Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/5b43ba-8eb5-44d3-9b87-e000e3fff93e/1/nB0wD2NbLIcgL4wuuaNReH2xdaw.roa
File: nB0wD2NbLIcgL4wuuaNReH2xdaw.roa (raw, json)
Hash identifier: PmwRmIsMv3KSkKaHz3D8VpJ1Kt0x35JTg65eBK0T3+k=
Subject key identifier: 9C:1D:30:0F:63:5B:2C:87:20:2F:8C:2E:B9:A3:51:78:7D:B1:75:AC
Certificate issuer: /CN=c5721737651598f56cf7195120777d7b5316f552
Certificate serial: 019421B257639EA17B7526CFB5E19F2B45CC
Authority key identifier: C5:72:17:37:65:15:98:F5:6C:F7:19:51:20:77:7D:7B:53:16:F5:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xXIXN2UVmPVs9xlRIHd9e1MW9VI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/5b43ba-8eb5-44d3-9b87-e000e3fff93e/1/nB0wD2NbLIcgL4wuuaNReH2xdaw.roa
Signing time: Wed 01 Jan 2025 11:48:43 +0000
ROA not before: Wed 01 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208766
IP address blocks: 45.85.228.0/22 maxlen: 22
2a0e:cc80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:57:63:9e:a1:7b:75:26:cf:b5:e1:9f:2b:45:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5721737651598f56cf7195120777d7b5316f552
Validity
Not Before: Jan 1 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c1d300f635b2c87202f8c2eb9a351787db175ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7d:55:6b:2e:d8:80:8f:96:bc:e4:86:96:10:
92:59:d6:b1:c0:74:f8:6f:59:65:47:6d:61:10:e0:
93:20:40:bd:b8:2e:36:19:b8:56:16:53:f1:77:3a:
31:24:c5:40:01:66:67:fd:c7:99:cf:4c:d5:56:88:
ac:89:74:fb:1d:db:57:07:92:85:6a:b6:58:b9:53:
7b:64:dc:8f:92:c7:96:4f:d2:bd:33:3c:43:f2:bb:
9c:65:05:d1:ff:7d:db:9d:26:33:d7:5b:fb:95:8e:
bd:5d:f1:44:3f:e8:7c:dd:32:e4:7b:24:7c:ff:7f:
76:59:48:14:a1:9f:0e:33:45:e8:91:6a:3d:74:a0:
75:02:56:d3:06:1b:5d:13:0d:0a:54:5c:35:52:61:
80:33:94:ff:58:d2:b8:c3:55:25:e3:27:db:2f:d6:
0b:ff:64:0c:bb:17:55:f3:7d:c6:3d:c4:4e:52:59:
20:9e:52:05:63:fb:5d:78:58:53:e1:e1:79:02:6d:
5f:47:5f:36:ce:dd:90:93:e5:d9:da:7f:e1:1b:83:
bf:f4:1d:dc:9b:1b:b2:13:4c:22:42:f8:9f:7e:b3:
64:55:04:7a:08:e8:dd:b4:c3:d3:d4:4c:36:af:a8:
c2:10:d7:ba:97:8c:01:59:52:0a:69:ba:19:44:d5:
f1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:1D:30:0F:63:5B:2C:87:20:2F:8C:2E:B9:A3:51:78:7D:B1:75:AC
X509v3 Authority Key Identifier:
keyid:C5:72:17:37:65:15:98:F5:6C:F7:19:51:20:77:7D:7B:53:16:F5:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xXIXN2UVmPVs9xlRIHd9e1MW9VI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/5b43ba-8eb5-44d3-9b87-e000e3fff93e/1/nB0wD2NbLIcgL4wuuaNReH2xdaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/5b43ba-8eb5-44d3-9b87-e000e3fff93e/1/xXIXN2UVmPVs9xlRIHd9e1MW9VI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.228.0/22
IPv6:
2a0e:cc80::/29
Signature Algorithm: sha256WithRSAEncryption
5b:82:0a:ba:1b:78:6b:4b:d3:48:b7:ef:ea:cb:e4:bb:f8:ed:
be:c5:6f:ff:12:f6:13:aa:20:35:8a:b4:0c:db:e2:9a:72:31:
ca:e3:8a:38:f9:95:c7:18:1c:1f:2b:a2:96:9b:86:6c:e2:34:
94:1d:9b:dd:b0:de:73:b1:83:63:4a:e3:c5:a1:ee:8d:37:df:
40:57:5c:b3:7e:c8:b6:13:56:cb:4d:39:42:6d:96:2b:a4:61:
98:3c:06:ad:40:96:eb:5a:f3:2a:0a:80:af:33:46:69:ba:dd:
9e:c7:fc:83:87:da:48:2a:f1:a5:94:8a:4e:38:97:ba:32:29:
52:ac:be:16:a8:3c:1d:32:67:27:f7:77:82:b9:f4:6e:8d:fb:
d0:10:ca:3a:d9:8c:90:b9:c7:a3:46:75:6d:07:ed:18:c1:4f:
25:15:4a:a2:bb:68:c6:c0:58:a6:20:2c:89:d4:22:b8:64:f9:
84:61:d8:3a:ed:69:b0:36:c6:1a:bd:83:71:dc:23:6b:31:db:
a7:d5:75:3d:eb:02:40:1b:47:b8:9f:1c:b4:b3:cd:b2:bf:00:
f9:46:63:56:f3:3d:10:f0:47:8f:ba:43:f2:85:42:28:60:a9:
ac:b4:3e:a8:cb:0b:5f:20:c1:dd:f0:24:b3:6e:73:14:48:a7:
9a:6a:66:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsldjnqF7dSbPteGfK0XMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NzIxNzM3NjUxNTk4ZjU2Y2Y3MTk1MTIwNzc3ZDdiNTMx
NmY1NTIwHhcNMjUwMTAxMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzFkMzAwZjYzNWIyYzg3MjAyZjhjMmViOWEzNTE3ODdkYjE3NWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwn1Vay7YgI+WvOSGlhCSWdaxwHT4
b1llR21hEOCTIEC9uC42GbhWFlPxdzoxJMVAAWZn/ceZz0zVVoisiXT7HdtXB5KF
arZYuVN7ZNyPkseWT9K9MzxD8rucZQXR/33bnSYz11v7lY69XfFEP+h83TLkeyR8
/392WUgUoZ8OM0XokWo9dKB1AlbTBhtdEw0KVFw1UmGAM5T/WNK4w1Ul4yfbL9YL
/2QMuxdV833GPcROUlkgnlIFY/tdeFhT4eF5Am1fR182zt2Qk+XZ2n/hG4O/9B3c
mxuyE0wiQviffrNkVQR6COjdtMPT1Ew2r6jCENe6l4wBWVIKaboZRNXxjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJwdMA9jWyyHIC+MLrmjUXh9sXWsMB8GA1UdIwQY
MBaAFMVyFzdlFZj1bPcZUSB3fXtTFvVSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFhJWE4yVVZtUFZzOXhsUklIZDllMU1XOVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC81YjQzYmEtOGViNS00NGQzLTliODct
ZTAwMGUzZmZmOTNlLzEvbkIwd0QyTmJMSWNnTDR3dXVhTlJlSDJ4ZGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC81YjQzYmEtOGViNS00NGQzLTliODctZTAwMGUzZmZmOTNl
LzEveFhJWE4yVVZtUFZzOXhsUklIZDllMU1XOVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVXkMA0E
AgACMAcDBQMqDsyAMA0GCSqGSIb3DQEBCwUAA4IBAQBbggq6G3hrS9NIt+/qy+S7
+O2+xW//EvYTqiA1irQM2+KacjHK44o4+ZXHGBwfK6KWm4Zs4jSUHZvdsN5zsYNj
SuPFoe6NN99AV1yzfsi2E1bLTTlCbZYrpGGYPAatQJbrWvMqCoCvM0Zput2ex/yD
h9pIKvGllIpOOJe6MilSrL4WqDwdMmcn93eCufRujfvQEMo62YyQucejRnVtB+0Y
wU8lFUqiu2jGwFimICyJ1CK4ZPmEYdg67WmwNsYavYNx3CNrMdun1XU96wJAG0e4
nxy0s82yvwD5RmNW8z0Q8EePukPyhUIoYKmstD6oywtfIMHd8CSzbnMUSKeaamZD
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:03 2025 by rpki-client on console.sobornost.net