Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/TqxBCZL9aO2HeSNnY3sf6LoNovc.roa
File: TqxBCZL9aO2HeSNnY3sf6LoNovc.roa (raw, json)
Hash identifier: litgtHtbok7D0RHkvFMpju9OCpiuJLEg/ZS51Ooj5ac=
Subject key identifier: 4E:AC:41:09:92:FD:68:ED:87:79:23:67:63:7B:1F:E8:BA:0D:A2:F7
Certificate issuer: /CN=851c281f576b43a1cab953c92041ce9599270c78
Certificate serial: 0193BF4C34052D5D0A5E9DDA69B665DE2534
Authority key identifier: 85:1C:28:1F:57:6B:43:A1:CA:B9:53:C9:20:41:CE:95:99:27:0C:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hRwoH1drQ6HKuVPJIEHOlZknDHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/TqxBCZL9aO2HeSNnY3sf6LoNovc.roa
Signing time: Fri 13 Dec 2024 09:14:22 +0000
ROA not before: Fri 13 Dec 2024 09:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57793
IP address blocks: 45.83.168.0/22 maxlen: 24
185.75.120.0/22 maxlen: 22
2a05:5240::/29 maxlen: 29
2a05:5241::/32 maxlen: 32
2a05:5242::/32 maxlen: 32
2a05:5243::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bf:4c:34:05:2d:5d:0a:5e:9d:da:69:b6:65:de:25:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851c281f576b43a1cab953c92041ce9599270c78
Validity
Not Before: Dec 13 09:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4eac410992fd68ed87792367637b1fe8ba0da2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f6:a6:23:f0:96:48:d4:e6:14:12:48:e7:b0:
0c:a1:01:64:78:5d:cf:07:15:e7:e7:b1:f5:fd:64:
d9:9d:7b:6a:39:1b:5f:33:83:85:eb:d7:b2:5d:ac:
0e:d2:d2:98:b2:40:4c:47:2f:ab:ac:d5:2b:01:af:
91:22:e3:bb:da:11:85:c2:f2:91:0f:2a:c1:1c:bd:
86:48:d7:6d:44:24:61:f0:5c:60:13:72:18:d1:82:
fa:f8:a8:af:98:8d:5e:24:25:0a:9e:9e:b5:9a:d0:
05:3d:15:6f:72:fd:1b:c8:fa:e1:10:a0:17:1f:4f:
96:4c:4c:b3:d0:15:ea:aa:21:58:30:08:96:ff:c5:
df:7b:7f:f0:2c:44:4b:88:1c:72:60:d2:2f:4a:82:
d8:43:6d:c6:18:c4:3a:60:6a:40:7f:cc:e0:d5:0a:
8e:a2:c3:01:64:ab:53:3c:8a:92:53:26:3c:bc:58:
4f:16:c6:0f:fb:f8:48:3c:9e:45:35:bf:c1:5f:fd:
ca:e2:cd:fb:04:4d:62:b5:d4:e6:74:f1:24:af:9c:
4f:a7:47:41:f1:ae:2b:41:d0:aa:97:dd:e3:66:06:
e7:94:d0:36:92:57:f4:43:e3:6d:0e:83:85:1b:37:
50:70:5a:3b:72:18:4c:59:c1:e7:40:16:92:92:57:
31:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:AC:41:09:92:FD:68:ED:87:79:23:67:63:7B:1F:E8:BA:0D:A2:F7
X509v3 Authority Key Identifier:
keyid:85:1C:28:1F:57:6B:43:A1:CA:B9:53:C9:20:41:CE:95:99:27:0C:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwoH1drQ6HKuVPJIEHOlZknDHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/TqxBCZL9aO2HeSNnY3sf6LoNovc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/hRwoH1drQ6HKuVPJIEHOlZknDHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.168.0/22
185.75.120.0/22
IPv6:
2a05:5240::/29
Signature Algorithm: sha256WithRSAEncryption
74:64:e8:0a:2a:1a:0f:61:cd:04:c3:a0:f0:11:a6:54:bb:e0:
36:ba:57:1d:d6:fb:b4:04:33:12:6a:a5:5b:2f:10:7d:ee:68:
0f:37:92:de:b3:80:04:91:bf:5d:d3:b9:12:3c:02:00:68:ad:
e8:11:d7:bb:9d:3a:f4:e5:cb:60:18:fb:86:24:7b:71:ef:8d:
f8:dc:ed:8b:a9:21:1e:b4:99:10:d5:2a:d2:f6:a8:9c:1f:8a:
1b:42:81:bd:5f:f4:23:7d:a7:1e:09:1f:b0:29:e5:72:b9:85:
43:7b:b4:d9:c5:c5:d3:54:b1:56:c5:3e:ce:e6:34:96:f5:59:
0e:7c:18:c9:e3:3a:79:58:98:f9:ae:4c:10:73:1f:c1:03:20:
58:a3:d5:8a:25:49:f7:50:11:12:d1:dd:38:e8:ae:d8:28:0a:
ae:f3:1e:56:e6:4c:ee:ea:d0:a6:0c:b8:1a:00:ab:a3:f7:6a:
9a:97:6e:6a:4e:8e:33:b3:01:00:9e:e8:72:72:06:ce:3d:f9:
18:96:3a:3f:4d:7c:1c:cb:47:d7:9c:db:64:d2:54:8d:50:74:
54:96:74:05:e7:f2:a9:16:a9:55:d7:74:9b:98:fe:30:df:4b:
8f:29:d5:96:cb:e0:12:43:b8:4f:15:d2:73:2f:7b:7a:43:fc:
65:b9:f5:86
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZO/TDQFLV0KXp3aabZl3iU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMyODFmNTc2YjQzYTFjYWI5NTNjOTIwNDFjZTk1OTky
NzBjNzgwHhcNMjQxMjEzMDkxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWFjNDEwOTkyZmQ2OGVkODc3OTIzNjc2MzdiMWZlOGJhMGRhMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/amI/CWSNTmFBJI57AMoQFkeF3P
BxXn57H1/WTZnXtqORtfM4OF69eyXawO0tKYskBMRy+rrNUrAa+RIuO72hGFwvKR
DyrBHL2GSNdtRCRh8FxgE3IY0YL6+KivmI1eJCUKnp61mtAFPRVvcv0byPrhEKAX
H0+WTEyz0BXqqiFYMAiW/8Xfe3/wLERLiBxyYNIvSoLYQ23GGMQ6YGpAf8zg1QqO
osMBZKtTPIqSUyY8vFhPFsYP+/hIPJ5FNb/BX/3K4s37BE1itdTmdPEkr5xPp0dB
8a4rQdCql93jZgbnlNA2klf0Q+NtDoOFGzdQcFo7chhMWcHnQBaSklcxEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE6sQQmS/Wjth3kjZ2N7H+i6DaL3MB8GA1UdIwQY
MBaAFIUcKB9Xa0OhyrlTySBBzpWZJwx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3b0gxZHJRNkhLdVZQSklFSE9sWmtuREhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80YTY4YTctZGMzMS00MGZhLWExMTAt
OTFkNTYyMDBiYWY0LzEvVHF4QkNaTDlhTzJIZVNOblkzc2Y2TG9Ob3ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80YTY4YTctZGMzMS00MGZhLWExMTAtOTFkNTYyMDBiYWY0
LzEvaFJ3b0gxZHJRNkhLdVZQSklFSE9sWmtuREhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVOoAwQC
uUt4MA0EAgACMAcDBQMqBVJAMA0GCSqGSIb3DQEBCwUAA4IBAQB0ZOgKKhoPYc0E
w6DwEaZUu+A2ulcd1vu0BDMSaqVbLxB97mgPN5Les4AEkb9d07kSPAIAaK3oEde7
nTr05ctgGPuGJHtx74343O2LqSEetJkQ1SrS9qicH4obQoG9X/QjfaceCR+wKeVy
uYVDe7TZxcXTVLFWxT7O5jSW9VkOfBjJ4zp5WJj5rkwQcx/BAyBYo9WKJUn3UBES
0d046K7YKAqu8x5W5kzu6tCmDLgaAKuj92qal25qTo4zswEAnuhycgbOPfkYljo/
TXwcy0fXnNtk0lSNUHRUlnQF5/KpFqlV13SbmP4w30uPKdWWy+ASQ7hPFdJzL3t6
Q/xlufWG
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:14 2024 by rpki-client on console.sobornost.net