Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/PVmSZDGrn03CmC3ystxrDr3TZfo.roa
File: PVmSZDGrn03CmC3ystxrDr3TZfo.roa (raw, json)
Hash identifier: Pjr4/1MqbKXy/FJJPo44XPup/Kfr50sF5z3bYT1o0SU=
Subject key identifier: 3D:59:92:64:31:AB:9F:4D:C2:98:2D:F2:B2:DC:6B:0E:BD:D3:65:FA
Certificate issuer: /CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Certificate serial: 0196248CA691EC26E142D100A66863342F6D
Authority key identifier: 77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/PVmSZDGrn03CmC3ystxrDr3TZfo.roa
Signing time: Fri 11 Apr 2025 11:11:59 +0000
ROA not before: Fri 11 Apr 2025 11:11:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208981
IP address blocks: 45.12.124.0/24 maxlen: 24
45.12.126.0/24 maxlen: 24
45.12.127.0/24 maxlen: 24
91.213.144.0/24 maxlen: 24
91.232.93.0/24 maxlen: 24
91.243.190.0/24 maxlen: 24
91.243.191.0/24 maxlen: 24
2a0e:a900::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:24:8c:a6:91:ec:26:e1:42:d1:00:a6:68:63:34:2f:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Validity
Not Before: Apr 11 11:11:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d59926431ab9f4dc2982df2b2dc6b0ebdd365fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:58:db:2a:c4:58:c4:0b:22:a9:e0:b0:d2:33:
66:95:03:c6:fd:5d:9d:a0:3f:29:4d:b4:2b:08:2b:
38:44:fa:09:11:07:99:94:16:b8:06:f7:51:f9:1a:
e1:72:e3:25:c5:2d:48:6c:7e:39:52:65:98:31:49:
1d:d2:fe:92:9d:c0:25:e0:7f:26:dc:7d:7a:94:3d:
1b:f5:39:a0:40:05:3c:b8:e2:75:e9:f0:03:c5:da:
32:fc:fc:72:14:2e:df:fa:2f:2c:12:bf:dd:cd:52:
13:5c:92:c3:a5:a6:fd:32:5d:00:36:6b:66:cb:bf:
07:0e:3b:51:66:0e:06:c8:5c:f4:48:b6:aa:15:31:
0b:af:a4:74:16:f2:71:3f:9a:db:5b:1e:fe:18:0f:
14:86:6f:9e:0a:8a:fe:2f:bc:ed:4a:0e:3d:d3:dd:
5c:ae:0a:94:b8:3a:5d:6c:e9:8e:98:66:07:ab:6d:
15:24:30:00:12:9a:3d:ec:1e:9a:20:90:f2:11:9b:
e6:ce:b8:5c:75:29:28:c5:db:cf:57:01:e3:0b:fe:
d1:2f:2e:0f:de:b6:d6:38:3b:95:d6:1c:b6:f9:9a:
ab:5b:90:d7:d8:6c:f4:23:7b:44:44:3c:32:8c:27:
47:24:2b:4b:27:45:7c:18:5d:72:8d:aa:56:e4:e1:
0b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:59:92:64:31:AB:9F:4D:C2:98:2D:F2:B2:DC:6B:0E:BD:D3:65:FA
X509v3 Authority Key Identifier:
keyid:77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/PVmSZDGrn03CmC3ystxrDr3TZfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/dygFKufRD9ImGiJI_ADSArDyVXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.124.0/24
45.12.126.0/23
91.213.144.0/24
91.232.93.0/24
91.243.190.0/23
IPv6:
2a0e:a900::/29
Signature Algorithm: sha256WithRSAEncryption
a5:00:29:48:d8:fe:ec:63:b8:96:9b:c0:6f:1c:c1:a6:4b:2d:
50:dd:3d:50:58:bc:a4:cc:f4:1b:36:d5:a1:29:47:77:a4:5d:
20:80:f8:79:b7:d6:56:8a:3f:43:04:21:bb:f1:63:5d:c1:70:
ed:1e:66:48:30:04:7c:ce:53:c7:06:cc:e7:15:7c:3f:34:28:
f8:1f:8a:ce:43:f6:f9:41:fa:61:14:be:7b:f1:77:94:26:60:
62:94:55:1a:0d:73:f0:32:ce:70:dd:a0:7b:27:ae:46:83:16:
1b:70:7c:56:28:1b:1d:23:53:e0:12:4b:7e:87:28:60:c4:2a:
17:97:9a:99:29:71:b3:2b:3f:ec:86:8c:59:f0:0f:ee:5d:71:
08:e2:8b:4d:77:a9:28:20:69:e3:b1:dd:b7:96:88:69:91:e5:
33:d6:19:06:a5:9b:32:b9:19:b4:da:b3:93:3b:23:29:52:2d:
bb:f8:c6:1e:2c:00:bb:24:29:a8:fd:96:17:0d:97:de:15:30:
2b:f0:2e:af:0b:84:5c:95:9c:51:ef:26:c3:e1:75:40:92:cf:
ba:45:5e:37:cc:9e:f8:bb:fd:8e:45:84:11:03:a3:b7:80:9e:
19:7d:0b:0d:f8:27:9a:5c:e3:f0:43:cc:49:0a:03:d4:f9:f0:
8e:81:d4:31
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZYkjKaR7CbhQtEApmhjNC9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MjgwNTJhZTdkMTBmZDIyNjFhMjI0OGZjMDBkMjAyYjBm
MjU1NzQwHhcNMjUwNDExMTExMTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDU5OTI2NDMxYWI5ZjRkYzI5ODJkZjJiMmRjNmIwZWJkZDM2NWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1jbKsRYxAsiqeCw0jNmlQPG/V2d
oD8pTbQrCCs4RPoJEQeZlBa4BvdR+RrhcuMlxS1IbH45UmWYMUkd0v6SncAl4H8m
3H16lD0b9TmgQAU8uOJ16fADxdoy/PxyFC7f+i8sEr/dzVITXJLDpab9Ml0ANmtm
y78HDjtRZg4GyFz0SLaqFTELr6R0FvJxP5rbWx7+GA8Uhm+eCor+L7ztSg49091c
rgqUuDpdbOmOmGYHq20VJDAAEpo97B6aIJDyEZvmzrhcdSkoxdvPVwHjC/7RLy4P
3rbWODuV1hy2+ZqrW5DX2Gz0I3tERDwyjCdHJCtLJ0V8GF1yjapW5OELDQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFD1ZkmQxq59Nwpgt8rLcaw6902X6MB8GA1UdIwQY
MBaAFHcoBSrn0Q/SJhoiSPwA0gKw8lV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUt
MmNiYzQwZTVmZTYyLzEvUFZtU1pER3JuMDNDbUMzeXN0eHJEcjNUWmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUtMmNiYzQwZTVmZTYy
LzEvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALQx8AwQB
LQx+AwQAW9WQAwQAW+hdAwQBW/O+MA0EAgACMAcDBQMqDqkAMA0GCSqGSIb3DQEB
CwUAA4IBAQClAClI2P7sY7iWm8BvHMGmSy1Q3T1QWLykzPQbNtWhKUd3pF0ggPh5
t9ZWij9DBCG78WNdwXDtHmZIMAR8zlPHBsznFXw/NCj4H4rOQ/b5QfphFL578XeU
JmBilFUaDXPwMs5w3aB7J65GgxYbcHxWKBsdI1PgEkt+hyhgxCoXl5qZKXGzKz/s
hoxZ8A/uXXEI4otNd6koIGnjsd23lohpkeUz1hkGpZsyuRm02rOTOyMpUi27+MYe
LAC7JCmo/ZYXDZfeFTAr8C6vC4RclZxR7ybD4XVAks+6RV43zJ74u/2ORYQRA6O3
gJ4ZfQsN+CeaXOPwQ8xJCgPU+fCOgdQx
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:24 2025 by rpki-client on console.sobornost.net