Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/m-PA3S0cNI2zhDJ8E0gbAHZdcG8.roa
File: m-PA3S0cNI2zhDJ8E0gbAHZdcG8.roa (raw, json)
Hash identifier: qo9xnSC4+6E3UXGFdMx067ORZUMvb5bknvX5sSTLLUw=
Subject key identifier: 9B:E3:C0:DD:2D:1C:34:8D:B3:84:32:7C:13:48:1B:00:76:5D:70:6F
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0193E342774C7FE02A421A373187E2231824
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/m-PA3S0cNI2zhDJ8E0gbAHZdcG8.roa
Signing time: Fri 20 Dec 2024 08:50:04 +0000
ROA not before: Fri 20 Dec 2024 08:50:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206150
IP address blocks: 45.130.140.0/24 maxlen: 24
2a07:e342::/32 maxlen: 48
2a0f:f40::/32 maxlen: 48
2a0f:f41::/32 maxlen: 48
2a0f:f43::/32 maxlen: 48
2a0f:f45::/32 maxlen: 48
2a0f:f46::/32 maxlen: 48
2a0f:e386::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:42:77:4c:7f:e0:2a:42:1a:37:31:87:e2:23:18:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Dec 20 08:50:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9be3c0dd2d1c348db384327c13481b00765d706f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:13:54:44:22:ad:07:59:11:99:4b:91:6f:fc:
1d:88:de:fd:df:1a:e7:df:1f:66:bd:00:6b:85:be:
34:bf:57:c4:c6:68:f1:66:38:d5:44:82:0a:51:8f:
2b:d3:7c:9e:02:d7:8e:53:15:9e:7c:e1:9f:7b:1c:
85:63:0d:70:68:71:73:78:92:77:6a:fc:d7:2c:bc:
98:31:0a:3d:e0:e1:9d:11:c4:62:05:90:7d:ee:3b:
62:e2:a5:59:60:04:3d:21:d0:62:2d:61:11:92:e8:
ff:1b:57:16:69:64:d2:73:e4:8b:1b:fb:5a:08:bf:
62:df:46:61:aa:4b:c5:ef:8a:ee:70:80:a8:64:03:
62:9b:38:91:08:dd:a8:ee:d9:b8:96:cd:63:30:3d:
e9:98:34:1e:ef:64:0d:a5:ab:c5:ce:50:84:13:91:
c4:28:d6:c3:9b:14:59:a0:3b:82:84:cf:c3:c1:b7:
a3:ef:86:7b:ac:a4:20:aa:a8:98:47:44:c2:a9:18:
20:b8:13:d4:a5:c8:09:81:b2:2e:e0:02:5f:dc:c1:
c5:00:6d:4c:7a:06:88:31:18:ed:57:b0:82:67:84:
11:b7:f9:8a:ee:27:64:f9:7b:17:b1:7c:d6:00:aa:
2e:21:28:9d:96:c2:49:d5:85:ee:76:0a:72:8a:e9:
6d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:E3:C0:DD:2D:1C:34:8D:B3:84:32:7C:13:48:1B:00:76:5D:70:6F
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/m-PA3S0cNI2zhDJ8E0gbAHZdcG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.140.0/24
IPv6:
2a07:e342::/32
2a0f:f40::/31
2a0f:f43::/32
2a0f:f45::-2a0f:f46:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:e386::/32
Signature Algorithm: sha256WithRSAEncryption
31:07:ac:d6:5e:b6:08:25:2e:16:bc:1a:ee:a7:15:39:3d:a4:
53:5a:1c:19:5e:69:e1:bd:27:60:d0:60:3f:3e:4d:d5:b7:d5:
05:16:83:18:b1:5a:ca:a3:b9:be:02:f2:da:a8:8b:07:f4:40:
ab:5d:ae:85:3c:23:f3:4f:1c:cd:8e:01:67:80:54:f6:bb:d6:
a1:27:6c:34:ca:67:d9:07:bf:c2:ba:a8:f8:8d:77:35:4f:eb:
5b:23:d5:10:34:6b:67:1c:c9:b4:98:ed:d2:4f:3c:15:6c:41:
fa:90:a6:39:ba:47:5e:85:b0:01:85:9e:12:df:99:a3:2d:7d:
0e:02:8a:a8:3c:3c:01:d8:2e:7c:e9:c3:7c:dd:21:70:3b:f9:
2a:64:3f:e3:89:82:ab:db:e3:4a:e2:05:ee:53:00:73:c3:93:
cd:bf:9d:88:aa:35:54:ac:de:5b:40:34:4b:83:da:e7:82:18:
98:dc:9e:ca:35:71:1f:61:48:cf:7e:3b:29:0a:fb:60:f5:f3:
5f:6b:0d:44:de:15:06:ed:c3:e6:4e:54:2c:db:54:18:4a:39:
8e:47:b4:f9:35:c4:bc:35:24:e5:be:cd:52:42:7b:32:11:f4:
3b:16:fd:11:a5:c6:52:e3:23:3c:0c:c1:83:45:49:a1:2c:16:
54:a9:06:71
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZPjQndMf+AqQho3MYfiIxgkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQxMjIwMDg1MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmUzYzBkZDJkMWMzNDhkYjM4NDMyN2MxMzQ4MWIwMDc2NWQ3MDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRNURCKtB1kRmUuRb/wdiN793xrn
3x9mvQBrhb40v1fExmjxZjjVRIIKUY8r03yeAteOUxWefOGfexyFYw1waHFzeJJ3
avzXLLyYMQo94OGdEcRiBZB97jti4qVZYAQ9IdBiLWERkuj/G1cWaWTSc+SLG/ta
CL9i30ZhqkvF74rucICoZANimziRCN2o7tm4ls1jMD3pmDQe72QNpavFzlCEE5HE
KNbDmxRZoDuChM/Dwbej74Z7rKQgqqiYR0TCqRgguBPUpcgJgbIu4AJf3MHFAG1M
egaIMRjtV7CCZ4QRt/mK7idk+XsXsXzWAKouISidlsJJ1YXudgpyiultWQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJvjwN0tHDSNs4QyfBNIGwB2XXBvMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvbS1QQTNTMGNOSTJ6aERKOEUwZ2JBSFpkY0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAMBAIAATAGAwQALYKMMDIE
AgACMCwDBQAqB+NCAwUBKg8PQAMFACoPD0MwDgMFACoPD0UDBQAqDw9GAwUAKg/j
hjANBgkqhkiG9w0BAQsFAAOCAQEAMQes1l62CCUuFrwa7qcVOT2kU1ocGV5p4b0n
YNBgPz5N1bfVBRaDGLFayqO5vgLy2qiLB/RAq12uhTwj808czY4BZ4BU9rvWoSds
NMpn2Qe/wrqo+I13NU/rWyPVEDRrZxzJtJjt0k88FWxB+pCmObpHXoWwAYWeEt+Z
oy19DgKKqDw8AdgufOnDfN0hcDv5KmQ/44mCq9vjSuIF7lMAc8OTzb+diKo1VKze
W0A0S4Pa54IYmNyeyjVxH2FIz347KQr7YPXzX2sNRN4VBu3D5k5ULNtUGEo5jke0
+TXEvDUk5b7NUkJ7MhH0Oxb9EaXGUuMjPAzBg0VJoSwWVKkGcQ==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:14 2024 by rpki-client on console.sobornost.net