Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/zQEbsK0Mfs127lWIZftoKrVUELY.roa
File: zQEbsK0Mfs127lWIZftoKrVUELY.roa (raw, json)
Hash identifier: udDscKWp8MO7KqgzFMOIvaY0+h3LjwRagPNX+vFbHKY=
Subject key identifier: CD:01:1B:B0:AD:0C:7E:CD:76:EE:55:88:65:FB:68:2A:B5:54:10:B6
Certificate issuer: /CN=38b59daedd43cc9575ac35953e3f396e21bb6d80
Certificate serial: 019422FB418CFBF01EEE75DA75C846A2F27E
Authority key identifier: 38:B5:9D:AE:DD:43:CC:95:75:AC:35:95:3E:3F:39:6E:21:BB:6D:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLWdrt1DzJV1rDWVPj85biG7bYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/zQEbsK0Mfs127lWIZftoKrVUELY.roa
Signing time: Wed 01 Jan 2025 17:47:59 +0000
ROA not before: Wed 01 Jan 2025 17:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41290
IP address blocks: 45.147.40.0/24 maxlen: 24
2a0f:c800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:41:8c:fb:f0:1e:ee:75:da:75:c8:46:a2:f2:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b59daedd43cc9575ac35953e3f396e21bb6d80
Validity
Not Before: Jan 1 17:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd011bb0ad0c7ecd76ee558865fb682ab55410b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:80:7d:6f:82:f0:a1:8f:05:28:de:ed:83:ba:
42:81:7a:e1:fd:a3:cd:ab:44:38:63:ec:75:d7:84:
7d:46:71:9a:f9:76:c8:d6:ec:d2:14:11:02:92:13:
0e:91:30:e4:5a:50:22:97:3a:5d:ef:32:4d:99:f0:
86:98:c5:6c:e6:da:53:06:73:5d:f1:02:87:53:f8:
2d:3d:13:ea:ca:83:9e:5d:d7:fa:e1:81:da:65:c5:
89:f5:e4:d9:46:cc:2b:7f:ea:bc:ab:f4:b2:69:99:
d6:cc:da:99:06:65:bc:23:52:c2:25:0a:35:b7:33:
66:77:75:f4:45:60:cd:21:f6:62:9e:26:a0:f7:c1:
00:4e:8d:47:b1:d2:14:df:42:a5:c4:2c:5f:67:9a:
58:78:fc:75:c6:80:72:ea:7e:05:c4:4c:3b:63:b3:
a4:b8:81:01:64:c9:e8:cd:f6:98:77:6a:21:f5:a0:
fa:82:b6:d7:32:bf:f1:85:16:a1:64:0d:03:f9:e6:
1b:97:6b:85:88:b0:d0:65:f7:dc:82:06:ff:ae:35:
11:1d:bd:d5:b9:fb:84:a6:c1:98:c5:92:20:aa:d5:
f5:74:a8:d7:98:74:97:ab:96:f5:e0:f6:0d:f8:af:
c2:0f:40:a8:8b:e3:68:7e:95:25:75:6b:41:1a:e1:
b8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:01:1B:B0:AD:0C:7E:CD:76:EE:55:88:65:FB:68:2A:B5:54:10:B6
X509v3 Authority Key Identifier:
keyid:38:B5:9D:AE:DD:43:CC:95:75:AC:35:95:3E:3F:39:6E:21:BB:6D:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLWdrt1DzJV1rDWVPj85biG7bYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/zQEbsK0Mfs127lWIZftoKrVUELY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/OLWdrt1DzJV1rDWVPj85biG7bYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.40.0/24
IPv6:
2a0f:c800::/29
Signature Algorithm: sha256WithRSAEncryption
69:49:fe:c3:02:d8:40:ed:32:7e:b1:54:4e:0c:e1:63:bd:36:
e5:87:27:b0:42:b4:51:f5:98:6d:f4:1c:2c:43:2a:52:57:f0:
01:72:51:d9:dc:11:b1:57:e5:8c:82:78:aa:49:41:0e:ce:a1:
47:cb:08:a3:dc:d3:fc:cf:9f:ee:c6:db:2d:06:f6:f6:9e:85:
62:88:32:99:3e:74:57:80:bf:17:5c:9b:fc:91:f9:17:6e:8d:
53:27:e7:05:ac:20:90:a5:0d:80:1a:d7:5c:14:9d:6e:1c:48:
9f:65:27:d4:75:bb:ca:9a:25:3b:6e:e1:1e:b9:b4:ff:0b:d3:
9d:50:d1:8c:b9:39:28:c1:98:3a:da:49:16:51:73:0a:42:09:
38:d4:5c:33:46:8b:dc:8f:40:e6:82:23:11:a1:5c:da:26:4a:
4a:c7:75:26:d6:e4:f6:71:79:32:ff:5a:5c:5c:18:44:f6:56:
46:9e:83:2d:28:e4:6b:0f:16:8c:f7:8f:77:38:56:f2:6c:8c:
72:8f:8a:1a:b3:08:3b:15:94:fd:51:4d:ca:77:8c:5c:fc:bc:
56:72:fd:01:dc:f0:be:6f:74:83:22:7c:d6:e7:bc:c5:94:3f:
c6:d1:56:7c:18:3f:94:e2:13:59:b0:9e:1f:84:35:2f:57:6b:
ce:d8:7b:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+0GM+/Ae7nXadchGovJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjU5ZGFlZGQ0M2NjOTU3NWFjMzU5NTNlM2YzOTZlMjFi
YjZkODAwHhcNMjUwMTAxMTc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDAxMWJiMGFkMGM3ZWNkNzZlZTU1ODg2NWZiNjgyYWI1NTQxMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4B9b4LwoY8FKN7tg7pCgXrh/aPN
q0Q4Y+x114R9RnGa+XbI1uzSFBECkhMOkTDkWlAilzpd7zJNmfCGmMVs5tpTBnNd
8QKHU/gtPRPqyoOeXdf64YHaZcWJ9eTZRswrf+q8q/SyaZnWzNqZBmW8I1LCJQo1
tzNmd3X0RWDNIfZiniag98EATo1HsdIU30KlxCxfZ5pYePx1xoBy6n4FxEw7Y7Ok
uIEBZMnozfaYd2oh9aD6grbXMr/xhRahZA0D+eYbl2uFiLDQZffcggb/rjURHb3V
ufuEpsGYxZIgqtX1dKjXmHSXq5b14PYN+K/CD0Coi+NofpUldWtBGuG41wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM0BG7CtDH7Ndu5ViGX7aCq1VBC2MB8GA1UdIwQY
MBaAFDi1na7dQ8yVdaw1lT4/OW4hu22AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xXZHJ0MUR6SlYxckRXVlBqODViaUc3YllBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80MzMxMjctZTJjZi00MWExLTk5MTMt
N2EwZjcyY2JiMmQ1LzEvelFFYnNLME1mczEyN2xXSVpmdG9LclZVRUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC80MzMxMjctZTJjZi00MWExLTk5MTMtN2EwZjcyY2JiMmQ1
LzEvT0xXZHJ0MUR6SlYxckRXVlBqODViaUc3YllBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALZMoMA0E
AgACMAcDBQMqD8gAMA0GCSqGSIb3DQEBCwUAA4IBAQBpSf7DAthA7TJ+sVRODOFj
vTblhyewQrRR9Zht9BwsQypSV/ABclHZ3BGxV+WMgniqSUEOzqFHywij3NP8z5/u
xtstBvb2noViiDKZPnRXgL8XXJv8kfkXbo1TJ+cFrCCQpQ2AGtdcFJ1uHEifZSfU
dbvKmiU7buEeubT/C9OdUNGMuTkowZg62kkWUXMKQgk41FwzRovcj0DmgiMRoVza
JkpKx3Um1uT2cXky/1pcXBhE9lZGnoMtKORrDxaM9493OFbybIxyj4oaswg7FZT9
UU3Kd4xc/LxWcv0B3PC+b3SDInzW57zFlD/G0VZ8GD+U4hNZsJ4fhDUvV2vO2HvX
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net