Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/pr92RRldZeeN3SfZorlgTOoEucc.roa
File: pr92RRldZeeN3SfZorlgTOoEucc.roa (raw, json)
Hash identifier: HFGosgUi8zACi7tGNxd2jVskK6t9qCxO1KzvQdin2aA=
Subject key identifier: A6:BF:76:45:19:5D:65:E7:8D:DD:27:D9:A2:B9:60:4C:EA:04:B9:C7
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 0193F48F30A7CD65472F46F8AC4C874B9A5C
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/pr92RRldZeeN3SfZorlgTOoEucc.roa
Signing time: Mon 23 Dec 2024 17:27:24 +0000
ROA not before: Mon 23 Dec 2024 17:27:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51531
IP address blocks: 45.129.80.0/22 maxlen: 24
45.159.240.0/22 maxlen: 24
46.31.120.0/21 maxlen: 24
81.89.88.0/21 maxlen: 24
185.70.20.0/22 maxlen: 24
185.176.194.0/23 maxlen: 24
2a02:c50::/32 maxlen: 32
2a02:c50::/34 maxlen: 34
2a02:c50:6000::/35 maxlen: 35
2a02:c50:8000::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f4:8f:30:a7:cd:65:47:2f:46:f8:ac:4c:87:4b:9a:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Dec 23 17:27:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6bf7645195d65e78ddd27d9a2b9604cea04b9c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:18:09:3c:0d:23:e5:e2:83:71:bc:13:86:30:
79:35:4e:3e:5d:88:7b:26:21:79:90:a0:03:19:ad:
4f:2a:38:df:57:21:7e:4c:73:c0:3d:b5:41:94:88:
6b:3a:4f:7d:84:f2:fc:31:85:26:72:7a:d7:f0:1b:
bb:bd:16:cb:e9:39:51:12:cf:66:15:f3:58:78:4e:
e9:ce:5a:28:02:82:79:58:9c:65:32:b2:6c:a4:a4:
23:d1:5a:20:5b:ab:98:4a:61:69:84:44:a9:b8:7a:
74:d9:24:4d:c9:d3:09:10:af:a5:c3:a7:34:5c:30:
e8:40:d3:68:ba:50:11:d5:01:57:a0:72:ee:2c:e8:
1d:53:40:bd:77:12:f3:f5:29:92:a8:2c:ed:55:4e:
a8:c4:f0:1f:46:35:7e:ae:0d:cb:96:7f:ee:94:fd:
dc:41:d8:61:b0:bc:07:ed:27:9a:6a:a1:3c:67:3e:
5b:07:f4:90:f2:f1:50:b2:9a:76:61:48:3d:84:c2:
78:ee:29:2c:3e:e4:ab:6c:38:cd:7c:a5:80:04:01:
4e:94:ee:f4:51:70:c7:ed:c6:e8:17:a2:87:b4:9b:
cd:fa:ec:42:81:9e:4b:37:5e:5b:e9:5e:be:bf:3b:
d8:b3:ea:e2:d2:47:49:38:29:a6:ea:54:dc:c5:ef:
8a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:BF:76:45:19:5D:65:E7:8D:DD:27:D9:A2:B9:60:4C:EA:04:B9:C7
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/pr92RRldZeeN3SfZorlgTOoEucc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.80.0/22
45.159.240.0/22
46.31.120.0/21
81.89.88.0/21
185.70.20.0/22
185.176.194.0/23
IPv6:
2a02:c50::/32
Signature Algorithm: sha256WithRSAEncryption
26:d6:fa:78:72:c4:1c:c7:43:0a:b5:ad:b1:e2:4d:18:4d:c4:
0f:c8:b8:60:42:c1:76:d4:41:b0:53:9e:8d:38:1f:b2:37:0f:
14:14:e5:45:64:20:c9:cd:4f:84:d5:f5:9e:3a:4d:56:03:e4:
88:cc:73:a7:e4:c6:c1:f8:5b:d4:ef:dc:9c:1d:27:bd:94:2d:
0a:76:ea:01:90:77:45:ee:a6:42:95:3f:27:cb:a6:9a:1c:a2:
d2:b3:0e:07:74:8a:ae:b8:5c:69:71:be:c2:fb:e7:0a:47:6f:
e5:bc:a6:38:95:d5:03:78:41:42:96:47:1b:ea:64:4a:e9:23:
34:15:95:ef:38:64:d8:dd:3e:75:ef:a6:37:47:6f:27:2c:09:
dc:8d:66:c0:a5:05:60:61:a0:89:05:60:21:82:6e:b3:74:f6:
63:02:4b:f0:89:87:4c:ce:07:73:dd:b0:5f:2e:f0:97:eb:4d:
c2:5f:00:d8:d9:b8:0f:3b:9d:89:ae:07:74:76:a4:79:16:19:
74:14:df:5c:d0:2e:a0:3c:95:86:8a:c3:88:91:e4:25:7f:9a:
80:b4:6c:73:6d:96:62:3f:ad:b2:1f:76:e8:2d:7d:c5:0f:d7:
be:cf:04:fd:bc:4c:3c:c8:99:37:71:92:b4:41:05:13:7d:fb:
d8:34:70:23
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZP0jzCnzWVHL0b4rEyHS5pcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjQxMjIzMTcyNzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmJmNzY0NTE5NWQ2NWU3OGRkZDI3ZDlhMmI5NjA0Y2VhMDRiOWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBgJPA0j5eKDcbwThjB5NU4+XYh7
JiF5kKADGa1PKjjfVyF+THPAPbVBlIhrOk99hPL8MYUmcnrX8Bu7vRbL6TlREs9m
FfNYeE7pzlooAoJ5WJxlMrJspKQj0VogW6uYSmFphESpuHp02SRNydMJEK+lw6c0
XDDoQNNoulAR1QFXoHLuLOgdU0C9dxLz9SmSqCztVU6oxPAfRjV+rg3Lln/ulP3c
QdhhsLwH7SeaaqE8Zz5bB/SQ8vFQspp2YUg9hMJ47iksPuSrbDjNfKWABAFOlO70
UXDH7cboF6KHtJvN+uxCgZ5LN15b6V6+vzvYs+ri0kdJOCmm6lTcxe+KHwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKa/dkUZXWXnjd0n2aK5YEzqBLnHMB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvcHI5MlJSbGRaZWVOM1NmWm9ybGdUT29FdWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLYFQAwQC
LZ/wAwQDLh94AwQDUVlYAwQCuUYUAwQBubDCMA0EAgACMAcDBQAqAgxQMA0GCSqG
SIb3DQEBCwUAA4IBAQAm1vp4csQcx0MKta2x4k0YTcQPyLhgQsF21EGwU56NOB+y
Nw8UFOVFZCDJzU+E1fWeOk1WA+SIzHOn5MbB+FvU79ycHSe9lC0KduoBkHdF7qZC
lT8ny6aaHKLSsw4HdIquuFxpcb7C++cKR2/lvKY4ldUDeEFClkcb6mRK6SM0FZXv
OGTY3T5176Y3R28nLAncjWbApQVgYaCJBWAhgm6zdPZjAkvwiYdMzgdz3bBfLvCX
603CXwDY2bgPO52Jrgd0dqR5Fhl0FN9c0C6gPJWGisOIkeQlf5qAtGxzbZZiP62y
H3boLX3FD9e+zwT9vEw8yJk3cZK0QQUTffvYNHAj
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:21 2024 by rpki-client on console.sobornost.net