Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/67x0RIwxvCQxnG3Au3eKNDjEpCE.roa
File: 67x0RIwxvCQxnG3Au3eKNDjEpCE.roa (raw, json)
Hash identifier: YF0UTegDWCgkb9/1b5nr7Jg6qUR+mG0oYBkmbLcp5gk=
Subject key identifier: EB:BC:74:44:8C:31:BC:24:31:9C:6D:C0:BB:77:8A:34:38:C4:A4:21
Certificate issuer: /CN=3de2681dda00702a7597a71257e14f7a725e890e
Certificate serial: 0194274790BBB125E159D927232F8BC6D2B6
Authority key identifier: 3D:E2:68:1D:DA:00:70:2A:75:97:A7:12:57:E1:4F:7A:72:5E:89:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PeJoHdoAcCp1l6cSV-FPenJeiQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/67x0RIwxvCQxnG3Au3eKNDjEpCE.roa
Signing time: Thu 02 Jan 2025 13:49:49 +0000
ROA not before: Thu 02 Jan 2025 13:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206024
IP address blocks: 145.43.252.0/24 maxlen: 24
145.43.253.0/24 maxlen: 24
145.43.254.0/23 maxlen: 23
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:90:bb:b1:25:e1:59:d9:27:23:2f:8b:c6:d2:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3de2681dda00702a7597a71257e14f7a725e890e
Validity
Not Before: Jan 2 13:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebbc74448c31bc24319c6dc0bb778a3438c4a421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f2:57:d7:2f:4f:07:db:69:01:33:3a:f7:34:
90:6f:0a:12:0a:1f:96:42:39:ac:d0:ef:7a:70:76:
f3:4e:57:fe:e5:aa:68:ab:4a:33:3d:3f:fc:14:5b:
87:8f:90:63:91:d4:9c:37:71:c1:64:5d:dd:6f:c5:
03:cc:02:3c:d2:bc:17:f2:25:98:46:06:be:68:42:
79:44:3e:ad:66:c7:67:91:ab:56:7f:d3:a7:19:3c:
e3:cd:6d:b9:0a:68:ad:d9:8e:a3:19:45:48:1a:8e:
c1:c5:b6:1f:4d:92:86:71:69:fb:bf:69:8c:2b:62:
72:bc:64:21:23:1c:eb:78:51:78:7b:d5:bb:b6:ee:
16:4b:76:4e:2e:90:70:6c:5d:52:15:62:0f:0f:cd:
22:cc:58:2e:0f:ed:eb:30:8f:34:d5:9b:7a:1b:de:
65:7b:23:85:f4:99:b8:07:54:8a:1b:7a:a7:1d:18:
7c:e2:e2:52:4d:63:a7:7f:fe:77:b6:7f:fd:bc:6f:
e9:40:0f:35:d8:f8:89:55:7a:c1:a9:a0:a4:46:5c:
bd:9b:62:64:2a:d6:19:ab:1f:1a:f6:28:ed:1e:82:
d3:98:e2:1f:ec:05:e9:2e:94:75:51:7d:03:93:0e:
c2:f2:bc:9e:cb:76:56:3f:44:75:4c:62:0a:f4:93:
57:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:BC:74:44:8C:31:BC:24:31:9C:6D:C0:BB:77:8A:34:38:C4:A4:21
X509v3 Authority Key Identifier:
keyid:3D:E2:68:1D:DA:00:70:2A:75:97:A7:12:57:E1:4F:7A:72:5E:89:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PeJoHdoAcCp1l6cSV-FPenJeiQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/67x0RIwxvCQxnG3Au3eKNDjEpCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/PeJoHdoAcCp1l6cSV-FPenJeiQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.43.252.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:b3:39:d1:e7:46:c2:e9:e2:1a:7b:b9:af:70:2f:9d:7e:1b:
1f:36:f2:a1:85:7d:3e:c2:e4:cd:10:ae:40:f8:26:79:ab:74:
c9:66:fb:41:a8:bb:48:6f:ac:4c:d8:2f:fb:ab:38:ca:8e:d0:
48:e7:5b:a3:75:57:4c:a8:ee:24:08:7f:37:c1:74:36:51:ae:
59:51:cf:9c:2b:17:60:e5:5c:3f:35:6d:87:2f:d7:8c:85:48:
48:c9:da:c5:9c:d3:78:23:36:63:27:94:65:08:55:27:9f:91:
24:c5:dd:79:24:45:d4:5f:b3:e0:df:93:d9:bf:8a:02:f1:81:
7a:4d:0a:08:89:aa:d0:8d:c5:85:f9:45:8c:64:9f:6e:be:4a:
61:6a:86:fa:f2:07:1b:0b:de:c4:21:01:16:44:c9:6e:aa:14:
9e:d0:97:6a:bf:c8:42:85:ad:c3:cf:63:52:2f:4b:e5:c0:32:
0c:5f:08:46:d8:6c:9b:ba:2c:99:5a:54:b3:a4:a1:53:17:cb:
fe:60:15:c3:0a:1d:e7:95:21:54:a5:ad:3c:c4:08:64:e7:58:
c8:43:87:7d:dc:fd:f3:ca:2d:43:a0:e2:d9:52:ca:f2:74:35:
3e:44:d7:cb:23:14:d6:88:1e:3e:a4:ed:2a:b1:53:f8:ba:fe:
13:28:ba:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR5C7sSXhWdknIy+LxtK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZTI2ODFkZGEwMDcwMmE3NTk3YTcxMjU3ZTE0ZjdhNzI1
ZTg5MGUwHhcNMjUwMTAyMTM0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmJjNzQ0NDhjMzFiYzI0MzE5YzZkYzBiYjc3OGEzNDM4YzRhNDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fJX1y9PB9tpATM69zSQbwoSCh+W
Qjms0O96cHbzTlf+5apoq0ozPT/8FFuHj5BjkdScN3HBZF3db8UDzAI80rwX8iWY
Rga+aEJ5RD6tZsdnkatWf9OnGTzjzW25Cmit2Y6jGUVIGo7BxbYfTZKGcWn7v2mM
K2JyvGQhIxzreFF4e9W7tu4WS3ZOLpBwbF1SFWIPD80izFguD+3rMI801Zt6G95l
eyOF9Jm4B1SKG3qnHRh84uJSTWOnf/53tn/9vG/pQA812PiJVXrBqaCkRly9m2Jk
KtYZqx8a9ijtHoLTmOIf7AXpLpR1UX0Dkw7C8ryey3ZWP0R1TGIK9JNXFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOu8dESMMbwkMZxtwLt3ijQ4xKQhMB8GA1UdIwQY
MBaAFD3iaB3aAHAqdZenElfhT3pyXokOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVKb0hkb0FjQ3AxbDZjU1YtRlBlbkplaVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zNmQ2ZTQtOGQ3Ny00OGQ1LWFmYjYt
ZTBhYzcyNjNkYjEyLzEvNjd4MFJJd3h2Q1F4bkczQXUzZUtORGpFcENFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zNmQ2ZTQtOGQ3Ny00OGQ1LWFmYjYtZTBhYzcyNjNkYjEy
LzEvUGVKb0hkb0FjQ3AxbDZjU1YtRlBlbkplaVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkSv8MA0G
CSqGSIb3DQEBCwUAA4IBAQAMsznR50bC6eIae7mvcC+dfhsfNvKhhX0+wuTNEK5A
+CZ5q3TJZvtBqLtIb6xM2C/7qzjKjtBI51ujdVdMqO4kCH83wXQ2Ua5ZUc+cKxdg
5Vw/NW2HL9eMhUhIydrFnNN4IzZjJ5RlCFUnn5Ekxd15JEXUX7Pg35PZv4oC8YF6
TQoIiarQjcWF+UWMZJ9uvkphaob68gcbC97EIQEWRMluqhSe0Jdqv8hCha3Dz2NS
L0vlwDIMXwhG2GybuiyZWlSzpKFTF8v+YBXDCh3nlSFUpa08xAhk51jIQ4d93P3z
yi1DoOLZUsrydDU+RNfLIxTWiB4+pO0qsVP4uv4TKLrc
-----END CERTIFICATE-----
Generated at Tue Mar 25 14:40:59 2025 by rpki-client on console.sobornost.net