Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/lSuIVw3N48aT37HiNCmvL9yobAM.roa
File: lSuIVw3N48aT37HiNCmvL9yobAM.roa (raw, json)
Hash identifier: IhuCwiYPDv3rshf12vVVngSoG++ACPn2/cVV+4nbEJg=
Subject key identifier: 95:2B:88:57:0D:CD:E3:C6:93:DF:B1:E2:34:29:AF:2F:DC:A8:6C:03
Certificate issuer: /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial: 01952487ECF04C6F1411694E23C15C7F4A52
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/lSuIVw3N48aT37HiNCmvL9yobAM.roa
Signing time: Thu 20 Feb 2025 18:04:02 +0000
ROA not before: Thu 20 Feb 2025 18:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203936
IP address blocks: 45.148.73.0/24 maxlen: 24
45.148.74.0/23 maxlen: 24
45.148.74.0/24 maxlen: 24
45.148.75.0/24 maxlen: 24
109.205.136.0/22 maxlen: 22
185.118.188.0/22 maxlen: 24
185.128.60.0/22 maxlen: 22
185.237.136.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:24:87:ec:f0:4c:6f:14:11:69:4e:23:c1:5c:7f:4a:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Validity
Not Before: Feb 20 18:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=952b88570dcde3c693dfb1e23429af2fdca86c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cd:5d:3c:2c:7f:ad:fe:53:a4:6e:e4:d3:e3:
41:48:25:2f:c2:b8:31:9d:dc:a4:32:3f:1b:91:10:
9e:58:52:13:0b:6c:ef:dd:63:20:d6:c2:5b:86:a5:
4f:73:e6:e4:8a:1f:7a:65:10:1e:11:ec:33:51:24:
82:17:89:1c:4c:36:26:aa:19:bd:19:cd:a5:c2:6f:
41:31:62:28:2d:ae:ad:98:8b:2c:3e:0a:b7:99:49:
be:a5:0c:3c:da:e7:63:b3:f7:60:40:30:fb:da:d4:
24:dc:56:c4:72:38:1a:51:65:10:b0:36:b0:33:1e:
d3:ad:72:4a:d9:da:6a:5d:6a:27:c1:ee:27:0d:8f:
78:29:83:33:f7:9b:e3:0d:ea:1e:2d:14:15:0f:95:
6d:29:1d:15:66:b6:07:dc:cb:21:b0:15:c5:e2:85:
2e:7f:9a:2d:e4:ef:8e:32:36:33:d2:1f:05:3e:b7:
30:e1:ab:1c:10:36:29:ce:2d:a6:c2:44:99:aa:07:
d6:aa:a7:06:dd:4f:aa:b0:5c:9a:36:68:d1:80:ed:
c3:9a:22:b5:26:62:26:1c:e9:50:f0:94:54:1a:c8:
0b:08:3e:ed:cc:8f:ad:c5:4f:1f:ff:9c:be:99:86:
f3:2a:f6:b5:3f:4d:b2:f4:72:75:d0:32:07:4e:17:
6a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:2B:88:57:0D:CD:E3:C6:93:DF:B1:E2:34:29:AF:2F:DC:A8:6C:03
X509v3 Authority Key Identifier:
keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/lSuIVw3N48aT37HiNCmvL9yobAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.73.0-45.148.75.255
109.205.136.0/22
185.118.188.0/22
185.128.60.0/22
185.237.136.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:58:bf:a1:74:fd:35:16:1c:b3:8f:a1:27:77:a9:aa:bc:e4:
85:59:09:77:0b:75:5c:ad:aa:8d:ea:48:53:5f:c4:94:3e:08:
f9:e2:dc:9b:71:35:ac:2a:02:25:29:8e:57:13:ee:58:08:b1:
e0:a3:2d:28:b9:67:db:dc:66:52:1a:9f:bd:6e:79:33:6d:8c:
a0:2d:fe:76:30:b9:5d:73:d7:53:35:9a:15:51:be:02:a7:25:
82:44:b2:2a:46:ed:85:bd:09:09:7f:83:9b:cf:c9:5b:de:74:
a3:6a:2a:57:39:0c:d1:4f:f6:dc:28:46:e3:92:b2:70:bf:f1:
d2:04:25:31:fb:ea:c0:de:a4:6c:b6:a4:c1:fe:e3:f0:66:ad:
72:4b:6e:90:20:d1:00:b0:ea:31:6f:e8:f8:4d:a7:ed:06:d2:
11:30:55:2e:64:85:a4:b1:4f:7f:50:4c:e9:39:cd:77:c0:a1:
21:be:64:8f:79:35:83:82:9b:82:af:7c:68:f9:70:53:1a:7f:
6d:6f:a5:f4:fd:ff:27:9f:23:83:b8:3f:78:69:de:8c:1e:77:
a9:bc:e3:b3:4f:38:0b:e9:42:7c:9a:f5:9a:78:c9:f6:a9:67:
16:26:6f:6c:84:c5:ea:66:03:84:df:35:ec:e3:14:8c:ca:e6:
e4:df:4a:af
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZUkh+zwTG8UEWlOI8Fcf0pSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjUwMjIwMTgwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTJiODg1NzBkY2RlM2M2OTNkZmIxZTIzNDI5YWYyZmRjYTg2YzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc1dPCx/rf5TpG7k0+NBSCUvwrgx
ndykMj8bkRCeWFITC2zv3WMg1sJbhqVPc+bkih96ZRAeEewzUSSCF4kcTDYmqhm9
Gc2lwm9BMWIoLa6tmIssPgq3mUm+pQw82udjs/dgQDD72tQk3FbEcjgaUWUQsDaw
Mx7TrXJK2dpqXWonwe4nDY94KYMz95vjDeoeLRQVD5VtKR0VZrYH3MshsBXF4oUu
f5ot5O+OMjYz0h8FPrcw4ascEDYpzi2mwkSZqgfWqqcG3U+qsFyaNmjRgO3DmiK1
JmImHOlQ8JRUGsgLCD7tzI+txU8f/5y+mYbzKva1P02y9HJ10DIHThdq4wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJUriFcNzePGk9+x4jQpry/cqGwDMB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEvbFN1SVZ3M040OGFUMzdIaU5DbXZMOXlvYkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAAtlEkD
BAItlEgDBAJtzYgDBAK5drwDBAK5gDwDBAK57YgwDQYJKoZIhvcNAQELBQADggEB
AHpYv6F0/TUWHLOPoSd3qaq85IVZCXcLdVytqo3qSFNfxJQ+CPni3JtxNawqAiUp
jlcT7lgIseCjLSi5Z9vcZlIan71ueTNtjKAt/nYwuV1z11M1mhVRvgKnJYJEsipG
7YW9CQl/g5vPyVvedKNqKlc5DNFP9twoRuOSsnC/8dIEJTH76sDepGy2pMH+4/Bm
rXJLbpAg0QCw6jFv6PhNp+0G0hEwVS5khaSxT39QTOk5zXfAoSG+ZI95NYOCm4Kv
fGj5cFMaf21vpfT9/yefI4O4P3hp3owed6m847NPOAvpQnya9Zp4yfapZxYmb2yE
xepmA4TfNezjFIzK5uTfSq8=
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:48:47 2025 by rpki-client on console.sobornost.net