Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/XHfhEGwfsHA5Cy6rVzKyCX0VS7I.roa
File: XHfhEGwfsHA5Cy6rVzKyCX0VS7I.roa (raw, json)
Hash identifier: r0CY6B9tn8PTb3kJeN+vQ/cBCfQUrTHL37aoDlJepRA=
Subject key identifier: 5C:77:E1:10:6C:1F:B0:70:39:0B:2E:AB:57:32:B2:09:7D:15:4B:B2
Certificate issuer: /CN=238857660dc7fa60846f765b94cb69576255adb6
Certificate serial: 019427B5567E826EA85AF52F2FCF342F41C7
Authority key identifier: 23:88:57:66:0D:C7:FA:60:84:6F:76:5B:94:CB:69:57:62:55:AD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I4hXZg3H-mCEb3ZblMtpV2JVrbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/XHfhEGwfsHA5Cy6rVzKyCX0VS7I.roa
Signing time: Thu 02 Jan 2025 15:49:43 +0000
ROA not before: Thu 02 Jan 2025 15:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28875
IP address blocks: 45.15.80.0/22 maxlen: 24
185.104.16.0/22 maxlen: 24
2a00:f740::/32 maxlen: 48
2a0e:2b80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:56:7e:82:6e:a8:5a:f5:2f:2f:cf:34:2f:41:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=238857660dc7fa60846f765b94cb69576255adb6
Validity
Not Before: Jan 2 15:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c77e1106c1fb070390b2eab5732b2097d154bb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b6:b0:02:3e:d2:80:6a:a6:8e:57:da:2b:90:
09:5e:a5:26:7c:5c:a3:0e:a9:63:81:9d:8c:a2:67:
48:de:46:65:b8:2d:75:5a:c1:62:2f:44:65:01:1a:
8d:4c:ea:e2:5d:79:b6:71:98:19:17:8d:6c:94:ee:
23:c9:91:38:51:f1:2a:1e:ad:cc:75:59:2c:0b:95:
ce:4e:9e:50:e1:de:9d:ec:b1:2f:79:38:be:62:44:
f9:66:45:c5:bc:d1:97:b6:ac:44:67:2b:c5:90:f3:
8c:99:6f:49:8d:83:3e:27:7c:4d:ce:f7:dc:b2:a7:
b4:46:f2:82:06:fb:f2:e8:b1:48:2b:26:11:dd:56:
fd:da:0a:82:7a:b6:4c:bb:f2:96:d9:c7:97:02:f7:
f5:b4:33:c6:11:00:30:d3:f1:f5:9f:8d:27:c8:d8:
5d:46:a9:1d:19:7e:39:97:e1:e3:1f:20:a9:fa:9f:
69:5e:5e:e9:86:17:93:87:99:23:f2:e3:67:cd:89:
3b:84:32:6c:fb:9c:24:6e:e9:6c:ad:3f:44:48:8d:
af:8c:0e:96:33:55:38:2c:1b:ef:06:1d:85:c6:f0:
71:35:75:4d:ba:c1:36:15:62:88:f6:97:62:e0:6c:
ca:18:9e:cb:2e:da:88:1b:6d:75:6b:c5:b9:81:4c:
a3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:77:E1:10:6C:1F:B0:70:39:0B:2E:AB:57:32:B2:09:7D:15:4B:B2
X509v3 Authority Key Identifier:
keyid:23:88:57:66:0D:C7:FA:60:84:6F:76:5B:94:CB:69:57:62:55:AD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I4hXZg3H-mCEb3ZblMtpV2JVrbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/XHfhEGwfsHA5Cy6rVzKyCX0VS7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/I4hXZg3H-mCEb3ZblMtpV2JVrbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.80.0/22
185.104.16.0/22
IPv6:
2a00:f740::/32
2a0e:2b80::/32
Signature Algorithm: sha256WithRSAEncryption
22:34:24:e2:0f:78:cf:f7:59:8f:b8:52:89:8a:00:c5:ae:f5:
81:c7:06:df:52:f9:52:55:09:ae:28:b7:27:84:83:e2:33:fa:
42:ae:13:a4:27:b5:23:77:50:93:d3:3d:0b:8a:f2:ef:c2:02:
49:67:d3:70:c2:a7:9c:d0:a5:ea:0e:5e:7a:f5:65:a5:75:68:
14:32:4f:ff:bb:24:f0:71:50:23:42:2e:42:56:8f:7a:02:da:
4c:b1:34:fd:63:57:86:0b:aa:86:fe:ce:5c:08:8f:ac:e7:d8:
2a:38:ad:1c:ee:0c:aa:cd:e0:17:26:cd:d1:cc:f0:42:1c:e4:
c5:01:44:2f:91:95:30:56:97:76:b6:64:c8:d8:ab:8c:ee:76:
51:ed:bb:11:5a:79:f6:28:24:48:56:96:e9:45:39:12:71:53:
5d:d6:cb:db:67:fe:31:52:fd:f3:d0:e1:07:cb:f1:c5:e7:c2:
9d:f9:45:da:c9:c3:36:06:a3:28:90:58:83:d3:d2:07:54:e0:
c5:b6:a3:a2:3b:70:51:45:83:c1:e0:0e:1e:c0:04:27:81:d2:
7e:ad:ee:8f:21:a0:83:5c:cd:83:cb:21:21:0d:b3:9e:85:38:
bc:46:b3:1e:ab:1e:4c:dc:7a:9e:36:1a:72:bc:3a:80:ea:ec:
c9:28:00:e0
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQntVZ+gm6oWvUvL880L0HHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzODg1NzY2MGRjN2ZhNjA4NDZmNzY1Yjk0Y2I2OTU3NjI1
NWFkYjYwHhcNMjUwMTAyMTU0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzc3ZTExMDZjMWZiMDcwMzkwYjJlYWI1NzMyYjIwOTdkMTU0YmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bawAj7SgGqmjlfaK5AJXqUmfFyj
DqljgZ2MomdI3kZluC11WsFiL0RlARqNTOriXXm2cZgZF41slO4jyZE4UfEqHq3M
dVksC5XOTp5Q4d6d7LEveTi+YkT5ZkXFvNGXtqxEZyvFkPOMmW9JjYM+J3xNzvfc
sqe0RvKCBvvy6LFIKyYR3Vb92gqCerZMu/KW2ceXAvf1tDPGEQAw0/H1n40nyNhd
RqkdGX45l+HjHyCp+p9pXl7phheTh5kj8uNnzYk7hDJs+5wkbulsrT9ESI2vjA6W
M1U4LBvvBh2FxvBxNXVNusE2FWKI9pdi4GzKGJ7LLtqIG211a8W5gUyjgwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFx34RBsH7BwOQsuq1cysgl9FUuyMB8GA1UdIwQY
MBaAFCOIV2YNx/pghG92W5TLaVdiVa22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTRoWFpnM0gtbUNFYjNaYmxNdHBWMkpWcmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85NDkyN2YtN2UwOC00ZjIxLTliYmEt
MGY4NzZhYmQxZTMwLzEvWEhmaEVHd2ZzSEE1Q3k2clZ6S3lDWDBWUzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85NDkyN2YtN2UwOC00ZjIxLTliYmEtMGY4NzZhYmQxZTMw
LzEvSTRoWFpnM0gtbUNFYjNaYmxNdHBWMkpWcmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLQ9QAwQC
uWgQMBQEAgACMA4DBQAqAPdAAwUAKg4rgDANBgkqhkiG9w0BAQsFAAOCAQEAIjQk
4g94z/dZj7hSiYoAxa71gccG31L5UlUJrii3J4SD4jP6Qq4TpCe1I3dQk9M9C4ry
78ICSWfTcMKnnNCl6g5eevVlpXVoFDJP/7sk8HFQI0IuQlaPegLaTLE0/WNXhguq
hv7OXAiPrOfYKjitHO4Mqs3gFybN0czwQhzkxQFEL5GVMFaXdrZkyNirjO52Ue27
EVp59igkSFaW6UU5EnFTXdbL22f+MVL989DhB8vxxefCnflF2snDNgajKJBYg9PS
B1TgxbajojtwUUWDweAOHsAEJ4HSfq3ujyGgg1zNg8shIQ2znoU4vEazHqseTNx6
njYacrw6gOrsySgA4A==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:34 2025 by rpki-client on console.sobornost.net