Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/ff03a3-31a1-4da1-b8e9-7a0b3d5d9156/1/sHHovkPcLVWIMQ_tboQIdcTBHy0.roa
File: sHHovkPcLVWIMQ_tboQIdcTBHy0.roa (raw, json)
Hash identifier: fYwK2GNfLuzV598M+4d1qnmBbMriSVB83QSoeu+hALg=
Subject key identifier: B0:71:E8:BE:43:DC:2D:55:88:31:0F:ED:6E:84:08:75:C4:C1:1F:2D
Certificate issuer: /CN=de085b0d1bbf9e781b154b06f7b9141129db775f
Certificate serial: 01942826868CE98A356448F9B8B9DE3E6F86
Authority key identifier: DE:08:5B:0D:1B:BF:9E:78:1B:15:4B:06:F7:B9:14:11:29:DB:77:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ghbDRu_nngbFUsG97kUESnbd18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/ff03a3-31a1-4da1-b8e9-7a0b3d5d9156/1/sHHovkPcLVWIMQ_tboQIdcTBHy0.roa
Signing time: Thu 02 Jan 2025 17:53:20 +0000
ROA not before: Thu 02 Jan 2025 17:53:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208651
IP address blocks: 45.91.152.0/22 maxlen: 22
45.91.152.0/24 maxlen: 24
45.91.153.0/24 maxlen: 24
45.91.154.0/24 maxlen: 24
45.91.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:86:8c:e9:8a:35:64:48:f9:b8:b9:de:3e:6f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de085b0d1bbf9e781b154b06f7b9141129db775f
Validity
Not Before: Jan 2 17:53:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b071e8be43dc2d5588310fed6e840875c4c11f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:39:86:dc:5e:30:d0:17:39:aa:d9:f2:e7:6f:
fa:f3:a5:9b:c2:01:53:47:44:61:a3:c7:66:aa:be:
98:ac:22:70:d0:2a:d3:ba:70:25:5a:57:fd:fd:e4:
46:2c:77:b7:c4:2b:23:55:8a:d9:f1:4b:07:eb:83:
fa:3a:da:a6:c0:fa:34:1f:1d:3c:99:58:ad:04:71:
04:d2:c9:df:6d:7d:ff:af:49:3f:f4:56:a4:c2:19:
ec:79:b8:86:5e:3f:99:92:d9:75:20:da:bb:60:52:
14:a8:0e:ce:15:2c:7e:4b:d3:c0:0b:52:ba:ab:0b:
87:99:b3:e8:05:1f:4c:34:df:88:77:c1:35:89:e7:
73:18:da:f5:71:07:36:f9:55:13:a0:1b:06:c0:91:
a1:e3:ba:54:eb:2c:32:eb:47:7c:0a:82:89:0a:a4:
89:dc:db:50:71:3e:0d:d2:c7:f2:ca:da:61:87:8c:
7f:24:2b:eb:ce:3b:5d:b4:7f:c3:c4:15:b5:bf:94:
8c:e3:f6:c2:e4:c2:a2:f3:c6:c0:2b:41:c3:fc:81:
29:5f:54:8c:68:f1:30:ce:51:55:0f:6c:2a:8d:3b:
9e:a4:71:af:ed:97:d1:51:0f:15:16:36:1d:4e:ed:
ee:fb:a8:88:98:c5:94:82:ae:76:5b:01:e3:46:cc:
78:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:71:E8:BE:43:DC:2D:55:88:31:0F:ED:6E:84:08:75:C4:C1:1F:2D
X509v3 Authority Key Identifier:
keyid:DE:08:5B:0D:1B:BF:9E:78:1B:15:4B:06:F7:B9:14:11:29:DB:77:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ghbDRu_nngbFUsG97kUESnbd18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ff03a3-31a1-4da1-b8e9-7a0b3d5d9156/1/sHHovkPcLVWIMQ_tboQIdcTBHy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ff03a3-31a1-4da1-b8e9-7a0b3d5d9156/1/3ghbDRu_nngbFUsG97kUESnbd18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.152.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:33:27:0c:b9:bd:66:cd:2a:00:ee:0e:50:fb:26:27:dc:0f:
0b:74:10:8e:d0:09:d1:39:d2:eb:ab:d8:f5:3a:dd:ef:d3:9d:
37:8b:40:2c:cf:53:d5:f3:60:a5:c6:ce:d3:56:de:de:23:b8:
b4:70:52:36:d8:d9:83:c5:9f:8e:12:5c:24:d4:3b:74:29:da:
c1:26:68:a0:a3:13:dc:c2:6a:8c:5d:97:bf:13:69:43:3f:36:
ba:27:43:cf:c7:fe:4d:7f:eb:45:14:74:85:da:f4:b2:78:8c:
5f:4b:0a:e2:f5:1e:a2:99:29:32:bf:d4:08:48:1d:dd:bb:b9:
ca:0d:b5:c2:4c:d7:74:d1:a7:e0:53:72:88:17:ce:c7:42:f4:
82:d0:d7:54:0f:11:ff:7d:09:72:77:9c:7b:f4:2c:5c:5a:3d:
f9:14:86:b3:fc:fb:93:5c:25:c0:90:e5:80:9d:7e:6d:f9:ee:
da:8a:47:39:dc:d4:e3:84:d1:e7:6c:be:3f:38:40:60:f7:0f:
c0:37:e7:c9:b8:f2:e7:25:d5:44:88:b1:fa:bf:f8:2a:b9:d7:
d1:47:3f:ac:89:9d:41:76:3b:cc:98:5e:05:ba:a4:64:7d:dc:
d0:29:08:87:be:4f:00:56:d8:ce:b3:5b:37:93:31:d2:c0:a3:
47:59:81:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJoaM6Yo1ZEj5uLnePm+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMDg1YjBkMWJiZjllNzgxYjE1NGIwNmY3YjkxNDExMjlk
Yjc3NWYwHhcNMjUwMTAyMTc1MzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDcxZThiZTQzZGMyZDU1ODgzMTBmZWQ2ZTg0MDg3NWM0YzExZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTmG3F4w0Bc5qtny52/686WbwgFT
R0Rho8dmqr6YrCJw0CrTunAlWlf9/eRGLHe3xCsjVYrZ8UsH64P6OtqmwPo0Hx08
mVitBHEE0snfbX3/r0k/9FakwhnsebiGXj+Zktl1INq7YFIUqA7OFSx+S9PAC1K6
qwuHmbPoBR9MNN+Id8E1iedzGNr1cQc2+VUToBsGwJGh47pU6ywy60d8CoKJCqSJ
3NtQcT4N0sfyytphh4x/JCvrzjtdtH/DxBW1v5SM4/bC5MKi88bAK0HD/IEpX1SM
aPEwzlFVD2wqjTuepHGv7ZfRUQ8VFjYdTu3u+6iImMWUgq52WwHjRsx4YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLBx6L5D3C1ViDEP7W6ECHXEwR8tMB8GA1UdIwQY
MBaAFN4IWw0bv554GxVLBve5FBEp23dfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2doYkRSdV9ubmdiRlVzRzk3a1VFU25iZDE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mZjAzYTMtMzFhMS00ZGExLWI4ZTkt
N2EwYjNkNWQ5MTU2LzEvc0hIb3ZrUGNMVldJTVFfdGJvUUlkY1RCSHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mZjAzYTMtMzFhMS00ZGExLWI4ZTktN2EwYjNkNWQ5MTU2
LzEvM2doYkRSdV9ubmdiRlVzRzk3a1VFU25iZDE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVuYMA0G
CSqGSIb3DQEBCwUAA4IBAQCtMycMub1mzSoA7g5Q+yYn3A8LdBCO0AnROdLrq9j1
Ot3v0503i0Asz1PV82Clxs7TVt7eI7i0cFI22NmDxZ+OElwk1Dt0KdrBJmigoxPc
wmqMXZe/E2lDPza6J0PPx/5Nf+tFFHSF2vSyeIxfSwri9R6imSkyv9QISB3du7nK
DbXCTNd00afgU3KIF87HQvSC0NdUDxH/fQlyd5x79CxcWj35FIaz/PuTXCXAkOWA
nX5t+e7aikc53NTjhNHnbL4/OEBg9w/AN+fJuPLnJdVEiLH6v/gqudfRRz+siZ1B
djvMmF4FuqRkfdzQKQiHvk8AVtjOs1s3kzHSwKNHWYHm
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net