Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/6714f1-c3d6-4875-a36a-37e80dab9302/1/fmBFsCOY8wvMOtR-jKvLQMum5_0.roa
File: fmBFsCOY8wvMOtR-jKvLQMum5_0.roa (raw, json)
Hash identifier: kzuCQQjwC1Ap3ti7t1BdvWP5qftA/XDqgni5OIWKvTU=
Subject key identifier: 7E:60:45:B0:23:98:F3:0B:CC:3A:D4:7E:8C:AB:CB:40:CB:A6:E7:FD
Certificate issuer: /CN=cd02d077485a15e8a254a49edd994d4fc2a908a6
Certificate serial: 0193E49BDCA620F3F172E5C584EC11A5DB9E
Authority key identifier: CD:02:D0:77:48:5A:15:E8:A2:54:A4:9E:DD:99:4D:4F:C2:A9:08:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQLQd0haFeiiVKSe3ZlNT8KpCKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/6714f1-c3d6-4875-a36a-37e80dab9302/1/fmBFsCOY8wvMOtR-jKvLQMum5_0.roa
Signing time: Fri 20 Dec 2024 15:07:19 +0000
ROA not before: Fri 20 Dec 2024 15:07:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206014
IP address blocks: 45.13.156.0/24 maxlen: 24
2a00:6420:ff00::/40 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e4:9b:dc:a6:20:f3:f1:72:e5:c5:84:ec:11:a5:db:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd02d077485a15e8a254a49edd994d4fc2a908a6
Validity
Not Before: Dec 20 15:07:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e6045b02398f30bcc3ad47e8cabcb40cba6e7fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:53:0e:9e:9d:ae:25:27:bb:0a:c6:86:b7:06:
ea:f4:e8:92:5f:84:ad:31:4a:21:e1:74:a5:34:97:
96:15:83:b9:b1:4d:ff:4d:b7:06:a0:8b:34:9b:0d:
5b:54:94:b0:56:64:26:94:18:0b:af:6b:18:2c:dd:
b7:28:40:01:4a:d7:14:da:6b:e2:89:a8:dd:39:ae:
b1:63:0c:1b:51:ea:13:d1:0d:3a:59:82:4f:91:e4:
3f:99:f5:73:10:4f:95:bc:96:98:0c:33:71:3e:8a:
26:13:8c:10:c1:6c:46:7c:c7:96:44:e8:e2:e2:cd:
45:31:a5:21:25:b4:89:8e:04:31:d0:5a:34:57:c5:
50:3d:df:05:ad:dc:19:60:e4:84:9a:b1:ce:3b:2a:
5b:c7:d1:3f:40:50:a3:9a:34:eb:18:77:ee:6d:58:
5d:bd:bf:02:a7:8c:35:d8:3d:21:cf:bc:ed:15:89:
44:01:a5:8d:89:7f:5d:9a:9d:c2:30:5c:4c:c5:41:
24:48:fe:fb:e1:86:e6:b1:db:50:9a:b9:b2:c3:90:
11:98:f2:2d:82:05:a3:11:06:9f:21:19:34:ae:fb:
52:11:b2:85:9e:0a:a4:0b:7a:80:d2:ed:20:40:ba:
9c:a4:08:17:54:5b:04:f1:a3:19:f1:09:50:e4:f6:
3c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:60:45:B0:23:98:F3:0B:CC:3A:D4:7E:8C:AB:CB:40:CB:A6:E7:FD
X509v3 Authority Key Identifier:
keyid:CD:02:D0:77:48:5A:15:E8:A2:54:A4:9E:DD:99:4D:4F:C2:A9:08:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQLQd0haFeiiVKSe3ZlNT8KpCKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6714f1-c3d6-4875-a36a-37e80dab9302/1/fmBFsCOY8wvMOtR-jKvLQMum5_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6714f1-c3d6-4875-a36a-37e80dab9302/1/zQLQd0haFeiiVKSe3ZlNT8KpCKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.156.0/24
IPv6:
2a00:6420:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
40:eb:eb:7d:f9:f1:5b:b4:f5:56:3d:82:1a:2a:ed:25:c7:73:
e8:65:34:d8:ee:0b:10:25:02:ed:49:b7:f4:52:f3:ba:2d:55:
aa:37:7c:f0:96:9b:1d:d2:73:3d:60:ea:96:7d:f2:9b:b9:ab:
29:fe:08:06:d1:af:5c:11:0f:87:7d:54:3e:ba:ea:8b:08:27:
44:2a:1c:65:4c:01:88:95:17:c8:c8:54:15:b8:c4:1e:97:01:
f2:f0:5d:06:b6:65:d7:4a:91:0e:aa:bb:4a:aa:c2:50:fb:a1:
54:a7:80:52:70:26:b5:0e:ae:12:8f:8a:c3:76:76:30:ab:c7:
b3:d4:68:8d:74:c7:08:24:a5:99:fa:c8:8c:94:ee:f3:69:a8:
f1:ba:f3:53:0b:4a:b9:9b:b1:ae:2f:4e:96:22:b6:c4:79:04:
ff:73:17:de:38:54:38:83:a9:56:34:81:4e:be:de:a3:3c:83:
b5:ed:d8:d4:a4:3c:3c:9f:a4:de:f7:dc:4c:01:72:ff:00:8f:
bc:2e:1a:41:39:05:6b:7d:b9:56:ca:df:35:c9:a9:fb:7f:a0:
ac:40:f2:e2:40:f7:b4:22:e9:19:27:2f:e8:0e:b4:9a:0b:d1:
b0:b3:b2:a5:d2:b3:3a:35:6c:50:34:3c:8b:ea:ba:9c:db:7d:
05:2e:59:26
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZPkm9ymIPPxcuXFhOwRpdueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMDJkMDc3NDg1YTE1ZThhMjU0YTQ5ZWRkOTk0ZDRmYzJh
OTA4YTYwHhcNMjQxMjIwMTUwNzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTYwNDViMDIzOThmMzBiY2MzYWQ0N2U4Y2FiY2I0MGNiYTZlN2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVMOnp2uJSe7CsaGtwbq9OiSX4St
MUoh4XSlNJeWFYO5sU3/TbcGoIs0mw1bVJSwVmQmlBgLr2sYLN23KEABStcU2mvi
iajdOa6xYwwbUeoT0Q06WYJPkeQ/mfVzEE+VvJaYDDNxPoomE4wQwWxGfMeWROji
4s1FMaUhJbSJjgQx0Fo0V8VQPd8FrdwZYOSEmrHOOypbx9E/QFCjmjTrGHfubVhd
vb8Cp4w12D0hz7ztFYlEAaWNiX9dmp3CMFxMxUEkSP774YbmsdtQmrmyw5ARmPIt
ggWjEQafIRk0rvtSEbKFngqkC3qA0u0gQLqcpAgXVFsE8aMZ8QlQ5PY8SQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFH5gRbAjmPMLzDrUfoyry0DLpuf9MB8GA1UdIwQY
MBaAFM0C0HdIWhXoolSknt2ZTU/CqQimMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelFMUWQwaGFGZWlpVktTZTNabE5UOEtwQ0tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS82NzE0ZjEtYzNkNi00ODc1LWEzNmEt
MzdlODBkYWI5MzAyLzEvZm1CRnNDT1k4d3ZNT3RSLWpLdkxRTXVtNV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS82NzE0ZjEtYzNkNi00ODc1LWEzNmEtMzdlODBkYWI5MzAy
LzEvelFMUWQwaGFGZWlpVktTZTNabE5UOEtwQ0tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQALQ2cMA4E
AgACMAgDBgAqAGQg/zANBgkqhkiG9w0BAQsFAAOCAQEAQOvrffnxW7T1Vj2CGirt
Jcdz6GU02O4LECUC7Um39FLzui1Vqjd88JabHdJzPWDqln3ym7mrKf4IBtGvXBEP
h31UPrrqiwgnRCocZUwBiJUXyMhUFbjEHpcB8vBdBrZl10qRDqq7SqrCUPuhVKeA
UnAmtQ6uEo+Kw3Z2MKvHs9RojXTHCCSlmfrIjJTu82mo8brzUwtKuZuxri9OliK2
xHkE/3MX3jhUOIOpVjSBTr7eozyDte3Y1KQ8PJ+k3vfcTAFy/wCPvC4aQTkFa325
VsrfNcmp+3+grEDy4kD3tCLpGScv6A60mgvRsLOypdKzOjVsUDQ8i+q6nNt9BS5Z
Jg==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:51 2024 by rpki-client on console.sobornost.net