185.247.192.0/22 maxlen: 24
188.64.149.0/24 maxlen: 24
188.64.150.0/23 maxlen: 24
193.19.100.0/23 maxlen: 24
193.246.159.0/24 maxlen: 24
2a0c:ee00::/40 maxlen: 40
2a0c:ee00:100::/40 maxlen: 40
2a0c:ee00:200::/40 maxlen: 40
2a0c:ee00:20c::/48 maxlen: 48
2a0c:ee00:300::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a2:34:e7:ed:3e:a0:f9:a4:8e:7d:d1:99:55:b8:59:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Validity
Not Before: Jul 11 14:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ca6be35df0911695d5af83df2cbad5832374480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:62:9b:6d:ce:5a:51:23:87:85:53:a3:9c:e4:
f8:51:0e:21:c1:18:be:83:54:6b:e9:96:6e:f4:25:
68:d1:18:bb:cd:09:88:f7:a7:df:21:fc:06:39:ba:
d7:e7:06:b1:9c:84:eb:26:ab:b4:0b:a8:78:8b:9c:
5d:23:1a:62:16:b2:f0:cb:e3:f6:1d:a9:49:9a:cd:
34:1f:98:82:33:da:a1:a6:b3:db:5f:a5:14:52:e9:
66:23:0e:74:61:f1:11:3b:45:bb:dd:f6:b8:3d:fc:
40:df:e1:cd:c0:2b:d6:66:7a:f5:d4:3c:ad:64:f7:
55:07:25:15:69:76:6d:2d:5e:a0:3d:2b:37:f2:a6:
70:31:91:0c:ef:54:60:bd:43:ad:be:ca:6a:9b:f1:
82:9f:02:44:db:d1:d7:d2:7c:96:94:94:f1:22:87:
b3:d2:77:ec:70:21:f7:59:ef:5e:6f:af:f3:63:ed:
4c:4e:e1:03:71:1e:c6:8c:1b:cf:31:c1:67:cb:4c:
76:12:7b:96:f7:3e:d3:9f:f9:23:24:da:d7:91:d0:
b7:5e:b8:a8:dd:8e:6c:57:8a:41:72:a1:77:35:fa:
fb:d4:f1:cb:2f:bf:1c:93:c6:c3:cc:42:76:98:c0:
a8:a7:b0:4c:f4:5f:f6:8c:f0:df:9a:81:90:7e:91:
f0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A6:BE:35:DF:09:11:69:5D:5A:F8:3D:F2:CB:AD:58:32:37:44:80
X509v3 Authority Key Identifier:
keyid:DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/TKa-Nd8JEWldWvg98sutWDI3RIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.152.0/22
45.145.188.0/22
80.85.248.0/21
178.159.32.0/23
185.159.111.0/24
185.228.48.0/22
185.247.192.0/22
188.64.149.0-188.64.151.255
193.19.100.0/23
193.246.159.0/24
IPv6:
2a0c:ee00::/38
Signature Algorithm: sha256WithRSAEncryption
6b:99:22:5a:64:b1:38:ff:40:b7:b3:bf:af:4f:39:80:29:db:
cc:0d:0e:f7:f1:39:85:f4:49:25:ae:f0:6e:6b:f9:ed:9c:52:
df:7b:bc:29:77:a3:72:f3:a9:34:b7:93:ce:8c:1d:0d:5c:62:
f6:45:39:90:c7:54:c6:fa:62:72:43:f9:d4:ae:72:03:81:55:
62:7d:a7:5a:75:da:9c:80:c7:66:07:27:af:a7:ca:b5:3b:a9:
55:4f:50:50:ae:e4:5e:1d:46:a1:e8:b7:44:2d:42:a2:61:c9:
53:ac:83:f0:e8:3d:32:60:bb:b7:1b:41:e8:d4:90:ab:8c:59:
82:8e:ec:f5:c4:19:b8:14:39:a4:c6:21:e6:96:f5:8e:a3:f0:
a5:a5:99:a8:7b:df:02:2b:65:9d:88:e0:7a:0b:2d:55:94:b3:
8b:f2:34:3b:b5:b0:c9:a0:27:4e:00:02:98:39:a7:ab:90:0f:
87:05:d4:f1:24:d3:76:64:1d:7d:fb:a4:c6:38:21:7b:4c:ca:
30:f2:b9:f8:ed:82:aa:5f:fd:cc:9c:70:76:fb:f9:a3:b8:5c:
bc:8b:54:d7:d5:6b:2a:0e:d3:74:fa:49:5c:3d:52:80:b2:66:
e4:e2:d8:ed:6a:02:b8:90:0b:14:d6:ff:5e:af:ee:35:3b:24:
c8:d4:f1:fb
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZCiNOftPqD5pI590ZlVuFmrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkM2Q0MDExMTc1ZTVkZjdhM2Y1N2QzOGU3ODE1MGEyYzA1
ZmRkMWQwHhcNMjQwNzExMTQzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E2YmUzNWRmMDkxMTY5NWQ1YWY4M2RmMmNiYWQ1ODMyMzc0NDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWKbbc5aUSOHhVOjnOT4UQ4hwRi+
g1Rr6ZZu9CVo0Ri7zQmI96ffIfwGObrX5waxnITrJqu0C6h4i5xdIxpiFrLwy+P2
HalJms00H5iCM9qhprPbX6UUUulmIw50YfERO0W73fa4PfxA3+HNwCvWZnr11Dyt
ZPdVByUVaXZtLV6gPSs38qZwMZEM71RgvUOtvspqm/GCnwJE29HX0nyWlJTxIoez
0nfscCH3We9eb6/zY+1MTuEDcR7GjBvPMcFny0x2EnuW9z7Tn/kjJNrXkdC3Xrio
3Y5sV4pBcqF3Nfr71PHLL78ck8bDzEJ2mMCop7BM9F/2jPDfmoGQfpHwewIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFEymvjXfCRFpXVr4PfLLrVgyN0SAMB8GA1UdIwQY
MBaAFN09QBEXXl33o/V9OOeBUKLAX90dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQt
MmQwYTc4YmU4OTJkLzEvVEthLU5kOEpFV2xkV3ZnOThzdXRXREkzUklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQtMmQwYTc4YmU4OTJk
LzEvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBKBAIAATBEAwQCLVSYAwQC
LZG8AwQDUFX4AwQBsp8gAwQAuZ9vAwQCueQwAwQCuffAMAwDBAC8QJUDBAO8QJAD
BAHBE2QDBADB9p8wDgQCAAIwCAMGAioM7gAAMA0GCSqGSIb3DQEBCwUAA4IBAQBr
mSJaZLE4/0C3s7+vTzmAKdvMDQ738TmF9EklrvBua/ntnFLfe7wpd6Ny86k0t5PO
jB0NXGL2RTmQx1TG+mJyQ/nUrnIDgVVifadaddqcgMdmByevp8q1O6lVT1BQruRe
HUah6LdELUKiYclTrIPw6D0yYLu3G0Ho1JCrjFmCjuz1xBm4FDmkxiHmlvWOo/Cl
pZmoe98CK2WdiOB6Cy1VlLOL8jQ7tbDJoCdOAAKYOaerkA+HBdTxJNN2ZB19+6TG
OCF7TMow8rn47YKqX/3MnHB2+/mjuFy8i1TX1WsqDtN0+klcPVKAsmbk4tjtagK4
kAsU1v9er+41OyTI1PH7
-----END CERTIFICATE-----
Generated at Tue Jul 30 00:56:20 2024 by rpki-client on console.sobornost.net