Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/15326f-c174-493a-999c-cf0099e072c3/1/O9YH683XDT1flN6ET4uOsZBETCA.roa
File: O9YH683XDT1flN6ET4uOsZBETCA.roa (raw, json)
Hash identifier: jKvHyJl0PhEVbjdUP0F4HcRlqo0pta2OYd3CqDYcUfU=
Subject key identifier: 3B:D6:07:EB:CD:D7:0D:3D:5F:94:DE:84:4F:8B:8E:B1:90:44:4C:20
Certificate issuer: /CN=587f5478d1e94f240705722c3789076daf553757
Certificate serial: 0195F8B24DD4F00EFC6F743F10DD84D73E6C
Authority key identifier: 58:7F:54:78:D1:E9:4F:24:07:05:72:2C:37:89:07:6D:AF:55:37:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WH9UeNHpTyQHBXIsN4kHba9VN1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/15326f-c174-493a-999c-cf0099e072c3/1/O9YH683XDT1flN6ET4uOsZBETCA.roa
Signing time: Wed 02 Apr 2025 22:49:49 +0000
ROA not before: Wed 02 Apr 2025 22:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58095
IP address blocks: 45.144.220.0/22 maxlen: 22
45.144.220.0/24 maxlen: 24
45.144.221.0/24 maxlen: 24
45.144.222.0/24 maxlen: 24
45.144.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f8:b2:4d:d4:f0:0e:fc:6f:74:3f:10:dd:84:d7:3e:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=587f5478d1e94f240705722c3789076daf553757
Validity
Not Before: Apr 2 22:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bd607ebcdd70d3d5f94de844f8b8eb190444c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2d:b4:22:ab:d0:cf:d9:f2:fc:b6:75:d6:f4:
5f:1f:f7:2f:b8:f7:b4:ab:65:a1:3d:22:0b:4b:8d:
71:22:9f:00:9a:cb:93:b8:06:b5:79:7d:89:99:30:
16:27:ef:17:a5:c2:2e:0e:cd:b3:41:2a:1b:a1:a7:
7a:28:bc:23:cb:3e:df:15:3c:a2:98:c9:96:25:31:
84:96:29:4a:42:66:f7:b3:37:60:9d:f7:f1:9b:fe:
7e:c4:3f:43:17:1f:c8:22:50:9e:0b:22:df:3f:c0:
1b:8d:36:71:58:19:31:af:b5:0e:ac:10:fa:01:59:
3f:cf:05:4c:5a:23:d6:ed:16:86:0b:08:00:47:17:
a6:d0:91:99:c1:62:a9:61:44:d1:72:86:d4:88:f3:
77:3c:e7:5d:45:38:d7:70:76:eb:98:0e:40:bf:35:
5c:ff:10:a6:62:d2:10:38:0d:9c:d2:04:a4:29:57:
10:ed:13:2f:00:5d:c6:4c:0c:eb:9f:86:64:bc:ae:
53:ae:26:e3:7f:19:ff:52:8e:11:5c:f7:dd:8c:72:
6f:12:f5:ef:0a:b1:9f:4f:2d:e1:dd:36:74:71:16:
52:b2:69:1b:c7:a3:1e:95:d3:c4:3f:30:41:3f:fa:
6e:6e:1f:50:49:6d:16:b9:63:7f:a7:c6:25:71:e5:
79:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D6:07:EB:CD:D7:0D:3D:5F:94:DE:84:4F:8B:8E:B1:90:44:4C:20
X509v3 Authority Key Identifier:
keyid:58:7F:54:78:D1:E9:4F:24:07:05:72:2C:37:89:07:6D:AF:55:37:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WH9UeNHpTyQHBXIsN4kHba9VN1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/15326f-c174-493a-999c-cf0099e072c3/1/O9YH683XDT1flN6ET4uOsZBETCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/15326f-c174-493a-999c-cf0099e072c3/1/WH9UeNHpTyQHBXIsN4kHba9VN1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.220.0/22
Signature Algorithm: sha256WithRSAEncryption
31:fd:5f:4c:12:d9:48:18:f5:f6:ad:c0:b4:2d:c4:12:66:ce:
b8:3f:c8:92:a1:64:e0:be:07:10:33:59:b7:b1:31:1d:67:38:
d6:21:a4:76:d5:fc:da:d8:50:91:cb:9e:42:6d:f3:89:91:33:
e9:8e:ef:80:60:f5:8d:65:9d:f6:e7:8e:4b:3e:c5:f3:99:b8:
dd:54:25:51:32:ef:29:8c:38:b9:e3:95:08:fc:5c:b3:7a:42:
9e:3b:72:07:9d:f9:77:b9:3c:b2:07:cb:e0:4a:da:3c:f7:9b:
ff:9c:d5:fc:79:97:4b:f0:63:8b:b5:58:ed:34:e1:ba:34:7c:
31:bc:e9:fb:dd:6b:cf:72:3d:bd:b2:32:7e:f1:8c:f9:99:2e:
d8:0c:11:37:ce:03:89:98:50:1e:94:2f:15:8e:39:70:1f:e2:
ac:7f:40:5a:5a:55:f5:57:83:c5:73:bd:4e:1b:cc:9e:b5:c6:
99:76:a4:be:29:e9:e5:d4:40:fc:1d:47:8f:52:57:a5:24:36:
a3:4f:3d:30:ed:26:8d:77:48:22:cb:e3:a0:b3:92:a4:b2:b9:
b7:a2:b4:84:f0:c0:94:a2:75:48:31:de:35:f3:df:ae:8c:0a:
45:ed:40:1e:1e:8f:20:04:e7:48:8d:76:27:f1:30:d0:a2:4e:
be:20:39:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZX4sk3U8A78b3Q/EN2E1z5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4N2Y1NDc4ZDFlOTRmMjQwNzA1NzIyYzM3ODkwNzZkYWY1
NTM3NTcwHhcNMjUwNDAyMjI0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ2MDdlYmNkZDcwZDNkNWY5NGRlODQ0ZjhiOGViMTkwNDQ0YzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC20IqvQz9ny/LZ11vRfH/cvuPe0
q2WhPSILS41xIp8AmsuTuAa1eX2JmTAWJ+8XpcIuDs2zQSoboad6KLwjyz7fFTyi
mMmWJTGElilKQmb3szdgnffxm/5+xD9DFx/IIlCeCyLfP8AbjTZxWBkxr7UOrBD6
AVk/zwVMWiPW7RaGCwgARxem0JGZwWKpYUTRcobUiPN3POddRTjXcHbrmA5AvzVc
/xCmYtIQOA2c0gSkKVcQ7RMvAF3GTAzrn4ZkvK5Tribjfxn/Uo4RXPfdjHJvEvXv
CrGfTy3h3TZ0cRZSsmkbx6MeldPEPzBBP/pubh9QSW0WuWN/p8YlceV5gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDvWB+vN1w09X5TehE+LjrGQREwgMB8GA1UdIwQY
MBaAFFh/VHjR6U8kBwVyLDeJB22vVTdXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0g5VWVOSHBUeVFIQlhJc040a0hiYTlWTjFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8xNTMyNmYtYzE3NC00OTNhLTk5OWMt
Y2YwMDk5ZTA3MmMzLzEvTzlZSDY4M1hEVDFmbE42RVQ0dU9zWkJFVENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8xNTMyNmYtYzE3NC00OTNhLTk5OWMtY2YwMDk5ZTA3MmMz
LzEvV0g5VWVOSHBUeVFIQlhJc040a0hiYTlWTjFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZDcMA0G
CSqGSIb3DQEBCwUAA4IBAQAx/V9MEtlIGPX2rcC0LcQSZs64P8iSoWTgvgcQM1m3
sTEdZzjWIaR21fza2FCRy55CbfOJkTPpju+AYPWNZZ32545LPsXzmbjdVCVRMu8p
jDi545UI/FyzekKeO3IHnfl3uTyyB8vgSto895v/nNX8eZdL8GOLtVjtNOG6NHwx
vOn73WvPcj29sjJ+8Yz5mS7YDBE3zgOJmFAelC8VjjlwH+Ksf0BaWlX1V4PFc71O
G8yetcaZdqS+Kenl1ED8HUePUlelJDajTz0w7SaNd0giy+Ogs5Kksrm3orSE8MCU
onVIMd4189+ujApF7UAeHo8gBOdIjXYn8TDQok6+IDnC
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:39 2025 by rpki-client on console.sobornost.net