Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/N89BBUIYaxgTXVsBYYeROviP-b4.roa
File: N89BBUIYaxgTXVsBYYeROviP-b4.roa (raw, json)
Hash identifier: kbSv4hr/k4cotTVvESyKg53TbT8R2YXHYuY2t5E+p7c=
Subject key identifier: 37:CF:41:05:42:18:6B:18:13:5D:5B:01:61:87:91:3A:F8:8F:F9:BE
Certificate issuer: /CN=43e0a364131841056d48b2d788ea00ca4b91db56
Certificate serial: 0194E5242BC84D7D63AF7885DC7C57559937
Authority key identifier: 43:E0:A3:64:13:18:41:05:6D:48:B2:D7:88:EA:00:CA:4B:91:DB:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/N89BBUIYaxgTXVsBYYeROviP-b4.roa
Signing time: Sat 08 Feb 2025 10:39:00 +0000
ROA not before: Sat 08 Feb 2025 10:39:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48254
IP address blocks: 45.8.224.0/24 maxlen: 24
45.8.225.0/24 maxlen: 24
45.8.226.0/24 maxlen: 24
45.8.227.0/24 maxlen: 24
185.146.164.0/24 maxlen: 24
185.146.165.0/24 maxlen: 24
185.146.166.0/24 maxlen: 24
185.146.167.0/24 maxlen: 24
185.151.28.0/24 maxlen: 24
185.151.29.0/24 maxlen: 24
185.151.30.0/24 maxlen: 24
185.151.31.0/24 maxlen: 24
194.38.52.0/24 maxlen: 24
2a07:7800::/29 maxlen: 48
2a07:7800::/48 maxlen: 48
2a07:7800:1::/48 maxlen: 48
2a07:7800:2::/48 maxlen: 48
2a07:7800:3::/48 maxlen: 48
2a07:7800:4::/48 maxlen: 48
2a07:7800:5::/48 maxlen: 48
2a07:7800:6::/48 maxlen: 48
2a07:7800:7::/48 maxlen: 48
2a07:7800:8::/48 maxlen: 48
2a07:7800:9::/48 maxlen: 48
2a07:7800:10::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e5:24:2b:c8:4d:7d:63:af:78:85:dc:7c:57:55:99:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43e0a364131841056d48b2d788ea00ca4b91db56
Validity
Not Before: Feb 8 10:39:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37cf410542186b18135d5b016187913af88ff9be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7e:d4:97:00:b8:af:52:76:7c:a6:f7:2f:42:
5d:01:56:19:95:49:40:ef:3a:e9:5e:34:83:80:e4:
c5:14:9c:6e:66:f5:8d:a6:6c:62:25:ca:a4:a1:66:
0a:af:6d:c9:4b:92:bc:a0:22:16:ea:e1:db:8d:4b:
9f:a4:3d:3a:d1:b4:d8:44:c7:55:92:f2:eb:46:f3:
d4:b4:5e:08:ce:e7:eb:f8:50:a0:7e:80:9e:57:1a:
9c:33:a0:64:50:1b:7e:85:90:0c:70:43:55:d8:9a:
1e:00:88:13:49:32:a4:01:fd:70:80:25:9c:42:a4:
f4:92:4f:24:8b:8f:9e:3e:36:8f:a1:d6:7d:64:74:
e0:07:8d:0d:92:71:38:f2:ef:b2:c3:36:51:53:22:
13:60:ac:38:1d:e6:50:72:76:42:81:3a:bc:bb:7a:
39:3f:8a:64:7b:4a:72:e7:ba:6e:ce:1d:17:5a:52:
f5:f8:37:e6:88:cb:28:96:9f:a4:0b:81:c2:18:c2:
8e:57:66:bc:52:6c:50:1d:41:77:81:3f:df:18:4b:
cc:b7:f9:d4:ac:9e:b9:aa:b4:e4:43:ec:30:02:58:
ff:40:a2:7c:04:c1:c8:3a:08:48:7d:72:69:86:00:
b9:63:cc:c9:e9:dc:c5:0f:33:8b:d2:23:1e:3d:a4:
e7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:CF:41:05:42:18:6B:18:13:5D:5B:01:61:87:91:3A:F8:8F:F9:BE
X509v3 Authority Key Identifier:
keyid:43:E0:A3:64:13:18:41:05:6D:48:B2:D7:88:EA:00:CA:4B:91:DB:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/N89BBUIYaxgTXVsBYYeROviP-b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/Q-CjZBMYQQVtSLLXiOoAykuR21Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.224.0/22
185.146.164.0/22
185.151.28.0/22
194.38.52.0/24
IPv6:
2a07:7800::/29
Signature Algorithm: sha256WithRSAEncryption
5f:03:2b:40:a8:bc:98:4c:66:b1:8d:ee:26:db:de:39:e7:85:
7f:01:3c:61:1f:b4:32:cd:49:47:ed:dc:92:80:b1:c4:db:e0:
6d:d3:56:5e:38:4e:07:c5:c9:33:02:31:24:a8:3f:35:55:27:
cf:56:d4:0c:cc:31:73:cd:db:80:d8:b8:0f:13:7c:b2:5e:ae:
5a:fc:83:5a:55:78:bd:1b:01:d3:22:ce:04:7d:4b:78:ee:36:
73:b7:7f:b7:af:4f:9d:34:00:5c:5e:0c:9b:58:8e:90:ff:ad:
56:3f:4b:e9:38:6f:98:2f:a1:3c:b2:c6:3d:9b:15:0a:a3:aa:
91:33:0a:a4:e8:30:d2:81:6d:e0:0e:f4:96:c5:ed:81:b5:cf:
e9:88:bc:16:e7:25:8f:c0:c7:ce:1e:41:bc:19:4a:47:1f:46:
ae:bb:5b:01:a3:91:2b:28:fc:88:9d:f1:c2:cc:c4:46:87:b0:
ee:c1:9b:c8:cc:a4:08:4d:d3:8b:09:88:3c:62:b2:4c:74:07:
1f:0a:6e:6f:7c:9f:d7:db:ea:df:08:ff:3d:87:7f:36:a5:36:
ea:48:7c:ee:91:d9:5f:e4:9a:7e:19:45:11:05:ad:58:f9:3e:
f7:7f:81:f2:f4:dd:b9:82:1e:23:c6:14:6e:56:c2:1c:f5:eb:
5b:41:3b:7e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZTlJCvITX1jr3iF3HxXVZk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZTBhMzY0MTMxODQxMDU2ZDQ4YjJkNzg4ZWEwMGNhNGI5
MWRiNTYwHhcNMjUwMjA4MTAzOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2NmNDEwNTQyMTg2YjE4MTM1ZDViMDE2MTg3OTEzYWY4OGZmOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzn7UlwC4r1J2fKb3L0JdAVYZlUlA
7zrpXjSDgOTFFJxuZvWNpmxiJcqkoWYKr23JS5K8oCIW6uHbjUufpD060bTYRMdV
kvLrRvPUtF4Izufr+FCgfoCeVxqcM6BkUBt+hZAMcENV2JoeAIgTSTKkAf1wgCWc
QqT0kk8ki4+ePjaPodZ9ZHTgB40NknE48u+ywzZRUyITYKw4HeZQcnZCgTq8u3o5
P4pke0py57puzh0XWlL1+DfmiMsolp+kC4HCGMKOV2a8UmxQHUF3gT/fGEvMt/nU
rJ65qrTkQ+wwAlj/QKJ8BMHIOghIfXJphgC5Y8zJ6dzFDzOL0iMePaTnoQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDfPQQVCGGsYE11bAWGHkTr4j/m+MB8GA1UdIwQY
MBaAFEPgo2QTGEEFbUiy14jqAMpLkdtWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUS1DalpCTVlRUVZ0U0xMWGlPb0F5a3VSMjFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi85Y2JiMDYtYjRkYS00Yzk0LWI0MTgt
NGIwODFjYzJiMzlhLzEvTjg5QkJVSVlheGdUWFZzQllZZVJPdmlQLWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi85Y2JiMDYtYjRkYS00Yzk0LWI0MTgtNGIwODFjYzJiMzlh
LzEvUS1DalpCTVlRUVZ0U0xMWGlPb0F5a3VSMjFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLQjgAwQC
uZKkAwQCuZccAwQAwiY0MA0EAgACMAcDBQMqB3gAMA0GCSqGSIb3DQEBCwUAA4IB
AQBfAytAqLyYTGaxje4m294554V/ATxhH7QyzUlH7dySgLHE2+Bt01ZeOE4Hxckz
AjEkqD81VSfPVtQMzDFzzduA2LgPE3yyXq5a/INaVXi9GwHTIs4EfUt47jZzt3+3
r0+dNABcXgybWI6Q/61WP0vpOG+YL6E8ssY9mxUKo6qRMwqk6DDSgW3gDvSWxe2B
tc/piLwW5yWPwMfOHkG8GUpHH0auu1sBo5ErKPyInfHCzMRGh7DuwZvIzKQITdOL
CYg8YrJMdAcfCm5vfJ/X2+rfCP89h382pTbqSHzukdlf5Jp+GUURBa1Y+T73f4Hy
9N25gh4jxhRuVsIc9etbQTt+
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:50:47 2025 by rpki-client on console.sobornost.net