Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/xYEQMDtud0ldRy5RnoaHTXCkHzQ.roa
File: xYEQMDtud0ldRy5RnoaHTXCkHzQ.roa (raw, json)
Hash identifier: 6ajqkJ7APWGzI98xN5aw+rOCIWaTMdbchCCuX8jNGJw=
Subject key identifier: C5:81:10:30:3B:6E:77:49:5D:47:2E:51:9E:86:87:4D:70:A4:1F:34
Certificate issuer: /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial: 0194236982EBDB4755D7059F7882802D78D8
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/xYEQMDtud0ldRy5RnoaHTXCkHzQ.roa
Signing time: Wed 01 Jan 2025 19:48:24 +0000
ROA not before: Wed 01 Jan 2025 19:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44854
IP address blocks: 45.113.237.0/24 maxlen: 24
93.114.180.0/23 maxlen: 24
2a10:e300:26::/48 maxlen: 48
2a10:e300:27::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:82:eb:db:47:55:d7:05:9f:78:82:80:2d:78:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Validity
Not Before: Jan 1 19:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c58110303b6e77495d472e519e86874d70a41f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d3:1d:cf:24:f2:8c:fe:c8:e9:07:0e:d2:d9:
a0:39:3f:e0:29:39:8a:a4:50:68:18:f6:38:17:01:
29:15:9f:cc:e9:9a:93:4b:0d:ee:22:a8:dd:50:4c:
27:18:9a:ba:5a:0f:3e:08:a2:6b:66:21:5f:03:95:
bf:1c:ec:bb:1b:76:e1:c1:a5:26:bf:fa:74:56:6d:
08:6b:c1:cd:9b:78:f5:23:23:1b:71:3a:35:d4:85:
07:02:fd:7b:4e:78:03:f6:ae:46:5a:5c:08:81:c0:
66:0c:57:1c:96:e7:28:4b:1f:0a:1d:36:d1:ea:ba:
67:a1:e6:ca:00:19:f1:b8:ed:ce:0c:8c:56:56:fb:
5c:3a:c6:7d:83:ad:27:78:13:10:64:9d:3d:45:b8:
3d:37:0c:53:f9:ba:40:dc:f5:d0:84:ca:81:2a:33:
d5:9e:2d:84:1e:94:4d:f1:bc:37:5c:85:37:db:29:
c9:d0:d6:80:5a:bc:5c:36:f3:99:ea:2d:b1:ff:d2:
58:41:25:ca:ef:76:76:4e:b7:74:3b:12:6d:c2:dd:
61:b7:99:e4:0d:09:07:93:2c:15:fd:17:78:fe:eb:
bb:c3:67:94:8c:2d:28:94:c1:c6:78:9c:eb:c9:a8:
5f:34:48:3e:85:3b:b5:f5:b1:b1:26:7b:ef:90:4b:
45:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:81:10:30:3B:6E:77:49:5D:47:2E:51:9E:86:87:4D:70:A4:1F:34
X509v3 Authority Key Identifier:
keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/xYEQMDtud0ldRy5RnoaHTXCkHzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.113.237.0/24
93.114.180.0/23
IPv6:
2a10:e300:26::/47
Signature Algorithm: sha256WithRSAEncryption
c1:11:d3:ef:0d:7a:97:4b:62:15:55:5d:f0:24:02:48:dc:9d:
8e:32:d2:e9:eb:7d:3d:de:7d:ae:32:6a:fe:5b:d7:fa:b1:8c:
30:e1:f2:5f:6f:8f:d1:e5:78:65:d8:d8:ee:4c:4b:d7:f9:31:
fd:1d:a2:4f:86:a0:de:47:9f:8a:95:7a:9d:0b:f4:f6:62:45:
40:cd:fd:41:3b:bb:bd:fa:4c:7c:78:da:e3:45:ca:36:70:85:
08:11:a4:c6:52:52:4a:f1:1a:6e:d1:b8:b7:3d:d7:7b:1e:b3:
1e:b3:62:aa:f5:1a:ee:d1:a5:3e:8c:1d:dd:d0:d7:49:e0:64:
75:68:73:1d:3a:84:6b:3b:bd:ce:34:08:47:80:25:ec:84:ea:
98:84:1e:5f:29:1f:5e:5f:c2:1e:cd:97:b7:a3:ea:f0:16:10:
cc:43:d7:fa:e4:31:d5:37:0b:97:2c:f0:4a:18:8d:40:e6:08:
a1:52:4e:b1:21:19:3e:20:40:66:b8:aa:a7:06:2d:fa:e9:18:
1b:01:68:20:fa:57:6a:27:c7:f3:af:2e:72:97:4c:5e:b6:86:
b3:40:27:2c:25:13:9a:e9:14:c4:50:eb:12:f1:c2:77:c2:eb:
d3:fe:e4:21:1b:6c:82:52:52:10:0e:a7:8e:94:0c:0a:2b:89:
07:f7:64:71
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQjaYLr20dV1wWfeIKALXjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTJiNWRhNGI0ZmZlYWY3MjA2NDk1MThmYmFhYTEwYzVj
YjI4MTEwHhcNMjUwMTAxMTk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTgxMTAzMDNiNmU3NzQ5NWQ0NzJlNTE5ZTg2ODc0ZDcwYTQxZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptMdzyTyjP7I6QcO0tmgOT/gKTmK
pFBoGPY4FwEpFZ/M6ZqTSw3uIqjdUEwnGJq6Wg8+CKJrZiFfA5W/HOy7G3bhwaUm
v/p0Vm0Ia8HNm3j1IyMbcTo11IUHAv17TngD9q5GWlwIgcBmDFcclucoSx8KHTbR
6rpnoebKABnxuO3ODIxWVvtcOsZ9g60neBMQZJ09Rbg9NwxT+bpA3PXQhMqBKjPV
ni2EHpRN8bw3XIU32ynJ0NaAWrxcNvOZ6i2x/9JYQSXK73Z2Trd0OxJtwt1ht5nk
DQkHkywV/Rd4/uu7w2eUjC0olMHGeJzryahfNEg+hTu19bGxJnvvkEtFYQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMWBEDA7bndJXUcuUZ6Gh01wpB80MB8GA1UdIwQY
MBaAFEKStdpLT/6vcgZJUY+6qhDFyygRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3Yzct
YTA0M2UxYjY3Yjk0LzEveFlFUU1EdHVkMGxkUnk1Um5vYUhUWENrSHpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3YzctYTA0M2UxYjY3Yjk0
LzEvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALXHtAwQB
XXK0MA8EAgACMAkDBwEqEOMAACYwDQYJKoZIhvcNAQELBQADggEBAMER0+8NepdL
YhVVXfAkAkjcnY4y0unrfT3efa4yav5b1/qxjDDh8l9vj9HleGXY2O5MS9f5Mf0d
ok+GoN5Hn4qVep0L9PZiRUDN/UE7u736THx42uNFyjZwhQgRpMZSUkrxGm7RuLc9
13sesx6zYqr1Gu7RpT6MHd3Q10ngZHVocx06hGs7vc40CEeAJeyE6piEHl8pH15f
wh7Nl7ej6vAWEMxD1/rkMdU3C5cs8EoYjUDmCKFSTrEhGT4gQGa4qqcGLfrpGBsB
aCD6V2onx/OvLnKXTF62hrNAJywlE5rpFMRQ6xLxwnfC69P+5CEbbIJSUhAOp46U
DAoriQf3ZHE=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:12 2025 by rpki-client on console.sobornost.net