Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/9062e2-95ae-4656-b2ee-984a8eb51e45/1/pkl1dG1Tn-y8sIzafCzQdaxLGO0.roa
File: pkl1dG1Tn-y8sIzafCzQdaxLGO0.roa (raw, json)
Hash identifier: +t+HSalevZKgrBOwo+A1WYwHvxUsDh9dx8CrhAZYnCE=
Subject key identifier: A6:49:75:74:6D:53:9F:EC:BC:B0:8C:DA:7C:2C:D0:75:AC:4B:18:ED
Certificate issuer: /CN=32cb3c05d6a2c51c2ff52dd9dcb9e2b55c4048f9
Certificate serial: 019427B5540A6802C32EB068D0845D7C8C6D
Authority key identifier: 32:CB:3C:05:D6:A2:C5:1C:2F:F5:2D:D9:DC:B9:E2:B5:5C:40:48:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mss8BdaixRwv9S3Z3LnitVxASPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/9062e2-95ae-4656-b2ee-984a8eb51e45/1/pkl1dG1Tn-y8sIzafCzQdaxLGO0.roa
Signing time: Thu 02 Jan 2025 15:49:42 +0000
ROA not before: Thu 02 Jan 2025 15:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202054
IP address blocks: 46.16.132.0/22 maxlen: 24
185.14.56.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:54:0a:68:02:c3:2e:b0:68:d0:84:5d:7c:8c:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32cb3c05d6a2c51c2ff52dd9dcb9e2b55c4048f9
Validity
Not Before: Jan 2 15:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a64975746d539fecbcb08cda7c2cd075ac4b18ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:27:1b:a0:69:d6:77:2a:2d:e2:b5:37:01:e2:
86:a4:ab:4f:8e:5e:df:c7:52:1c:fd:d5:10:4b:97:
71:10:9e:6a:f5:7e:9d:e6:52:4b:f9:cc:94:60:b4:
18:14:da:39:0e:1b:c8:0e:98:3b:af:ce:61:9a:61:
35:52:d8:bf:22:58:d5:6b:68:7b:99:12:f7:60:93:
4f:78:a9:72:98:89:72:c5:e5:ca:99:0d:19:3f:b3:
2e:82:3c:b2:68:80:ea:1c:1b:ed:77:21:4b:e8:33:
0a:4a:bb:68:f7:d3:b4:37:a3:a5:d1:ff:8f:11:38:
a7:df:6d:f7:14:54:d1:ff:34:7f:5a:e6:40:af:19:
f4:3b:f3:6e:8e:7e:5a:07:47:3d:32:82:8f:fc:3a:
0c:35:7a:fe:66:19:10:44:e9:82:b0:ab:04:38:29:
cb:11:8f:f9:78:d5:8b:a2:99:58:7d:70:18:6e:a2:
10:6b:dd:48:94:10:fd:f5:95:56:84:5e:e4:fa:c6:
27:ac:10:d0:ed:12:61:61:9a:c6:9e:87:4f:6b:47:
94:a8:d4:0a:4d:c0:b5:a7:02:76:3f:07:1b:b5:b7:
9c:f8:e4:20:e2:c5:33:f3:d0:04:aa:d0:c0:82:46:
b4:03:da:eb:c7:c8:70:80:11:43:17:6f:91:16:c7:
ba:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:49:75:74:6D:53:9F:EC:BC:B0:8C:DA:7C:2C:D0:75:AC:4B:18:ED
X509v3 Authority Key Identifier:
keyid:32:CB:3C:05:D6:A2:C5:1C:2F:F5:2D:D9:DC:B9:E2:B5:5C:40:48:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mss8BdaixRwv9S3Z3LnitVxASPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9062e2-95ae-4656-b2ee-984a8eb51e45/1/pkl1dG1Tn-y8sIzafCzQdaxLGO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9062e2-95ae-4656-b2ee-984a8eb51e45/1/Mss8BdaixRwv9S3Z3LnitVxASPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.132.0/22
185.14.56.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:8d:e0:0e:f3:99:2d:2f:65:b3:c2:76:c7:04:72:4d:a1:18:
f5:cd:3e:4a:ef:0a:0d:c0:17:b5:a8:26:9b:a5:1e:5b:85:3b:
9b:68:5c:68:70:ed:b0:3a:90:c7:72:89:bc:81:0a:47:5f:51:
f6:0a:34:de:c9:65:f7:1c:cd:9d:c8:71:0d:9e:20:d4:46:8c:
5b:14:cc:ca:d8:01:66:69:dc:30:3c:08:28:16:55:5f:d5:7b:
64:9f:70:db:51:01:bc:e4:3f:0a:d8:b3:97:e3:63:d5:11:76:
fb:0b:9e:91:35:01:aa:01:2e:2d:3e:2d:03:8e:e5:c1:73:aa:
f8:94:4a:87:d7:73:6d:8c:21:cb:8d:30:dd:1e:e9:b7:65:18:
7a:06:53:c2:6e:ae:ed:e5:e3:e5:bf:39:67:ea:79:c2:d7:13:
01:bf:c8:f9:06:85:06:89:a4:6f:11:5e:65:7f:db:fc:be:15:
b1:ed:47:75:0b:5d:3d:d7:9a:f7:8b:c6:1b:04:55:ef:13:c9:
91:be:5c:0d:ec:a0:30:6a:e2:18:86:50:3c:52:47:e9:4e:43:
6a:b1:de:05:cd:6a:bf:99:cd:cb:81:ce:1f:b2:ce:cf:35:99:
1b:cf:40:d5:a0:f8:75:02:d9:d2:e1:4c:26:40:a5:02:d7:9e:
3e:6e:d8:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntVQKaALDLrBo0IRdfIxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyY2IzYzA1ZDZhMmM1MWMyZmY1MmRkOWRjYjllMmI1NWM0
MDQ4ZjkwHhcNMjUwMTAyMTU0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjQ5NzU3NDZkNTM5ZmVjYmNiMDhjZGE3YzJjZDA3NWFjNGIxOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCcboGnWdyot4rU3AeKGpKtPjl7f
x1Ic/dUQS5dxEJ5q9X6d5lJL+cyUYLQYFNo5DhvIDpg7r85hmmE1Uti/IljVa2h7
mRL3YJNPeKlymIlyxeXKmQ0ZP7MugjyyaIDqHBvtdyFL6DMKSrto99O0N6Ol0f+P
ETin3233FFTR/zR/WuZArxn0O/Nujn5aB0c9MoKP/DoMNXr+ZhkQROmCsKsEOCnL
EY/5eNWLoplYfXAYbqIQa91IlBD99ZVWhF7k+sYnrBDQ7RJhYZrGnodPa0eUqNQK
TcC1pwJ2Pwcbtbec+OQg4sUz89AEqtDAgka0A9rrx8hwgBFDF2+RFse6qwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKZJdXRtU5/svLCM2nws0HWsSxjtMB8GA1UdIwQY
MBaAFDLLPAXWosUcL/Ut2dy54rVcQEj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNzOEJkYWl4Und2OVMzWjNMbml0VnhBU1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy85MDYyZTItOTVhZS00NjU2LWIyZWUt
OTg0YThlYjUxZTQ1LzEvcGtsMWRHMVRuLXk4c0l6YWZDelFkYXhMR08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy85MDYyZTItOTVhZS00NjU2LWIyZWUtOTg0YThlYjUxZTQ1
LzEvTXNzOEJkYWl4Und2OVMzWjNMbml0VnhBU1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLhCEAwQC
uQ44MA0GCSqGSIb3DQEBCwUAA4IBAQBMjeAO85ktL2WzwnbHBHJNoRj1zT5K7woN
wBe1qCabpR5bhTubaFxocO2wOpDHcom8gQpHX1H2CjTeyWX3HM2dyHENniDURoxb
FMzK2AFmadwwPAgoFlVf1Xtkn3DbUQG85D8K2LOX42PVEXb7C56RNQGqAS4tPi0D
juXBc6r4lEqH13NtjCHLjTDdHum3ZRh6BlPCbq7t5ePlvzln6nnC1xMBv8j5BoUG
iaRvEV5lf9v8vhWx7Ud1C10915r3i8YbBFXvE8mRvlwN7KAwauIYhlA8UkfpTkNq
sd4FzWq/mc3Lgc4fss7PNZkbz0DVoPh1AtnS4UwmQKUC154+btjB
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:35 2025 by rpki-client on console.sobornost.net