Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/oLrn4a9qOdl-vVdDDDEfOdcaw0M.roa
File: oLrn4a9qOdl-vVdDDDEfOdcaw0M.roa (raw, json)
Hash identifier: C5BMAgY6fq8D0n/15WajsEVkkZ7GAkrzRmDZ7QTRZfA=
Subject key identifier: A0:BA:E7:E1:AF:6A:39:D9:7E:BD:57:43:0C:31:1F:39:D7:1A:C3:43
Certificate issuer: /CN=2dc291b8db6cfddf6dd2a1d55b226d49492a2705
Certificate serial: 01941FFA33433CBE22D1F0BF815A0E59B2F4
Authority key identifier: 2D:C2:91:B8:DB:6C:FD:DF:6D:D2:A1:D5:5B:22:6D:49:49:2A:27:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/oLrn4a9qOdl-vVdDDDEfOdcaw0M.roa
Signing time: Wed 01 Jan 2025 03:47:58 +0000
ROA not before: Wed 01 Jan 2025 03:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211393
IP address blocks: 45.9.23.0/24 maxlen: 24
193.36.4.0/22 maxlen: 22
2a0b:6dc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:33:43:3c:be:22:d1:f0:bf:81:5a:0e:59:b2:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc291b8db6cfddf6dd2a1d55b226d49492a2705
Validity
Not Before: Jan 1 03:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0bae7e1af6a39d97ebd57430c311f39d71ac343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:38:f0:0a:a7:b0:b5:7c:af:3a:1a:93:01:ae:
11:ed:c8:23:f0:ab:8d:01:8f:d1:0a:82:98:6c:d9:
fc:d3:e1:bd:5d:5f:2a:3e:4c:f3:e6:b5:6d:67:4f:
0e:6f:ae:65:90:36:4d:8a:71:5d:f7:d4:a6:e3:5b:
64:27:c0:71:6f:fb:cf:14:50:16:4c:69:28:d3:14:
b5:99:77:9f:20:4f:45:fb:e6:36:47:6e:e1:00:99:
3f:cb:ce:dd:10:04:c6:56:13:a1:06:e1:45:7b:6b:
7d:23:07:4a:00:b7:b1:9e:9d:13:a8:87:76:87:32:
58:d9:67:e8:2b:b1:b4:63:6f:77:2c:23:87:92:cb:
42:44:1c:e4:68:c1:04:34:7d:a1:c4:57:18:9e:77:
b9:fc:0c:a8:d3:56:c7:f4:da:49:39:07:56:3f:a0:
1d:ee:67:4b:42:4d:ca:f8:62:e0:af:ce:c4:2a:01:
c4:86:b3:ea:e3:18:d6:e2:07:99:9f:5f:ac:50:a6:
e5:e4:9e:5f:09:3d:4e:27:cf:59:03:8c:ad:36:4d:
df:d2:e5:3b:b0:e7:4a:6f:77:9a:26:b1:c1:00:51:
9d:85:ce:bf:40:d4:e8:78:1f:c6:23:32:69:fb:5d:
8c:1b:18:15:07:e8:f8:cb:15:bb:9d:d4:9a:46:fe:
5b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:BA:E7:E1:AF:6A:39:D9:7E:BD:57:43:0C:31:1F:39:D7:1A:C3:43
X509v3 Authority Key Identifier:
keyid:2D:C2:91:B8:DB:6C:FD:DF:6D:D2:A1:D5:5B:22:6D:49:49:2A:27:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/oLrn4a9qOdl-vVdDDDEfOdcaw0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/LcKRuNts_d9t0qHVWyJtSUkqJwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.23.0/24
193.36.4.0/22
IPv6:
2a0b:6dc0::/29
Signature Algorithm: sha256WithRSAEncryption
21:40:53:36:ae:ad:d4:87:5e:33:5f:0a:b6:86:bc:71:b5:bc:
3f:75:ff:e5:9f:57:0d:66:27:0c:9a:6e:b9:74:87:8a:aa:8f:
4c:34:fb:e8:97:f3:17:bd:81:59:8f:a9:f3:48:3a:94:90:03:
f7:21:bc:10:ac:df:3a:38:6f:3f:73:e2:00:44:1e:45:a6:38:
0a:2d:6d:b9:18:1f:7c:20:b3:0a:68:91:e8:21:41:05:93:cd:
e1:8f:ec:df:47:03:09:d5:ef:c1:e0:38:37:dd:7c:99:e0:e7:
0e:ad:60:d5:e8:65:d6:c7:ef:33:c1:ea:0e:9d:04:06:33:73:
65:60:16:3a:36:ae:b2:d4:74:0b:be:a1:6f:37:1e:cd:ea:d1:
ff:c2:9e:fb:d9:4a:14:4c:d9:eb:3d:b7:25:d3:1e:5a:29:55:
6b:f4:98:4c:b8:d7:73:d1:4f:d9:31:eb:16:f1:4c:fe:7f:51:
09:d4:26:09:cb:89:b8:6c:d7:1e:fd:95:c8:b7:77:65:2a:d4:
6c:bc:d8:94:63:ab:5c:e1:a4:75:6c:87:82:25:a0:18:18:93:
65:5c:87:48:f8:18:0a:7d:6a:91:e7:8a:7e:3f:55:6e:97:ce:
35:91:5d:c6:c3:18:3b:fd:2c:84:5d:a7:e2:bc:c0:66:6d:45:
99:91:f2:ac
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQf+jNDPL4i0fC/gVoOWbL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzI5MWI4ZGI2Y2ZkZGY2ZGQyYTFkNTViMjI2ZDQ5NDky
YTI3MDUwHhcNMjUwMTAxMDM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGJhZTdlMWFmNmEzOWQ5N2ViZDU3NDMwYzMxMWYzOWQ3MWFjMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjjwCqewtXyvOhqTAa4R7cgj8KuN
AY/RCoKYbNn80+G9XV8qPkzz5rVtZ08Ob65lkDZNinFd99Sm41tkJ8Bxb/vPFFAW
TGko0xS1mXefIE9F++Y2R27hAJk/y87dEATGVhOhBuFFe2t9IwdKALexnp0TqId2
hzJY2WfoK7G0Y293LCOHkstCRBzkaMEENH2hxFcYnne5/Ayo01bH9NpJOQdWP6Ad
7mdLQk3K+GLgr87EKgHEhrPq4xjW4geZn1+sUKbl5J5fCT1OJ89ZA4ytNk3f0uU7
sOdKb3eaJrHBAFGdhc6/QNToeB/GIzJp+12MGxgVB+j4yxW7ndSaRv5bPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKC65+GvajnZfr1XQwwxHznXGsNDMB8GA1UdIwQY
MBaAFC3CkbjbbP3fbdKh1VsibUlJKicFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNLUnVOdHNfZDl0MHFIVld5SnRTVWtxSndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80MWE4NDMtNzUyNC00NTViLWJlMjIt
MmIxNzBlOTVjMmI3LzEvb0xybjRhOXFPZGwtdlZkRERERWZPZGNhdzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80MWE4NDMtNzUyNC00NTViLWJlMjItMmIxNzBlOTVjMmI3
LzEvTGNLUnVOdHNfZDl0MHFIVld5SnRTVWtxSndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALQkXAwQC
wSQEMA0EAgACMAcDBQMqC23AMA0GCSqGSIb3DQEBCwUAA4IBAQAhQFM2rq3Uh14z
Xwq2hrxxtbw/df/ln1cNZicMmm65dIeKqo9MNPvol/MXvYFZj6nzSDqUkAP3IbwQ
rN86OG8/c+IARB5FpjgKLW25GB98ILMKaJHoIUEFk83hj+zfRwMJ1e/B4Dg33XyZ
4OcOrWDV6GXWx+8zweoOnQQGM3NlYBY6Nq6y1HQLvqFvNx7N6tH/wp772UoUTNnr
Pbcl0x5aKVVr9JhMuNdz0U/ZMesW8Uz+f1EJ1CYJy4m4bNce/ZXIt3dlKtRsvNiU
Y6tc4aR1bIeCJaAYGJNlXIdI+BgKfWqR54p+P1Vul841kV3Gwxg7/SyEXafivMBm
bUWZkfKs
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:11 2025 by rpki-client on console.sobornost.net