Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/RNQvE2oEKPo_zVElIo7XyWY9pN4.roa
File: RNQvE2oEKPo_zVElIo7XyWY9pN4.roa (raw, json)
Hash identifier: cHPYWyTjBN1Ib/KsumMhkuYgXusEijJa/SgckNxXiqc=
Subject key identifier: 44:D4:2F:13:6A:04:28:FA:3F:CD:51:25:22:8E:D7:C9:66:3D:A4:DE
Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d
Certificate serial: 01941FFA4EFFAEE66D308E6D80C5EB0A96B2
Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/RNQvE2oEKPo_zVElIo7XyWY9pN4.roa
Signing time: Wed 01 Jan 2025 03:48:05 +0000
ROA not before: Wed 01 Jan 2025 03:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201975
IP address blocks: 45.86.176.0/22 maxlen: 24
93.90.64.0/22 maxlen: 24
157.97.112.0/21 maxlen: 24
185.54.180.0/22 maxlen: 24
193.148.20.0/22 maxlen: 24
2a02:4660::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:4e:ff:ae:e6:6d:30:8e:6d:80:c5:eb:0a:96:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d
Validity
Not Before: Jan 1 03:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44d42f136a0428fa3fcd5125228ed7c9663da4de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a6:d2:bb:17:bf:c1:5f:a6:74:fb:7f:90:b6:
64:47:57:c5:ba:26:db:3c:c5:8c:5b:36:86:d9:65:
29:9a:fb:c0:d5:ec:5a:34:e3:99:49:fe:8d:b6:3b:
c4:d0:b0:ef:98:0b:85:6e:f7:7e:71:60:e4:ef:8c:
68:cd:eb:24:c4:32:91:63:d6:80:f8:99:c9:e1:b3:
f9:c4:d7:5c:d9:6b:93:7f:5d:cd:fc:17:61:9e:ab:
06:65:35:36:2c:66:81:93:85:65:b1:b3:91:d4:9b:
06:98:a3:49:17:83:db:9c:80:22:8d:68:f8:c9:27:
ec:d7:3a:7d:f9:a6:98:ea:98:9c:26:7e:10:14:05:
29:39:98:42:a1:3c:cf:63:c6:4b:46:29:9e:32:db:
a2:26:75:fe:e0:20:56:1f:1e:23:7d:66:47:d3:45:
0a:97:e4:19:32:c7:48:08:be:29:c5:ab:26:de:58:
bd:6d:34:97:3c:af:7d:c5:07:87:d8:49:13:0d:7c:
e6:86:c3:20:11:f3:4c:7e:c7:b1:b2:3f:87:e9:d1:
99:6f:3d:fc:07:a2:61:c7:98:b8:f4:5a:17:d6:22:
37:23:0e:4d:93:1a:30:97:3f:76:45:f4:14:7f:84:
4b:55:23:3b:2f:83:39:64:cf:54:f5:63:75:a1:06:
77:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D4:2F:13:6A:04:28:FA:3F:CD:51:25:22:8E:D7:C9:66:3D:A4:DE
X509v3 Authority Key Identifier:
keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/RNQvE2oEKPo_zVElIo7XyWY9pN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.176.0/22
93.90.64.0/22
157.97.112.0/21
185.54.180.0/22
193.148.20.0/22
IPv6:
2a02:4660::/32
Signature Algorithm: sha256WithRSAEncryption
c2:c3:fa:ff:f8:8c:1a:ad:4a:28:fa:f8:25:d9:3c:4b:bc:ce:
99:df:fe:8d:5f:d2:ad:2c:a5:76:54:bd:41:a3:15:50:98:a1:
6b:13:93:cc:ba:d7:fb:49:29:1a:af:ff:19:a2:a2:9f:e7:c4:
73:ab:32:26:a8:db:35:5d:8c:3e:7d:9e:2a:b7:6e:de:db:da:
60:14:5e:0f:e9:d7:f0:ed:8b:c8:d4:c7:10:78:4e:3d:b7:10:
19:ae:2c:28:fb:a2:0a:3d:07:8d:b7:bf:a6:79:d9:b5:e9:0b:
75:9b:4a:3b:a7:d3:82:24:bf:82:b5:f4:a2:2e:fc:0f:fb:7f:
a5:6a:ee:fa:1a:7e:70:2d:65:b0:fa:48:40:ea:60:06:47:c7:
2a:5e:a8:8d:42:a7:ac:e2:f3:e9:4c:24:bd:b5:a4:84:31:a9:
fd:d4:eb:82:f2:70:28:32:db:b6:13:dd:d1:cb:96:57:b9:9a:
0d:e8:2d:82:99:62:84:2d:e5:37:f5:47:c5:9e:98:de:a8:bf:
a3:22:c0:97:b0:81:8c:13:5b:9a:fb:46:c5:91:ae:79:a3:d5:
c3:9c:82:14:24:0a:22:f1:f0:cf:6a:8d:59:15:b0:62:09:b5:
ab:7e:ab:24:cd:62:16:9a:30:c5:58:93:51:1a:90:da:62:11:
7b:8e:c3:1a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQf+k7/ruZtMI5tgMXrCpayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx
MjI1NWQwHhcNMjUwMTAxMDM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQ0MmYxMzZhMDQyOGZhM2ZjZDUxMjUyMjhlZDdjOTY2M2RhNGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwabSuxe/wV+mdPt/kLZkR1fFuibb
PMWMWzaG2WUpmvvA1exaNOOZSf6NtjvE0LDvmAuFbvd+cWDk74xozeskxDKRY9aA
+JnJ4bP5xNdc2WuTf13N/BdhnqsGZTU2LGaBk4VlsbOR1JsGmKNJF4PbnIAijWj4
ySfs1zp9+aaY6picJn4QFAUpOZhCoTzPY8ZLRimeMtuiJnX+4CBWHx4jfWZH00UK
l+QZMsdICL4pxasm3li9bTSXPK99xQeH2EkTDXzmhsMgEfNMfsexsj+H6dGZbz38
B6Jhx5i49FoX1iI3Iw5Nkxowlz92RfQUf4RLVSM7L4M5ZM9U9WN1oQZ3cQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFETULxNqBCj6P81RJSKO18lmPaTeMB8GA1UdIwQY
MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt
NWM2MDJmZGU5NjNiLzEvUk5RdkUyb0VLUG9felZFbElvN1h5V1k5cE40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi
LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVawAwQC
XVpAAwQDnWFwAwQCuTa0AwQCwZQUMA0EAgACMAcDBQAqAkZgMA0GCSqGSIb3DQEB
CwUAA4IBAQDCw/r/+IwarUoo+vgl2TxLvM6Z3/6NX9KtLKV2VL1BoxVQmKFrE5PM
utf7SSkar/8ZoqKf58RzqzImqNs1XYw+fZ4qt27e29pgFF4P6dfw7YvI1McQeE49
txAZriwo+6IKPQeNt7+medm16Qt1m0o7p9OCJL+CtfSiLvwP+3+lau76Gn5wLWWw
+khA6mAGR8cqXqiNQqes4vPpTCS9taSEMan91OuC8nAoMtu2E93Ry5ZXuZoN6C2C
mWKELeU39UfFnpjeqL+jIsCXsIGME1ua+0bFka55o9XDnIIUJAoi8fDPao1ZFbBi
CbWrfqskzWIWmjDFWJNRGpDaYhF7jsMa
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net