Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/kYtgnJnEt9bvUzwgi6iwlE4BUrM.roa
File: kYtgnJnEt9bvUzwgi6iwlE4BUrM.roa (raw, json)
Hash identifier: pzKsFa+87OlMRbV5hLa6zqcUD6c0LVukdW7piQ2lbUw=
Subject key identifier: 91:8B:60:9C:99:C4:B7:D6:EF:53:3C:20:8B:A8:B0:94:4E:01:52:B3
Certificate issuer: /CN=304e59a223f4bcb823492fb1096c3a82310c03da
Certificate serial: 019427B62502BAD6F7FD75C8E875FB1EF8C0
Authority key identifier: 30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/kYtgnJnEt9bvUzwgi6iwlE4BUrM.roa
Signing time: Thu 02 Jan 2025 15:50:35 +0000
ROA not before: Thu 02 Jan 2025 15:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42032
IP address blocks: 45.14.60.0/22 maxlen: 22
2a06:8a02::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:25:02:ba:d6:f7:fd:75:c8:e8:75:fb:1e:f8:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=304e59a223f4bcb823492fb1096c3a82310c03da
Validity
Not Before: Jan 2 15:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=918b609c99c4b7d6ef533c208ba8b0944e0152b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:80:41:18:8c:ec:13:59:58:7a:83:67:4a:4a:
bb:0e:b8:77:f1:d4:4a:bc:50:62:b4:b8:71:b1:dc:
c9:28:76:cc:46:6e:e6:98:79:43:14:57:0f:b5:34:
6b:b2:74:93:41:54:ba:ee:99:f0:36:54:de:ef:ad:
d6:38:17:98:15:80:fa:c7:f1:35:0f:30:f5:2b:13:
86:62:14:82:4b:3a:1f:3a:47:a1:dd:ac:92:aa:c7:
f5:3d:40:67:d2:12:2a:6a:f6:87:a0:18:c7:3c:f5:
61:f4:6e:11:9d:d0:f3:ec:f2:51:87:5d:0f:30:2d:
37:3b:78:45:fb:f1:79:1b:44:43:dc:fa:9a:38:ab:
ce:fe:36:0e:cf:60:ab:51:72:06:80:ba:df:c3:7d:
21:bf:c9:20:6d:82:6e:1f:88:cd:84:77:cc:a1:7a:
96:12:94:32:1a:cd:1a:1f:26:0a:aa:9e:76:ea:92:
d3:43:8c:be:9f:5b:24:23:92:69:c8:9a:eb:37:14:
75:b0:63:32:6e:2e:ef:95:21:9c:b8:9a:d4:34:ab:
a0:0a:41:3f:6f:14:b5:1b:0b:e1:e6:03:e8:02:90:
19:a6:70:dd:78:e3:fd:5c:d9:08:26:60:c1:52:6b:
78:e3:a6:ef:13:f8:07:53:d7:9a:a2:22:7a:53:33:
97:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:8B:60:9C:99:C4:B7:D6:EF:53:3C:20:8B:A8:B0:94:4E:01:52:B3
X509v3 Authority Key Identifier:
keyid:30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/kYtgnJnEt9bvUzwgi6iwlE4BUrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.60.0/22
IPv6:
2a06:8a02::/32
Signature Algorithm: sha256WithRSAEncryption
9e:1e:c9:5a:ae:15:8f:5d:ef:74:d1:60:1c:7e:03:6b:3a:27:
11:fe:ae:c1:cd:96:2e:85:34:7b:aa:8c:6f:dd:12:44:3a:68:
67:a8:6a:bf:63:93:d4:0a:de:01:12:10:fe:8b:1e:ce:e6:fe:
b0:40:d3:88:6f:e0:e4:24:e5:5e:74:8a:00:e7:ba:8a:fb:8f:
71:2b:2b:97:f8:83:cc:68:3d:74:bf:3b:be:71:73:9b:b3:1d:
a8:cf:59:6b:f6:5d:1a:a9:85:72:5a:f9:26:bc:88:61:63:98:
a7:a0:67:49:f3:f8:bd:ac:44:4a:b6:be:e6:7c:12:85:f1:1c:
8c:91:c2:8f:35:8f:09:61:d5:13:16:a6:fe:c9:2a:70:1c:bd:
bb:f1:23:b9:9b:89:ce:4e:da:7e:e2:7c:1c:08:08:99:9d:c5:
b9:5f:a4:00:df:ed:df:4d:1a:6e:33:f7:8e:eb:80:e6:e8:cc:
10:b2:a8:29:fe:e6:f7:6a:6a:70:31:2b:cf:cd:c6:1a:76:d3:
9b:32:ae:2b:81:6a:75:7c:c3:9c:9c:ac:6b:63:ff:f1:c3:9c:
00:50:e9:65:e4:ef:19:f8:08:d9:13:d7:4c:62:6f:e7:90:ae:
02:78:33:00:79:36:61:66:be:6a:08:b4:fd:5a:ae:91:78:61:
4d:78:39:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntiUCutb3/XXI6HX7HvjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNGU1OWEyMjNmNGJjYjgyMzQ5MmZiMTA5NmMzYTgyMzEw
YzAzZGEwHhcNMjUwMTAyMTU1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MThiNjA5Yzk5YzRiN2Q2ZWY1MzNjMjA4YmE4YjA5NDRlMDE1MmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYBBGIzsE1lYeoNnSkq7Drh38dRK
vFBitLhxsdzJKHbMRm7mmHlDFFcPtTRrsnSTQVS67pnwNlTe763WOBeYFYD6x/E1
DzD1KxOGYhSCSzofOkeh3aySqsf1PUBn0hIqavaHoBjHPPVh9G4RndDz7PJRh10P
MC03O3hF+/F5G0RD3PqaOKvO/jYOz2CrUXIGgLrfw30hv8kgbYJuH4jNhHfMoXqW
EpQyGs0aHyYKqp526pLTQ4y+n1skI5JpyJrrNxR1sGMybi7vlSGcuJrUNKugCkE/
bxS1Gwvh5gPoApAZpnDdeOP9XNkIJmDBUmt446bvE/gHU9eaoiJ6UzOX9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJGLYJyZxLfW71M8IIuosJROAVKzMB8GA1UdIwQY
MBaAFDBOWaIj9Ly4I0kvsQlsOoIxDAPaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTct
MzQ0Y2M1MDJmMWJkLzEva1l0Z25KbkV0OWJ2VXp3Z2k2aXdsRTRCVXJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTctMzQ0Y2M1MDJmMWJk
LzEvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQ48MA0E
AgACMAcDBQAqBooCMA0GCSqGSIb3DQEBCwUAA4IBAQCeHslarhWPXe900WAcfgNr
OicR/q7BzZYuhTR7qoxv3RJEOmhnqGq/Y5PUCt4BEhD+ix7O5v6wQNOIb+DkJOVe
dIoA57qK+49xKyuX+IPMaD10vzu+cXObsx2oz1lr9l0aqYVyWvkmvIhhY5inoGdJ
8/i9rERKtr7mfBKF8RyMkcKPNY8JYdUTFqb+ySpwHL278SO5m4nOTtp+4nwcCAiZ
ncW5X6QA3+3fTRpuM/eO64Dm6MwQsqgp/ub3ampwMSvPzcYadtObMq4rgWp1fMOc
nKxrY//xw5wAUOll5O8Z+AjZE9dMYm/nkK4CeDMAeTZhZr5qCLT9Wq6ReGFNeDnx
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:00 2025 by rpki-client on console.sobornost.net