Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/KkImKUZdYZWJYDwbNERgasrkJc0.roa
File: KkImKUZdYZWJYDwbNERgasrkJc0.roa (raw, json)
Hash identifier: bs/AoWrd4lGD/71ZJV0smb7S6wL5e7xHFDUbooXuK/U=
Subject key identifier: 2A:42:26:29:46:5D:61:95:89:60:3C:1B:34:44:60:6A:CA:E4:25:CD
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 01960FA36B2F858AEED0A56D2635839AD096
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/KkImKUZdYZWJYDwbNERgasrkJc0.roa
Signing time: Mon 07 Apr 2025 09:44:49 +0000
ROA not before: Mon 07 Apr 2025 09:44:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35277
IP address blocks: 5.181.202.0/23 maxlen: 24
45.155.120.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:a3:6b:2f:85:8a:ee:d0:a5:6d:26:35:83:9a:d0:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Apr 7 09:44:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a422629465d619589603c1b3444606acae425cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7c:07:e5:39:4f:d5:9a:9f:c8:92:53:1e:1f:
e7:00:97:f3:ed:67:93:74:68:7d:d2:25:26:30:e1:
b3:eb:2e:ef:61:c1:41:ef:72:93:84:af:e9:7f:8e:
98:b4:34:bd:20:1c:33:c6:ee:04:0b:c7:d1:f9:1e:
20:82:25:28:b3:55:b4:f6:0a:7d:81:30:fe:77:72:
38:67:7d:3f:45:39:83:c4:e3:d1:79:ab:a3:a5:27:
5e:fc:3b:cb:24:f7:d6:6d:aa:14:aa:22:fb:dc:52:
71:1f:48:74:81:e4:4c:a7:7f:5c:23:28:e4:86:08:
74:0a:5b:73:87:a7:1a:2e:ae:63:85:6d:ea:4f:ec:
a9:99:53:35:58:97:1e:b8:c2:f6:48:c9:13:5c:0c:
fd:88:28:82:14:63:5a:30:2d:5c:99:b6:20:a3:3c:
81:1b:b4:a6:cb:6b:14:9f:7c:0a:b1:43:2c:a8:f4:
cc:64:52:55:d8:cd:07:7e:3d:01:02:c9:79:d5:19:
bd:b7:fc:15:b0:a8:b3:ce:0a:81:83:e6:9a:ab:49:
51:60:63:86:65:eb:c6:0a:da:8c:66:42:d8:3d:c4:
c0:07:50:cb:62:3e:cd:24:a7:15:61:c0:75:92:68:
1b:77:80:90:8e:2d:02:86:7a:45:27:e0:7f:90:18:
b1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:42:26:29:46:5D:61:95:89:60:3C:1B:34:44:60:6A:CA:E4:25:CD
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/KkImKUZdYZWJYDwbNERgasrkJc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.202.0/23
45.155.120.0/23
Signature Algorithm: sha256WithRSAEncryption
27:06:34:7b:22:62:28:70:cd:cb:27:7d:bb:ea:99:24:da:91:
08:f8:92:65:98:18:e1:f2:1e:03:fe:c1:70:88:53:e6:b1:3b:
f0:2b:84:fa:ee:69:2b:4f:92:b8:8b:30:64:99:42:59:70:e1:
23:ba:c9:20:48:6a:db:b1:c6:96:ce:a3:ac:9d:73:4a:82:35:
77:e4:2e:b1:62:f6:43:6a:ac:87:68:dc:8e:d0:a4:8f:bf:b7:
16:e6:ff:77:b2:f4:1d:73:a3:18:44:bc:dd:f6:3e:0e:1c:2d:
71:de:12:63:94:6f:b4:7e:55:f5:7b:5f:08:43:73:69:be:5d:
ce:6d:c8:c5:2c:81:e2:9c:8f:bc:79:a0:49:8a:09:28:52:27:
dd:9a:9a:29:fd:b1:cd:92:76:9e:5b:0e:96:20:cd:ca:71:ef:
25:40:06:c3:07:51:fb:c8:2f:28:c2:4e:f1:47:38:99:73:0f:
31:6e:19:9b:72:af:2c:b6:09:56:78:77:50:5e:de:5d:e1:63:
43:53:64:82:ec:2a:2d:a1:87:a8:91:a6:44:9f:db:c5:07:6b:
d5:14:42:92:76:9e:9a:b6:29:55:5e:98:fa:93:70:be:77:a8:
bf:17:24:9c:1f:b5:e1:c6:cb:32:fa:98:fa:40:68:e6:7c:47:
79:1c:e1:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYPo2svhYru0KVtJjWDmtCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjUwNDA3MDk0NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQyMjYyOTQ2NWQ2MTk1ODk2MDNjMWIzNDQ0NjA2YWNhZTQyNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nwH5TlP1ZqfyJJTHh/nAJfz7WeT
dGh90iUmMOGz6y7vYcFB73KThK/pf46YtDS9IBwzxu4EC8fR+R4ggiUos1W09gp9
gTD+d3I4Z30/RTmDxOPReaujpSde/DvLJPfWbaoUqiL73FJxH0h0geRMp39cIyjk
hgh0Cltzh6caLq5jhW3qT+ypmVM1WJceuML2SMkTXAz9iCiCFGNaMC1cmbYgozyB
G7Smy2sUn3wKsUMsqPTMZFJV2M0Hfj0BAsl51Rm9t/wVsKizzgqBg+aaq0lRYGOG
ZevGCtqMZkLYPcTAB1DLYj7NJKcVYcB1kmgbd4CQji0ChnpFJ+B/kBixlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCpCJilGXWGViWA8GzREYGrK5CXNMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvS2tJbUtVWmRZWldKWUR3Yk5FUmdhc3JrSmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBbXKAwQB
LZt4MA0GCSqGSIb3DQEBCwUAA4IBAQAnBjR7ImIocM3LJ3276pkk2pEI+JJlmBjh
8h4D/sFwiFPmsTvwK4T67mkrT5K4izBkmUJZcOEjuskgSGrbscaWzqOsnXNKgjV3
5C6xYvZDaqyHaNyO0KSPv7cW5v93svQdc6MYRLzd9j4OHC1x3hJjlG+0flX1e18I
Q3Npvl3ObcjFLIHinI+8eaBJigkoUifdmpop/bHNknaeWw6WIM3Kce8lQAbDB1H7
yC8owk7xRziZcw8xbhmbcq8stglWeHdQXt5d4WNDU2SC7CotoYeokaZEn9vFB2vV
FEKSdp6atilVXpj6k3C+d6i/FyScH7Xhxssy+pj6QGjmfEd5HOF2
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:27 2025 by rpki-client on console.sobornost.net