Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8f83c2-3bb3-4d47-8031-de571b89618d/1/KTx9b_8zTKBNujioLgO_O9aKotQ.roa
File: KTx9b_8zTKBNujioLgO_O9aKotQ.roa (raw, json)
Hash identifier: yLCV5gatupNfEMWSmFwUlcpYWX63PsBnn2Uc2EwJMTM=
Subject key identifier: 29:3C:7D:6F:FF:33:4C:A0:4D:BA:38:A8:2E:03:BF:3B:D6:8A:A2:D4
Certificate issuer: /CN=3781babac6925271b179817515e06e6a10acf6b4
Certificate serial: 0195990AB19FF26D5D02B4A737A876BBBF84
Authority key identifier: 37:81:BA:BA:C6:92:52:71:B1:79:81:75:15:E0:6E:6A:10:AC:F6:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N4G6usaSUnGxeYF1FeBuahCs9rQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8f83c2-3bb3-4d47-8031-de571b89618d/1/KTx9b_8zTKBNujioLgO_O9aKotQ.roa
Signing time: Sat 15 Mar 2025 09:02:49 +0000
ROA not before: Sat 15 Mar 2025 09:02:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204538
IP address blocks: 185.245.204.0/22 maxlen: 22
2a0d:6a80::/29 maxlen: 29
2a10:10c0::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:99:0a:b1:9f:f2:6d:5d:02:b4:a7:37:a8:76:bb:bf:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3781babac6925271b179817515e06e6a10acf6b4
Validity
Not Before: Mar 15 09:02:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=293c7d6fff334ca04dba38a82e03bf3bd68aa2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ba:7b:e0:44:b8:38:5c:d7:82:a9:92:9c:4c:
84:32:6c:2d:30:80:95:99:b2:ad:b1:36:33:27:28:
b0:52:a2:6f:89:33:6d:ce:47:4c:07:ab:91:8c:19:
ca:62:11:bb:cd:93:2e:c9:6c:62:6b:f7:36:9e:32:
76:e9:5d:db:45:6c:d2:9f:ad:fe:24:03:86:be:77:
5c:12:1c:24:cd:e8:e9:c7:2b:90:5c:19:f7:1e:3d:
dc:38:98:03:60:1f:84:b5:b0:8b:9c:da:f3:58:b4:
8e:95:fa:83:c8:a8:2b:b3:24:03:ac:27:3c:1f:51:
45:21:24:ba:c5:19:45:88:54:40:6a:0d:4c:40:a8:
45:c2:f4:5c:56:4c:b4:7c:e4:18:bf:2b:43:b4:e9:
d5:59:ee:34:51:b4:8a:f8:13:28:cc:75:b7:c3:f6:
3e:82:7b:5e:49:31:da:4c:c3:9f:3a:dc:5d:44:28:
d3:c5:15:ea:ce:9d:2b:2b:63:af:66:47:e4:c6:f4:
6b:7f:dc:c7:3f:7a:31:f6:24:c2:5e:01:43:46:96:
d4:53:07:ca:be:2b:b1:d1:96:35:2f:81:14:b4:7c:
45:98:14:44:65:34:33:4a:73:a2:d6:27:0f:0b:fe:
e2:7a:57:eb:e5:ba:07:f2:22:1a:08:11:e9:1a:48:
ea:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:3C:7D:6F:FF:33:4C:A0:4D:BA:38:A8:2E:03:BF:3B:D6:8A:A2:D4
X509v3 Authority Key Identifier:
keyid:37:81:BA:BA:C6:92:52:71:B1:79:81:75:15:E0:6E:6A:10:AC:F6:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N4G6usaSUnGxeYF1FeBuahCs9rQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8f83c2-3bb3-4d47-8031-de571b89618d/1/KTx9b_8zTKBNujioLgO_O9aKotQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8f83c2-3bb3-4d47-8031-de571b89618d/1/N4G6usaSUnGxeYF1FeBuahCs9rQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.204.0/22
IPv6:
2a0d:6a80::/29
2a10:10c0::/30
Signature Algorithm: sha256WithRSAEncryption
40:ad:5e:d7:ac:00:f0:f2:a0:80:84:d1:68:4e:0f:93:76:aa:
7d:45:19:fe:7c:40:2d:9a:85:f5:db:b4:f0:75:d6:3f:a6:63:
08:7f:03:26:4c:75:b1:df:85:ea:7e:a6:32:cd:0b:0c:db:3f:
53:9a:57:ca:e5:d5:5d:e6:3c:e1:b0:f6:eb:65:c8:ef:04:9f:
c8:1d:81:82:80:17:e9:e7:d1:56:32:66:92:68:19:ad:5e:85:
46:08:bf:aa:47:77:a6:5a:af:e9:e1:0a:9e:0e:ff:8e:f5:1c:
a6:e4:7d:3a:d9:af:b5:2c:d3:cc:90:c2:58:dd:58:1b:60:69:
c5:44:31:12:50:c4:2d:a5:f7:d7:3d:e3:7d:e4:3a:81:7b:3a:
91:75:a4:6b:f0:86:29:26:e8:cd:94:6e:48:bd:03:60:89:b5:
64:64:41:c5:35:65:27:e8:07:8a:f0:78:70:72:ce:f6:e0:15:
ec:3d:44:fc:f8:1e:5d:3a:74:19:e8:ba:15:8d:d0:81:8d:a5:
ac:f5:02:67:40:94:c6:a0:fb:cc:e7:53:48:0a:67:7d:89:de:
6a:a7:94:52:28:82:05:ac:99:6a:6f:b6:37:bc:ac:df:19:9a:
30:94:ba:f5:cf:15:fc:54:87:36:56:52:3f:d6:6a:3a:26:b4:
4b:30:75:32
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZWZCrGf8m1dArSnN6h2u7+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ODFiYWJhYzY5MjUyNzFiMTc5ODE3NTE1ZTA2ZTZhMTBh
Y2Y2YjQwHhcNMjUwMzE1MDkwMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTNjN2Q2ZmZmMzM0Y2EwNGRiYTM4YTgyZTAzYmYzYmQ2OGFhMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLp74ES4OFzXgqmSnEyEMmwtMICV
mbKtsTYzJyiwUqJviTNtzkdMB6uRjBnKYhG7zZMuyWxia/c2njJ26V3bRWzSn63+
JAOGvndcEhwkzejpxyuQXBn3Hj3cOJgDYB+EtbCLnNrzWLSOlfqDyKgrsyQDrCc8
H1FFISS6xRlFiFRAag1MQKhFwvRcVky0fOQYvytDtOnVWe40UbSK+BMozHW3w/Y+
gnteSTHaTMOfOtxdRCjTxRXqzp0rK2OvZkfkxvRrf9zHP3ox9iTCXgFDRpbUUwfK
viux0ZY1L4EUtHxFmBREZTQzSnOi1icPC/7ielfr5boH8iIaCBHpGkjqtwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCk8fW//M0ygTbo4qC4DvzvWiqLUMB8GA1UdIwQY
MBaAFDeBurrGklJxsXmBdRXgbmoQrPa0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjRHNnVzYVNVbkd4ZVlGMUZlQnVhaENzOXJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84ZjgzYzItM2JiMy00ZDQ3LTgwMzEt
ZGU1NzFiODk2MThkLzEvS1R4OWJfOHpUS0JOdWppb0xnT19POWFLb3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84ZjgzYzItM2JiMy00ZDQ3LTgwMzEtZGU1NzFiODk2MThk
LzEvTjRHNnVzYVNVbkd4ZVlGMUZlQnVhaENzOXJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCufXMMBQE
AgACMA4DBQMqDWqAAwUCKhAQwDANBgkqhkiG9w0BAQsFAAOCAQEAQK1e16wA8PKg
gITRaE4Pk3aqfUUZ/nxALZqF9du08HXWP6ZjCH8DJkx1sd+F6n6mMs0LDNs/U5pX
yuXVXeY84bD262XI7wSfyB2BgoAX6efRVjJmkmgZrV6FRgi/qkd3plqv6eEKng7/
jvUcpuR9OtmvtSzTzJDCWN1YG2BpxUQxElDELaX31z3jfeQ6gXs6kXWka/CGKSbo
zZRuSL0DYIm1ZGRBxTVlJ+gHivB4cHLO9uAV7D1E/PgeXTp0Gei6FY3QgY2lrPUC
Z0CUxqD7zOdTSApnfYneaqeUUiiCBayZam+2N7ys3xmaMJS69c8V/FSHNlZSP9Zq
Oia0SzB1Mg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:23 2025 by rpki-client on console.sobornost.net