Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/kbK5FbYWiIzhyfd6X1FvOM4LM_M.roa
File: kbK5FbYWiIzhyfd6X1FvOM4LM_M.roa (raw, json)
Hash identifier: DqjgdH8s8QL3DkbtV73wzVgdXOipMU6gUg//vr7va8U=
Subject key identifier: 91:B2:B9:15:B6:16:88:8C:E1:C9:F7:7A:5F:51:6F:38:CE:0B:33:F3
Certificate issuer: /CN=46ccab7479a4e0d8a4177350a00a69bd883b048d
Certificate serial: 0194252216BF72A858EA3C3A4ED86CFEAD73
Authority key identifier: 46:CC:AB:74:79:A4:E0:D8:A4:17:73:50:A0:0A:69:BD:88:3B:04:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsyrdHmk4NikF3NQoAppvYg7BI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/kbK5FbYWiIzhyfd6X1FvOM4LM_M.roa
Signing time: Thu 02 Jan 2025 03:49:38 +0000
ROA not before: Thu 02 Jan 2025 03:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206894
IP address blocks: 45.8.80.0/22 maxlen: 22
185.102.44.0/22 maxlen: 22
185.191.100.0/22 maxlen: 22
185.212.232.0/22 maxlen: 22
185.234.155.0/24 maxlen: 24
2a00:d220::/32 maxlen: 32
2a0a:17c0::/29 maxlen: 29
2a0b:7e40::/32 maxlen: 32
2a0e:1a00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:16:bf:72:a8:58:ea:3c:3a:4e:d8:6c:fe:ad:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ccab7479a4e0d8a4177350a00a69bd883b048d
Validity
Not Before: Jan 2 03:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91b2b915b616888ce1c9f77a5f516f38ce0b33f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0f:d2:0c:b3:d9:38:28:cf:68:5a:9b:5b:1d:
cf:6a:09:b1:d6:03:66:19:2c:d0:a1:c3:73:b4:33:
41:8e:91:65:3a:a3:a3:fe:50:4c:42:e3:8a:f5:9b:
5e:10:40:cc:83:3d:92:56:73:a8:d4:05:1c:07:d0:
8e:13:59:8a:cc:58:c8:e7:fa:3f:1d:83:2a:18:1d:
14:44:75:ff:87:76:73:0a:ca:16:99:32:7c:8f:ff:
c3:f3:d4:2a:c1:cb:d5:5d:4c:97:74:7d:cf:a3:47:
78:19:54:af:56:d5:0f:2f:e0:33:63:fe:05:30:80:
e7:37:53:a4:87:c1:2a:df:43:8e:1e:d1:64:e0:9c:
81:58:d7:0f:f2:cb:55:c9:de:5a:3b:c2:b3:4e:45:
da:2f:3d:5d:62:1a:2f:47:ec:f2:95:39:76:32:51:
f1:ef:57:94:18:34:65:0c:a2:78:62:cd:32:09:82:
e0:b3:5f:33:13:64:64:39:d8:ea:ad:1f:97:9c:8a:
69:86:06:f3:d4:9e:7e:60:38:2c:39:b7:7e:52:0e:
d8:5e:2f:ba:6b:4a:3e:dd:d5:5d:2e:47:61:24:10:
0b:84:80:52:d5:49:9f:84:87:ef:63:3a:ba:e2:65:
2a:65:b1:de:db:08:98:a7:98:a8:a5:4e:1b:04:4f:
32:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B2:B9:15:B6:16:88:8C:E1:C9:F7:7A:5F:51:6F:38:CE:0B:33:F3
X509v3 Authority Key Identifier:
keyid:46:CC:AB:74:79:A4:E0:D8:A4:17:73:50:A0:0A:69:BD:88:3B:04:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsyrdHmk4NikF3NQoAppvYg7BI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/kbK5FbYWiIzhyfd6X1FvOM4LM_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/RsyrdHmk4NikF3NQoAppvYg7BI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.80.0/22
185.102.44.0/22
185.191.100.0/22
185.212.232.0/22
185.234.155.0/24
IPv6:
2a00:d220::/32
2a0a:17c0::/29
2a0b:7e40::/32
2a0e:1a00::/29
Signature Algorithm: sha256WithRSAEncryption
50:76:b0:12:c6:78:c3:5b:05:0c:bc:13:06:ae:9f:8d:8b:15:
0a:36:c3:df:b2:e3:ba:fb:de:38:64:f1:b4:41:9e:fa:8c:17:
2d:fe:72:b1:47:ba:f6:ed:d8:50:1c:40:b0:f6:7f:f3:f3:f4:
9a:09:40:65:0b:f2:4f:25:eb:95:33:41:a0:3f:55:c3:0f:e7:
07:3b:5d:dd:4c:c7:b2:90:28:9a:6c:cc:af:ca:9a:69:1a:da:
70:48:10:1a:cd:6a:ca:2c:18:17:cd:7e:5d:75:33:b5:b0:aa:
5a:0a:48:4c:36:72:1d:39:37:56:a6:72:2a:da:39:dc:60:aa:
d6:0c:99:c5:39:fc:fe:f7:4d:9a:44:7d:de:c7:a3:4b:67:f2:
7b:e7:5b:93:63:8d:46:84:5a:0f:47:89:92:64:2e:2f:33:52:
c9:72:ab:86:0a:a8:fb:4c:79:71:30:0e:d6:8a:86:4e:2d:d4:
db:88:db:71:ea:0e:fc:c1:c5:06:08:b0:9d:38:09:82:f6:1f:
0a:e2:70:d2:a6:d4:2d:e1:f3:38:bb:1e:5b:ea:52:ca:bc:ca:
bc:ef:76:76:2d:f7:02:24:da:99:86:19:e6:44:0d:bd:b7:ec:
8a:3c:43:10:20:89:2d:5f:67:35:ac:03:38:27:aa:78:b4:57:
48:7c:e7:72
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQlIha/cqhY6jw6Tths/q1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Y2NhYjc0NzlhNGUwZDhhNDE3NzM1MGEwMGE2OWJkODgz
YjA0OGQwHhcNMjUwMTAyMDM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWIyYjkxNWI2MTY4ODhjZTFjOWY3N2E1ZjUxNmYzOGNlMGIzM2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7A/SDLPZOCjPaFqbWx3Pagmx1gNm
GSzQocNztDNBjpFlOqOj/lBMQuOK9ZteEEDMgz2SVnOo1AUcB9COE1mKzFjI5/o/
HYMqGB0URHX/h3ZzCsoWmTJ8j//D89QqwcvVXUyXdH3Po0d4GVSvVtUPL+AzY/4F
MIDnN1Okh8Eq30OOHtFk4JyBWNcP8stVyd5aO8KzTkXaLz1dYhovR+zylTl2MlHx
71eUGDRlDKJ4Ys0yCYLgs18zE2RkOdjqrR+XnIpphgbz1J5+YDgsObd+Ug7YXi+6
a0o+3dVdLkdhJBALhIBS1UmfhIfvYzq64mUqZbHe2wiYp5iopU4bBE8yswIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJGyuRW2FoiM4cn3el9RbzjOCzPzMB8GA1UdIwQY
MBaAFEbMq3R5pODYpBdzUKAKab2IOwSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnN5cmRIbWs0TmlrRjNOUW9BcHB2WWc3QkkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kYzUyNDMtYmJhNC00YWNmLWEyMTgt
MmYzMDI1MmViNDQyLzEva2JLNUZiWVdpSXpoeWZkNlgxRnZPTTRMTV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kYzUyNDMtYmJhNC00YWNmLWEyMTgtMmYzMDI1MmViNDQy
LzEvUnN5cmRIbWs0TmlrRjNOUW9BcHB2WWc3QkkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAkBAIAATAeAwQCLQhQAwQC
uWYsAwQCub9kAwQCudToAwQAueqbMCIEAgACMBwDBQAqANIgAwUDKgoXwAMFACoL
fkADBQMqDhoAMA0GCSqGSIb3DQEBCwUAA4IBAQBQdrASxnjDWwUMvBMGrp+NixUK
NsPfsuO6+944ZPG0QZ76jBct/nKxR7r27dhQHECw9n/z8/SaCUBlC/JPJeuVM0Gg
P1XDD+cHO13dTMeykCiabMyvypppGtpwSBAazWrKLBgXzX5ddTO1sKpaCkhMNnId
OTdWpnIq2jncYKrWDJnFOfz+902aRH3ex6NLZ/J751uTY41GhFoPR4mSZC4vM1LJ
cquGCqj7THlxMA7WioZOLdTbiNtx6g78wcUGCLCdOAmC9h8K4nDSptQt4fM4ux5b
6lLKvMq873Z2LfcCJNqZhhnmRA29t+yKPEMQIIktX2c1rAM4J6p4tFdIfOdy
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:10 2025 by rpki-client on console.sobornost.net