Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/eed853-3b36-45ed-9533-b17c2affa30b/1/0MltjoScbWKVRJAVtzOlI7_AtTM.roa
File: 0MltjoScbWKVRJAVtzOlI7_AtTM.roa (raw, json)
Hash identifier: SViUMsy1T/49SZJpozJCX+cxm4lNhgz3VR3S8vcAZvk=
Subject key identifier: D0:C9:6D:8E:84:9C:6D:62:95:44:90:15:B7:33:A5:23:BF:C0:B5:33
Certificate issuer: /CN=ba0f864ba0fa204de93ac5aa84f728b6220c6f7c
Certificate serial: 019421B2243F1C475E2EE8D2CF2987B60207
Authority key identifier: BA:0F:86:4B:A0:FA:20:4D:E9:3A:C5:AA:84:F7:28:B6:22:0C:6F:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ug-GS6D6IE3pOsWqhPcotiIMb3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/eed853-3b36-45ed-9533-b17c2affa30b/1/0MltjoScbWKVRJAVtzOlI7_AtTM.roa
Signing time: Wed 01 Jan 2025 11:48:30 +0000
ROA not before: Wed 01 Jan 2025 11:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201962
IP address blocks: 45.153.176.0/22 maxlen: 22
91.205.12.0/22 maxlen: 22
185.58.28.0/22 maxlen: 22
2a04:df80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:24:3f:1c:47:5e:2e:e8:d2:cf:29:87:b6:02:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba0f864ba0fa204de93ac5aa84f728b6220c6f7c
Validity
Not Before: Jan 1 11:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0c96d8e849c6d6295449015b733a523bfc0b533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:76:a7:46:d5:ac:b1:23:77:87:36:cf:53:0d:
e5:a6:6a:0f:2e:89:0f:c0:a9:92:fb:1e:0c:8e:4c:
e7:5e:30:bd:87:6b:fa:ff:c9:5e:d3:f7:5c:b9:d5:
73:00:53:53:db:98:72:39:8a:b2:7d:cc:e6:0e:23:
71:ff:f2:a2:76:ab:38:dd:6b:59:d6:14:e6:7d:35:
e3:e7:16:76:e3:f8:e8:59:39:02:e1:54:7d:1a:70:
a5:71:28:cc:b8:d2:a6:9a:67:89:82:0a:99:b0:7d:
65:a8:68:6f:8b:2f:d5:38:53:bb:34:1a:a9:35:a0:
b3:f8:ea:8d:bf:18:9f:ff:25:e4:66:c8:76:4f:1c:
d3:7b:5d:42:94:b1:7d:e7:ba:dd:33:da:f9:ab:5d:
53:51:d4:05:72:dc:30:7c:f3:a6:71:29:9d:90:0e:
85:2a:bb:d0:4d:84:40:05:f5:88:e3:78:a1:62:08:
84:dc:bd:6c:8e:40:e7:32:80:d0:75:72:82:12:93:
a8:4d:ba:39:75:d5:b3:b6:6d:b7:b4:65:e1:91:f0:
da:32:57:13:d5:3e:1d:e0:1e:29:72:39:58:6c:5f:
c9:ef:f5:ed:8c:e9:51:e7:ff:25:28:1f:c2:73:19:
b6:fe:77:35:ff:03:45:d1:e0:79:d0:30:0e:33:1d:
57:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C9:6D:8E:84:9C:6D:62:95:44:90:15:B7:33:A5:23:BF:C0:B5:33
X509v3 Authority Key Identifier:
keyid:BA:0F:86:4B:A0:FA:20:4D:E9:3A:C5:AA:84:F7:28:B6:22:0C:6F:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug-GS6D6IE3pOsWqhPcotiIMb3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/eed853-3b36-45ed-9533-b17c2affa30b/1/0MltjoScbWKVRJAVtzOlI7_AtTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/eed853-3b36-45ed-9533-b17c2affa30b/1/ug-GS6D6IE3pOsWqhPcotiIMb3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.176.0/22
91.205.12.0/22
185.58.28.0/22
IPv6:
2a04:df80::/29
Signature Algorithm: sha256WithRSAEncryption
4f:f8:28:dd:1a:91:7d:9e:d4:47:b0:a4:08:36:8d:e6:27:f2:
2e:da:f6:61:f0:8f:d2:cf:cd:29:45:54:81:06:c5:e9:91:1c:
f7:26:42:f0:c7:00:b2:85:cf:ac:50:41:3c:f6:86:a4:bf:b7:
52:4e:73:36:52:34:c8:12:99:cd:fd:35:02:0b:59:e9:4a:ba:
cd:a8:d6:d0:6b:af:01:5b:0b:4c:bb:76:b1:e4:8c:f7:42:95:
29:56:bc:86:39:e8:14:ab:d3:47:5c:8d:e9:38:5f:34:55:cd:
69:4c:08:a8:53:2e:f3:50:32:e3:67:1f:14:14:1b:3c:43:fe:
4a:fd:b1:38:fb:e2:69:f9:53:20:7e:a1:8a:60:ab:a3:4d:c0:
c5:d2:ee:6a:06:80:97:7f:5c:a9:1d:63:2e:1e:ee:48:ef:f6:
b9:d9:4d:a8:32:07:1f:2e:c5:ae:1b:e1:23:08:b2:5f:22:69:
5e:2d:f7:15:65:d1:10:87:e6:91:8b:6d:91:72:b9:37:3f:0a:
d7:e1:7a:d2:eb:c2:fa:29:c9:7c:57:9a:66:bb:17:a8:31:0d:
ad:fb:11:c7:a4:ba:a3:65:ac:2c:04:ee:a8:79:55:4b:a7:b0:
cc:cf:0a:81:e9:84:01:e7:1a:60:16:67:37:9c:95:dc:94:6b:
93:f4:9c:a1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhsiQ/HEdeLujSzymHtgIHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGY4NjRiYTBmYTIwNGRlOTNhYzVhYTg0ZjcyOGI2MjIw
YzZmN2MwHhcNMjUwMTAxMTE0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGM5NmQ4ZTg0OWM2ZDYyOTU0NDkwMTViNzMzYTUyM2JmYzBiNTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnanRtWssSN3hzbPUw3lpmoPLokP
wKmS+x4MjkznXjC9h2v6/8le0/dcudVzAFNT25hyOYqyfczmDiNx//Kidqs43WtZ
1hTmfTXj5xZ24/joWTkC4VR9GnClcSjMuNKmmmeJggqZsH1lqGhviy/VOFO7NBqp
NaCz+OqNvxif/yXkZsh2TxzTe11ClLF957rdM9r5q11TUdQFctwwfPOmcSmdkA6F
KrvQTYRABfWI43ihYgiE3L1sjkDnMoDQdXKCEpOoTbo5ddWztm23tGXhkfDaMlcT
1T4d4B4pcjlYbF/J7/XtjOlR5/8lKB/Ccxm2/nc1/wNF0eB50DAOMx1XvwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNDJbY6EnG1ilUSQFbczpSO/wLUzMB8GA1UdIwQY
MBaAFLoPhkug+iBN6TrFqoT3KLYiDG98MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWctR1M2RDZJRTNwT3NXcWhQY290aUlNYjN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9lZWQ4NTMtM2IzNi00NWVkLTk1MzMt
YjE3YzJhZmZhMzBiLzEvME1sdGpvU2NiV0tWUkpBVnR6T2xJN19BdFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9lZWQ4NTMtM2IzNi00NWVkLTk1MzMtYjE3YzJhZmZhMzBi
LzEvdWctR1M2RDZJRTNwT3NXcWhQY290aUlNYjN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZmwAwQC
W80MAwQCuTocMA0EAgACMAcDBQMqBN+AMA0GCSqGSIb3DQEBCwUAA4IBAQBP+Cjd
GpF9ntRHsKQINo3mJ/Iu2vZh8I/Sz80pRVSBBsXpkRz3JkLwxwCyhc+sUEE89oak
v7dSTnM2UjTIEpnN/TUCC1npSrrNqNbQa68BWwtMu3ax5Iz3QpUpVryGOegUq9NH
XI3pOF80Vc1pTAioUy7zUDLjZx8UFBs8Q/5K/bE4++Jp+VMgfqGKYKujTcDF0u5q
BoCXf1ypHWMuHu5I7/a52U2oMgcfLsWuG+EjCLJfImleLfcVZdEQh+aRi22Rcrk3
PwrX4XrS68L6Kcl8V5pmuxeoMQ2t+xHHpLqjZawsBO6oeVVLp7DMzwqB6YQB5xpg
Fmc3nJXclGuT9Jyh
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:10 2025 by rpki-client on console.sobornost.net