Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/mab9pSsP0hPfmw5pFW9oVdvDO3s.roa
File: mab9pSsP0hPfmw5pFW9oVdvDO3s.roa (raw, json)
Hash identifier: QMgbTzBaUnDZaZXtIzkU3/zhP2tD7XocJ5teoU1UGow=
Subject key identifier: 99:A6:FD:A5:2B:0F:D2:13:DF:9B:0E:69:15:6F:68:55:DB:C3:3B:7B
Certificate issuer: /CN=f8ad110d39e95b542df8d2071d9245469a1b9f42
Certificate serial: 019422FC07F3B690D7380AE5FE23EE32D3A8
Authority key identifier: F8:AD:11:0D:39:E9:5B:54:2D:F8:D2:07:1D:92:45:46:9A:1B:9F:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/mab9pSsP0hPfmw5pFW9oVdvDO3s.roa
Signing time: Wed 01 Jan 2025 17:48:49 +0000
ROA not before: Wed 01 Jan 2025 17:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208920
IP address blocks: 45.130.108.0/22 maxlen: 22
85.116.136.0/22 maxlen: 22
185.126.204.0/22 maxlen: 22
2a06:c100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:07:f3:b6:90:d7:38:0a:e5:fe:23:ee:32:d3:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8ad110d39e95b542df8d2071d9245469a1b9f42
Validity
Not Before: Jan 1 17:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99a6fda52b0fd213df9b0e69156f6855dbc33b7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:86:02:a9:57:f4:3f:a8:36:f5:31:84:ff:ce:
bc:f5:69:30:b2:65:e1:a9:60:4c:5d:eb:c8:eb:af:
2e:b7:b7:a1:6b:44:fe:ad:af:7b:52:9f:42:6e:cf:
45:f0:da:ea:f1:b1:0e:ac:f9:57:ae:5f:93:bf:37:
ac:dc:b6:f0:e2:5d:ba:ff:51:2b:06:c3:48:28:41:
41:c3:c9:c4:2e:5b:3e:46:b3:5a:12:18:ad:6a:7f:
b6:4d:c1:04:e4:9c:fb:dc:62:bb:cc:98:f8:07:7f:
bf:a7:f8:ae:c4:46:d8:ae:7e:1a:99:f9:5d:33:f0:
da:5f:c7:b3:28:4d:d5:30:80:6a:ba:7e:50:5d:af:
d3:cc:e5:c9:93:18:af:7a:f5:d3:0c:48:64:e2:5f:
34:2e:f0:2b:27:c5:3c:31:0a:3b:a2:1c:50:b1:b4:
73:8f:1f:18:6e:24:7e:6e:82:f3:3d:38:9d:72:a1:
e4:22:86:e9:fc:25:26:b4:5c:ff:9c:a6:2a:41:da:
7c:65:c0:50:7d:67:cc:7e:ba:38:8e:e2:08:5e:f6:
95:27:29:de:70:06:6b:5b:2c:ee:e2:2f:0c:a7:d1:
ca:37:b7:fc:29:e3:32:83:19:46:fe:85:e1:1d:09:
ad:90:c1:c6:02:42:d5:78:f5:65:fb:6d:29:52:bd:
ff:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A6:FD:A5:2B:0F:D2:13:DF:9B:0E:69:15:6F:68:55:DB:C3:3B:7B
X509v3 Authority Key Identifier:
keyid:F8:AD:11:0D:39:E9:5B:54:2D:F8:D2:07:1D:92:45:46:9A:1B:9F:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/mab9pSsP0hPfmw5pFW9oVdvDO3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.108.0/22
85.116.136.0/22
185.126.204.0/22
IPv6:
2a06:c100::/29
Signature Algorithm: sha256WithRSAEncryption
b9:3f:cd:03:78:77:75:39:16:00:f6:26:59:9d:01:d0:29:b3:
04:1e:dc:3b:48:d4:79:e9:87:cc:f0:99:7f:05:d1:67:aa:71:
98:49:a0:d5:a9:71:2c:de:00:63:a5:38:49:d0:a7:ed:54:27:
73:b7:81:65:8d:9d:9e:2e:a0:a1:81:c7:0c:33:0b:55:37:86:
eb:e3:4e:19:bd:82:61:e2:4e:d5:dd:9b:b9:20:26:e1:bf:49:
c0:fd:83:70:9c:ca:1c:ea:8b:df:28:9d:fe:c3:c5:b2:db:6a:
61:cc:f1:c3:ab:30:84:d2:d7:5e:c3:69:3a:b1:14:22:bd:02:
24:52:90:e2:8d:03:81:ce:86:b2:43:d8:bc:fa:4f:f3:8b:25:
40:42:0e:12:32:84:b4:a2:60:87:d3:33:61:73:49:96:6c:a5:
49:34:0f:52:53:d1:b3:9c:cb:1f:89:97:b8:d2:68:d4:28:b7:
d8:c1:b2:4d:8e:e1:fe:12:b9:57:e4:60:37:ff:b5:bf:6e:24:
0f:6c:f3:dc:85:2f:95:78:47:16:95:eb:8e:fa:56:83:5a:59:
87:8e:1b:d9:3a:fb:85:30:a2:16:d1:64:f8:15:d8:75:15:e8:
d8:c2:7c:58:9d:0e:f1:4e:06:64:93:e4:c7:e3:bb:e8:fa:51:
c7:f9:60:29
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQi/AfztpDXOArl/iPuMtOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YWQxMTBkMzllOTViNTQyZGY4ZDIwNzFkOTI0NTQ2OWEx
YjlmNDIwHhcNMjUwMTAxMTc0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWE2ZmRhNTJiMGZkMjEzZGY5YjBlNjkxNTZmNjg1NWRiYzMzYjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYYCqVf0P6g29TGE/8689WkwsmXh
qWBMXevI668ut7eha0T+ra97Up9Cbs9F8Nrq8bEOrPlXrl+Tvzes3Lbw4l26/1Er
BsNIKEFBw8nELls+RrNaEhitan+2TcEE5Jz73GK7zJj4B3+/p/iuxEbYrn4amfld
M/DaX8ezKE3VMIBqun5QXa/TzOXJkxivevXTDEhk4l80LvArJ8U8MQo7ohxQsbRz
jx8YbiR+boLzPTidcqHkIobp/CUmtFz/nKYqQdp8ZcBQfWfMfro4juIIXvaVJyne
cAZrWyzu4i8Mp9HKN7f8KeMygxlG/oXhHQmtkMHGAkLVePVl+20pUr3/FwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJmm/aUrD9IT35sOaRVvaFXbwzt7MB8GA1UdIwQY
MBaAFPitEQ056VtULfjSBx2SRUaaG59CMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LMFJEVG5wVzFRdC1OSUhIWkpGUnBvYm4wSS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvNjBlNjNjLWU2M2ItNGUxNi1hNWVi
LTc5YTViMzk3OGZmMi8xL21hYjlwU3NQMGhQZm13NXBGVzlvVmR2RE8zcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvNjBlNjNjLWU2M2ItNGUxNi1hNWViLTc5YTViMzk3OGZm
Mi8xLzEtSzBSRFRucFcxUXQtTklISFpKRlJwb2JuMEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAItgmwD
BAJVdIgDBAK5fswwDQQCAAIwBwMFAyoGwQAwDQYJKoZIhvcNAQELBQADggEBALk/
zQN4d3U5FgD2JlmdAdApswQe3DtI1Hnph8zwmX8F0WeqcZhJoNWpcSzeAGOlOEnQ
p+1UJ3O3gWWNnZ4uoKGBxwwzC1U3huvjThm9gmHiTtXdm7kgJuG/ScD9g3Ccyhzq
i98onf7DxbLbamHM8cOrMITS117DaTqxFCK9AiRSkOKNA4HOhrJD2Lz6T/OLJUBC
DhIyhLSiYIfTM2FzSZZspUk0D1JT0bOcyx+Jl7jSaNQot9jBsk2O4f4SuVfkYDf/
tb9uJA9s89yFL5V4RxaV6476VoNaWYeOG9k6+4UwohbRZPgV2HUV6NjCfFidDvFO
BmST5Mfju+j6Ucf5YCk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:02 2025 by rpki-client on console.sobornost.net