Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/EjJhFVjaWqZKGfQWMd97kYWrDlM.roa
File: EjJhFVjaWqZKGfQWMd97kYWrDlM.roa (raw, json)
Hash identifier: /S06YJ/Zh2v+rag/BpoYXesfvJadM63GBkvZQOcn4hU=
Subject key identifier: 12:32:61:15:58:DA:5A:A6:4A:19:F4:16:31:DF:7B:91:85:AB:0E:53
Certificate issuer: /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial: 01948DF1E030F907F48A3665C88DDAFD3EC1
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/EjJhFVjaWqZKGfQWMd97kYWrDlM.roa
Signing time: Wed 22 Jan 2025 12:17:06 +0000
ROA not before: Wed 22 Jan 2025 12:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203936
IP address blocks: 45.148.72.0/24 maxlen: 24
45.148.73.0/24 maxlen: 24
45.148.74.0/23 maxlen: 24
45.148.74.0/24 maxlen: 24
45.148.75.0/24 maxlen: 24
109.205.136.0/22 maxlen: 22
185.118.188.0/22 maxlen: 24
185.128.60.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8d:f1:e0:30:f9:07:f4:8a:36:65:c8:8d:da:fd:3e:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Validity
Not Before: Jan 22 12:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1232611558da5aa64a19f41631df7b9185ab0e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e0:89:ef:67:63:c5:6f:de:bd:a5:76:5e:9d:
f7:52:7f:24:40:9e:77:ae:d8:57:f5:a6:44:ca:eb:
e0:fc:e1:e4:fc:4d:ff:fc:c7:80:4b:de:d3:b7:29:
c3:c6:3f:4f:94:5d:00:9b:2a:ad:33:8c:5f:c1:9a:
9f:29:7c:69:2a:6a:12:6c:a7:42:87:1b:47:d9:78:
9c:37:ed:bb:30:da:79:3d:7e:05:c8:e7:03:10:44:
79:3a:ed:e9:1a:35:51:a1:6d:c3:2b:34:05:76:b4:
65:ab:c9:73:fa:d7:04:2a:cc:79:b2:9a:b1:f6:00:
30:2a:be:6b:33:07:9a:f0:43:cb:e7:fc:d2:60:22:
b2:cb:31:f2:4a:70:60:80:b5:60:47:4d:62:b1:96:
b4:1f:ae:bf:47:24:6d:c4:12:e3:a3:af:89:92:c2:
23:a8:74:1b:2d:dd:e1:44:48:c9:f2:b1:34:a1:4f:
96:44:e9:9c:2e:b8:37:4a:45:cf:d8:43:5d:66:17:
5f:f0:c9:03:db:0f:5e:a1:68:29:58:6f:b4:74:e9:
13:dd:75:bc:6b:76:e6:8d:2c:4e:bc:9c:0c:2d:9e:
5a:5c:a0:fc:cd:74:eb:ce:1d:8d:f1:24:2e:3b:e2:
5c:37:14:76:b9:75:50:93:8b:36:05:e3:ac:95:3f:
65:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:32:61:15:58:DA:5A:A6:4A:19:F4:16:31:DF:7B:91:85:AB:0E:53
X509v3 Authority Key Identifier:
keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/EjJhFVjaWqZKGfQWMd97kYWrDlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.72.0/22
109.205.136.0/22
185.118.188.0/22
185.128.60.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:8d:5e:47:b8:71:6c:37:37:ae:da:c3:9d:df:b7:bf:77:fe:
de:1a:0b:14:e9:3a:ba:0f:3e:90:6b:9f:b6:63:65:4a:e3:2b:
f0:d4:4d:ba:3a:ee:24:bb:2b:c4:02:3d:e7:46:33:7c:7e:f1:
8a:fd:db:ee:f4:41:80:98:fc:c1:5e:d0:b8:c5:e8:65:39:60:
2b:c3:3f:25:a6:f0:cf:ff:66:e6:27:16:1b:42:d1:06:e3:0f:
dc:e6:25:aa:95:bc:b8:92:30:2c:95:cd:0f:04:aa:d2:3f:48:
5e:df:d1:e5:da:14:cc:9c:05:11:ab:8e:d2:37:63:30:78:8c:
14:67:7d:b1:a8:ef:ac:bd:0f:a2:5f:f6:86:a3:9c:c4:22:80:
f2:3d:99:38:e5:30:bc:5b:8c:c5:f0:24:10:6c:05:95:95:80:
da:04:a1:9b:39:ae:06:7b:45:52:0e:4b:39:93:8f:fc:1c:3e:
96:24:8c:82:fd:31:bb:7b:da:74:d2:34:4d:79:78:c3:81:94:
c9:19:6f:5e:55:d1:10:98:bd:1c:d4:d0:ca:86:63:67:cb:44:
72:e3:5b:2f:b9:90:ac:de:74:7e:49:9e:48:e8:da:28:f6:1f:
4b:99:25:e1:36:0c:74:06:2a:07:36:bd:69:57:ec:df:32:31:
95:51:bb:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZSN8eAw+Qf0ijZlyI3a/T7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjUwMTIyMTIxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjMyNjExNTU4ZGE1YWE2NGExOWY0MTYzMWRmN2I5MTg1YWIwZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uCJ72djxW/evaV2Xp33Un8kQJ53
rthX9aZEyuvg/OHk/E3//MeAS97TtynDxj9PlF0AmyqtM4xfwZqfKXxpKmoSbKdC
hxtH2XicN+27MNp5PX4FyOcDEER5Ou3pGjVRoW3DKzQFdrRlq8lz+tcEKsx5spqx
9gAwKr5rMwea8EPL5/zSYCKyyzHySnBggLVgR01isZa0H66/RyRtxBLjo6+JksIj
qHQbLd3hREjJ8rE0oU+WROmcLrg3SkXP2ENdZhdf8MkD2w9eoWgpWG+0dOkT3XW8
a3bmjSxOvJwMLZ5aXKD8zXTrzh2N8SQuO+JcNxR2uXVQk4s2BeOslT9lVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBIyYRVY2lqmShn0FjHfe5GFqw5TMB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEvRWpKaEZWamFXcVpLR2ZRV01kOTdrWVdyRGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLZRIAwQC
bc2IAwQCuXa8AwQCuYA8MA0GCSqGSIb3DQEBCwUAA4IBAQAfjV5HuHFsNzeu2sOd
37e/d/7eGgsU6Tq6Dz6Qa5+2Y2VK4yvw1E26Ou4kuyvEAj3nRjN8fvGK/dvu9EGA
mPzBXtC4xehlOWArwz8lpvDP/2bmJxYbQtEG4w/c5iWqlby4kjAslc0PBKrSP0he
39Hl2hTMnAURq47SN2MweIwUZ32xqO+svQ+iX/aGo5zEIoDyPZk45TC8W4zF8CQQ
bAWVlYDaBKGbOa4Ge0VSDks5k4/8HD6WJIyC/TG7e9p00jRNeXjDgZTJGW9eVdEQ
mL0c1NDKhmNny0Ry41svuZCs3nR+SZ5I6Noo9h9LmSXhNgx0BioHNr1pV+zfMjGV
Ubuc
-----END CERTIFICATE-----
Generated at Thu Jan 23 15:59:35 2025 by rpki-client on console.sobornost.net