Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/20jWiNa9lpRbt6Z9H39OkMSzDj0.roa
File: 20jWiNa9lpRbt6Z9H39OkMSzDj0.roa (raw, json)
Hash identifier: ycgKPEXuVp6S/jba9lnIlg52vzn3ozObwHjih623JU0=
Subject key identifier: DB:48:D6:88:D6:BD:96:94:5B:B7:A6:7D:1F:7F:4E:90:C4:B3:0E:3D
Certificate issuer: /CN=b9032bdb128c86e00b21c77959a8011c40d0650c
Certificate serial: 01941F8C705603EB637294959E72C88FC402
Authority key identifier: B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/20jWiNa9lpRbt6Z9H39OkMSzDj0.roa
Signing time: Wed 01 Jan 2025 01:48:04 +0000
ROA not before: Wed 01 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211878
IP address blocks: 45.152.88.0/22 maxlen: 24
2a0f:5100::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:70:56:03:eb:63:72:94:95:9e:72:c8:8f:c4:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9032bdb128c86e00b21c77959a8011c40d0650c
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db48d688d6bd96945bb7a67d1f7f4e90c4b30e3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:99:fd:64:98:d3:cd:b6:79:0e:88:00:d3:c3:
47:8a:e0:9d:74:8c:4a:34:cd:19:02:f5:ea:e4:aa:
bf:13:f2:55:5f:41:82:79:30:fc:14:22:9f:c8:b1:
80:6b:39:ba:aa:9e:f3:c8:ac:a5:e0:33:10:a9:6a:
86:35:9e:f1:7d:cb:f9:ad:dc:b2:c9:6b:48:af:5d:
1f:d3:56:96:df:0e:c8:bc:a5:50:83:a2:7e:ed:09:
36:e6:58:ba:d8:e0:1d:e7:a1:5b:f5:12:04:90:02:
fa:57:0d:76:51:5a:3f:fb:fb:52:d1:6b:3f:89:f2:
ac:ac:cc:71:78:0e:db:13:11:6d:b0:47:91:c2:d4:
4e:3e:65:29:1c:ab:f0:f8:90:65:01:e2:86:b8:3d:
bf:12:28:30:99:04:a3:dc:9e:13:3a:79:99:43:41:
14:2e:f0:6d:b6:5f:ba:9e:3c:7c:91:44:da:59:35:
2b:9b:38:c1:41:3f:c7:f8:f5:ca:0a:3c:2c:23:cd:
0e:a6:79:92:d1:30:1f:c5:66:db:71:b7:18:29:28:
45:7b:3f:85:45:3a:95:30:e4:e7:f8:5c:5b:b4:2e:
87:f0:10:9c:8f:56:dc:0f:3c:7c:7e:c9:5e:51:fa:
40:19:2b:b8:be:51:7d:c4:64:23:66:28:af:3b:fa:
f9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:48:D6:88:D6:BD:96:94:5B:B7:A6:7D:1F:7F:4E:90:C4:B3:0E:3D
X509v3 Authority Key Identifier:
keyid:B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/20jWiNa9lpRbt6Z9H39OkMSzDj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/uQMr2xKMhuALIcd5WagBHEDQZQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.88.0/22
IPv6:
2a0f:5100::/29
Signature Algorithm: sha256WithRSAEncryption
c4:67:fc:d4:95:1c:51:cc:19:39:41:1e:7f:8b:07:3d:63:9a:
69:e7:3e:5c:c2:d7:ed:ff:0a:35:13:4e:55:f4:d0:6b:a2:4a:
a6:f4:f2:b2:e8:0f:b3:25:d2:c7:9a:30:93:2b:4f:0f:40:b0:
eb:71:3f:cd:d4:74:6f:e4:2f:c5:35:d1:55:01:b7:2f:77:de:
a5:c1:69:e8:c1:99:c3:3e:16:92:5a:96:84:12:33:c3:e5:ba:
d9:7b:8f:6a:3f:83:a6:f9:27:d0:f3:e7:5e:fd:1a:b9:ae:91:
07:95:19:ad:48:43:c6:17:53:91:74:be:95:10:6d:88:da:0d:
88:d0:2e:96:93:5c:6f:b6:f6:79:b1:47:c4:d7:bc:d7:31:56:
3a:75:8c:27:ca:37:71:52:52:c8:6e:20:a2:01:77:f6:84:aa:
1a:02:bc:70:80:fc:9a:e4:cf:db:b8:f8:2a:52:3a:a5:6b:45:
a0:76:c3:bf:61:ff:69:1b:f2:47:6a:e4:3a:2b:60:8b:36:32:
f6:eb:99:ce:f9:d9:40:82:e0:56:94:83:24:a2:ce:2f:4b:35:
c6:7f:43:ea:6a:36:1a:65:06:ee:0f:be:b5:b7:ac:c5:57:5b:
d1:77:f4:d9:1e:00:27:7f:d5:52:8b:a5:95:2c:85:0f:09:23:
1a:aa:49:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjHBWA+tjcpSVnnLIj8QCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MDMyYmRiMTI4Yzg2ZTAwYjIxYzc3OTU5YTgwMTFjNDBk
MDY1MGMwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQ4ZDY4OGQ2YmQ5Njk0NWJiN2E2N2QxZjdmNGU5MGM0YjMwZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZn9ZJjTzbZ5DogA08NHiuCddIxK
NM0ZAvXq5Kq/E/JVX0GCeTD8FCKfyLGAazm6qp7zyKyl4DMQqWqGNZ7xfcv5rdyy
yWtIr10f01aW3w7IvKVQg6J+7Qk25li62OAd56Fb9RIEkAL6Vw12UVo/+/tS0Ws/
ifKsrMxxeA7bExFtsEeRwtROPmUpHKvw+JBlAeKGuD2/EigwmQSj3J4TOnmZQ0EU
LvBttl+6njx8kUTaWTUrmzjBQT/H+PXKCjwsI80OpnmS0TAfxWbbcbcYKShFez+F
RTqVMOTn+FxbtC6H8BCcj1bcDzx8fsleUfpAGSu4vlF9xGQjZiivO/r58QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNtI1ojWvZaUW7emfR9/TpDEsw49MB8GA1UdIwQY
MBaAFLkDK9sSjIbgCyHHeVmoARxA0GUMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVFNcjJ4S01odUFMSWNkNVdhZ0JIRURRWlF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iY2IwM2QtMWMxMS00NTE2LWE4OGYt
ZmU4NDZmNzVkMTcwLzEvMjBqV2lOYTlscFJidDZaOUgzOU9rTVN6RGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iY2IwM2QtMWMxMS00NTE2LWE4OGYtZmU4NDZmNzVkMTcw
LzEvdVFNcjJ4S01odUFMSWNkNVdhZ0JIRURRWlF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZhYMA0E
AgACMAcDBQMqD1EAMA0GCSqGSIb3DQEBCwUAA4IBAQDEZ/zUlRxRzBk5QR5/iwc9
Y5pp5z5cwtft/wo1E05V9NBrokqm9PKy6A+zJdLHmjCTK08PQLDrcT/N1HRv5C/F
NdFVAbcvd96lwWnowZnDPhaSWpaEEjPD5brZe49qP4Om+SfQ8+de/Rq5rpEHlRmt
SEPGF1ORdL6VEG2I2g2I0C6Wk1xvtvZ5sUfE17zXMVY6dYwnyjdxUlLIbiCiAXf2
hKoaArxwgPya5M/buPgqUjqla0WgdsO/Yf9pG/JHauQ6K2CLNjL265nO+dlAguBW
lIMkos4vSzXGf0PqajYaZQbuD761t6zFV1vRd/TZHgAnf9VSi6WVLIUPCSMaqkmL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:56 2025 by rpki-client on console.sobornost.net