Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/b429aa-0461-4136-90cd-52a7b925b224/1/dPa9U6HWifFU_Cos6EbPpdfP3tk.roa
File: dPa9U6HWifFU_Cos6EbPpdfP3tk.roa (raw, json)
Hash identifier: 3jOPrvgsW1hyX1vCwFVn+4LuXyROUmkvR9VpXoAHZWE=
Subject key identifier: 74:F6:BD:53:A1:D6:89:F1:54:FC:2A:2C:E8:46:CF:A5:D7:CF:DE:D9
Certificate issuer: /CN=04e604a45677be77313969ad17aec69ce97c43ce
Certificate serial: 0194258F44B89C42C4DEF9A3BE61E1CF6FFF
Authority key identifier: 04:E6:04:A4:56:77:BE:77:31:39:69:AD:17:AE:C6:9C:E9:7C:43:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BOYEpFZ3vncxOWmtF67GnOl8Q84.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/b429aa-0461-4136-90cd-52a7b925b224/1/dPa9U6HWifFU_Cos6EbPpdfP3tk.roa
Signing time: Thu 02 Jan 2025 05:48:53 +0000
ROA not before: Thu 02 Jan 2025 05:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59767
IP address blocks: 45.135.156.0/22 maxlen: 22
212.89.32.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:44:b8:9c:42:c4:de:f9:a3:be:61:e1:cf:6f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04e604a45677be77313969ad17aec69ce97c43ce
Validity
Not Before: Jan 2 05:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74f6bd53a1d689f154fc2a2ce846cfa5d7cfded9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8c:80:9d:e7:b5:56:1b:97:8a:0c:a7:8b:f7:
23:1c:53:d9:7a:0c:20:e0:5a:5e:b3:d6:96:57:1f:
3a:72:b7:33:a5:96:31:41:ec:88:34:d6:72:c7:35:
3f:2d:b2:56:f9:78:6f:dc:08:53:0d:53:65:a3:38:
1f:58:5c:6e:33:e1:e4:c1:8a:7a:b3:d2:35:cd:7a:
fd:7e:32:2b:7e:82:f7:10:48:74:16:19:90:14:a8:
08:ae:11:df:d1:f9:0c:73:16:b1:bb:1c:63:cd:29:
41:b9:f8:dd:fb:3c:cb:cf:cf:d8:93:e7:8b:93:da:
c6:4f:fe:aa:38:5d:6e:eb:bd:5a:dd:67:bf:18:d5:
3f:aa:9b:65:9e:f6:7d:72:8d:99:6f:c6:d8:ef:c0:
01:b1:f9:df:f6:45:6e:60:33:00:2f:a6:a6:74:25:
b8:9c:c4:97:ab:d4:27:47:16:08:c5:2f:ca:f2:d6:
d6:60:c0:94:c3:a8:e0:f8:9b:9c:ae:8a:79:fe:3b:
15:53:f2:83:bc:ae:2c:d3:10:5d:58:19:95:a1:0d:
a3:47:bd:a6:0a:09:cf:3b:c8:ea:f4:70:21:db:83:
3e:8b:4a:10:04:dc:53:dc:b0:e9:f7:d0:89:6d:77:
97:ab:d6:42:ee:37:bf:71:3d:c3:28:b6:8b:1b:c8:
d5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F6:BD:53:A1:D6:89:F1:54:FC:2A:2C:E8:46:CF:A5:D7:CF:DE:D9
X509v3 Authority Key Identifier:
keyid:04:E6:04:A4:56:77:BE:77:31:39:69:AD:17:AE:C6:9C:E9:7C:43:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BOYEpFZ3vncxOWmtF67GnOl8Q84.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b429aa-0461-4136-90cd-52a7b925b224/1/dPa9U6HWifFU_Cos6EbPpdfP3tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b429aa-0461-4136-90cd-52a7b925b224/1/BOYEpFZ3vncxOWmtF67GnOl8Q84.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.156.0/22
212.89.32.0/20
Signature Algorithm: sha256WithRSAEncryption
6d:96:de:1c:98:2a:d4:e2:d3:47:79:45:00:b5:f8:d8:12:75:
d1:16:d7:26:2b:88:6b:8a:e1:27:f0:f8:b5:fd:88:dd:96:a1:
8c:a2:37:78:fd:e2:1f:a4:88:39:60:68:3f:fd:9c:bb:9c:e9:
68:86:cb:42:93:c0:2c:6c:82:45:29:08:85:cc:92:f8:c9:f4:
01:f6:f2:b3:61:6a:8e:98:1e:8d:0e:41:95:d8:50:45:e0:8f:
b5:dc:b2:55:30:dc:5b:f9:0c:96:d4:93:e4:37:40:94:14:f3:
1c:62:fa:9b:a8:28:d3:db:5f:63:32:35:ff:28:b0:43:46:88:
83:33:e4:1a:3a:22:9e:93:82:23:14:b8:0c:ff:b8:a5:51:f4:
82:c5:78:05:0c:75:03:96:85:d9:e1:dc:da:cd:51:d5:67:6c:
22:09:6a:0b:82:c8:87:01:bd:9b:66:eb:5f:19:43:a7:31:66:
0f:c7:9b:30:ff:f2:ad:49:46:9c:7f:15:c9:b7:43:6c:b9:ef:
dc:b2:8d:e9:17:74:9b:08:73:13:11:8e:03:99:e4:1c:5b:c1:
38:f4:d1:b3:31:5b:2a:36:a9:e4:67:5b:fb:5b:46:93:72:0b:
9a:c0:da:84:b5:fa:41:49:96:98:1a:17:cf:f3:e3:25:fd:b9:
d8:a4:db:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj0S4nELE3vmjvmHhz2//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZTYwNGE0NTY3N2JlNzczMTM5NjlhZDE3YWVjNjljZTk3
YzQzY2UwHhcNMjUwMTAyMDU0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGY2YmQ1M2ExZDY4OWYxNTRmYzJhMmNlODQ2Y2ZhNWQ3Y2ZkZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4yAnee1VhuXigyni/cjHFPZegwg
4Fpes9aWVx86crczpZYxQeyINNZyxzU/LbJW+Xhv3AhTDVNlozgfWFxuM+HkwYp6
s9I1zXr9fjIrfoL3EEh0FhmQFKgIrhHf0fkMcxaxuxxjzSlBufjd+zzLz8/Yk+eL
k9rGT/6qOF1u671a3We/GNU/qptlnvZ9co2Zb8bY78ABsfnf9kVuYDMAL6amdCW4
nMSXq9QnRxYIxS/K8tbWYMCUw6jg+Jucrop5/jsVU/KDvK4s0xBdWBmVoQ2jR72m
CgnPO8jq9HAh24M+i0oQBNxT3LDp99CJbXeXq9ZC7je/cT3DKLaLG8jVMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHT2vVOh1onxVPwqLOhGz6XXz97ZMB8GA1UdIwQY
MBaAFATmBKRWd753MTlprReuxpzpfEPOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk9ZRXBGWjN2bmN4T1dtdEY2N0duT2w4UTg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9iNDI5YWEtMDQ2MS00MTM2LTkwY2Qt
NTJhN2I5MjViMjI0LzEvZFBhOVU2SFdpZkZVX0NvczZFYlBwZGZQM3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9iNDI5YWEtMDQ2MS00MTM2LTkwY2QtNTJhN2I5MjViMjI0
LzEvQk9ZRXBGWjN2bmN4T1dtdEY2N0duT2w4UTg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYecAwQE
1FkgMA0GCSqGSIb3DQEBCwUAA4IBAQBtlt4cmCrU4tNHeUUAtfjYEnXRFtcmK4hr
iuEn8Pi1/YjdlqGMojd4/eIfpIg5YGg//Zy7nOlohstCk8AsbIJFKQiFzJL4yfQB
9vKzYWqOmB6NDkGV2FBF4I+13LJVMNxb+QyW1JPkN0CUFPMcYvqbqCjT219jMjX/
KLBDRoiDM+QaOiKek4IjFLgM/7ilUfSCxXgFDHUDloXZ4dzazVHVZ2wiCWoLgsiH
Ab2bZutfGUOnMWYPx5sw//KtSUacfxXJt0Nsue/cso3pF3SbCHMTEY4DmeQcW8E4
9NGzMVsqNqnkZ1v7W0aTcguawNqEtfpBSZaYGhfP8+Ml/bnYpNvU
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:07 2025 by rpki-client on console.sobornost.net