Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/9690d0-a2ab-4b74-b104-d9e1b81dd1c7/1/H_7ACJUrqgJ484HIRKey5pPl73c.roa
File: H_7ACJUrqgJ484HIRKey5pPl73c.roa (raw, json)
Hash identifier: 1z8warGC82+Wi4dUbomChcjXytgwACSiXxSyg9np1e4=
Subject key identifier: 1F:FE:C0:08:95:2B:AA:02:78:F3:81:C8:44:A7:B2:E6:93:E5:EF:77
Certificate issuer: /CN=1086a7c0dea73dd0f94e2e9fe1ac9ab6701b2253
Certificate serial: 0194236A11054F885B7D4C9CF6A62599310D
Authority key identifier: 10:86:A7:C0:DE:A7:3D:D0:F9:4E:2E:9F:E1:AC:9A:B6:70:1B:22:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EIanwN6nPdD5Ti6f4ayatnAbIlM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/9690d0-a2ab-4b74-b104-d9e1b81dd1c7/1/H_7ACJUrqgJ484HIRKey5pPl73c.roa
Signing time: Wed 01 Jan 2025 19:49:01 +0000
ROA not before: Wed 01 Jan 2025 19:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34934
IP address blocks: 45.152.252.0/24 maxlen: 24
45.152.253.0/24 maxlen: 24
45.152.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:11:05:4f:88:5b:7d:4c:9c:f6:a6:25:99:31:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1086a7c0dea73dd0f94e2e9fe1ac9ab6701b2253
Validity
Not Before: Jan 1 19:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ffec008952baa0278f381c844a7b2e693e5ef77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:95:07:42:19:d4:20:b9:fc:d7:b5:00:21:57:
3c:5d:a4:22:58:9b:08:25:fc:42:91:66:fb:b2:09:
19:20:3f:cd:84:7e:0d:15:be:f9:c4:22:05:7e:18:
a0:b4:b9:38:22:0f:8b:81:bb:36:5a:d4:41:56:6c:
ad:e1:f2:8b:99:80:e0:00:9d:e6:e1:94:8f:ca:2c:
67:50:77:e8:65:73:17:34:a6:bc:de:78:e0:4d:8b:
b6:e9:a2:41:f0:e7:10:e8:0d:08:ec:ae:2b:16:81:
2d:8d:35:97:85:c8:c5:ba:ec:2c:b3:1d:34:1b:4b:
2e:8a:a3:9e:f8:d7:25:b5:49:98:27:6c:8c:83:16:
1b:35:56:4f:f4:70:cc:ea:f1:78:55:48:d9:44:ad:
39:cf:2e:8a:08:79:bd:7a:20:ce:78:d5:4d:a3:38:
4b:e4:07:74:5b:58:b9:2b:80:bb:93:18:7c:75:6c:
3f:58:36:bd:57:b3:4b:74:02:96:f8:6c:e6:cf:9e:
90:b5:27:1d:78:c4:30:8a:82:bc:09:3e:74:9d:82:
19:27:9b:08:83:8c:09:84:16:8c:4f:af:b2:46:23:
a4:a4:2b:eb:94:4d:94:40:c4:6b:ad:c0:b0:1d:3d:
5f:fd:2b:f5:b0:6c:dc:d1:7b:8b:7d:3d:00:4f:d9:
d1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:FE:C0:08:95:2B:AA:02:78:F3:81:C8:44:A7:B2:E6:93:E5:EF:77
X509v3 Authority Key Identifier:
keyid:10:86:A7:C0:DE:A7:3D:D0:F9:4E:2E:9F:E1:AC:9A:B6:70:1B:22:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EIanwN6nPdD5Ti6f4ayatnAbIlM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9690d0-a2ab-4b74-b104-d9e1b81dd1c7/1/H_7ACJUrqgJ484HIRKey5pPl73c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9690d0-a2ab-4b74-b104-d9e1b81dd1c7/1/EIanwN6nPdD5Ti6f4ayatnAbIlM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.252.0-45.152.254.255
Signature Algorithm: sha256WithRSAEncryption
68:8b:ee:dc:b9:32:6b:12:94:cc:a4:9a:46:11:3a:2f:a4:20:
f3:06:8c:0e:76:8f:10:67:67:63:98:88:07:dc:73:e6:ae:91:
8b:53:2d:e2:c9:5e:f0:0d:6b:22:bb:8d:2f:fb:e4:f1:38:65:
a8:52:d0:cf:a5:d2:38:be:93:6a:54:96:50:70:ed:a1:01:d8:
e2:ad:90:01:82:61:28:9c:5c:71:bb:8f:2a:6c:4e:39:ab:57:
e8:0b:72:66:5d:1d:63:f8:a0:83:ca:11:c2:37:15:6a:cb:17:
6d:de:2c:91:23:29:ad:a1:8d:d8:ea:0e:e1:f4:ef:1a:1e:9a:
6a:57:7c:85:6a:d0:21:3f:99:0d:07:ce:08:dc:17:aa:97:43:
86:08:d9:e7:1c:4f:ed:d4:ef:87:53:cc:c3:38:82:df:6d:4d:
74:6b:d7:99:65:4f:e7:04:9b:e3:2f:9c:fb:79:ee:6b:18:50:
3d:5a:46:de:62:37:bc:81:e9:2c:49:2f:c1:2c:b0:73:64:f7:
29:79:ad:bd:a7:fe:f6:c1:6d:c6:67:56:64:66:a6:4c:08:e8:
6f:7c:4c:78:d6:ab:3c:27:d0:77:67:d6:bf:15:ed:f6:ff:78:
cb:41:f4:27:6f:7c:d3:79:10:3d:cf:e8:a9:ce:e1:ef:f9:d4:
99:f5:0f:0a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQjahEFT4hbfUyc9qYlmTENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwODZhN2MwZGVhNzNkZDBmOTRlMmU5ZmUxYWM5YWI2NzAx
YjIyNTMwHhcNMjUwMTAxMTk0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmZlYzAwODk1MmJhYTAyNzhmMzgxYzg0NGE3YjJlNjkzZTVlZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25UHQhnUILn817UAIVc8XaQiWJsI
JfxCkWb7sgkZID/NhH4NFb75xCIFfhigtLk4Ig+Lgbs2WtRBVmyt4fKLmYDgAJ3m
4ZSPyixnUHfoZXMXNKa83njgTYu26aJB8OcQ6A0I7K4rFoEtjTWXhcjFuuwssx00
G0suiqOe+NcltUmYJ2yMgxYbNVZP9HDM6vF4VUjZRK05zy6KCHm9eiDOeNVNozhL
5Ad0W1i5K4C7kxh8dWw/WDa9V7NLdAKW+Gzmz56QtScdeMQwioK8CT50nYIZJ5sI
g4wJhBaMT6+yRiOkpCvrlE2UQMRrrcCwHT1f/Sv1sGzc0XuLfT0AT9nR8wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB/+wAiVK6oCePOByESnsuaT5e93MB8GA1UdIwQY
MBaAFBCGp8Depz3Q+U4un+GsmrZwGyJTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUlhbndONm5QZEQ1VGk2ZjRheWF0bkFiSWxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi85NjkwZDAtYTJhYi00Yjc0LWIxMDQt
ZDllMWI4MWRkMWM3LzEvSF83QUNKVXJxZ0o0ODRISVJLZXk1cFBsNzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi85NjkwZDAtYTJhYi00Yjc0LWIxMDQtZDllMWI4MWRkMWM3
LzEvRUlhbndONm5QZEQ1VGk2ZjRheWF0bkFiSWxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAItmPwD
BAAtmP4wDQYJKoZIhvcNAQELBQADggEBAGiL7ty5MmsSlMykmkYROi+kIPMGjA52
jxBnZ2OYiAfcc+aukYtTLeLJXvANayK7jS/75PE4ZahS0M+l0ji+k2pUllBw7aEB
2OKtkAGCYSicXHG7jypsTjmrV+gLcmZdHWP4oIPKEcI3FWrLF23eLJEjKa2hjdjq
DuH07xoemmpXfIVq0CE/mQ0HzgjcF6qXQ4YI2eccT+3U74dTzMM4gt9tTXRr15ll
T+cEm+MvnPt57msYUD1aRt5iN7yB6SxJL8EssHNk9yl5rb2n/vbBbcZnVmRmpkwI
6G98THjWqzwn0Hdn1r8V7fb/eMtB9CdvfNN5ED3P6KnO4e/51Jn1Dwo=
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:12:19 2025 by rpki-client on console.sobornost.net