Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/HQ3g25P006ROllKfG3gdhpSNHOg.roa
File: HQ3g25P006ROllKfG3gdhpSNHOg.roa (raw, json)
Hash identifier: JkW/Op/fvYeKeMra4WDWooddbprrjz6RgWEE7Fl3VHc=
Subject key identifier: 1D:0D:E0:DB:93:F4:D3:A4:4E:96:52:9F:1B:78:1D:86:94:8D:1C:E8
Certificate issuer: /CN=75ea894ee05775e0ef061d086ca252147f5c91de
Certificate serial: 019464103683430418AE0F9D5A64DC1315E0
Authority key identifier: 75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/HQ3g25P006ROllKfG3gdhpSNHOg.roa
Signing time: Tue 14 Jan 2025 09:06:11 +0000
ROA not before: Tue 14 Jan 2025 09:06:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57795
IP address blocks: 45.154.45.0/24 maxlen: 24
45.154.46.0/24 maxlen: 24
185.74.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:64:10:36:83:43:04:18:ae:0f:9d:5a:64:dc:13:15:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75ea894ee05775e0ef061d086ca252147f5c91de
Validity
Not Before: Jan 14 09:06:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d0de0db93f4d3a44e96529f1b781d86948d1ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6f:b7:33:01:7f:60:b6:c6:b5:79:c7:92:c7:
7f:ef:8c:6e:7b:98:53:56:31:a1:98:7f:e8:94:ed:
74:1a:91:51:8c:c2:41:e1:c3:26:bc:9a:0d:73:be:
79:82:61:b2:2b:9d:b2:22:b7:a8:17:82:a3:a8:42:
46:97:ac:8e:d3:b2:9a:31:89:48:b3:07:8a:5d:44:
5a:d3:a5:53:f2:4a:4a:e9:cd:0a:34:a8:39:11:4e:
1c:c2:46:d5:40:95:74:70:ea:f0:bf:b8:b9:36:92:
bd:47:18:f0:e3:7d:67:d1:a0:93:33:32:8f:50:70:
7d:2e:c9:f1:40:07:4c:f0:6b:d3:d5:3e:cd:35:e3:
1b:72:d6:0c:b3:10:01:b7:c8:42:87:36:38:69:0d:
4b:d8:cb:96:48:89:e6:f1:6f:92:44:16:a4:13:4e:
fb:b6:44:f2:76:d4:2d:69:56:92:a8:99:e8:d2:4c:
da:9d:2b:17:d1:6b:00:58:1e:97:78:0a:cb:f8:78:
f3:fb:ee:1d:91:5d:86:bf:3e:ce:a0:52:7d:fd:5d:
ad:de:5a:d2:61:06:52:a0:29:b8:ce:69:e5:e0:e6:
5f:04:10:15:00:e9:76:73:4f:44:d7:b6:4b:2e:a0:
f5:8d:28:9a:61:99:c2:37:f4:37:51:ec:20:df:b2:
3d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0D:E0:DB:93:F4:D3:A4:4E:96:52:9F:1B:78:1D:86:94:8D:1C:E8
X509v3 Authority Key Identifier:
keyid:75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/HQ3g25P006ROllKfG3gdhpSNHOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.45.0-45.154.46.255
185.74.184.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:95:c1:fd:ab:e9:a1:2c:fa:62:54:8e:91:2c:e4:08:55:55:
68:bb:92:ec:36:8c:e7:ee:fe:cd:bb:12:fe:15:60:9c:95:31:
42:f2:eb:3a:83:ea:d5:f9:d9:2e:70:99:d7:df:c3:12:1a:8a:
5f:21:45:52:08:6d:40:ef:a5:ad:a0:04:dc:9b:8e:b0:5f:b9:
56:f3:b9:3c:a9:b1:b0:0a:5c:75:fb:58:2b:a4:69:44:03:03:
a5:9c:1b:0e:fd:9a:47:7d:0a:44:f2:66:9f:35:02:c8:db:a4:
80:63:cf:e2:c3:19:be:af:fa:21:57:7f:f5:a9:00:3b:4d:c9:
af:37:04:10:5d:46:18:21:19:c7:42:d8:7f:c8:5a:d5:03:32:
93:d6:9a:da:f0:5e:5b:72:79:a1:96:f8:85:e6:1d:6b:8b:ad:
8a:bf:00:d9:6d:eb:e4:2b:25:c6:04:7c:3b:94:e9:10:ab:6f:
3c:c2:06:3c:84:ac:4e:73:b3:b9:8a:43:1b:d2:f7:b6:ee:0a:
dd:a4:5f:11:90:e5:59:bc:bb:f1:26:f9:3f:8b:63:83:82:1a:
a9:c9:f4:dc:8e:bc:a2:a5:6c:70:79:39:6b:24:c2:c7:ad:54:
dd:48:de:8c:d3:08:47:8a:82:fc:49:c1:25:94:40:0e:2e:cb:
77:ef:81:72
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZRkEDaDQwQYrg+dWmTcExXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZWE4OTRlZTA1Nzc1ZTBlZjA2MWQwODZjYTI1MjE0N2Y1
YzkxZGUwHhcNMjUwMTE0MDkwNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDBkZTBkYjkzZjRkM2E0NGU5NjUyOWYxYjc4MWQ4Njk0OGQxY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG+3MwF/YLbGtXnHksd/74xue5hT
VjGhmH/olO10GpFRjMJB4cMmvJoNc755gmGyK52yIreoF4KjqEJGl6yO07KaMYlI
sweKXURa06VT8kpK6c0KNKg5EU4cwkbVQJV0cOrwv7i5NpK9Rxjw431n0aCTMzKP
UHB9LsnxQAdM8GvT1T7NNeMbctYMsxABt8hChzY4aQ1L2MuWSInm8W+SRBakE077
tkTydtQtaVaSqJno0kzanSsX0WsAWB6XeArL+Hjz++4dkV2Gvz7OoFJ9/V2t3lrS
YQZSoCm4zmnl4OZfBBAVAOl2c09E17ZLLqD1jSiaYZnCN/Q3Uewg37I9OwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFB0N4NuT9NOkTpZSnxt4HYaUjRzoMB8GA1UdIwQY
MBaAFHXqiU7gV3Xg7wYdCGyiUhR/XJHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEt
YjdmMjk4NGViNjUzLzEvSFEzZzI1UDAwNlJPbGxLZkczZ2RocFNOSE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEtYjdmMjk4NGViNjUz
LzEvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAtmi0D
BAAtmi4DBAC5SrgwDQYJKoZIhvcNAQELBQADggEBAIyVwf2r6aEs+mJUjpEs5AhV
VWi7kuw2jOfu/s27Ev4VYJyVMULy6zqD6tX52S5wmdffwxIail8hRVIIbUDvpa2g
BNybjrBfuVbzuTypsbAKXHX7WCukaUQDA6WcGw79mkd9CkTyZp81AsjbpIBjz+LD
Gb6v+iFXf/WpADtNya83BBBdRhghGcdC2H/IWtUDMpPWmtrwXltyeaGW+IXmHWuL
rYq/ANlt6+QrJcYEfDuU6RCrbzzCBjyErE5zs7mKQxvS97buCt2kXxGQ5Vm8u/Em
+T+LY4OCGqnJ9NyOvKKlbHB5OWskwsetVN1I3ozTCEeKgvxJwSWUQA4uy3fvgXI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net