Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/81xLXblLEOJN53PwtZFQBXeEBgQ.roa
File: 81xLXblLEOJN53PwtZFQBXeEBgQ.roa (raw, json)
Hash identifier: zfXdc8Zlltoe+oO1jAvUw7AIzebz5rH/QD5mNoJcWRI=
Subject key identifier: F3:5C:4B:5D:B9:4B:10:E2:4D:E7:73:F0:B5:91:50:05:77:84:06:04
Certificate issuer: /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial: 019423D6C5E1A8EBC8CF8BA7AC03E40DC2E6
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/81xLXblLEOJN53PwtZFQBXeEBgQ.roa
Signing time: Wed 01 Jan 2025 21:47:45 +0000
ROA not before: Wed 01 Jan 2025 21:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203936
IP address blocks: 45.148.72.0/24 maxlen: 24
45.148.73.0/24 maxlen: 24
45.148.74.0/23 maxlen: 24
45.148.74.0/24 maxlen: 24
45.148.75.0/24 maxlen: 24
185.118.188.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c5:e1:a8:eb:c8:cf:8b:a7:ac:03:e4:0d:c2:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Validity
Not Before: Jan 1 21:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f35c4b5db94b10e24de773f0b591500577840604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cb:34:cc:04:f5:8d:c2:1e:fb:e2:bc:7c:58:
ae:46:bb:d5:44:51:f4:6f:ef:f0:e9:fb:f3:ab:fe:
ac:49:07:a7:4f:76:5b:70:e8:ad:92:40:c5:07:d5:
38:59:be:c3:5b:dc:03:9a:1b:7d:8d:8f:96:5f:b6:
1c:3f:4e:c2:c0:e9:da:9d:d7:df:a3:b9:10:53:01:
85:28:88:ed:a5:e1:c3:74:ba:3c:64:99:76:7b:2e:
f8:47:51:a1:84:67:bb:25:7a:24:d2:bf:d2:d7:32:
91:50:13:03:4e:6c:9e:3f:1e:66:bb:fb:ef:07:22:
45:4e:e3:08:b1:4f:dd:a4:b9:63:0e:5a:db:5f:fd:
4a:01:5c:95:5f:a0:45:f8:ca:de:51:65:f6:14:77:
d0:79:f1:42:fd:81:4d:02:0a:c4:4a:69:3d:51:7d:
94:e5:87:31:ea:59:55:58:86:40:9a:36:53:14:22:
82:e2:55:bc:25:43:12:bf:ba:be:3f:e6:f1:1f:b5:
7c:35:da:e1:6d:1f:7d:f5:ea:20:f7:ef:91:47:9c:
11:11:a0:7e:18:3f:46:5f:3f:60:8b:9a:4c:47:6d:
f3:13:92:aa:ac:83:ac:02:59:b3:b6:33:47:a4:68:
97:45:10:a2:af:ca:df:52:66:b8:7d:8d:95:13:41:
d0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:5C:4B:5D:B9:4B:10:E2:4D:E7:73:F0:B5:91:50:05:77:84:06:04
X509v3 Authority Key Identifier:
keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/81xLXblLEOJN53PwtZFQBXeEBgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.72.0/22
185.118.188.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:95:39:fd:2e:d0:dd:fe:38:af:97:0f:c1:04:b0:0c:cf:67:
38:e7:cd:9b:3a:9a:74:95:7e:a9:fb:9e:0b:38:b9:36:f6:e6:
99:16:64:bd:71:c0:dc:44:a2:e1:fb:e2:27:f5:3b:98:3a:6f:
f5:2a:0c:8b:c6:b2:82:e3:07:f0:db:8e:55:08:97:b6:91:e2:
7b:06:7d:3d:3f:e0:e7:d5:5c:11:bf:48:64:9e:54:d6:ef:03:
74:91:eb:80:31:1d:b4:5d:10:e8:af:cf:d2:49:e8:ac:10:43:
70:44:2d:35:b5:f0:f1:61:16:fa:97:25:b8:60:36:2e:7d:24:
74:90:b8:61:d9:f0:31:a0:4b:49:6c:0f:f2:de:dd:82:c2:63:
79:f6:ce:44:e0:72:b0:fe:61:4f:49:6d:87:02:8c:d5:30:d9:
48:41:2f:42:3b:f1:ad:02:1f:98:7c:49:7e:df:fd:05:3b:0c:
df:d2:b7:b0:b3:49:c5:47:3d:0c:7a:c2:b7:87:31:02:65:47:
75:c0:fd:0f:8b:38:a1:46:9a:39:ab:89:d1:92:e2:36:13:65:
d2:2b:ad:64:9a:4f:93:3d:66:3d:58:a8:28:ae:91:16:41:f9:
8f:d3:5d:3b:9e:b9:c1:49:80:65:55:54:71:91:e0:26:ab:13:
c8:d7:06:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1sXhqOvIz4unrAPkDcLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjUwMTAxMjE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzVjNGI1ZGI5NGIxMGUyNGRlNzczZjBiNTkxNTAwNTc3ODQwNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcs0zAT1jcIe++K8fFiuRrvVRFH0
b+/w6fvzq/6sSQenT3ZbcOitkkDFB9U4Wb7DW9wDmht9jY+WX7YcP07CwOnandff
o7kQUwGFKIjtpeHDdLo8ZJl2ey74R1GhhGe7JXok0r/S1zKRUBMDTmyePx5mu/vv
ByJFTuMIsU/dpLljDlrbX/1KAVyVX6BF+MreUWX2FHfQefFC/YFNAgrESmk9UX2U
5Ycx6llVWIZAmjZTFCKC4lW8JUMSv7q+P+bxH7V8NdrhbR999eog9++RR5wREaB+
GD9GXz9gi5pMR23zE5KqrIOsAlmztjNHpGiXRRCir8rfUma4fY2VE0HQBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPNcS125SxDiTedz8LWRUAV3hAYEMB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEvODF4TFhibExFT0pONTNQd3RaRlFCWGVFQmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZRIAwQC
uXa8MA0GCSqGSIb3DQEBCwUAA4IBAQB+lTn9LtDd/jivlw/BBLAMz2c4582bOpp0
lX6p+54LOLk29uaZFmS9ccDcRKLh++In9TuYOm/1KgyLxrKC4wfw245VCJe2keJ7
Bn09P+Dn1VwRv0hknlTW7wN0keuAMR20XRDor8/SSeisEENwRC01tfDxYRb6lyW4
YDYufSR0kLhh2fAxoEtJbA/y3t2CwmN59s5E4HKw/mFPSW2HAozVMNlIQS9CO/Gt
Ah+YfEl+3/0FOwzf0rews0nFRz0MesK3hzECZUd1wP0PizihRpo5q4nRkuI2E2XS
K61kmk+TPWY9WKgorpEWQfmP0107nrnBSYBlVVRxkeAmqxPI1wY0
-----END CERTIFICATE-----
Generated at Wed Jan 22 17:21:59 2025 by rpki-client on console.sobornost.net