Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3gQ4-aAoYS0U4vhcF6TBUI5T5N0.roa
File: 3gQ4-aAoYS0U4vhcF6TBUI5T5N0.roa (raw, json)
Hash identifier: kaZEqM9n4i1WiS6J114JCUNKP2TaTIzVGj4OKzXXyCk=
Subject key identifier: DE:04:38:F9:A0:28:61:2D:14:E2:F8:5C:17:A4:C1:50:8E:53:E4:DD
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0193BB2C99426FEBA1299E5143207FBBA581
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3gQ4-aAoYS0U4vhcF6TBUI5T5N0.roa
Signing time: Thu 12 Dec 2024 14:01:22 +0000
ROA not before: Thu 12 Dec 2024 14:01:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203511
IP address blocks: 45.9.30.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.151.2.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bb:2c:99:42:6f:eb:a1:29:9e:51:43:20:7f:bb:a5:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 12 14:01:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de0438f9a028612d14e2f85c17a4c1508e53e4dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:67:25:e1:7a:61:8b:fe:50:60:04:5c:63:1c:
aa:b0:41:0b:ea:c9:ea:99:85:94:cb:cf:2c:04:bb:
f7:89:62:6a:d6:69:d8:85:9f:a9:b3:50:1a:c7:a6:
a5:4f:84:ed:74:e0:98:14:e2:89:8e:02:77:6a:98:
77:3f:26:5f:bd:fa:21:e9:9a:77:40:22:94:c7:05:
c4:8b:1b:03:9f:31:c8:57:8d:5a:c3:88:2c:40:b0:
3a:79:aa:3b:67:6c:d7:36:1a:6f:af:0e:0d:b9:6b:
a9:1e:4a:25:26:bc:a4:7a:27:d4:71:ac:c6:41:c4:
b7:f9:51:b0:cb:e7:05:e4:df:46:aa:28:f9:53:e9:
83:43:b2:cd:05:32:74:47:b2:7c:09:b7:91:06:5a:
70:0c:15:74:c4:b8:79:74:d1:3a:5b:ff:cb:24:60:
b8:bc:89:64:2d:cb:92:1b:db:95:88:07:c4:94:22:
b0:c5:2c:2b:cc:38:53:28:25:b0:a7:07:99:a3:fb:
c7:49:42:ae:32:d0:7e:51:51:6c:d7:9a:af:75:6c:
c2:d4:10:5c:f5:8a:73:a3:7a:73:5c:69:bb:cf:8e:
db:84:0a:7c:74:d2:ea:77:17:3f:38:8e:5b:bd:8e:
95:e9:71:a4:aa:bf:11:56:01:42:7c:25:3a:10:68:
e6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:04:38:F9:A0:28:61:2D:14:E2:F8:5C:17:A4:C1:50:8E:53:E4:DD
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3gQ4-aAoYS0U4vhcF6TBUI5T5N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.88.139.0/24
45.94.171.0/24
45.151.2.0/24
77.83.37.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
40:18:74:d2:e7:1d:31:86:c8:4d:c4:3b:6b:3f:d5:41:7f:5b:
f7:09:72:77:9e:1a:ee:4a:13:0b:cc:8f:80:09:54:93:f1:bf:
67:a7:fd:5b:96:fb:e7:f7:66:b6:32:9d:94:91:02:4e:32:d0:
4a:dc:b2:e7:6b:2c:98:5a:6a:a8:00:16:b3:16:7f:57:f2:15:
58:15:b8:97:7f:ea:11:23:8e:b8:f5:fb:b9:d8:8a:61:fd:a5:
88:03:24:67:54:01:2e:aa:16:e8:aa:c3:a4:7e:1b:9f:6e:12:
0a:4c:9f:51:07:fd:06:22:67:a9:3e:77:a6:28:e4:00:b1:f7:
73:1d:9b:55:d5:58:af:2c:fd:14:c0:bc:1e:cb:db:53:14:48:
34:c4:18:95:9f:42:8a:c3:89:4a:f6:77:96:87:47:01:da:b4:
da:62:aa:55:ca:70:79:ae:e7:14:4f:96:c0:19:bc:cf:e3:3c:
d7:24:c7:74:31:5b:02:84:12:e4:c2:65:39:60:de:b1:0e:99:
2d:38:fd:a6:84:a4:b2:ba:d6:bd:d0:68:2b:3b:e7:5d:05:1a:
a5:13:c6:1b:2a:5f:50:be:25:ff:59:10:27:ca:ff:b0:45:c6:
a2:13:3c:7e:78:aa:27:a0:0a:8c:c2:f8:a6:b3:c5:2c:fd:36:
89:d8:a7:b3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZO7LJlCb+uhKZ5RQyB/u6WBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMjEyMTQwMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTA0MzhmOWEwMjg2MTJkMTRlMmY4NWMxN2E0YzE1MDhlNTNlNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmcl4Xphi/5QYARcYxyqsEEL6snq
mYWUy88sBLv3iWJq1mnYhZ+ps1Aax6alT4TtdOCYFOKJjgJ3aph3PyZfvfoh6Zp3
QCKUxwXEixsDnzHIV41aw4gsQLA6eao7Z2zXNhpvrw4NuWupHkolJrykeifUcazG
QcS3+VGwy+cF5N9Gqij5U+mDQ7LNBTJ0R7J8CbeRBlpwDBV0xLh5dNE6W//LJGC4
vIlkLcuSG9uViAfElCKwxSwrzDhTKCWwpweZo/vHSUKuMtB+UVFs15qvdWzC1BBc
9Ypzo3pzXGm7z47bhAp8dNLqdxc/OI5bvY6V6XGkqr8RVgFCfCU6EGjmVwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN4EOPmgKGEtFOL4XBekwVCOU+TdMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvM2dRNC1hQW9ZUzBVNHZoY0Y2VEJVSTVUNU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQkeAwQA
LViLAwQALV6rAwQALZcCAwQATVMlAwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQBA
GHTS5x0xhshNxDtrP9VBf1v3CXJ3nhruShMLzI+ACVST8b9np/1blvvn92a2Mp2U
kQJOMtBK3LLnayyYWmqoABazFn9X8hVYFbiXf+oRI4649fu52Iph/aWIAyRnVAEu
qhboqsOkfhufbhIKTJ9RB/0GImepPnemKOQAsfdzHZtV1VivLP0UwLwey9tTFEg0
xBiVn0KKw4lK9neWh0cB2rTaYqpVynB5rucUT5bAGbzP4zzXJMd0MVsChBLkwmU5
YN6xDpktOP2mhKSyuta90GgrO+ddBRqlE8YbKl9QviX/WRAnyv+wRcaiEzx+eKon
oAqMwvims8Us/TaJ2Kez
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:42 2024 by rpki-client on console.sobornost.net