Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/1c920Ct5rOPHF_34AgNrTQyTHns.roa
File: 1c920Ct5rOPHF_34AgNrTQyTHns.roa (raw, json)
Hash identifier: 3ha9UyAf61XbEV4U4pqec4b6uB2FvJUFQO9xEs0mMB8=
Subject key identifier: D5:CF:76:D0:2B:79:AC:E3:C7:17:FD:F8:02:03:6B:4D:0C:93:1E:7B
Certificate issuer: /CN=64d864ae92bd7ceab5083bcc71101ef04676f8ac
Certificate serial: 0196152CA5F9D905668D0D49C6DBB13002C8
Authority key identifier: 64:D8:64:AE:92:BD:7C:EA:B5:08:3B:CC:71:10:1E:F0:46:76:F8:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/1c920Ct5rOPHF_34AgNrTQyTHns.roa
Signing time: Tue 08 Apr 2025 11:32:49 +0000
ROA not before: Tue 08 Apr 2025 11:32:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8860
IP address blocks: 45.10.201.0/24 maxlen: 24
45.10.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:15:2c:a5:f9:d9:05:66:8d:0d:49:c6:db:b1:30:02:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d864ae92bd7ceab5083bcc71101ef04676f8ac
Validity
Not Before: Apr 8 11:32:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5cf76d02b79ace3c717fdf802036b4d0c931e7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:13:7e:7c:fd:98:4b:4a:59:f8:d4:9d:2f:32:
e7:ad:76:d1:ad:55:ac:6c:a6:fb:0c:34:a1:f1:93:
5d:a8:fc:4a:2a:17:5f:97:bd:58:99:e8:b0:55:55:
a8:36:23:fe:bb:1c:10:6c:e3:4b:66:11:0f:04:ae:
b2:70:73:d1:46:15:c6:6d:95:af:49:98:ad:03:ec:
59:08:5f:6e:8c:49:c0:ea:61:95:33:36:5c:04:d1:
95:ab:52:e9:ed:6c:c7:85:fe:3e:bc:9d:27:e8:7c:
96:c4:28:b1:55:53:77:f2:cb:31:46:d9:20:3f:7e:
7d:41:19:de:bc:f2:b0:28:cd:36:60:f1:44:9d:ca:
a8:dc:f3:49:95:6a:bc:2f:36:af:12:d0:60:ab:3c:
82:cf:d9:50:fa:b8:7a:0a:b1:37:61:68:48:34:96:
2d:00:c9:cd:87:f8:da:a7:22:24:30:0e:a3:d8:41:
a3:79:5f:75:a9:c3:46:6c:40:86:4c:3f:99:b9:24:
ed:11:6a:02:85:25:2c:22:9d:fb:82:5b:86:3a:4f:
41:65:87:28:9c:af:c6:06:78:db:a7:60:f3:09:d0:
07:22:ec:98:d2:cd:ce:0f:56:50:a7:c6:9f:e3:8f:
06:d1:68:2a:96:40:3c:5d:13:3a:be:ba:8b:b2:1e:
b2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:CF:76:D0:2B:79:AC:E3:C7:17:FD:F8:02:03:6B:4D:0C:93:1E:7B
X509v3 Authority Key Identifier:
keyid:64:D8:64:AE:92:BD:7C:EA:B5:08:3B:CC:71:10:1E:F0:46:76:F8:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/1c920Ct5rOPHF_34AgNrTQyTHns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.201.0-45.10.202.255
Signature Algorithm: sha256WithRSAEncryption
16:16:44:7c:03:c7:20:fb:9b:f0:b3:f7:16:d7:2e:4e:47:58:
05:38:19:2f:79:38:c7:63:bc:47:59:ba:f8:3f:be:d9:b7:fd:
1f:60:c7:0c:d4:04:71:0a:b8:5d:7a:44:f5:5c:0d:8f:3d:f8:
cc:35:85:7c:1d:df:18:19:1d:7b:27:d8:cb:58:79:2f:a5:cc:
ab:8a:43:9b:6f:3e:8f:99:b9:99:2c:0b:9b:d1:a8:7b:e3:fa:
dd:51:68:d2:d3:50:0e:53:31:1b:b5:16:d3:93:10:f6:25:1c:
dc:7f:b9:d1:c0:64:6c:d3:5e:1b:ad:0c:df:f0:8f:4a:eb:0c:
01:9b:45:19:27:7c:86:9c:18:3f:7a:75:ba:ba:7b:bb:cd:7b:
b4:6e:ad:03:64:dd:62:38:16:e8:17:aa:98:4f:19:5e:72:c1:
fc:6b:ed:c2:4d:30:c1:3f:39:39:f5:36:bb:20:7e:bc:33:01:
8a:bb:c9:48:23:bd:ca:ef:4c:57:ea:f8:d2:f2:23:9f:41:fe:
b1:71:0b:f7:5b:2f:46:26:d5:8d:6d:a0:03:32:0d:b0:13:f2:
f6:03:88:61:fb:f4:63:05:51:1a:f6:13:e8:e0:04:46:73:a5:
3c:54:b6:8f:f7:59:ef:30:11:d0:df:bd:92:a3:5d:b3:8e:c0:
60:e4:e8:bb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZYVLKX52QVmjQ1JxtuxMALIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDg2NGFlOTJiZDdjZWFiNTA4M2JjYzcxMTAxZWYwNDY3
NmY4YWMwHhcNMjUwNDA4MTEzMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWNmNzZkMDJiNzlhY2UzYzcxN2ZkZjgwMjAzNmI0ZDBjOTMxZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshN+fP2YS0pZ+NSdLzLnrXbRrVWs
bKb7DDSh8ZNdqPxKKhdfl71YmeiwVVWoNiP+uxwQbONLZhEPBK6ycHPRRhXGbZWv
SZitA+xZCF9ujEnA6mGVMzZcBNGVq1Lp7WzHhf4+vJ0n6HyWxCixVVN38ssxRtkg
P359QRnevPKwKM02YPFEncqo3PNJlWq8LzavEtBgqzyCz9lQ+rh6CrE3YWhINJYt
AMnNh/japyIkMA6j2EGjeV91qcNGbECGTD+ZuSTtEWoChSUsIp37gluGOk9BZYco
nK/GBnjbp2DzCdAHIuyY0s3OD1ZQp8af448G0WgqlkA8XRM6vrqLsh6yXQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNXPdtAreazjxxf9+AIDa00Mkx57MB8GA1UdIwQY
MBaAFGTYZK6SvXzqtQg7zHEQHvBGdvisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5oa3JwSzlmT3ExQ0R2TWNSQWU4RVoyLUt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni83MGIyYzQtMWQ0YS00YjkxLWIwZDAt
MmMwNWNjOTIyMDAxLzEvMWM5MjBDdDVyT1BIRl8zNEFnTnJUUXlUSG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni83MGIyYzQtMWQ0YS00YjkxLWIwZDAtMmMwNWNjOTIyMDAx
LzEvWk5oa3JwSzlmT3ExQ0R2TWNSQWU4RVoyLUt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtCskD
BAAtCsowDQYJKoZIhvcNAQELBQADggEBABYWRHwDxyD7m/Cz9xbXLk5HWAU4GS95
OMdjvEdZuvg/vtm3/R9gxwzUBHEKuF16RPVcDY89+Mw1hXwd3xgZHXsn2MtYeS+l
zKuKQ5tvPo+ZuZksC5vRqHvj+t1RaNLTUA5TMRu1FtOTEPYlHNx/udHAZGzTXhut
DN/wj0rrDAGbRRknfIacGD96dbq6e7vNe7RurQNk3WI4FugXqphPGV5ywfxr7cJN
MME/OTn1NrsgfrwzAYq7yUgjvcrvTFfq+NLyI59B/rFxC/dbL0Ym1Y1toAMyDbAT
8vYDiGH79GMFURr2E+jgBEZzpTxUto/3We8wEdDfvZKjXbOOwGDk6Ls=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:28 2025 by rpki-client on console.sobornost.net