Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/f686b2-ff33-41e1-9b1c-f10603b3768d/1/85JP1EmlrjP9cMbgQ-NLAJZsWYU.roa
File: 85JP1EmlrjP9cMbgQ-NLAJZsWYU.roa (raw, json)
Hash identifier: MO0sgGxlXYh61dJ8SPvOD77mPT9iIScGfPHBaJnXid0=
Subject key identifier: F3:92:4F:D4:49:A5:AE:33:FD:70:C6:E0:43:E3:4B:00:96:6C:59:85
Certificate issuer: /CN=45c5c1262e83d7bfa902c2c862a15f1e42d25591
Certificate serial: 01941FFA7923EF82C907FE8F28C97CE6DD45
Authority key identifier: 45:C5:C1:26:2E:83:D7:BF:A9:02:C2:C8:62:A1:5F:1E:42:D2:55:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RcXBJi6D17-pAsLIYqFfHkLSVZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/f686b2-ff33-41e1-9b1c-f10603b3768d/1/85JP1EmlrjP9cMbgQ-NLAJZsWYU.roa
Signing time: Wed 01 Jan 2025 03:48:16 +0000
ROA not before: Wed 01 Jan 2025 03:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210484
IP address blocks: 146.19.89.0/24 maxlen: 24
194.164.182.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:79:23:ef:82:c9:07:fe:8f:28:c9:7c:e6:dd:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45c5c1262e83d7bfa902c2c862a15f1e42d25591
Validity
Not Before: Jan 1 03:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3924fd449a5ae33fd70c6e043e34b00966c5985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8b:a1:ee:37:10:43:e9:30:c3:54:d9:3e:7b:
a7:bd:26:f9:24:79:a4:fe:9d:fa:8b:7e:ab:55:16:
e8:4d:7f:eb:f8:a8:dc:38:ae:95:7d:93:ea:54:18:
4e:8f:ea:5e:6e:65:02:86:c7:a3:eb:82:04:6f:17:
98:85:eb:37:a4:27:a9:44:84:38:68:80:39:d8:b0:
de:1f:04:a5:5c:50:65:ef:96:f3:25:0d:98:1e:76:
ca:3f:92:af:0a:5d:a3:66:97:97:84:43:6c:b1:39:
b9:04:07:41:06:e0:29:a8:e9:65:42:22:4b:84:9d:
4b:0d:fc:ba:66:7a:d8:12:9b:b4:a2:6b:ae:50:95:
6f:20:bd:a2:9d:a8:24:cc:c0:60:d3:16:b9:5b:c5:
47:96:d6:63:0f:88:96:2a:98:e8:32:5b:76:2d:fe:
31:5f:da:d0:5b:98:49:7d:82:0c:c6:4a:1a:8d:0c:
73:53:43:5a:02:c4:95:34:33:c5:d5:59:f6:ab:92:
cf:9b:d7:47:83:65:22:1e:67:5d:52:3b:25:f1:44:
f7:37:f6:c7:7d:8c:52:68:17:6c:ce:a4:9b:42:86:
cf:3c:e5:c8:0c:a1:b2:92:d8:a3:93:b0:d7:47:b5:
2b:a4:f9:67:e3:6e:0b:50:84:cc:5a:ef:4c:9d:f9:
f1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:92:4F:D4:49:A5:AE:33:FD:70:C6:E0:43:E3:4B:00:96:6C:59:85
X509v3 Authority Key Identifier:
keyid:45:C5:C1:26:2E:83:D7:BF:A9:02:C2:C8:62:A1:5F:1E:42:D2:55:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RcXBJi6D17-pAsLIYqFfHkLSVZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/f686b2-ff33-41e1-9b1c-f10603b3768d/1/85JP1EmlrjP9cMbgQ-NLAJZsWYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/f686b2-ff33-41e1-9b1c-f10603b3768d/1/RcXBJi6D17-pAsLIYqFfHkLSVZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.89.0/24
194.164.182.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:bf:18:33:16:d1:d4:30:77:29:f0:ed:56:0e:79:24:ce:46:
7f:6f:8f:9a:a2:07:6b:26:c1:ff:c1:c0:7a:4c:7b:da:0d:0b:
4e:49:ce:2b:2c:d8:9f:01:bd:df:a2:73:16:ec:c6:9a:f4:9f:
89:1b:c7:85:19:b6:6d:cb:63:cd:ff:18:49:3d:a2:06:1f:3a:
b3:e6:b2:43:d5:59:a7:8f:43:e4:c4:ba:69:71:b8:4c:d7:ca:
a5:ae:43:06:28:02:f4:7d:75:71:2f:8a:68:b8:d8:1e:25:0b:
9e:04:69:a6:22:8d:d8:be:49:2f:65:01:e5:21:93:0b:64:91:
08:d7:fe:64:7a:9d:5c:f6:ac:81:ac:c3:bb:50:40:98:ce:8c:
c8:45:aa:e8:e5:65:ec:b1:14:0e:5b:ca:fe:6c:63:ec:d7:7d:
c9:ce:a2:d9:0d:46:0f:da:3c:67:83:38:44:13:4a:f8:29:75:
c0:5d:76:ef:b7:56:30:09:02:77:65:d3:1f:bb:7b:b5:ae:7f:
7c:05:7a:41:0f:ee:87:0c:e6:f3:39:42:5e:77:35:c7:df:b8:
0a:cb:93:90:88:62:68:bf:a3:51:ed:bf:2f:25:f0:2b:55:8c:
62:9c:0a:a3:af:b1:96:1b:7d:d7:fd:1f:e8:1e:52:68:42:62:
88:a7:c4:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+nkj74LJB/6PKMl85t1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YzVjMTI2MmU4M2Q3YmZhOTAyYzJjODYyYTE1ZjFlNDJk
MjU1OTEwHhcNMjUwMTAxMDM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzkyNGZkNDQ5YTVhZTMzZmQ3MGM2ZTA0M2UzNGIwMDk2NmM1OTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsouh7jcQQ+kww1TZPnunvSb5JHmk
/p36i36rVRboTX/r+KjcOK6VfZPqVBhOj+pebmUChsej64IEbxeYhes3pCepRIQ4
aIA52LDeHwSlXFBl75bzJQ2YHnbKP5KvCl2jZpeXhENssTm5BAdBBuApqOllQiJL
hJ1LDfy6ZnrYEpu0omuuUJVvIL2inagkzMBg0xa5W8VHltZjD4iWKpjoMlt2Lf4x
X9rQW5hJfYIMxkoajQxzU0NaAsSVNDPF1Vn2q5LPm9dHg2UiHmddUjsl8UT3N/bH
fYxSaBdszqSbQobPPOXIDKGyktijk7DXR7UrpPln424LUITMWu9Mnfnx3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPOST9RJpa4z/XDG4EPjSwCWbFmFMB8GA1UdIwQY
MBaAFEXFwSYug9e/qQLCyGKhXx5C0lWRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmNYQkppNkQxNy1wQXNMSVlxRmZIa0xTVlpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9mNjg2YjItZmYzMy00MWUxLTliMWMt
ZjEwNjAzYjM3NjhkLzEvODVKUDFFbWxyalA5Y01iZ1EtTkxBSlpzV1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9mNjg2YjItZmYzMy00MWUxLTliMWMtZjEwNjAzYjM3Njhk
LzEvUmNYQkppNkQxNy1wQXNMSVlxRmZIa0xTVlpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhNZAwQB
wqS2MA0GCSqGSIb3DQEBCwUAA4IBAQCsvxgzFtHUMHcp8O1WDnkkzkZ/b4+aogdr
JsH/wcB6THvaDQtOSc4rLNifAb3fonMW7Maa9J+JG8eFGbZty2PN/xhJPaIGHzqz
5rJD1Vmnj0PkxLppcbhM18qlrkMGKAL0fXVxL4pouNgeJQueBGmmIo3YvkkvZQHl
IZMLZJEI1/5kep1c9qyBrMO7UECYzozIRaro5WXssRQOW8r+bGPs133JzqLZDUYP
2jxngzhEE0r4KXXAXXbvt1YwCQJ3ZdMfu3u1rn98BXpBD+6HDObzOUJedzXH37gK
y5OQiGJov6NR7b8vJfArVYxinAqjr7GWG33X/R/oHlJoQmKIp8Qd
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:16 2025 by rpki-client on console.sobornost.net