Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/K3iMHdAeJXfHlnnr-SFgcqXt6ns.roa
File: K3iMHdAeJXfHlnnr-SFgcqXt6ns.roa (raw, json)
Hash identifier: UNryLkfKYrOJZtamnGSaO+ZvTx9tCb9rjtiqKaAua+s=
Subject key identifier: 2B:78:8C:1D:D0:1E:25:77:C7:96:79:EB:F9:21:60:72:A5:ED:EA:7B
Certificate issuer: /CN=7df0897eab3eed6e24eddd676e8bf9377fb4480c
Certificate serial: 019428277D84E5EF19187EFF7F5320FC9130
Authority key identifier: 7D:F0:89:7E:AB:3E:ED:6E:24:ED:DD:67:6E:8B:F9:37:7F:B4:48:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffCJfqs-7W4k7d1nbov5N3-0SAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/K3iMHdAeJXfHlnnr-SFgcqXt6ns.roa
Signing time: Thu 02 Jan 2025 17:54:24 +0000
ROA not before: Thu 02 Jan 2025 17:54:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35313
IP address blocks: 188.137.168.0/21 maxlen: 24
188.137.200.0/24 maxlen: 24
188.137.201.0/24 maxlen: 24
188.137.202.0/24 maxlen: 24
188.137.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:7d:84:e5:ef:19:18:7e:ff:7f:53:20:fc:91:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df0897eab3eed6e24eddd676e8bf9377fb4480c
Validity
Not Before: Jan 2 17:54:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b788c1dd01e2577c79679ebf9216072a5edea7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:2c:68:aa:25:33:0b:56:59:64:88:1b:b2:81:
54:a4:77:8b:7d:17:73:8d:7a:92:a2:6f:1f:a0:7f:
cd:e0:05:e3:ca:29:b4:a5:86:0c:ee:3e:ec:2c:a0:
52:f1:49:fc:88:0a:87:20:f2:cb:72:3a:a9:61:8e:
e5:50:bc:40:4a:b5:bf:c5:38:19:08:2c:80:49:50:
ef:12:a3:bc:ba:3f:e5:d8:3c:80:84:0d:2a:2e:d3:
e1:c6:77:30:2c:0d:fe:67:ff:40:0b:7f:8d:74:40:
eb:cf:b5:e9:90:98:2f:57:80:b5:b8:f3:96:fd:5a:
d4:48:92:c6:42:da:75:e0:99:22:28:57:41:ac:cd:
6c:fc:5c:e6:41:47:e5:a8:d8:a7:bb:8a:2e:92:bf:
c7:9e:1f:ff:fa:66:9b:59:c7:88:d6:6f:a9:3e:71:
e5:cc:bb:32:1e:17:b4:9e:1f:87:a4:6f:4d:61:57:
40:ef:1f:d8:bb:31:e6:c8:0d:fe:aa:85:36:b8:e4:
6d:08:d6:82:30:17:08:8a:02:22:a1:d5:01:f6:01:
b3:d9:27:88:e4:b8:26:3b:83:56:09:37:28:a9:67:
fe:38:72:5d:74:20:74:ee:fe:13:58:72:16:fd:39:
66:e8:e5:3b:13:ba:19:c1:1f:74:5b:5e:92:2c:33:
e7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:78:8C:1D:D0:1E:25:77:C7:96:79:EB:F9:21:60:72:A5:ED:EA:7B
X509v3 Authority Key Identifier:
keyid:7D:F0:89:7E:AB:3E:ED:6E:24:ED:DD:67:6E:8B:F9:37:7F:B4:48:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffCJfqs-7W4k7d1nbov5N3-0SAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/K3iMHdAeJXfHlnnr-SFgcqXt6ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/ffCJfqs-7W4k7d1nbov5N3-0SAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.137.168.0/21
188.137.200.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:70:84:09:e6:95:59:d3:a7:eb:21:54:f6:ac:53:7f:27:37:
19:d4:e8:fd:7e:4d:f2:16:79:f8:f6:49:8f:08:30:33:ac:ef:
0c:3a:90:32:2e:41:8c:57:b5:d0:4a:87:90:26:d4:3b:6a:bb:
28:19:72:3c:1d:21:33:25:1f:88:21:35:d2:76:4d:5d:4b:3b:
8f:4b:ca:10:73:07:0c:44:3a:e1:51:1b:0d:54:ff:90:92:a8:
e8:58:79:9d:77:8e:14:a6:f4:96:d1:5f:61:24:f1:62:76:8f:
ca:5d:56:21:e9:f3:a9:7b:39:cd:0e:c9:8e:fc:ca:de:e8:4c:
5b:49:4e:f7:13:c9:a8:06:3e:ef:ab:09:7b:01:cf:b5:63:d9:
d5:7c:63:5b:0e:fb:7f:a7:45:38:c0:0f:ef:83:de:a9:c5:15:
3d:0d:0c:3a:c8:8c:39:69:68:15:0e:ec:0b:d5:e8:6a:6f:98:
cd:f4:1a:7c:19:90:9b:e7:18:9f:4d:47:0a:4b:07:64:69:1f:
02:94:49:9a:44:9d:81:89:9b:02:d4:d1:75:0e:5d:f1:77:85:
aa:02:03:27:e0:47:fe:af:c2:7c:04:dd:18:fc:62:b9:da:43:
ef:bb:dc:c5:bd:e0:52:96:0f:87:8c:b0:3b:ff:31:6e:d1:33:
6b:67:e5:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJ32E5e8ZGH7/f1Mg/JEwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjA4OTdlYWIzZWVkNmUyNGVkZGQ2NzZlOGJmOTM3N2Zi
NDQ4MGMwHhcNMjUwMTAyMTc1NDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjc4OGMxZGQwMWUyNTc3Yzc5Njc5ZWJmOTIxNjA3MmE1ZWRlYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8yxoqiUzC1ZZZIgbsoFUpHeLfRdz
jXqSom8foH/N4AXjyim0pYYM7j7sLKBS8Un8iAqHIPLLcjqpYY7lULxASrW/xTgZ
CCyASVDvEqO8uj/l2DyAhA0qLtPhxncwLA3+Z/9AC3+NdEDrz7XpkJgvV4C1uPOW
/VrUSJLGQtp14JkiKFdBrM1s/FzmQUflqNinu4oukr/Hnh//+mabWceI1m+pPnHl
zLsyHhe0nh+HpG9NYVdA7x/YuzHmyA3+qoU2uORtCNaCMBcIigIiodUB9gGz2SeI
5LgmO4NWCTcoqWf+OHJddCB07v4TWHIW/Tlm6OU7E7oZwR90W16SLDPnaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCt4jB3QHiV3x5Z56/khYHKl7ep7MB8GA1UdIwQY
MBaAFH3wiX6rPu1uJO3dZ26L+Td/tEgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZDSmZxcy03VzRrN2QxbmJvdjVOMy0wU0F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zOTI1ZTktNjVlYS00NjJlLWFlMjgt
ZDJjMjlkYzA0MmU3LzEvSzNpTUhkQWVKWGZIbG5uci1TRmdjcVh0Nm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8zOTI1ZTktNjVlYS00NjJlLWFlMjgtZDJjMjlkYzA0MmU3
LzEvZmZDSmZxcy03VzRrN2QxbmJvdjVOMy0wU0F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDvImoAwQC
vInIMA0GCSqGSIb3DQEBCwUAA4IBAQAOcIQJ5pVZ06frIVT2rFN/JzcZ1Oj9fk3y
Fnn49kmPCDAzrO8MOpAyLkGMV7XQSoeQJtQ7arsoGXI8HSEzJR+IITXSdk1dSzuP
S8oQcwcMRDrhURsNVP+QkqjoWHmdd44UpvSW0V9hJPFido/KXVYh6fOpeznNDsmO
/Mre6ExbSU73E8moBj7vqwl7Ac+1Y9nVfGNbDvt/p0U4wA/vg96pxRU9DQw6yIw5
aWgVDuwL1ehqb5jN9Bp8GZCb5xifTUcKSwdkaR8ClEmaRJ2BiZsC1NF1Dl3xd4Wq
AgMn4Ef+r8J8BN0Y/GK52kPvu9zFveBSlg+HjLA7/zFu0TNrZ+Vr
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:31 2025 by rpki-client on console.sobornost.net