Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/O93z9J0rbyaeCFXcs4eSEHW-b9g.roa
File: O93z9J0rbyaeCFXcs4eSEHW-b9g.roa (raw, json)
Hash identifier: 7KyqnvgwtoRUDncyt5nR24naYWkBOuGF6zEjC4PH/8g=
Subject key identifier: 3B:DD:F3:F4:9D:2B:6F:26:9E:08:55:DC:B3:87:92:10:75:BE:6F:D8
Certificate issuer: /CN=aaf4969842de9c4c1e1a5759d98d1ed5c0d62ef8
Certificate serial: 0194258F4B0F193314DD5AD0165F8FED85E8
Authority key identifier: AA:F4:96:98:42:DE:9C:4C:1E:1A:57:59:D9:8D:1E:D5:C0:D6:2E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvSWmELenEweGldZ2Y0e1cDWLvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/O93z9J0rbyaeCFXcs4eSEHW-b9g.roa
Signing time: Thu 02 Jan 2025 05:48:55 +0000
ROA not before: Thu 02 Jan 2025 05:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34872
IP address blocks: 45.152.68.0/24 maxlen: 24
2a0f:4900::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:4b:0f:19:33:14:dd:5a:d0:16:5f:8f:ed:85:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaf4969842de9c4c1e1a5759d98d1ed5c0d62ef8
Validity
Not Before: Jan 2 05:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bddf3f49d2b6f269e0855dcb387921075be6fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8f:53:eb:05:0b:60:db:03:33:ae:41:c6:34:
0b:46:5e:6d:b9:e9:33:97:7e:d6:c2:54:7c:9e:ab:
ba:d9:dd:c0:20:6a:e3:54:60:90:3a:18:99:f3:fe:
82:03:e1:5f:8c:01:70:ef:c4:04:7f:b2:82:8e:a2:
de:3a:a4:7d:1c:57:7c:34:09:36:39:46:7f:71:28:
ac:0b:fb:f0:d3:5e:45:8a:09:ba:e1:d1:c7:26:24:
56:be:01:d9:3e:af:86:d0:c4:ea:35:c5:05:4a:82:
5d:5f:a8:08:2a:a4:ee:d1:58:97:f2:df:ee:20:2b:
d9:ee:da:cc:0c:90:38:57:5d:27:62:63:b1:94:9b:
0b:88:b1:57:22:09:48:33:e0:82:d3:93:29:ff:25:
bc:c8:e4:3e:fa:33:1c:4e:69:a3:19:4c:fa:8e:86:
dd:44:5a:06:c0:ad:d1:3c:61:49:57:57:86:d5:be:
f6:07:55:3b:7a:20:55:dd:31:84:d0:6e:67:43:37:
46:66:61:0c:01:98:a1:f1:f5:31:0b:87:0e:5e:e9:
5b:bd:fb:81:5c:98:d3:79:e9:a9:f9:58:73:31:09:
48:e3:23:6d:27:2c:76:67:c8:29:67:da:86:13:80:
a0:c1:33:40:fa:71:97:f9:af:d1:b3:bd:4c:d2:42:
14:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:DD:F3:F4:9D:2B:6F:26:9E:08:55:DC:B3:87:92:10:75:BE:6F:D8
X509v3 Authority Key Identifier:
keyid:AA:F4:96:98:42:DE:9C:4C:1E:1A:57:59:D9:8D:1E:D5:C0:D6:2E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvSWmELenEweGldZ2Y0e1cDWLvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/O93z9J0rbyaeCFXcs4eSEHW-b9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/qvSWmELenEweGldZ2Y0e1cDWLvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.68.0/24
IPv6:
2a0f:4900::/48
Signature Algorithm: sha256WithRSAEncryption
8c:99:04:ff:75:e4:fd:90:67:b1:d4:20:39:da:97:3f:b0:5b:
26:1a:0d:34:91:1a:a0:fb:b1:5f:d8:21:6c:bf:23:a7:5c:17:
a0:38:4b:d9:21:b8:74:11:3a:cd:07:5b:7c:3c:08:ab:8f:0f:
46:3e:e3:00:0c:25:db:3f:c9:71:57:38:6a:b1:9d:7d:21:2d:
c1:06:06:7a:7e:c2:d0:24:56:22:4d:59:ed:0f:1c:f0:e0:16:
5d:f9:0d:e2:24:20:8e:0f:c3:98:7d:7b:e2:19:58:eb:75:c5:
61:d3:46:27:5c:fe:33:f1:60:0c:c1:2b:80:42:44:e7:07:8c:
28:0f:1f:1b:2c:c6:1a:62:0d:ad:19:9b:d9:19:c1:62:50:2e:
31:4a:28:2d:5c:ef:79:d9:1a:19:f5:ca:8a:d8:8b:36:3e:33:
96:39:c5:ac:5e:be:77:18:a1:28:51:16:c9:87:1b:94:57:8b:
ea:71:2d:25:78:ac:6b:60:5b:df:23:e3:65:ce:e7:a6:4b:36:
9a:1a:d1:70:78:9d:5f:4c:f6:73:47:1b:09:0b:17:2c:ea:2c:
bd:76:39:c5:2d:13:36:0b:9f:8f:3d:ae:58:00:69:fb:b8:e8:
52:27:bb:9c:fb:d9:8e:20:79:28:22:f1:82:44:86:6c:19:b8:
af:45:9c:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlj0sPGTMU3VrQFl+P7YXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjQ5Njk4NDJkZTljNGMxZTFhNTc1OWQ5OGQxZWQ1YzBk
NjJlZjgwHhcNMjUwMTAyMDU0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmRkZjNmNDlkMmI2ZjI2OWUwODU1ZGNiMzg3OTIxMDc1YmU2ZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA149T6wULYNsDM65BxjQLRl5tuekz
l37WwlR8nqu62d3AIGrjVGCQOhiZ8/6CA+FfjAFw78QEf7KCjqLeOqR9HFd8NAk2
OUZ/cSisC/vw015Figm64dHHJiRWvgHZPq+G0MTqNcUFSoJdX6gIKqTu0ViX8t/u
ICvZ7trMDJA4V10nYmOxlJsLiLFXIglIM+CC05Mp/yW8yOQ++jMcTmmjGUz6jobd
RFoGwK3RPGFJV1eG1b72B1U7eiBV3TGE0G5nQzdGZmEMAZih8fUxC4cOXulbvfuB
XJjTeemp+VhzMQlI4yNtJyx2Z8gpZ9qGE4CgwTNA+nGX+a/Rs71M0kIU0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDvd8/SdK28mnghV3LOHkhB1vm/YMB8GA1UdIwQY
MBaAFKr0lphC3pxMHhpXWdmNHtXA1i74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZTV21FTGVuRXdlR2xkWjJZMGUxY0RXTHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83MjBmOWYtZjBiOC00NGQyLTgzNjct
ZjgxZmRmNzRlNjU1LzEvTzkzejlKMHJieWFlQ0ZYY3M0ZVNFSFctYjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83MjBmOWYtZjBiOC00NGQyLTgzNjctZjgxZmRmNzRlNjU1
LzEvcXZTV21FTGVuRXdlR2xkWjJZMGUxY0RXTHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZhEMA8E
AgACMAkDBwAqD0kAAAAwDQYJKoZIhvcNAQELBQADggEBAIyZBP915P2QZ7HUIDna
lz+wWyYaDTSRGqD7sV/YIWy/I6dcF6A4S9khuHQROs0HW3w8CKuPD0Y+4wAMJds/
yXFXOGqxnX0hLcEGBnp+wtAkViJNWe0PHPDgFl35DeIkII4Pw5h9e+IZWOt1xWHT
Ridc/jPxYAzBK4BCROcHjCgPHxssxhpiDa0Zm9kZwWJQLjFKKC1c73nZGhn1yorY
izY+M5Y5xaxevncYoShRFsmHG5RXi+pxLSV4rGtgW98j42XO56ZLNpoa0XB4nV9M
9nNHGwkLFyzqLL12OcUtEzYLn489rlgAafu46FInu5z72Y4geSgi8YJEhmwZuK9F
nK8=
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:12:33 2025 by rpki-client on console.sobornost.net