Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/XhZd4AXcprYaSWJWAkCvII9n7bo.roa
File: XhZd4AXcprYaSWJWAkCvII9n7bo.roa (raw, json)
Hash identifier: +WoaFZAXvgLhbONkinxfr9JdPcFsQuGimoN13TlQ0XQ=
Subject key identifier: 5E:16:5D:E0:05:DC:A6:B6:1A:49:62:56:02:40:AF:20:8F:67:ED:BA
Certificate issuer: /CN=851c281f576b43a1cab953c92041ce9599270c78
Certificate serial: 0194266BA75E626F2E95EF61D88616EA28E0
Authority key identifier: 85:1C:28:1F:57:6B:43:A1:CA:B9:53:C9:20:41:CE:95:99:27:0C:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hRwoH1drQ6HKuVPJIEHOlZknDHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/XhZd4AXcprYaSWJWAkCvII9n7bo.roa
Signing time: Thu 02 Jan 2025 09:49:36 +0000
ROA not before: Thu 02 Jan 2025 09:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57793
IP address blocks: 45.83.168.0/22 maxlen: 24
185.75.120.0/22 maxlen: 22
2a05:5240::/29 maxlen: 29
2a05:5241::/32 maxlen: 32
2a05:5242::/32 maxlen: 32
2a05:5243::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:a7:5e:62:6f:2e:95:ef:61:d8:86:16:ea:28:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851c281f576b43a1cab953c92041ce9599270c78
Validity
Not Before: Jan 2 09:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e165de005dca6b61a4962560240af208f67edba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c2:e5:09:68:d4:06:5d:f1:06:c1:e4:27:dd:
d9:0a:81:ba:78:c3:d0:38:80:be:28:b9:90:ec:2f:
da:50:63:18:5b:61:41:0e:77:dd:0d:7e:4b:17:98:
fb:3c:05:7f:a3:82:56:e3:3c:f2:c6:df:70:f8:5b:
0a:d5:32:e4:fe:83:bf:8a:53:cd:94:fd:4a:95:81:
b0:50:a8:3e:d0:1b:9e:77:0b:12:5b:0a:da:89:ed:
5f:80:5d:1e:89:ac:eb:4a:d0:a2:49:d7:4e:89:43:
52:1c:18:96:f2:9d:1b:75:a5:7f:b1:83:7a:d3:27:
be:3d:d2:18:82:11:a8:e8:7e:03:20:4d:11:89:69:
2b:86:a3:3c:2a:ad:35:03:59:9d:5c:03:5c:51:70:
e4:cb:c7:79:87:11:65:a8:3f:d5:d1:25:81:d8:71:
13:08:5b:cf:43:6e:a9:47:4e:63:9e:1e:79:09:a2:
e2:66:8a:46:8c:1c:6a:7c:e7:23:c1:e9:fa:81:5c:
30:18:aa:ec:e9:b3:f7:5a:b6:82:3b:63:ab:0a:a9:
f2:94:bc:eb:69:30:b7:53:e1:07:1d:57:d3:dc:ce:
1c:6e:80:7a:ff:f4:ba:e0:91:61:8a:b3:ae:e8:9a:
c6:f4:25:57:02:a3:94:ad:04:3d:32:ed:52:c6:9f:
ee:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:16:5D:E0:05:DC:A6:B6:1A:49:62:56:02:40:AF:20:8F:67:ED:BA
X509v3 Authority Key Identifier:
keyid:85:1C:28:1F:57:6B:43:A1:CA:B9:53:C9:20:41:CE:95:99:27:0C:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwoH1drQ6HKuVPJIEHOlZknDHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/XhZd4AXcprYaSWJWAkCvII9n7bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/hRwoH1drQ6HKuVPJIEHOlZknDHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.168.0/22
185.75.120.0/22
IPv6:
2a05:5240::/29
Signature Algorithm: sha256WithRSAEncryption
22:51:40:61:21:e3:a9:1c:5d:21:2b:1e:ab:ab:1f:35:ae:86:
d5:6e:24:2c:3e:87:e1:63:a5:8d:87:54:fa:e0:e8:8d:4d:ed:
ec:1d:5c:71:ff:70:1c:06:dd:b1:b7:f1:64:fa:c6:72:90:88:
83:5b:0e:eb:64:3f:fd:1e:22:c4:8b:87:f8:45:a8:6f:25:75:
ae:88:6f:c2:67:77:1c:c0:bb:b0:9a:00:04:d1:d5:73:93:e1:
ef:e8:50:4b:00:02:c3:0a:9e:76:ad:5b:49:be:ed:f3:51:e9:
ed:af:cc:0f:5d:ae:9e:b4:9d:66:11:64:7b:84:02:2c:3b:9a:
c2:16:fd:bb:ee:bd:cd:43:b2:03:6c:d6:41:de:63:af:43:c5:
eb:a2:ab:b1:37:23:fc:a8:73:1f:1e:3e:f4:6b:a2:51:c3:a7:
ff:b7:06:52:75:b9:b2:b5:70:ca:eb:1a:5f:bf:08:73:cf:bd:
1a:9c:6c:8c:18:f5:a3:85:b5:ef:f3:82:c4:2e:1c:16:28:c2:
23:34:a2:5c:6c:87:16:fa:7d:c8:6c:e5:0c:69:52:b5:f5:92:
d2:d9:ea:e6:8d:4a:86:90:a1:99:8a:52:65:6a:75:3b:09:03:
18:86:30:9d:7b:50:96:35:95:8e:a6:4c:82:66:d0:aa:ee:b9:
a2:7f:b5:7f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQma6deYm8ule9h2IYW6ijgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMyODFmNTc2YjQzYTFjYWI5NTNjOTIwNDFjZTk1OTky
NzBjNzgwHhcNMjUwMTAyMDk0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTE2NWRlMDA1ZGNhNmI2MWE0OTYyNTYwMjQwYWYyMDhmNjdlZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucLlCWjUBl3xBsHkJ93ZCoG6eMPQ
OIC+KLmQ7C/aUGMYW2FBDnfdDX5LF5j7PAV/o4JW4zzyxt9w+FsK1TLk/oO/ilPN
lP1KlYGwUKg+0BuedwsSWwraie1fgF0eiazrStCiSddOiUNSHBiW8p0bdaV/sYN6
0ye+PdIYghGo6H4DIE0RiWkrhqM8Kq01A1mdXANcUXDky8d5hxFlqD/V0SWB2HET
CFvPQ26pR05jnh55CaLiZopGjBxqfOcjwen6gVwwGKrs6bP3WraCO2OrCqnylLzr
aTC3U+EHHVfT3M4cboB6//S64JFhirOu6JrG9CVXAqOUrQQ9Mu1Sxp/unQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF4WXeAF3Ka2GkliVgJAryCPZ+26MB8GA1UdIwQY
MBaAFIUcKB9Xa0OhyrlTySBBzpWZJwx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3b0gxZHJRNkhLdVZQSklFSE9sWmtuREhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80YTY4YTctZGMzMS00MGZhLWExMTAt
OTFkNTYyMDBiYWY0LzEvWGhaZDRBWGNwcllhU1dKV0FrQ3ZJSTluN2JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80YTY4YTctZGMzMS00MGZhLWExMTAtOTFkNTYyMDBiYWY0
LzEvaFJ3b0gxZHJRNkhLdVZQSklFSE9sWmtuREhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVOoAwQC
uUt4MA0EAgACMAcDBQMqBVJAMA0GCSqGSIb3DQEBCwUAA4IBAQAiUUBhIeOpHF0h
Kx6rqx81robVbiQsPofhY6WNh1T64OiNTe3sHVxx/3AcBt2xt/Fk+sZykIiDWw7r
ZD/9HiLEi4f4RahvJXWuiG/CZ3ccwLuwmgAE0dVzk+Hv6FBLAALDCp52rVtJvu3z
Uentr8wPXa6etJ1mEWR7hAIsO5rCFv277r3NQ7IDbNZB3mOvQ8XroquxNyP8qHMf
Hj70a6JRw6f/twZSdbmytXDK6xpfvwhzz70anGyMGPWjhbXv84LELhwWKMIjNKJc
bIcW+n3IbOUMaVK19ZLS2ermjUqGkKGZilJlanU7CQMYhjCde1CWNZWOpkyCZtCq
7rmif7V/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:09 2025 by rpki-client on console.sobornost.net