Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/0WyFshZSb-7ZWCcullKzvvgmMO4.roa
File: 0WyFshZSb-7ZWCcullKzvvgmMO4.roa (raw, json)
Hash identifier: rnlh4IPEq2B85A7F1hh2Hrbx+asjUq4g12d1wCR9wAg=
Subject key identifier: D1:6C:85:B2:16:52:6F:EE:D9:58:27:2E:96:52:B3:BE:F8:26:30:EE
Certificate issuer: /CN=485f76274c805d25b115a3adba1d2ea154deead7
Certificate serial: 019423D7232FB6C4A879CB01936A421A87CC
Authority key identifier: 48:5F:76:27:4C:80:5D:25:B1:15:A3:AD:BA:1D:2E:A1:54:DE:EA:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SF92J0yAXSWxFaOtuh0uoVTe6tc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/0WyFshZSb-7ZWCcullKzvvgmMO4.roa
Signing time: Wed 01 Jan 2025 21:48:09 +0000
ROA not before: Wed 01 Jan 2025 21:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206728
IP address blocks: 45.141.84.0/24 maxlen: 24
45.141.85.0/24 maxlen: 24
45.141.86.0/24 maxlen: 24
45.141.87.0/24 maxlen: 24
91.220.163.0/24 maxlen: 24
194.26.25.0/24 maxlen: 24
194.26.27.0/24 maxlen: 24
194.26.29.0/24 maxlen: 24
194.26.69.0/24 maxlen: 24
2a0b:7ec0::/29 maxlen: 48
2a0b:7ec0:1320::/48 maxlen: 48
2a0b:7ec0:1321::/48 maxlen: 48
2a0b:7ec0:7701::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:23:2f:b6:c4:a8:79:cb:01:93:6a:42:1a:87:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=485f76274c805d25b115a3adba1d2ea154deead7
Validity
Not Before: Jan 1 21:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d16c85b216526feed958272e9652b3bef82630ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9f:97:6d:f4:25:3c:b0:60:29:52:de:10:34:
88:a5:84:ba:58:27:99:45:25:c6:37:36:44:9e:ef:
43:62:f2:1e:50:6e:c5:ac:47:a9:b6:90:95:35:58:
6c:a5:98:cd:96:91:08:41:bc:cd:48:d4:92:38:ab:
9c:37:71:5d:09:c2:48:85:a2:18:e1:65:04:df:fe:
97:e0:4c:69:d6:b7:02:36:16:50:27:9e:e2:6e:99:
04:75:e3:b8:15:ad:17:7d:2e:73:11:f5:3e:15:24:
bb:91:09:8a:ab:9c:45:77:2d:bb:17:f8:47:f5:98:
d9:2a:16:36:81:d7:0b:9d:81:80:7a:23:b3:ce:9c:
74:21:64:67:bf:4c:a0:2d:7e:62:a2:16:1f:95:b5:
8d:e2:e6:bb:8b:db:d1:1a:cb:3e:dc:84:e3:99:19:
77:92:f9:d9:43:da:eb:b3:fc:9c:aa:aa:f9:b0:96:
ed:c8:39:5c:ac:90:42:9b:22:14:11:b3:b6:7f:3c:
be:c8:c0:f5:4e:67:79:e5:c9:fe:70:11:fe:ae:bc:
f3:c0:c4:9f:a9:6d:60:bb:02:1d:e4:9c:be:5e:fa:
85:c6:56:81:d4:35:02:19:d1:e1:6b:d7:ce:e4:24:
cd:82:12:f4:8f:91:06:fd:2f:83:ab:44:9d:bb:c0:
b3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:6C:85:B2:16:52:6F:EE:D9:58:27:2E:96:52:B3:BE:F8:26:30:EE
X509v3 Authority Key Identifier:
keyid:48:5F:76:27:4C:80:5D:25:B1:15:A3:AD:BA:1D:2E:A1:54:DE:EA:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SF92J0yAXSWxFaOtuh0uoVTe6tc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/0WyFshZSb-7ZWCcullKzvvgmMO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/SF92J0yAXSWxFaOtuh0uoVTe6tc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.84.0/22
91.220.163.0/24
194.26.25.0/24
194.26.27.0/24
194.26.29.0/24
194.26.69.0/24
IPv6:
2a0b:7ec0::/29
Signature Algorithm: sha256WithRSAEncryption
28:d2:f7:57:94:d9:09:0c:f1:5d:73:15:7d:1d:e1:27:f4:a9:
28:b7:bd:6b:bc:56:88:39:88:8e:6d:4d:71:8b:0f:cc:21:3c:
fe:5d:3f:5e:1c:3f:ec:53:08:46:38:e3:7d:76:4c:6e:41:fa:
97:4a:c5:e8:c8:74:af:03:ad:64:32:07:b7:fb:b7:84:c3:88:
86:0e:49:c9:95:3f:5c:03:3e:2b:08:37:e3:a8:34:ef:ea:08:
1c:29:09:e7:dc:f8:81:7a:8c:ca:0c:1c:da:74:a0:be:84:df:
ac:57:3f:ee:f5:4e:04:6e:6a:46:ee:94:08:fc:4f:86:cb:d8:
b4:a1:78:97:52:bc:6d:af:3c:cb:f6:2a:43:22:01:45:be:4f:
1f:4e:04:93:52:b9:09:a4:66:53:c6:36:18:24:bb:87:69:b6:
b9:77:48:f6:9f:8d:fe:fc:1d:24:72:b5:5e:96:d3:5d:bf:6b:
92:4a:ed:a0:58:81:bf:c1:fb:93:47:21:5d:29:c6:bb:4b:6a:
af:80:37:57:fa:35:dd:38:f7:96:6d:d9:4d:6a:06:19:c0:da:
18:e1:58:8f:04:9b:62:dc:24:52:25:32:78:56:c7:cb:2d:d5:
7f:0b:da:05:ef:e9:f6:a7:28:32:95:89:a4:84:ce:a6:97:d8:
36:fb:2d:c4
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQj1yMvtsSoecsBk2pCGofMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NWY3NjI3NGM4MDVkMjViMTE1YTNhZGJhMWQyZWExNTRk
ZWVhZDcwHhcNMjUwMTAxMjE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTZjODViMjE2NTI2ZmVlZDk1ODI3MmU5NjUyYjNiZWY4MjYzMGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Z+XbfQlPLBgKVLeEDSIpYS6WCeZ
RSXGNzZEnu9DYvIeUG7FrEeptpCVNVhspZjNlpEIQbzNSNSSOKucN3FdCcJIhaIY
4WUE3/6X4Exp1rcCNhZQJ57ibpkEdeO4Fa0XfS5zEfU+FSS7kQmKq5xFdy27F/hH
9ZjZKhY2gdcLnYGAeiOzzpx0IWRnv0ygLX5iohYflbWN4ua7i9vRGss+3ITjmRl3
kvnZQ9rrs/ycqqr5sJbtyDlcrJBCmyIUEbO2fzy+yMD1Tmd55cn+cBH+rrzzwMSf
qW1guwId5Jy+XvqFxlaB1DUCGdHha9fO5CTNghL0j5EG/S+Dq0Sdu8CzIQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNFshbIWUm/u2VgnLpZSs774JjDuMB8GA1UdIwQY
MBaAFEhfdidMgF0lsRWjrbodLqFU3urXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0Y5MkoweUFYU1d4RmFPdHVoMHVvVlRlNnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ODViNTMtNmYxMS00MWRiLWJlYWQt
NDNlYWY3NTY3Y2FhLzEvMFd5RnNoWlNiLTdaV0NjdWxsS3p2dmdtTU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ODViNTMtNmYxMS00MWRiLWJlYWQtNDNlYWY3NTY3Y2Fh
LzEvU0Y5MkoweUFYU1d4RmFPdHVoMHVvVlRlNnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLY1UAwQA
W9yjAwQAwhoZAwQAwhobAwQAwhodAwQAwhpFMA0EAgACMAcDBQMqC37AMA0GCSqG
SIb3DQEBCwUAA4IBAQAo0vdXlNkJDPFdcxV9HeEn9Kkot71rvFaIOYiObU1xiw/M
ITz+XT9eHD/sUwhGOON9dkxuQfqXSsXoyHSvA61kMge3+7eEw4iGDknJlT9cAz4r
CDfjqDTv6ggcKQnn3PiBeozKDBzadKC+hN+sVz/u9U4EbmpG7pQI/E+Gy9i0oXiX
UrxtrzzL9ipDIgFFvk8fTgSTUrkJpGZTxjYYJLuHaba5d0j2n43+/B0kcrVeltNd
v2uSSu2gWIG/wfuTRyFdKca7S2qvgDdX+jXdOPeWbdlNagYZwNoY4ViPBJti3CRS
JTJ4VsfLLdV/C9oF7+n2pygylYmkhM6ml9g2+y3E
-----END CERTIFICATE-----
Generated at Thu Jan 23 15:54:51 2025 by rpki-client on console.sobornost.net