Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/7QVxk9uNFAZvZlwW2oy0lOfWXSw.roa
File: 7QVxk9uNFAZvZlwW2oy0lOfWXSw.roa (raw, json)
Hash identifier: kt2ZZvMsCKbQjL4ztyOOGLvNnyqq7ZrlZtR6H+mxho8=
Subject key identifier: ED:05:71:93:DB:8D:14:06:6F:66:5C:16:DA:8C:B4:94:E7:D6:5D:2C
Certificate issuer: /CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Certificate serial: 01952ACDC349F5D1DFA94C902E392D34E65C
Authority key identifier: 8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/7QVxk9uNFAZvZlwW2oy0lOfWXSw.roa
Signing time: Fri 21 Feb 2025 23:18:02 +0000
ROA not before: Fri 21 Feb 2025 23:18:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35489
IP address blocks: 45.133.100.0/24 maxlen: 24
45.133.101.0/24 maxlen: 24
193.8.4.0/23 maxlen: 23
193.8.4.0/24 maxlen: 24
193.8.5.0/24 maxlen: 24
193.8.6.0/24 maxlen: 24
193.8.7.0/24 maxlen: 24
2a0c:7cc0::/48 maxlen: 48
2a0c:7cc2:297::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2a:cd:c3:49:f5:d1:df:a9:4c:90:2e:39:2d:34:e6:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Validity
Not Before: Feb 21 23:18:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed057193db8d14066f665c16da8cb494e7d65d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:33:1b:80:4d:94:f8:95:10:70:26:1e:77:1d:
e0:68:3a:9a:fd:7a:5b:ea:f2:66:70:aa:04:54:1d:
08:b5:45:31:18:ef:09:b5:94:61:6d:26:76:81:76:
aa:c0:03:59:24:58:ee:39:5e:4e:b2:31:46:13:dc:
b0:69:67:dc:8b:32:6f:5f:9f:74:6b:05:98:8a:a6:
3c:1d:5e:57:ac:9c:e5:a3:41:be:2e:b5:a5:24:4a:
3b:b1:ae:33:38:eb:19:d0:5f:86:fd:f4:46:2c:51:
b8:c7:6e:d5:80:f7:bb:d3:05:f9:2c:9c:72:48:a5:
e6:2f:25:9f:a8:7c:55:0f:1b:65:e8:35:57:8e:04:
01:22:46:88:25:a3:4b:bd:c3:b5:4d:0f:7b:b3:4f:
94:95:90:39:45:2b:a7:08:e2:c0:9e:aa:b3:a0:9e:
86:e6:f5:4a:6f:ae:a1:51:70:d0:6e:71:c6:fe:63:
dc:63:76:96:a1:3c:87:ec:f1:30:8c:2b:68:d3:c1:
c3:cf:99:4e:8b:8c:d8:8a:7c:38:da:cf:a4:ea:c7:
ec:20:39:91:75:28:38:c4:9a:b5:1f:39:d2:9c:08:
a0:09:d7:ec:01:f6:fb:01:d9:ba:5b:0a:82:3b:f9:
eb:d1:a6:21:84:10:b7:5e:89:55:1b:b6:a9:ef:ae:
d7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:05:71:93:DB:8D:14:06:6F:66:5C:16:DA:8C:B4:94:E7:D6:5D:2C
X509v3 Authority Key Identifier:
keyid:8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/7QVxk9uNFAZvZlwW2oy0lOfWXSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.100.0/23
193.8.4.0/22
IPv6:
2a0c:7cc0::/48
2a0c:7cc2:297::/48
Signature Algorithm: sha256WithRSAEncryption
82:87:89:d6:31:42:f2:22:94:16:61:14:13:f2:2c:5c:cc:63:
ba:81:07:0c:ac:55:7d:2d:b9:49:e2:ad:ba:0b:d1:7b:87:29:
26:fd:c4:ce:7a:ce:94:28:b5:47:17:87:ea:ff:b9:97:eb:d6:
87:08:16:3d:40:b2:99:14:a3:29:73:3a:b9:ec:d9:18:14:5f:
a4:38:49:2d:1f:9b:da:07:f4:28:59:a7:2e:a4:85:37:84:09:
aa:00:d2:04:e1:ba:74:76:52:f8:5c:9e:1f:5a:a0:bf:6b:ec:
cd:c5:9f:d4:e0:b7:61:8b:5b:2f:21:ec:a9:7b:98:a1:e1:30:
d5:2c:3c:50:93:d1:6f:8f:4b:3f:32:0a:41:95:cc:8f:67:82:
2b:ba:ea:c0:cf:98:34:ff:c1:25:bc:94:60:ab:6c:48:f3:f8:
05:f0:0e:f9:d0:33:4b:28:29:a6:67:cd:7d:30:86:c4:ca:59:
75:66:ba:f3:c3:a0:b7:87:84:8d:92:d1:7e:42:d2:2f:e2:6f:
74:1a:a2:46:62:eb:69:fb:0a:01:dd:3d:7a:ab:0b:04:8a:08:
a3:a5:f1:1f:fb:e0:39:09:22:ab:6f:f6:98:de:46:02:c6:69:
f9:aa:e8:08:fc:52:15:8f:93:e3:d4:00:62:d8:3f:71:4e:1c:
19:e2:17:0c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZUqzcNJ9dHfqUyQLjktNOZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNlMWQxMzViZjJjZjhlOGMxM2YzM2VjMTFjODUyMzcw
M2RjNzUwHhcNMjUwMjIxMjMxODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDA1NzE5M2RiOGQxNDA2NmY2NjVjMTZkYThjYjQ5NGU3ZDY1ZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDMbgE2U+JUQcCYedx3gaDqa/Xpb
6vJmcKoEVB0ItUUxGO8JtZRhbSZ2gXaqwANZJFjuOV5OsjFGE9ywaWfcizJvX590
awWYiqY8HV5XrJzlo0G+LrWlJEo7sa4zOOsZ0F+G/fRGLFG4x27VgPe70wX5LJxy
SKXmLyWfqHxVDxtl6DVXjgQBIkaIJaNLvcO1TQ97s0+UlZA5RSunCOLAnqqzoJ6G
5vVKb66hUXDQbnHG/mPcY3aWoTyH7PEwjCto08HDz5lOi4zYinw42s+k6sfsIDmR
dSg4xJq1HznSnAigCdfsAfb7Adm6WwqCO/nr0aYhhBC3XolVG7ap767XVQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFO0FcZPbjRQGb2ZcFtqMtJTn1l0sMB8GA1UdIwQY
MBaAFIoc4dE1vyz46ME/M+wRyFI3A9x1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDIt
ZGVlMjkyZWE4N2EzLzEvN1FWeGs5dU5GQVp2Wmx3VzJveTBsT2ZXWFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDItZGVlMjkyZWE4N2Ez
LzEvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBLYVkAwQC
wQgEMBgEAgACMBIDBwAqDHzAAAADBwAqDHzCApcwDQYJKoZIhvcNAQELBQADggEB
AIKHidYxQvIilBZhFBPyLFzMY7qBBwysVX0tuUnirboL0XuHKSb9xM56zpQotUcX
h+r/uZfr1ocIFj1AspkUoylzOrns2RgUX6Q4SS0fm9oH9ChZpy6khTeECaoA0gTh
unR2Uvhcnh9aoL9r7M3Fn9Tgt2GLWy8h7Kl7mKHhMNUsPFCT0W+PSz8yCkGVzI9n
giu66sDPmDT/wSW8lGCrbEjz+AXwDvnQM0soKaZnzX0whsTKWXVmuvPDoLeHhI2S
0X5C0i/ib3QaokZi62n7CgHdPXqrCwSKCKOl8R/74DkJIqtv9pjeRgLGafmq6Aj8
UhWPk+PUAGLYP3FOHBniFww=
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:47:14 2025 by rpki-client on console.sobornost.net