Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/_sBQ-iEtTw6n3_2GUf1kdKinw6k.roa
File: _sBQ-iEtTw6n3_2GUf1kdKinw6k.roa (raw, json)
Hash identifier: 2pQWnwaXMMFBZzZKZwaCBzryPcNsmH6tse3213iQbEg=
Subject key identifier: FE:C0:50:FA:21:2D:4F:0E:A7:DF:FD:86:51:FD:64:74:A8:A7:C3:A9
Certificate issuer: /CN=e7c07db9880133c5cdce005bca111b552cd14c53
Certificate serial: 019426D90137DECD417341505B77B2C1CFB6
Authority key identifier: E7:C0:7D:B9:88:01:33:C5:CD:CE:00:5B:CA:11:1B:55:2C:D1:4C:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/58B9uYgBM8XNzgBbyhEbVSzRTFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/_sBQ-iEtTw6n3_2GUf1kdKinw6k.roa
Signing time: Thu 02 Jan 2025 11:49:03 +0000
ROA not before: Thu 02 Jan 2025 11:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208974
IP address blocks: 45.12.168.0/23 maxlen: 23
45.12.170.0/24 maxlen: 24
2a0e:b500::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:01:37:de:cd:41:73:41:50:5b:77:b2:c1:cf:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7c07db9880133c5cdce005bca111b552cd14c53
Validity
Not Before: Jan 2 11:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fec050fa212d4f0ea7dffd8651fd6474a8a7c3a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:80:28:af:4a:d5:c6:b4:55:dd:95:b4:c8:41:
8b:55:4a:97:19:b6:c4:ae:43:d9:85:b7:79:a8:63:
6b:e3:20:52:26:d0:ab:f9:46:42:6d:5a:c2:47:8b:
d6:2f:68:ed:fe:19:4a:40:11:12:15:3a:1b:63:82:
41:d6:4c:fd:f7:6e:60:4a:94:74:d0:ce:bd:40:5a:
40:b5:e8:dc:ab:14:6b:59:c6:6d:07:94:5a:80:45:
21:3c:55:33:35:8c:b8:bd:79:54:60:4e:dd:ff:99:
3c:0b:af:10:d1:12:d0:3f:45:bb:74:63:ae:2f:5a:
61:05:1e:c6:d1:fa:ad:58:80:ea:61:a5:ca:76:7a:
fc:ac:9c:09:2f:a9:2e:57:87:df:74:12:9a:64:aa:
0d:82:ad:89:39:ad:a6:c0:8f:4a:f5:d4:f3:5b:40:
a9:22:46:22:c3:5a:71:ee:39:d1:1d:e8:42:ad:a8:
d8:8d:7f:12:d8:c4:28:78:00:6f:9d:78:6b:24:22:
b5:d2:f5:bd:14:30:9e:4d:fc:fe:1a:9a:ca:cf:6e:
01:b5:55:3c:b2:1b:06:ce:fd:32:79:2b:f1:cf:f6:
6a:13:b0:29:85:be:20:8e:b6:f4:db:43:ea:52:25:
b8:c7:7f:b3:95:4a:8f:3f:e7:33:f4:0f:93:cc:6d:
57:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C0:50:FA:21:2D:4F:0E:A7:DF:FD:86:51:FD:64:74:A8:A7:C3:A9
X509v3 Authority Key Identifier:
keyid:E7:C0:7D:B9:88:01:33:C5:CD:CE:00:5B:CA:11:1B:55:2C:D1:4C:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/58B9uYgBM8XNzgBbyhEbVSzRTFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/_sBQ-iEtTw6n3_2GUf1kdKinw6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/58B9uYgBM8XNzgBbyhEbVSzRTFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.168.0-45.12.170.255
IPv6:
2a0e:b500::/29
Signature Algorithm: sha256WithRSAEncryption
73:a1:c0:6a:ef:6c:bb:8b:ce:72:d4:cb:f5:07:44:50:3f:89:
9c:2f:31:ed:00:c3:cf:34:38:3c:ae:03:b1:bb:d8:ef:f7:b8:
fc:71:fa:6e:74:92:71:18:bf:cb:50:7c:6c:6e:4c:78:19:a0:
f3:6a:0a:a3:0f:9b:68:ce:b2:18:5c:96:99:3a:90:53:6c:c3:
95:f9:6a:e3:f8:a9:49:e9:aa:de:9c:a3:3e:f6:3c:58:d8:65:
7c:8a:45:25:99:29:1d:f2:7f:84:76:d5:1c:0c:5f:e5:3b:9e:
74:3b:69:3c:5f:fa:52:4d:21:81:11:27:36:2c:dc:8e:48:0b:
77:d5:e3:91:29:4b:b5:f9:1e:98:8e:5c:00:38:00:b0:07:cf:
9d:cf:ef:2c:f9:74:c4:fa:11:25:2e:89:6c:cf:01:56:2e:66:
fa:31:d1:05:11:99:1c:26:6b:27:9c:fd:4f:05:6a:6a:6d:c5:
6c:b3:dd:8e:d4:0a:72:59:77:89:9a:c4:7b:22:4f:08:da:68:
ee:98:e8:37:22:f1:a4:e9:65:fc:47:9d:b1:7c:f3:9a:b3:a6:
fd:2b:73:d3:82:6a:72:89:49:d0:74:d6:d5:25:66:fe:6a:2a:
ea:52:55:3a:b7:7a:f8:f3:35:fc:64:a5:6c:96:fd:0b:dd:4a:
2e:04:cb:1a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQm2QE33s1Bc0FQW3eywc+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3YzA3ZGI5ODgwMTMzYzVjZGNlMDA1YmNhMTExYjU1MmNk
MTRjNTMwHhcNMjUwMTAyMTE0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWMwNTBmYTIxMmQ0ZjBlYTdkZmZkODY1MWZkNjQ3NGE4YTdjM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IAor0rVxrRV3ZW0yEGLVUqXGbbE
rkPZhbd5qGNr4yBSJtCr+UZCbVrCR4vWL2jt/hlKQBESFTobY4JB1kz9925gSpR0
0M69QFpAtejcqxRrWcZtB5RagEUhPFUzNYy4vXlUYE7d/5k8C68Q0RLQP0W7dGOu
L1phBR7G0fqtWIDqYaXKdnr8rJwJL6kuV4ffdBKaZKoNgq2JOa2mwI9K9dTzW0Cp
IkYiw1px7jnRHehCrajYjX8S2MQoeABvnXhrJCK10vW9FDCeTfz+GprKz24BtVU8
shsGzv0yeSvxz/ZqE7Aphb4gjrb020PqUiW4x3+zlUqPP+cz9A+TzG1X+QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFP7AUPohLU8Op9/9hlH9ZHSop8OpMB8GA1UdIwQY
MBaAFOfAfbmIATPFzc4AW8oRG1Us0UxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNThCOXVZZ0JNOFhOemdCYnloRWJWU3pSVEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84Y2RkNDktYzA5NC00YzZhLTkxOGMt
MGFhNDYzY2RmY2EwLzEvX3NCUS1pRXRUdzZuM18yR1VmMWtkS2ludzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84Y2RkNDktYzA5NC00YzZhLTkxOGMtMGFhNDYzY2RmY2Ew
LzEvNThCOXVZZ0JNOFhOemdCYnloRWJWU3pSVEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAMtDKgD
BAAtDKowDQQCAAIwBwMFAyoOtQAwDQYJKoZIhvcNAQELBQADggEBAHOhwGrvbLuL
znLUy/UHRFA/iZwvMe0Aw880ODyuA7G72O/3uPxx+m50knEYv8tQfGxuTHgZoPNq
CqMPm2jOshhclpk6kFNsw5X5auP4qUnpqt6coz72PFjYZXyKRSWZKR3yf4R21RwM
X+U7nnQ7aTxf+lJNIYERJzYs3I5IC3fV45EpS7X5HpiOXAA4ALAHz53P7yz5dMT6
ESUuiWzPAVYuZvox0QURmRwmayec/U8FamptxWyz3Y7UCnJZd4maxHsiTwjaaO6Y
6Dci8aTpZfxHnbF885qzpv0rc9OCanKJSdB01tUlZv5qKupSVTq3evjzNfxkpWyW
/QvdSi4Eyxo=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:21 2025 by rpki-client on console.sobornost.net