Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/24_KLR4ZTxixXjMFlfIhygqGc5A.roa
File: 24_KLR4ZTxixXjMFlfIhygqGc5A.roa (raw, json)
Hash identifier: moxDA+OQx2vpPS9xIam1x12sDttHtdnUlxnInWiXYBE=
Subject key identifier: DB:8F:CA:2D:1E:19:4F:18:B1:5E:33:05:95:F2:21:CA:0A:86:73:90
Certificate issuer: /CN=d629010cdb0b312c32e07aaf9b720d73d3bcd3ab
Certificate serial: 019425FD842F5F1F2281F333FBEE2355FC3C
Authority key identifier: D6:29:01:0C:DB:0B:31:2C:32:E0:7A:AF:9B:72:0D:73:D3:BC:D3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ikBDNsLMSwy4Hqvm3INc9O806s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/24_KLR4ZTxixXjMFlfIhygqGc5A.roa
Signing time: Thu 02 Jan 2025 07:49:19 +0000
ROA not before: Thu 02 Jan 2025 07:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206757
IP address blocks: 45.147.16.0/22 maxlen: 24
116.204.252.0/22 maxlen: 24
185.218.236.0/22 maxlen: 24
193.16.151.0/24 maxlen: 24
193.16.156.0/24 maxlen: 24
195.10.218.0/24 maxlen: 24
201.148.168.0/22 maxlen: 24
203.78.160.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:84:2f:5f:1f:22:81:f3:33:fb:ee:23:55:fc:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d629010cdb0b312c32e07aaf9b720d73d3bcd3ab
Validity
Not Before: Jan 2 07:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db8fca2d1e194f18b15e330595f221ca0a867390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:11:7d:c7:b5:25:71:72:21:2b:05:f8:c1:15:
c3:03:30:0a:32:74:1d:40:fa:a1:a7:40:19:02:b9:
3d:66:70:86:18:3e:c3:03:e9:8c:e2:1d:28:43:c7:
a7:27:fa:da:9f:5c:ab:85:5b:a3:3e:0d:e0:63:3f:
a6:fc:2f:06:f8:09:cb:4b:4b:c7:b3:73:36:be:dd:
a2:23:a7:70:fc:e7:76:db:fa:d6:13:62:c6:d6:ad:
f6:2f:51:e8:2c:ae:16:92:10:58:85:a7:63:fc:19:
70:22:ab:c7:e1:09:91:b2:e1:72:6f:be:f4:07:4c:
d6:a0:17:c5:17:6b:57:61:81:db:2b:4a:8a:5d:ff:
1c:8f:a2:0e:50:4e:db:4d:60:b4:08:37:e2:df:87:
ae:82:42:8f:fd:c2:03:4d:e0:06:e9:f5:db:82:62:
32:c6:ec:20:f5:39:18:4f:68:11:62:a2:ac:fc:07:
34:10:be:54:70:40:29:6f:1d:a9:ae:2c:42:87:6b:
e8:b4:42:d9:e8:11:59:aa:cd:eb:ea:92:bb:3d:9a:
81:80:50:bb:0e:1e:34:c0:ec:c5:fc:50:b3:48:c9:
18:a3:79:8f:dd:45:38:5b:44:df:8a:32:04:aa:33:
78:aa:cb:5c:c0:08:a9:4c:cd:75:5d:90:90:94:4a:
a5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:8F:CA:2D:1E:19:4F:18:B1:5E:33:05:95:F2:21:CA:0A:86:73:90
X509v3 Authority Key Identifier:
keyid:D6:29:01:0C:DB:0B:31:2C:32:E0:7A:AF:9B:72:0D:73:D3:BC:D3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ikBDNsLMSwy4Hqvm3INc9O806s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/24_KLR4ZTxixXjMFlfIhygqGc5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/1ikBDNsLMSwy4Hqvm3INc9O806s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.16.0/22
116.204.252.0/22
185.218.236.0/22
193.16.151.0/24
193.16.156.0/24
195.10.218.0/24
201.148.168.0/22
203.78.160.0/24
Signature Algorithm: sha256WithRSAEncryption
04:ac:44:74:3e:de:28:67:ae:76:ec:a0:18:95:d1:14:35:2b:
1d:3b:33:4d:24:b8:8f:2e:9e:08:be:24:90:5d:28:5b:70:1b:
10:82:2a:7b:9e:86:de:82:f4:1e:2d:a0:b8:c2:8d:80:b6:7d:
a1:f8:df:99:c9:0f:c1:8d:1e:b5:79:c8:08:78:f8:e7:ab:45:
8c:8f:24:14:c7:64:c7:8c:64:86:6e:f7:e4:fc:18:f0:de:44:
08:50:81:51:06:ff:74:b5:b1:5b:ba:b8:38:9d:62:53:98:75:
65:ff:ab:c8:fc:d3:c6:87:71:0c:28:55:5e:c3:55:20:00:78:
65:25:57:e4:5d:70:38:1c:84:da:cf:cb:8c:a7:3c:8f:cc:13:
65:9e:73:8f:8c:2b:3c:db:23:07:dc:91:35:e3:20:6c:0c:6a:
1d:ab:05:3c:55:0f:3a:cc:a7:7e:8d:c7:99:68:58:9c:b8:28:
d3:6e:04:4c:f5:22:d9:c9:36:f4:ec:79:1f:b4:60:95:e0:03:
c2:35:6e:eb:1d:bd:1f:39:74:9e:81:46:98:96:ce:ab:53:9d:
95:42:2c:34:8a:5b:3b:09:7c:97:f6:23:b4:8d:14:12:6a:a2:
cd:11:35:e0:03:5c:4d:b6:d9:6b:84:42:a5:18:0b:82:f1:c7:
f0:68:d7:01
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQl/YQvXx8igfMz++4jVfw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MjkwMTBjZGIwYjMxMmMzMmUwN2FhZjliNzIwZDczZDNi
Y2QzYWIwHhcNMjUwMTAyMDc0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjhmY2EyZDFlMTk0ZjE4YjE1ZTMzMDU5NWYyMjFjYTBhODY3MzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshF9x7UlcXIhKwX4wRXDAzAKMnQd
QPqhp0AZArk9ZnCGGD7DA+mM4h0oQ8enJ/ran1yrhVujPg3gYz+m/C8G+AnLS0vH
s3M2vt2iI6dw/Od22/rWE2LG1q32L1HoLK4WkhBYhadj/BlwIqvH4QmRsuFyb770
B0zWoBfFF2tXYYHbK0qKXf8cj6IOUE7bTWC0CDfi34eugkKP/cIDTeAG6fXbgmIy
xuwg9TkYT2gRYqKs/Ac0EL5UcEApbx2prixCh2votELZ6BFZqs3r6pK7PZqBgFC7
Dh40wOzF/FCzSMkYo3mP3UU4W0TfijIEqjN4qstcwAipTM11XZCQlEql7QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNuPyi0eGU8YsV4zBZXyIcoKhnOQMB8GA1UdIwQY
MBaAFNYpAQzbCzEsMuB6r5tyDXPTvNOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWlrQkROc0xNU3d5NEhxdm0zSU5jOU84MDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8xOTRjMWUtOTcxMC00ZDM1LTgyM2It
NWRkMzM5OTRhMjQxLzEvMjRfS0xSNFpUeGl4WGpNRmxmSWh5Z3FHYzVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8xOTRjMWUtOTcxMC00ZDM1LTgyM2ItNWRkMzM5OTRhMjQx
LzEvMWlrQkROc0xNU3d5NEhxdm0zSU5jOU84MDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLZMQAwQC
dMz8AwQCudrsAwQAwRCXAwQAwRCcAwQAwwraAwQCyZSoAwQAy06gMA0GCSqGSIb3
DQEBCwUAA4IBAQAErER0Pt4oZ6527KAYldEUNSsdOzNNJLiPLp4IviSQXShbcBsQ
gip7nobegvQeLaC4wo2Atn2h+N+ZyQ/BjR61ecgIePjnq0WMjyQUx2THjGSGbvfk
/Bjw3kQIUIFRBv90tbFburg4nWJTmHVl/6vI/NPGh3EMKFVew1UgAHhlJVfkXXA4
HITaz8uMpzyPzBNlnnOPjCs82yMH3JE14yBsDGodqwU8VQ86zKd+jceZaFicuCjT
bgRM9SLZyTb07HkftGCV4APCNW7rHb0fOXSegUaYls6rU52VQiw0ils7CXyX9iO0
jRQSaqLNETXgA1xNttlrhEKlGAuC8cfwaNcB
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:05 2025 by rpki-client on console.sobornost.net