Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/o4yUZzbKz_wfUkXyIRtz_sPdHfw.roa
File: o4yUZzbKz_wfUkXyIRtz_sPdHfw.roa (raw, json)
Hash identifier: BiVeXsHTenn/poTYlXrG4Bvxv5uxzXwbjeteQc7yW9U=
Subject key identifier: A3:8C:94:67:36:CA:CF:FC:1F:52:45:F2:21:1B:73:FE:C3:DD:1D:FC
Certificate issuer: /CN=1830e603e9ca8c05d4c1bc62b0b76e7bd9d18909
Certificate serial: 019425FC8CBDE4B07EC0F22A31C5B0F74DF3
Authority key identifier: 18:30:E6:03:E9:CA:8C:05:D4:C1:BC:62:B0:B7:6E:7B:D9:D1:89:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/o4yUZzbKz_wfUkXyIRtz_sPdHfw.roa
Signing time: Thu 02 Jan 2025 07:48:15 +0000
ROA not before: Thu 02 Jan 2025 07:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15466
IP address blocks: 45.150.28.0/22 maxlen: 22
45.150.28.0/24 maxlen: 24
45.150.29.0/24 maxlen: 24
45.150.30.0/24 maxlen: 24
45.150.31.0/24 maxlen: 24
217.169.224.0/20 maxlen: 20
217.169.224.0/24 maxlen: 24
217.169.225.0/24 maxlen: 24
217.169.226.0/24 maxlen: 24
217.169.227.0/24 maxlen: 24
217.169.228.0/24 maxlen: 24
217.169.229.0/24 maxlen: 24
217.169.230.0/24 maxlen: 24
217.169.231.0/24 maxlen: 24
217.169.232.0/24 maxlen: 24
217.169.233.0/24 maxlen: 24
217.169.234.0/24 maxlen: 24
217.169.235.0/24 maxlen: 24
217.169.236.0/24 maxlen: 24
217.169.237.0/24 maxlen: 24
217.169.238.0/24 maxlen: 24
217.169.239.0/24 maxlen: 24
2a04:8f80:2000::/36 maxlen: 36
2a04:8f80:2007::/48 maxlen: 48
2a04:8f80:2011::/48 maxlen: 48
2a04:8f80:2105::/48 maxlen: 48
2a04:8f80:2107::/48 maxlen: 48
2a04:8f80:2111::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:8c:bd:e4:b0:7e:c0:f2:2a:31:c5:b0:f7:4d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1830e603e9ca8c05d4c1bc62b0b76e7bd9d18909
Validity
Not Before: Jan 2 07:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a38c946736cacffc1f5245f2211b73fec3dd1dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:af:b2:16:bd:63:bb:54:50:46:7c:7f:ff:16:
14:d9:28:a8:7a:8c:ff:f4:34:e4:a1:45:b1:1d:04:
ea:55:7a:27:57:49:1c:fb:f8:5f:58:69:6f:39:6f:
37:be:52:ab:75:96:45:fc:af:1c:7d:ca:4e:12:cc:
56:d8:d2:9d:2c:20:00:ca:34:fd:4b:fd:be:ff:87:
75:d9:9b:45:40:8a:28:d7:c3:09:84:01:44:94:fd:
47:04:1a:63:d6:52:f2:02:df:77:f9:84:cc:82:d7:
60:5f:ab:a8:2d:66:8f:9b:d9:9f:e8:8e:3e:33:23:
d0:1c:be:3f:2b:ea:6c:ab:e3:72:cf:e5:9e:95:41:
d4:9d:05:84:56:78:25:33:18:42:8c:42:0e:a9:5c:
11:18:ee:fb:c9:a8:5a:22:b3:2b:0f:c7:20:96:6a:
1f:26:23:d4:04:49:38:bd:f3:50:f1:3f:a2:cb:ef:
7d:db:00:ec:5b:6e:8a:42:10:32:32:0e:5c:7f:a8:
6c:28:47:b0:4b:fe:73:68:2d:a0:ae:8b:34:ae:e3:
8a:27:80:fb:78:be:0c:41:c6:7b:3b:8c:a2:b4:a8:
ed:9a:00:ce:38:2c:51:0a:a2:fc:54:7c:a7:e3:a8:
a1:a8:be:76:ab:77:c2:c3:44:f1:f5:8f:09:1e:cf:
55:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8C:94:67:36:CA:CF:FC:1F:52:45:F2:21:1B:73:FE:C3:DD:1D:FC
X509v3 Authority Key Identifier:
keyid:18:30:E6:03:E9:CA:8C:05:D4:C1:BC:62:B0:B7:6E:7B:D9:D1:89:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/o4yUZzbKz_wfUkXyIRtz_sPdHfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.28.0/22
217.169.224.0/20
IPv6:
2a04:8f80:2000::/36
Signature Algorithm: sha256WithRSAEncryption
be:1e:5d:82:8c:46:f1:d7:b2:5f:e4:fc:36:43:1d:b0:18:a8:
8b:b1:58:8d:15:44:6f:57:1e:2d:8a:d0:06:ee:af:0a:95:4e:
e0:d9:a9:8d:d6:8a:af:ae:a7:7a:60:ca:71:4f:16:92:0c:a0:
43:87:da:03:f6:08:8e:f1:d4:fd:c7:28:41:56:c2:7a:03:0c:
bc:18:a3:44:6b:82:a4:dd:b7:89:6a:0d:12:83:e9:88:0b:58:
2a:6a:7d:a1:35:6f:c8:7e:5c:d1:67:c3:69:67:29:b5:75:09:
a0:e3:8e:be:9a:8d:3c:8a:37:25:91:4a:26:dd:46:6f:dd:a1:
4b:66:d0:80:57:73:aa:df:c4:72:a9:c0:dd:02:58:42:d8:01:
74:ce:8b:8f:92:0c:04:75:6a:b5:c9:22:d6:eb:c0:ae:45:9d:
97:07:3d:a1:93:cd:5f:16:4b:00:f4:91:d8:73:80:67:f1:da:
95:72:32:93:4d:3c:ad:80:1e:d8:43:d8:ae:83:2f:a4:2d:5a:
8d:c7:75:4c:28:02:76:4a:c8:7e:df:30:d7:32:da:4d:14:08:
c2:1c:fe:d7:ad:1a:89:bb:48:c3:6d:b8:a3:8c:c1:ab:1d:97:
f5:81:64:b6:39:3d:ee:76:ad:5b:80:e8:ad:37:4a:82:cc:b3:
a9:fa:d7:08
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQl/Iy95LB+wPIqMcWw903zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MzBlNjAzZTljYThjMDVkNGMxYmM2MmIwYjc2ZTdiZDlk
MTg5MDkwHhcNMjUwMTAyMDc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzhjOTQ2NzM2Y2FjZmZjMWY1MjQ1ZjIyMTFiNzNmZWMzZGQxZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4q+yFr1ju1RQRnx//xYU2Sioeoz/
9DTkoUWxHQTqVXonV0kc+/hfWGlvOW83vlKrdZZF/K8cfcpOEsxW2NKdLCAAyjT9
S/2+/4d12ZtFQIoo18MJhAFElP1HBBpj1lLyAt93+YTMgtdgX6uoLWaPm9mf6I4+
MyPQHL4/K+psq+Nyz+WelUHUnQWEVnglMxhCjEIOqVwRGO77yahaIrMrD8cglmof
JiPUBEk4vfNQ8T+iy+992wDsW26KQhAyMg5cf6hsKEewS/5zaC2gros0ruOKJ4D7
eL4MQcZ7O4yitKjtmgDOOCxRCqL8VHyn46ihqL52q3fCw0Tx9Y8JHs9VIwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKOMlGc2ys/8H1JF8iEbc/7D3R38MB8GA1UdIwQY
MBaAFBgw5gPpyowF1MG8YrC3bnvZ0YkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8yMTkxZDctZmRhMC00YjA3LThhOGYt
MTc4OWU2NGQzMjEwLzEvbzR5VVp6Ykt6X3dmVWtYeUlSdHpfc1BkSGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8yMTkxZDctZmRhMC00YjA3LThhOGYtMTc4OWU2NGQzMjEw
LzEvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCLZYcAwQE
2angMA4EAgACMAgDBgQqBI+AIDANBgkqhkiG9w0BAQsFAAOCAQEAvh5dgoxG8dey
X+T8NkMdsBioi7FYjRVEb1ceLYrQBu6vCpVO4NmpjdaKr66nemDKcU8WkgygQ4fa
A/YIjvHU/ccoQVbCegMMvBijRGuCpN23iWoNEoPpiAtYKmp9oTVvyH5c0WfDaWcp
tXUJoOOOvpqNPIo3JZFKJt1Gb92hS2bQgFdzqt/EcqnA3QJYQtgBdM6Lj5IMBHVq
tcki1uvArkWdlwc9oZPNXxZLAPSR2HOAZ/HalXIyk008rYAe2EPYroMvpC1ajcd1
TCgCdkrIft8w1zLaTRQIwhz+160aibtIw224o4zBqx2X9YFktjk97natW4DorTdK
gsyzqfrXCA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:58 2025 by rpki-client on console.sobornost.net