Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/nEwnWGMzytbCFQz7rWdabIS9yB0.roa
File: nEwnWGMzytbCFQz7rWdabIS9yB0.roa (raw, json)
Hash identifier: 02h618IubyXzMPvUxA826AJsgMoOVyOdwoqacffXAD8=
Subject key identifier: 9C:4C:27:58:63:33:CA:D6:C2:15:0C:FB:AD:67:5A:6C:84:BD:C8:1D
Certificate issuer: /CN=3bfc6431f5333b6ddd31e83b69682d8e8ee06fc1
Certificate serial: 019425FC1A0E4B84EC22C4FB0EF64FA7E0CB
Authority key identifier: 3B:FC:64:31:F5:33:3B:6D:DD:31:E8:3B:69:68:2D:8E:8E:E0:6F:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_xkMfUzO23dMeg7aWgtjo7gb8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/nEwnWGMzytbCFQz7rWdabIS9yB0.roa
Signing time: Thu 02 Jan 2025 07:47:46 +0000
ROA not before: Thu 02 Jan 2025 07:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29423
IP address blocks: 45.12.48.0/22 maxlen: 24
45.144.132.0/22 maxlen: 24
185.102.92.0/22 maxlen: 24
185.201.144.0/22 maxlen: 24
185.241.32.0/22 maxlen: 24
2a06:2380::/29 maxlen: 33
2a0a:c5c0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:1a:0e:4b:84:ec:22:c4:fb:0e:f6:4f:a7:e0:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfc6431f5333b6ddd31e83b69682d8e8ee06fc1
Validity
Not Before: Jan 2 07:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c4c27586333cad6c2150cfbad675a6c84bdc81d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:00:43:f0:31:12:8b:76:5c:d6:21:c7:ea:df:
52:40:dc:fb:3f:2c:a9:12:e0:d0:76:a8:1b:19:0a:
99:fe:2a:9c:9f:25:5c:a8:15:48:f9:1a:e4:b3:6c:
ae:07:3b:79:53:3c:83:ae:d5:4a:72:dd:35:4e:62:
6e:97:8c:46:c6:e3:6e:0e:1a:4b:0f:8a:c8:e8:01:
67:88:c4:e9:78:7a:79:35:b7:df:b8:35:86:3d:fa:
66:4b:c7:fc:8d:8b:de:67:04:b7:9b:cb:52:f2:90:
4a:dc:f0:9e:51:8a:5e:da:ae:06:33:2d:21:ae:ee:
32:b6:92:ca:9d:c7:1d:31:ab:e3:e7:59:d0:95:93:
15:63:f8:bc:e9:03:00:3b:4a:ae:12:f6:fa:3d:6a:
d7:32:7c:ad:45:06:9e:c0:6b:0e:eb:86:fd:bd:49:
c4:1b:14:3a:93:27:d6:99:45:9a:ba:e2:62:cb:17:
6c:c8:7f:76:b2:a9:40:86:d2:0f:32:89:8c:4b:4f:
60:40:84:7b:4e:83:b8:b4:ae:3f:d8:ea:75:b9:0d:
ed:f1:51:25:17:55:b6:bb:23:b1:cc:7f:6a:f7:3f:
74:68:1d:42:b9:dc:64:b6:2a:1c:68:bc:37:a5:a2:
80:38:47:8e:dc:0b:0d:4a:dd:1a:d1:d1:25:d4:31:
dc:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4C:27:58:63:33:CA:D6:C2:15:0C:FB:AD:67:5A:6C:84:BD:C8:1D
X509v3 Authority Key Identifier:
keyid:3B:FC:64:31:F5:33:3B:6D:DD:31:E8:3B:69:68:2D:8E:8E:E0:6F:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_xkMfUzO23dMeg7aWgtjo7gb8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/nEwnWGMzytbCFQz7rWdabIS9yB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/O_xkMfUzO23dMeg7aWgtjo7gb8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.48.0/22
45.144.132.0/22
185.102.92.0/22
185.201.144.0/22
185.241.32.0/22
IPv6:
2a06:2380::/29
2a0a:c5c0::/29
Signature Algorithm: sha256WithRSAEncryption
07:64:59:07:ec:67:06:c7:3a:6a:10:db:a2:3c:89:1d:ee:d9:
73:01:8f:d0:6f:43:65:fc:b3:17:15:78:ad:3a:37:98:16:c1:
96:bc:f6:22:7f:92:2b:f2:09:a6:eb:aa:58:b3:e8:12:bf:4a:
18:68:2c:66:4a:99:1c:2c:6c:89:71:d6:a0:6a:34:bc:8c:9e:
b3:38:0e:ae:79:0d:2f:43:7c:ec:2e:5d:1a:07:f1:16:21:37:
ae:0e:0c:7c:3c:2c:32:45:72:0a:e4:3c:8a:50:b9:37:d7:46:
11:fd:ce:aa:b1:31:b0:96:cd:02:2a:d9:70:cd:36:72:57:c4:
e5:18:2c:e6:94:59:20:52:dd:19:09:64:73:04:64:b9:d9:75:
48:59:57:16:c7:09:20:ec:1b:b4:15:5e:3e:44:a4:da:7b:cb:
94:f0:fa:75:8e:75:86:0c:c0:ec:b5:e9:41:09:bf:08:fa:4c:
77:96:78:5d:08:fa:55:8f:9b:a2:0d:23:89:25:77:e7:81:7c:
c4:68:3c:2f:3a:4e:65:0d:b2:23:91:26:cf:5a:1e:2f:14:c8:
8c:62:3f:57:aa:fe:3f:b7:1e:40:12:6a:0e:6d:c4:c1:d2:d0:
e4:d3:e3:dc:87:14:53:d5:22:2a:e5:3f:f1:e2:f9:46:45:bb:
45:da:d4:2e
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQl/BoOS4TsIsT7DvZPp+DLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmM2NDMxZjUzMzNiNmRkZDMxZTgzYjY5NjgyZDhlOGVl
MDZmYzEwHhcNMjUwMTAyMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRjMjc1ODYzMzNjYWQ2YzIxNTBjZmJhZDY3NWE2Yzg0YmRjODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArABD8DESi3Zc1iHH6t9SQNz7Pyyp
EuDQdqgbGQqZ/iqcnyVcqBVI+Rrks2yuBzt5UzyDrtVKct01TmJul4xGxuNuDhpL
D4rI6AFniMTpeHp5NbffuDWGPfpmS8f8jYveZwS3m8tS8pBK3PCeUYpe2q4GMy0h
ru4ytpLKnccdMavj51nQlZMVY/i86QMAO0quEvb6PWrXMnytRQaewGsO64b9vUnE
GxQ6kyfWmUWauuJiyxdsyH92sqlAhtIPMomMS09gQIR7ToO4tK4/2Op1uQ3t8VEl
F1W2uyOxzH9q9z90aB1CudxktiocaLw3paKAOEeO3AsNSt0a0dEl1DHcHQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFJxMJ1hjM8rWwhUM+61nWmyEvcgdMB8GA1UdIwQY
MBaAFDv8ZDH1Mztt3THoO2loLY6O4G/BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT194a01mVXpPMjNkTWVnN2FXZ3RqbzdnYjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9mNWE4YjEtNmUyMi00OTYxLWIzOGIt
ZmUwMWVlYzQwZWMxLzEvbkV3bldHTXp5dGJDRlF6N3JXZGFiSVM5eUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9mNWE4YjEtNmUyMi00OTYxLWIzOGItZmUwMWVlYzQwZWMx
LzEvT194a01mVXpPMjNkTWVnN2FXZ3RqbzdnYjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLQwwAwQC
LZCEAwQCuWZcAwQCucmQAwQCufEgMBQEAgACMA4DBQMqBiOAAwUDKgrFwDANBgkq
hkiG9w0BAQsFAAOCAQEAB2RZB+xnBsc6ahDbojyJHe7ZcwGP0G9DZfyzFxV4rTo3
mBbBlrz2In+SK/IJpuuqWLPoEr9KGGgsZkqZHCxsiXHWoGo0vIyeszgOrnkNL0N8
7C5dGgfxFiE3rg4MfDwsMkVyCuQ8ilC5N9dGEf3OqrExsJbNAirZcM02clfE5Rgs
5pRZIFLdGQlkcwRkudl1SFlXFscJIOwbtBVePkSk2nvLlPD6dY51hgzA7LXpQQm/
CPpMd5Z4XQj6VY+bog0jiSV354F8xGg8LzpOZQ2yI5Emz1oeLxTIjGI/V6r+P7ce
QBJqDm3EwdLQ5NPj3IcUU9UiKuU/8eL5RkW7RdrULg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:26 2025 by rpki-client on console.sobornost.net