Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/sMNranus6vRcf4KNpEwJbtAqO3M.roa
File: sMNranus6vRcf4KNpEwJbtAqO3M.roa (raw, json)
Hash identifier: QsDih6s54hQCi/EaZj+hgZx8GQD2ydkKlTGi9oj2sak=
Subject key identifier: B0:C3:6B:6A:7B:AC:EA:F4:5C:7F:82:8D:A4:4C:09:6E:D0:2A:3B:73
Certificate issuer: /CN=485f76274c805d25b115a3adba1d2ea154deead7
Certificate serial: 019398C3353E1F4F34ABA9217F4B63EAFE84
Authority key identifier: 48:5F:76:27:4C:80:5D:25:B1:15:A3:AD:BA:1D:2E:A1:54:DE:EA:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SF92J0yAXSWxFaOtuh0uoVTe6tc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/sMNranus6vRcf4KNpEwJbtAqO3M.roa
Signing time: Thu 05 Dec 2024 21:39:10 +0000
ROA not before: Thu 05 Dec 2024 21:39:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206728
IP address blocks: 45.141.84.0/24 maxlen: 24
45.141.85.0/24 maxlen: 24
45.141.86.0/24 maxlen: 24
45.141.87.0/24 maxlen: 24
91.220.163.0/24 maxlen: 24
194.26.25.0/24 maxlen: 24
194.26.27.0/24 maxlen: 24
194.26.29.0/24 maxlen: 24
194.26.69.0/24 maxlen: 24
2a0b:7ec0::/29 maxlen: 48
2a0b:7ec0:1320::/48 maxlen: 48
2a0b:7ec0:1321::/48 maxlen: 48
2a0b:7ec0:7701::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:98:c3:35:3e:1f:4f:34:ab:a9:21:7f:4b:63:ea:fe:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=485f76274c805d25b115a3adba1d2ea154deead7
Validity
Not Before: Dec 5 21:39:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0c36b6a7baceaf45c7f828da44c096ed02a3b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ec:1a:7e:2a:cb:73:b2:7f:5c:6c:8c:93:38:
20:0e:81:4a:eb:23:6a:75:2f:cc:80:c9:1c:6a:f6:
6c:88:40:6a:50:6f:a0:4c:d4:71:ae:c1:02:c8:72:
d2:20:ac:de:b2:7c:4a:4c:96:df:00:28:65:fd:bf:
ec:6b:35:5b:51:9c:31:43:41:d6:49:7e:4e:2e:27:
8d:6f:1c:30:24:46:d8:28:f8:1b:a3:95:03:29:85:
de:87:b4:ec:31:ac:13:dd:ce:ca:95:a0:0b:22:c6:
f1:dc:a6:fb:81:d6:6a:91:b2:7b:72:61:a0:49:ea:
e3:69:36:87:49:d7:ed:ce:b2:ae:be:55:64:18:96:
70:80:02:d4:23:d6:ea:5e:25:84:b5:12:96:04:75:
1d:df:4e:8d:77:fe:70:92:63:55:7d:7c:47:a6:4b:
86:46:6e:84:56:32:7c:75:c3:a2:dc:4d:d3:06:a8:
a8:e0:b5:55:b7:6c:45:f2:33:bb:7a:eb:b6:d5:66:
08:79:41:bb:73:e7:81:d5:dd:7c:19:65:88:64:f8:
dd:66:49:18:01:88:51:2b:75:07:03:fb:17:6f:fb:
dd:86:95:14:54:6d:c2:bc:25:a1:17:b4:62:53:7d:
c7:bb:98:d6:f2:ce:2a:4e:52:44:28:73:43:66:ea:
15:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C3:6B:6A:7B:AC:EA:F4:5C:7F:82:8D:A4:4C:09:6E:D0:2A:3B:73
X509v3 Authority Key Identifier:
keyid:48:5F:76:27:4C:80:5D:25:B1:15:A3:AD:BA:1D:2E:A1:54:DE:EA:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SF92J0yAXSWxFaOtuh0uoVTe6tc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/sMNranus6vRcf4KNpEwJbtAqO3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/SF92J0yAXSWxFaOtuh0uoVTe6tc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.84.0/22
91.220.163.0/24
194.26.25.0/24
194.26.27.0/24
194.26.29.0/24
194.26.69.0/24
IPv6:
2a0b:7ec0::/29
Signature Algorithm: sha256WithRSAEncryption
70:5f:86:2d:2b:d4:47:73:52:f2:a9:6e:78:6d:9e:e8:a7:e3:
7b:52:f6:0f:b5:04:5a:71:ce:02:8a:f4:24:ce:cd:6c:f2:9d:
55:02:27:b7:b6:9f:08:1c:c5:a4:2d:42:7e:f0:b4:ca:c6:72:
f8:c2:ca:66:3a:07:bf:6c:5d:e1:53:21:cb:14:83:0e:f4:70:
ae:60:b3:54:df:7d:74:88:75:66:cc:3c:94:24:94:dd:c5:3d:
a5:74:85:20:a2:09:2a:9a:c3:60:64:7b:d0:6b:df:0c:44:70:
3f:1b:a6:33:dc:9b:20:af:2e:78:e0:56:e9:66:4a:02:93:83:
2b:f1:94:8b:1f:ca:85:56:e7:c6:5b:62:c6:e3:33:d8:47:cf:
db:11:09:56:16:d8:21:9c:43:d1:5c:42:49:84:7c:32:e3:6b:
7f:8a:7d:2e:b4:10:48:b4:8c:c0:a3:98:e5:a2:22:56:8f:b3:
2d:ef:e0:fd:43:07:f7:f3:57:84:e2:8b:a6:54:e9:af:a8:bb:
00:ba:6c:e7:28:18:02:b7:f1:3a:cf:33:8e:8f:f7:c9:40:a2:
f3:36:72:7d:00:73:cd:aa:80:16:b2:d6:87:71:c6:1f:a7:4a:
39:58:4d:73:5d:5e:d5:12:17:c4:a4:38:a5:d8:dd:32:57:5d:
ed:23:82:4b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZOYwzU+H080q6khf0tj6v6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NWY3NjI3NGM4MDVkMjViMTE1YTNhZGJhMWQyZWExNTRk
ZWVhZDcwHhcNMjQxMjA1MjEzOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGMzNmI2YTdiYWNlYWY0NWM3ZjgyOGRhNDRjMDk2ZWQwMmEzYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOwafirLc7J/XGyMkzggDoFK6yNq
dS/MgMkcavZsiEBqUG+gTNRxrsECyHLSIKzesnxKTJbfAChl/b/sazVbUZwxQ0HW
SX5OLieNbxwwJEbYKPgbo5UDKYXeh7TsMawT3c7KlaALIsbx3Kb7gdZqkbJ7cmGg
SerjaTaHSdftzrKuvlVkGJZwgALUI9bqXiWEtRKWBHUd306Nd/5wkmNVfXxHpkuG
Rm6EVjJ8dcOi3E3TBqio4LVVt2xF8jO7euu21WYIeUG7c+eB1d18GWWIZPjdZkkY
AYhRK3UHA/sXb/vdhpUUVG3CvCWhF7RiU33Hu5jW8s4qTlJEKHNDZuoVsQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLDDa2p7rOr0XH+CjaRMCW7QKjtzMB8GA1UdIwQY
MBaAFEhfdidMgF0lsRWjrbodLqFU3urXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0Y5MkoweUFYU1d4RmFPdHVoMHVvVlRlNnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ODViNTMtNmYxMS00MWRiLWJlYWQt
NDNlYWY3NTY3Y2FhLzEvc01OcmFudXM2dlJjZjRLTnBFd0pidEFxTzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ODViNTMtNmYxMS00MWRiLWJlYWQtNDNlYWY3NTY3Y2Fh
LzEvU0Y5MkoweUFYU1d4RmFPdHVoMHVvVlRlNnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLY1UAwQA
W9yjAwQAwhoZAwQAwhobAwQAwhodAwQAwhpFMA0EAgACMAcDBQMqC37AMA0GCSqG
SIb3DQEBCwUAA4IBAQBwX4YtK9RHc1LyqW54bZ7op+N7UvYPtQRacc4CivQkzs1s
8p1VAie3tp8IHMWkLUJ+8LTKxnL4wspmOge/bF3hUyHLFIMO9HCuYLNU3310iHVm
zDyUJJTdxT2ldIUgogkqmsNgZHvQa98MRHA/G6Yz3Jsgry544FbpZkoCk4Mr8ZSL
H8qFVufGW2LG4zPYR8/bEQlWFtghnEPRXEJJhHwy42t/in0utBBItIzAo5jloiJW
j7Mt7+D9Qwf381eE4oumVOmvqLsAumznKBgCt/E6zzOOj/fJQKLzNnJ9AHPNqoAW
staHccYfp0o5WE1zXV7VEhfEpDil2N0yV13tI4JL
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:07 2024 by rpki-client on console.sobornost.net