Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/RZK0b0ovThhwOspu5E-ursP21fk.roa
File: RZK0b0ovThhwOspu5E-ursP21fk.roa (raw, json)
Hash identifier: QD9vKhIKNC6G+l7AznXUzzLsXomMDZljRclFB7nn2HQ=
Subject key identifier: 45:92:B4:6F:4A:2F:4E:18:70:3A:CA:6E:E4:4F:AE:AE:C3:F6:D5:F9
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 019425221D33BE466535771C8F0EBC511186
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/RZK0b0ovThhwOspu5E-ursP21fk.roa
Signing time: Thu 02 Jan 2025 03:49:40 +0000
ROA not before: Thu 02 Jan 2025 03:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51531
IP address blocks: 45.129.80.0/22 maxlen: 24
45.159.240.0/22 maxlen: 24
46.31.120.0/21 maxlen: 24
81.89.88.0/21 maxlen: 24
185.70.20.0/22 maxlen: 24
185.176.194.0/23 maxlen: 24
2a02:c50::/32 maxlen: 32
2a02:c50::/34 maxlen: 34
2a02:c50:6000::/35 maxlen: 35
2a02:c50:8000::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:1d:33:be:46:65:35:77:1c:8f:0e:bc:51:11:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Jan 2 03:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4592b46f4a2f4e18703aca6ee44faeaec3f6d5f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:73:a5:58:ad:e5:7d:52:48:7e:75:66:51:e7:
ce:ea:c7:04:94:cf:7b:90:e3:bc:52:96:26:7c:64:
c7:7e:bf:3e:80:ed:3e:1a:9a:1f:71:07:c2:dd:cf:
13:91:21:48:60:58:23:b1:ba:45:f2:a3:84:09:f1:
b6:46:78:0a:59:77:6b:1e:08:8d:16:7d:28:d9:81:
28:56:f3:d2:72:20:bd:f5:37:59:23:fa:ec:a9:23:
c2:fa:c3:9f:ce:c6:41:93:1b:8a:cf:b0:61:e3:57:
24:32:43:fc:aa:9d:67:3d:66:00:52:8f:47:80:fd:
4d:a7:8f:29:e2:bc:e5:17:a4:b9:bc:e0:0d:db:de:
71:87:2e:37:34:b4:62:59:04:46:bd:b5:f1:d4:80:
77:22:bd:dc:b9:e5:4d:c3:06:13:d2:ae:b6:40:07:
63:37:5e:f4:a8:f4:24:ad:9d:29:4a:6f:4b:8f:72:
aa:b9:1c:16:cc:fc:6c:54:70:de:36:40:f0:9c:05:
65:a7:aa:76:8e:2a:21:e9:d4:8b:0c:d7:d8:29:0a:
8e:e0:79:97:e7:41:31:59:e9:94:b3:ac:1f:f0:7c:
42:f2:33:1b:f0:15:db:21:88:1d:49:65:f6:68:72:
0a:3a:fb:31:21:14:48:0c:5a:e2:94:38:ae:ca:92:
4a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:92:B4:6F:4A:2F:4E:18:70:3A:CA:6E:E4:4F:AE:AE:C3:F6:D5:F9
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/RZK0b0ovThhwOspu5E-ursP21fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.80.0/22
45.159.240.0/22
46.31.120.0/21
81.89.88.0/21
185.70.20.0/22
185.176.194.0/23
IPv6:
2a02:c50::/32
Signature Algorithm: sha256WithRSAEncryption
c1:be:ea:06:a7:c0:df:55:49:1b:eb:78:ed:f2:42:d5:17:1d:
b6:06:58:00:7b:30:f5:12:85:6d:34:ea:5d:48:d2:32:ca:91:
ac:48:36:a8:db:38:4b:d1:f8:b9:05:4d:43:d8:d4:72:5f:15:
2b:2c:59:9c:6a:ff:94:e4:88:7d:db:d9:d9:92:90:f0:ad:c9:
46:86:a2:08:b6:ac:87:2e:48:33:29:7c:dc:2a:8e:05:6e:54:
47:52:b4:04:a3:c1:f1:82:60:5c:a8:03:38:8d:df:7e:df:62:
60:e7:59:42:45:fc:bd:0b:04:b3:39:88:1c:da:c9:93:f8:bc:
94:b5:46:a7:0d:20:55:04:13:2a:da:69:67:6e:15:eb:e4:31:
a3:17:e7:1d:96:5b:60:18:23:96:6e:71:16:c0:40:ce:f8:0e:
e3:12:a0:fc:f5:af:87:ff:5f:3a:0e:62:cb:93:ec:93:ed:37:
2a:d2:3c:00:57:66:33:cf:4e:d2:37:89:8e:d4:eb:41:43:77:
3c:0e:ad:8e:58:21:a5:90:fb:c5:eb:ba:03:9e:a2:9b:d9:fc:
43:db:34:c7:e8:76:a1:26:54:d0:8c:5e:a0:ad:5e:b6:37:48:
27:f6:5f:b6:3d:53:e7:5f:6f:58:ba:cd:da:0f:25:5e:1b:39:
39:b2:01:8b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQlIh0zvkZlNXccjw68URGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjUwMTAyMDM0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTkyYjQ2ZjRhMmY0ZTE4NzAzYWNhNmVlNDRmYWVhZWMzZjZkNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHOlWK3lfVJIfnVmUefO6scElM97
kOO8UpYmfGTHfr8+gO0+GpofcQfC3c8TkSFIYFgjsbpF8qOECfG2RngKWXdrHgiN
Fn0o2YEoVvPSciC99TdZI/rsqSPC+sOfzsZBkxuKz7Bh41ckMkP8qp1nPWYAUo9H
gP1Np48p4rzlF6S5vOAN295xhy43NLRiWQRGvbXx1IB3Ir3cueVNwwYT0q62QAdj
N170qPQkrZ0pSm9Lj3KquRwWzPxsVHDeNkDwnAVlp6p2jioh6dSLDNfYKQqO4HmX
50ExWemUs6wf8HxC8jMb8BXbIYgdSWX2aHIKOvsxIRRIDFrilDiuypJKFwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFEWStG9KL04YcDrKbuRPrq7D9tX5MB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvUlpLMGIwb3ZUaGh3T3NwdTVFLXVyc1AyMWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLYFQAwQC
LZ/wAwQDLh94AwQDUVlYAwQCuUYUAwQBubDCMA0EAgACMAcDBQAqAgxQMA0GCSqG
SIb3DQEBCwUAA4IBAQDBvuoGp8DfVUkb63jt8kLVFx22BlgAezD1EoVtNOpdSNIy
ypGsSDao2zhL0fi5BU1D2NRyXxUrLFmcav+U5Ih929nZkpDwrclGhqIItqyHLkgz
KXzcKo4FblRHUrQEo8HxgmBcqAM4jd9+32Jg51lCRfy9CwSzOYgc2smT+LyUtUan
DSBVBBMq2mlnbhXr5DGjF+cdlltgGCOWbnEWwEDO+A7jEqD89a+H/186DmLLk+yT
7Tcq0jwAV2Yzz07SN4mO1OtBQ3c8Dq2OWCGlkPvF67oDnqKb2fxD2zTH6HahJlTQ
jF6grV62N0gn9l+2PVPnX29Yus3aDyVeGzk5sgGL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:53 2025 by rpki-client on console.sobornost.net