Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/l-ehjkba5MFL6bTBmw0p0je8kv0.roa
File: l-ehjkba5MFL6bTBmw0p0je8kv0.roa (raw, json)
Hash identifier: SBj+lER6GA3nSUubC1AdXeW27xw7XEGQlpuymCAxj5w=
Subject key identifier: 97:E7:A1:8E:46:DA:E4:C1:4B:E9:B4:C1:9B:0D:29:D2:37:BC:92:FD
Certificate issuer: /CN=4a4ad03a0f592bb9c97c3052a690125d846415a4
Certificate serial: 0194228DF7C2A209368B5C558E88B4649FEE
Authority key identifier: 4A:4A:D0:3A:0F:59:2B:B9:C9:7C:30:52:A6:90:12:5D:84:64:15:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SkrQOg9ZK7nJfDBSppASXYRkFaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/l-ehjkba5MFL6bTBmw0p0je8kv0.roa
Signing time: Wed 01 Jan 2025 15:48:36 +0000
ROA not before: Wed 01 Jan 2025 15:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207782
IP address blocks: 45.11.200.0/24 maxlen: 24
45.11.202.0/24 maxlen: 24
45.11.203.0/24 maxlen: 24
45.81.100.0/24 maxlen: 24
45.81.101.0/24 maxlen: 24
45.81.102.0/24 maxlen: 24
45.81.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f7:c2:a2:09:36:8b:5c:55:8e:88:b4:64:9f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a4ad03a0f592bb9c97c3052a690125d846415a4
Validity
Not Before: Jan 1 15:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97e7a18e46dae4c14be9b4c19b0d29d237bc92fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e6:7b:a9:6b:70:a9:34:fb:a8:8f:54:f2:ad:
f1:ea:40:98:0e:61:b2:07:45:ac:88:4f:05:94:89:
2d:a8:85:b4:cb:91:c1:23:b7:14:e9:1e:49:3f:62:
d0:51:ce:20:3a:c2:71:f2:4d:ea:5b:68:33:14:84:
84:ab:56:03:83:a2:f6:d4:82:59:04:0c:ce:d8:85:
56:0c:71:10:8e:e1:c1:51:3c:64:c2:f8:dd:ab:c5:
b6:b9:fd:4a:da:57:6c:3b:73:f2:cf:2c:84:34:e8:
05:eb:4b:a9:01:58:fc:3d:a9:05:be:a8:a1:0a:3f:
c1:eb:41:53:e0:64:ff:e7:ec:63:7a:c0:a8:03:a0:
69:0c:79:1d:d7:9d:ed:56:e4:ab:69:bf:38:71:a7:
e6:ed:30:e4:3d:85:28:c5:40:c9:f7:f8:4d:9a:dc:
41:84:fc:d2:02:30:c2:5f:61:37:6c:48:d4:15:bf:
8b:74:34:41:9f:cf:59:60:b3:b4:f2:0c:72:5a:39:
37:77:f6:28:ee:e2:9e:2f:cc:cb:88:43:54:d3:ec:
0e:42:1f:f1:59:c9:d3:2c:9a:aa:d3:55:c1:1d:08:
19:32:94:b0:ae:67:a9:2d:6d:d6:ad:66:82:ae:86:
c2:92:c0:f6:7d:94:43:b5:e4:f9:d3:47:f2:2b:9c:
ff:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E7:A1:8E:46:DA:E4:C1:4B:E9:B4:C1:9B:0D:29:D2:37:BC:92:FD
X509v3 Authority Key Identifier:
keyid:4A:4A:D0:3A:0F:59:2B:B9:C9:7C:30:52:A6:90:12:5D:84:64:15:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SkrQOg9ZK7nJfDBSppASXYRkFaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/l-ehjkba5MFL6bTBmw0p0je8kv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/SkrQOg9ZK7nJfDBSppASXYRkFaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.200.0/24
45.11.202.0/23
45.81.100.0/22
Signature Algorithm: sha256WithRSAEncryption
31:59:28:38:cd:1e:36:90:9b:02:75:1e:c2:07:55:c4:97:3a:
40:5f:9a:44:7c:db:97:8e:ad:52:ba:ee:48:9f:ee:b3:a0:28:
70:98:b8:c2:4a:97:da:b0:be:c4:d1:b5:2e:43:e2:d4:bc:6f:
af:7c:dd:76:48:56:62:2d:ce:02:dd:4d:e5:80:d4:23:b3:ab:
be:51:59:86:34:9c:f7:8a:b9:9d:23:8b:13:6b:88:f4:0c:37:
77:63:09:d3:b1:56:5e:e5:70:d6:a5:14:4a:48:98:fe:a5:c8:
c8:6b:f8:ec:98:84:14:72:5d:9e:93:8b:19:b9:10:2c:88:be:
5a:4a:2c:3a:c5:d3:a1:e0:d8:f4:da:a1:c5:92:ef:b8:f7:89:
14:d3:ea:5f:41:c9:61:cc:d1:19:02:5d:dd:ff:f3:77:5b:39:
dd:b7:7b:90:57:a5:dc:ea:eb:c1:6f:ba:85:70:ca:df:83:0a:
49:7c:0a:a7:92:a5:03:2c:8b:31:07:41:dc:07:09:98:f1:61:
40:a3:b3:ee:22:52:94:48:2b:ce:5a:b2:1e:20:75:ef:d2:69:
96:9f:b0:fd:cc:22:f0:a2:66:80:8c:4e:3c:64:d2:df:80:d6:
14:e6:97:35:bb:ea:39:23:ab:43:98:c3:fa:c7:d7:c2:0b:79:
47:73:f1:61
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQijffCogk2i1xVjoi0ZJ/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNGFkMDNhMGY1OTJiYjljOTdjMzA1MmE2OTAxMjVkODQ2
NDE1YTQwHhcNMjUwMTAxMTU0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2U3YTE4ZTQ2ZGFlNGMxNGJlOWI0YzE5YjBkMjlkMjM3YmM5MmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+Z7qWtwqTT7qI9U8q3x6kCYDmGy
B0WsiE8FlIktqIW0y5HBI7cU6R5JP2LQUc4gOsJx8k3qW2gzFISEq1YDg6L21IJZ
BAzO2IVWDHEQjuHBUTxkwvjdq8W2uf1K2ldsO3PyzyyENOgF60upAVj8PakFvqih
Cj/B60FT4GT/5+xjesCoA6BpDHkd153tVuSrab84cafm7TDkPYUoxUDJ9/hNmtxB
hPzSAjDCX2E3bEjUFb+LdDRBn89ZYLO08gxyWjk3d/Yo7uKeL8zLiENU0+wOQh/x
WcnTLJqq01XBHQgZMpSwrmepLW3WrWaCrobCksD2fZRDteT500fyK5z/AQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJfnoY5G2uTBS+m0wZsNKdI3vJL9MB8GA1UdIwQY
MBaAFEpK0DoPWSu5yXwwUqaQEl2EZBWkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tyUU9nOVpLN25KZkRCU3BwQVNYWVJrRmFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xNjc5MDMtZjQyNi00YmYwLTkyMzMt
YTlhYzY2YmU0OGY3LzEvbC1laGprYmE1TUZMNmJUQm13MHAwamU4a3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xNjc5MDMtZjQyNi00YmYwLTkyMzMtYTlhYzY2YmU0OGY3
LzEvU2tyUU9nOVpLN25KZkRCU3BwQVNYWVJrRmFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQvIAwQB
LQvKAwQCLVFkMA0GCSqGSIb3DQEBCwUAA4IBAQAxWSg4zR42kJsCdR7CB1XElzpA
X5pEfNuXjq1Suu5In+6zoChwmLjCSpfasL7E0bUuQ+LUvG+vfN12SFZiLc4C3U3l
gNQjs6u+UVmGNJz3irmdI4sTa4j0DDd3YwnTsVZe5XDWpRRKSJj+pcjIa/jsmIQU
cl2ek4sZuRAsiL5aSiw6xdOh4Nj02qHFku+494kU0+pfQclhzNEZAl3d//N3Wznd
t3uQV6Xc6uvBb7qFcMrfgwpJfAqnkqUDLIsxB0HcBwmY8WFAo7PuIlKUSCvOWrIe
IHXv0mmWn7D9zCLwomaAjE48ZNLfgNYU5pc1u+o5I6tDmMP6x9fCC3lHc/Fh
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:58 2025 by rpki-client on console.sobornost.net