Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/aeb70a-a3fc-4463-a7cd-986ea203f9ec/1/pUCR7J1Yuc7NHdPhzOaLS4lHeXA.roa
File: pUCR7J1Yuc7NHdPhzOaLS4lHeXA.roa (raw, json)
Hash identifier: duCthqxEbQDKuJSOfYFDXosZAjczkDom8uh5OUKy8l4=
Subject key identifier: A5:40:91:EC:9D:58:B9:CE:CD:1D:D3:E1:CC:E6:8B:4B:89:47:79:70
Certificate issuer: /CN=c7671270b69cec504606b126c4ca833816af7da4
Certificate serial: 019427B6185191267CEE0574B863F866EA4E
Authority key identifier: C7:67:12:70:B6:9C:EC:50:46:06:B1:26:C4:CA:83:38:16:AF:7D:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x2cScLac7FBGBrEmxMqDOBavfaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/aeb70a-a3fc-4463-a7cd-986ea203f9ec/1/pUCR7J1Yuc7NHdPhzOaLS4lHeXA.roa
Signing time: Thu 02 Jan 2025 15:50:32 +0000
ROA not before: Thu 02 Jan 2025 15:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216323
IP address blocks: 45.11.199.0/24 maxlen: 24
45.131.35.0/24 maxlen: 24
2a12:9e80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:18:51:91:26:7c:ee:05:74:b8:63:f8:66:ea:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7671270b69cec504606b126c4ca833816af7da4
Validity
Not Before: Jan 2 15:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a54091ec9d58b9cecd1dd3e1cce68b4b89477970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2b:dc:45:04:db:a7:0c:43:60:fc:c6:9a:99:
c6:de:f7:a1:9a:c8:b4:b1:81:d6:e6:e2:59:e3:c0:
5c:57:09:df:21:20:68:c9:c4:1f:6b:44:63:75:0f:
0e:0a:56:1b:9e:ec:a9:16:45:ca:83:48:5e:42:5c:
1d:d7:da:ef:d1:d9:bd:12:6a:c3:44:be:9e:ae:af:
9c:b9:6c:d5:31:ad:56:d6:86:24:6f:bb:28:12:39:
b3:f1:31:e3:f5:16:bf:d4:9c:a9:2e:b9:fa:37:9a:
7f:41:24:ec:8b:7a:e2:b6:ba:2a:97:0a:54:0f:14:
ff:e0:47:25:5e:2b:1f:a0:d7:a9:77:6f:9d:b0:18:
e1:ef:9c:f6:57:d2:64:28:3d:d4:e0:05:db:08:63:
07:62:7f:cc:66:95:17:bc:57:7b:f3:92:37:f3:fa:
39:10:12:e8:c5:0b:1f:e2:49:02:11:be:c1:ca:6c:
27:fc:6d:39:4d:79:4b:77:e5:55:a1:5e:20:00:91:
42:b7:aa:1e:4a:f2:cc:d2:5d:b9:38:f6:97:c4:65:
3a:60:9b:c3:ee:6e:e9:97:1c:e6:05:4f:7d:d6:ef:
5b:2e:f0:62:35:38:1b:2c:0a:c8:84:b3:49:41:77:
7a:de:85:b2:04:e5:fa:b3:89:18:ef:c3:4f:39:30:
28:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:40:91:EC:9D:58:B9:CE:CD:1D:D3:E1:CC:E6:8B:4B:89:47:79:70
X509v3 Authority Key Identifier:
keyid:C7:67:12:70:B6:9C:EC:50:46:06:B1:26:C4:CA:83:38:16:AF:7D:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x2cScLac7FBGBrEmxMqDOBavfaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/aeb70a-a3fc-4463-a7cd-986ea203f9ec/1/pUCR7J1Yuc7NHdPhzOaLS4lHeXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/aeb70a-a3fc-4463-a7cd-986ea203f9ec/1/x2cScLac7FBGBrEmxMqDOBavfaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.199.0/24
45.131.35.0/24
IPv6:
2a12:9e80::/29
Signature Algorithm: sha256WithRSAEncryption
4f:d0:29:18:8d:9d:f7:fe:af:f7:a6:d2:98:fd:7e:17:69:52:
cc:59:d0:8a:1f:8b:a9:52:0e:1a:dc:0e:07:ab:b9:1c:24:fc:
cc:52:68:61:5d:c4:55:d9:84:5d:2d:bb:8e:51:b7:89:2d:dd:
1c:f4:00:9e:d4:18:5e:d7:8f:7f:8e:1c:85:43:32:75:9e:1b:
9f:50:16:ec:ef:5e:d5:a5:db:60:07:53:a4:5d:78:0b:65:82:
a2:aa:ba:18:02:58:60:9e:16:3e:d8:8e:bf:f1:27:06:e3:58:
92:10:06:35:9e:96:8a:b2:91:ab:1a:97:89:7f:c9:01:e0:84:
86:6a:a3:9e:3c:a8:67:13:1a:05:dc:8a:07:8c:55:f2:8c:85:
cf:43:b4:6b:1b:29:b1:3e:46:7e:77:2f:4c:41:d2:07:65:db:
20:7c:7c:a7:20:5c:ce:12:d4:e2:05:7d:32:c9:18:c3:46:51:
00:42:54:a1:dc:2e:68:76:e6:ed:38:9d:1b:4b:5a:1e:8e:3d:
34:37:50:01:4d:0f:31:bc:45:b6:b3:2d:e3:e7:40:8f:69:7b:
d5:21:bb:fa:80:f5:5a:1d:7f:5f:04:63:38:2f:96:25:54:b4:
b9:de:cc:9e:aa:88:45:c2:21:dc:3d:6d:64:57:7c:2d:29:e9:
30:f9:9b:dc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnthhRkSZ87gV0uGP4ZupOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NjcxMjcwYjY5Y2VjNTA0NjA2YjEyNmM0Y2E4MzM4MTZh
ZjdkYTQwHhcNMjUwMTAyMTU1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTQwOTFlYzlkNThiOWNlY2QxZGQzZTFjY2U2OGI0Yjg5NDc3OTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyvcRQTbpwxDYPzGmpnG3vehmsi0
sYHW5uJZ48BcVwnfISBoycQfa0RjdQ8OClYbnuypFkXKg0heQlwd19rv0dm9EmrD
RL6erq+cuWzVMa1W1oYkb7soEjmz8THj9Ra/1JypLrn6N5p/QSTsi3ritroqlwpU
DxT/4EclXisfoNepd2+dsBjh75z2V9JkKD3U4AXbCGMHYn/MZpUXvFd785I38/o5
EBLoxQsf4kkCEb7Bymwn/G05TXlLd+VVoV4gAJFCt6oeSvLM0l25OPaXxGU6YJvD
7m7plxzmBU991u9bLvBiNTgbLArIhLNJQXd63oWyBOX6s4kY78NPOTAoVwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKVAkeydWLnOzR3T4czmi0uJR3lwMB8GA1UdIwQY
MBaAFMdnEnC2nOxQRgaxJsTKgzgWr32kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDJjU2NMYWM3RkJHQnJFbXhNcURPQmF2ZmFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9hZWI3MGEtYTNmYy00NDYzLWE3Y2Qt
OTg2ZWEyMDNmOWVjLzEvcFVDUjdKMVl1YzdOSGRQaHpPYUxTNGxIZVhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9hZWI3MGEtYTNmYy00NDYzLWE3Y2QtOTg2ZWEyMDNmOWVj
LzEveDJjU2NMYWM3RkJHQnJFbXhNcURPQmF2ZmFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALQvHAwQA
LYMjMA0EAgACMAcDBQMqEp6AMA0GCSqGSIb3DQEBCwUAA4IBAQBP0CkYjZ33/q/3
ptKY/X4XaVLMWdCKH4upUg4a3A4Hq7kcJPzMUmhhXcRV2YRdLbuOUbeJLd0c9ACe
1Bhe149/jhyFQzJ1nhufUBbs717VpdtgB1OkXXgLZYKiqroYAlhgnhY+2I6/8ScG
41iSEAY1npaKspGrGpeJf8kB4ISGaqOePKhnExoF3IoHjFXyjIXPQ7RrGymxPkZ+
dy9MQdIHZdsgfHynIFzOEtTiBX0yyRjDRlEAQlSh3C5odubtOJ0bS1oejj00N1AB
TQ8xvEW2sy3j50CPaXvVIbv6gPVaHX9fBGM4L5YlVLS53syeqohFwiHcPW1kV3wt
Kekw+Zvc
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net