Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/I-aNNYTyAuN1OPn_fraC4znA_R0.roa
File: I-aNNYTyAuN1OPn_fraC4znA_R0.roa (raw, json)
Hash identifier: 7RI6xnS3LhT7DAfUQN8iG2vxZJyE8Si58lqfelc7Ygk=
Subject key identifier: 23:E6:8D:35:84:F2:02:E3:75:38:F9:FF:7E:B6:82:E3:39:C0:FD:1D
Certificate issuer: /CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5
Certificate serial: 019426D9E4DF294A199D8B7D8259C4B89E2A
Authority key identifier: 41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/I-aNNYTyAuN1OPn_fraC4znA_R0.roa
Signing time: Thu 02 Jan 2025 11:50:01 +0000
ROA not before: Thu 02 Jan 2025 11:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 45.132.3.0/24 maxlen: 24
89.106.204.0/24 maxlen: 24
195.128.162.0/24 maxlen: 24
195.128.178.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e4:df:29:4a:19:9d:8b:7d:82:59:c4:b8:9e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5
Validity
Not Before: Jan 2 11:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23e68d3584f202e37538f9ff7eb682e339c0fd1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:82:2f:1e:b8:b5:97:d6:38:c0:84:2a:8d:0f:
43:ac:a0:e7:1f:d2:77:86:c3:c8:aa:b9:2d:9f:ce:
8e:d4:e1:83:d4:17:d2:5b:f5:3e:f1:a9:2e:72:2a:
f9:f0:e0:bc:53:d7:ae:3f:df:c4:50:67:da:9d:15:
ec:ab:a2:e6:c8:c6:49:64:f0:e8:3c:e6:50:8e:a5:
58:50:72:43:f6:e3:ad:b8:79:52:76:fd:48:8c:75:
fc:40:9f:66:f5:13:ad:23:a7:ed:c5:32:f2:76:e8:
18:80:4f:96:24:92:ec:74:b7:17:d0:8a:ac:02:94:
5d:c2:b8:fe:23:1f:97:0b:d1:ad:23:8e:4d:e5:31:
f7:6d:d3:bf:a2:07:27:f1:ad:0b:37:e6:78:a8:17:
d0:1a:95:5b:f5:9c:b6:b4:18:e2:d1:01:da:9d:7a:
53:7f:5e:18:81:e0:9a:96:e4:93:16:db:59:20:1c:
e5:d3:68:0a:66:82:75:9e:f6:67:e4:42:f9:9a:07:
20:af:7e:19:85:e7:f8:c5:22:cd:37:48:64:94:27:
17:1e:7c:a1:9b:43:5b:2e:58:af:b1:a1:66:cf:7d:
7e:a7:50:0e:53:17:23:5d:11:ce:11:d1:3f:10:05:
5c:98:1a:84:88:0c:e2:6a:b3:e9:c1:15:a5:e0:fc:
ff:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E6:8D:35:84:F2:02:E3:75:38:F9:FF:7E:B6:82:E3:39:C0:FD:1D
X509v3 Authority Key Identifier:
keyid:41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/I-aNNYTyAuN1OPn_fraC4znA_R0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/QZYjDljezAy8-xX1aqZN7dHzifU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.3.0/24
89.106.204.0/24
195.128.162.0/24
195.128.178.0/24
Signature Algorithm: sha256WithRSAEncryption
34:4d:ae:93:04:2f:f4:5f:0a:f3:62:8d:11:24:8a:b7:08:b5:
10:dd:e8:bb:5d:46:eb:69:94:a2:32:4f:68:11:fb:c4:3f:0e:
1b:8c:41:39:80:51:94:ef:13:b1:18:f8:13:1d:3b:16:db:51:
1b:9f:90:ba:5f:fb:71:00:d3:9e:1d:9b:8a:2c:0f:04:be:bd:
80:8e:b8:99:4a:ff:0a:c0:42:19:38:71:9c:16:52:d8:93:2e:
5e:64:cb:9d:8d:b5:b2:1c:95:8d:a4:1f:60:64:cc:6b:5a:07:
f1:01:23:a5:ef:83:e5:7d:b5:4d:28:34:6c:54:11:1a:20:65:
70:39:26:fc:d7:07:6a:8d:f2:d3:b1:83:e7:5b:67:5a:e8:7d:
2c:2e:f0:78:38:b7:3e:1c:53:03:08:28:b0:8a:53:85:12:0f:
a9:b8:d8:6b:77:c6:7b:28:39:2a:75:d9:5e:0d:a2:d7:a2:d1:
4d:d5:f6:83:25:c8:2d:eb:0d:eb:17:eb:97:94:88:84:e3:08:
94:51:5c:1b:52:15:d3:6a:fb:56:fb:12:42:b3:ee:7e:2a:87:
2e:a4:f7:bd:e2:30:77:c3:72:48:4a:ae:23:af:d7:8d:6c:8c:
a4:0d:4c:4e:81:83:61:1b:fc:fd:ad:4a:d3:96:e0:4b:7b:8b:
6c:8d:65:ef
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQm2eTfKUoZnYt9glnEuJ4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxOTYyMzBlNThkZWNjMGNiY2ZiMTVmNTZhYTY0ZGVkZDFm
Mzg5ZjUwHhcNMjUwMTAyMTE1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2U2OGQzNTg0ZjIwMmUzNzUzOGY5ZmY3ZWI2ODJlMzM5YzBmZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YIvHri1l9Y4wIQqjQ9DrKDnH9J3
hsPIqrktn86O1OGD1BfSW/U+8akucir58OC8U9euP9/EUGfanRXsq6LmyMZJZPDo
POZQjqVYUHJD9uOtuHlSdv1IjHX8QJ9m9ROtI6ftxTLydugYgE+WJJLsdLcX0Iqs
ApRdwrj+Ix+XC9GtI45N5TH3bdO/ogcn8a0LN+Z4qBfQGpVb9Zy2tBji0QHanXpT
f14YgeCaluSTFttZIBzl02gKZoJ1nvZn5EL5mgcgr34Zhef4xSLNN0hklCcXHnyh
m0NbLlivsaFmz31+p1AOUxcjXRHOEdE/EAVcmBqEiAziarPpwRWl4Pz/sQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCPmjTWE8gLjdTj5/362guM5wP0dMB8GA1UdIwQY
MBaAFEGWIw5Y3swMvPsV9WqmTe3R84n1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQt
MmJlZmZmZDU3ZmI3LzEvSS1hTk5ZVHlBdU4xT1BuX2ZyYUM0em5BX1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQtMmJlZmZmZDU3ZmI3
LzEvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYQDAwQA
WWrMAwQAw4CiAwQAw4CyMA0GCSqGSIb3DQEBCwUAA4IBAQA0Ta6TBC/0XwrzYo0R
JIq3CLUQ3ei7XUbraZSiMk9oEfvEPw4bjEE5gFGU7xOxGPgTHTsW21Ebn5C6X/tx
ANOeHZuKLA8Evr2AjriZSv8KwEIZOHGcFlLYky5eZMudjbWyHJWNpB9gZMxrWgfx
ASOl74PlfbVNKDRsVBEaIGVwOSb81wdqjfLTsYPnW2da6H0sLvB4OLc+HFMDCCiw
ilOFEg+puNhrd8Z7KDkqddleDaLXotFN1faDJcgt6w3rF+uXlIiE4wiUUVwbUhXT
avtW+xJCs+5+KocupPe94jB3w3JISq4jr9eNbIykDUxOgYNhG/z9rUrTluBLe4ts
jWXv
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:13:38 2025 by rpki-client on console.sobornost.net