Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/ll8ZgED3npZmiAI7cf-Df8HV56I.roa
File: ll8ZgED3npZmiAI7cf-Df8HV56I.roa (raw, json)
Hash identifier: AHUqk/dsSjXcglDVbJdLIDGnowlic3CzdVdWucIE69k=
Subject key identifier: 96:5F:19:80:40:F7:9E:96:66:88:02:3B:71:FF:83:7F:C1:D5:E7:A2
Certificate issuer: /CN=cab936b35f92cdec5e90df33bdc508661c27b455
Certificate serial: 01946587931FAB0AD8D652681385A155562A
Authority key identifier: CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/ll8ZgED3npZmiAI7cf-Df8HV56I.roa
Signing time: Tue 14 Jan 2025 15:56:11 +0000
ROA not before: Tue 14 Jan 2025 15:56:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214089
IP address blocks: 45.94.100.0/22 maxlen: 22
45.94.100.0/24 maxlen: 24
45.94.101.0/24 maxlen: 24
45.94.102.0/24 maxlen: 24
45.94.103.0/24 maxlen: 24
193.178.44.0/22 maxlen: 22
193.178.44.0/24 maxlen: 24
193.178.45.0/24 maxlen: 24
193.178.46.0/24 maxlen: 24
193.178.47.0/24 maxlen: 24
2a12:b840::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:87:93:1f:ab:0a:d8:d6:52:68:13:85:a1:55:56:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cab936b35f92cdec5e90df33bdc508661c27b455
Validity
Not Before: Jan 14 15:56:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=965f198040f79e966688023b71ff837fc1d5e7a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9b:d3:6b:e9:9c:45:ea:ef:bb:6f:51:f6:01:
8c:b1:bf:c5:4a:ef:00:83:dc:d2:e5:cc:5b:bb:17:
a0:79:f3:1a:ef:b3:9d:27:35:15:3f:6e:05:6d:39:
95:47:ef:3f:47:9a:a0:16:e9:05:ec:37:e1:a8:fd:
60:a2:17:8d:84:2d:6e:7e:75:19:72:41:42:b9:9c:
29:20:46:05:28:4f:41:76:53:e2:8c:9f:a6:79:4c:
c9:9d:bc:9f:78:77:04:19:51:79:66:dd:6f:30:4e:
2e:1e:50:49:68:75:49:cf:14:57:d2:5b:de:64:41:
b2:ec:58:1d:1b:38:71:c9:46:90:3e:f1:56:16:c9:
43:39:0c:44:ba:63:57:7d:7e:ba:7e:30:a1:af:a3:
07:56:7b:53:74:07:1a:50:1a:54:2c:c8:4d:fc:3f:
39:ef:71:62:d8:a0:16:69:46:49:ed:8c:78:ee:47:
37:e1:10:cd:9a:44:2a:db:54:5d:0b:78:e1:b5:f7:
65:86:40:e3:98:ac:30:b3:44:dc:e9:59:f5:10:0c:
ba:5c:f7:88:5a:08:f1:77:a8:db:7a:21:ab:78:c0:
fe:6e:00:4a:09:d5:50:66:ce:23:d5:ef:66:2d:3b:
a7:31:76:aa:de:c5:01:ae:b1:a4:13:65:f1:9b:05:
18:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:5F:19:80:40:F7:9E:96:66:88:02:3B:71:FF:83:7F:C1:D5:E7:A2
X509v3 Authority Key Identifier:
keyid:CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/ll8ZgED3npZmiAI7cf-Df8HV56I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.100.0/22
193.178.44.0/22
IPv6:
2a12:b840::/32
Signature Algorithm: sha256WithRSAEncryption
86:c3:80:95:35:ed:d6:35:9f:a8:3e:1e:a4:75:d2:c3:8b:58:
b2:91:b2:a3:c0:04:8f:1d:e1:18:94:69:a8:dc:68:fb:39:27:
b6:3c:c4:13:64:a1:be:9a:e3:01:2c:c7:0e:b1:62:ee:53:f4:
9c:2d:ab:f6:39:0f:05:41:79:63:8c:a2:0e:6c:aa:8b:fc:a6:
cd:d7:cb:b4:39:7e:5d:7e:da:8f:98:b5:ea:a2:21:65:bb:eb:
99:14:e1:f2:d0:1e:b8:33:ee:11:99:a4:14:aa:86:11:bc:59:
d6:34:a2:98:cc:b1:fa:28:d1:ed:d1:84:9e:40:93:7d:aa:40:
d8:bc:37:96:c2:b7:a3:83:32:dd:6b:e0:5d:5f:a9:85:d1:a7:
e7:bb:93:d3:77:34:63:e7:49:56:45:bd:fc:4c:7a:92:c1:d8:
f1:78:ee:0f:49:73:92:2e:eb:8f:18:b3:c3:17:6f:57:8f:75:
88:9b:79:4b:59:14:b0:89:1e:73:cf:ff:c8:b9:aa:2b:20:96:
0f:2c:43:d5:9b:05:e6:d6:06:64:ef:03:08:14:f0:57:22:56:
ab:fa:f8:1e:4d:9d:2a:54:db:66:4d:f4:d3:91:2f:7b:3c:ab:
e8:b1:38:0e:68:6b:6c:5c:21:79:23:46:c7:a9:7c:22:48:03:
2f:5a:e7:e9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZRlh5MfqwrY1lJoE4WhVVYqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYjkzNmIzNWY5MmNkZWM1ZTkwZGYzM2JkYzUwODY2MWMy
N2I0NTUwHhcNMjUwMTE0MTU1NjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjVmMTk4MDQwZjc5ZTk2NjY4ODAyM2I3MWZmODM3ZmMxZDVlN2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJvTa+mcRervu29R9gGMsb/FSu8A
g9zS5cxbuxegefMa77OdJzUVP24FbTmVR+8/R5qgFukF7DfhqP1goheNhC1ufnUZ
ckFCuZwpIEYFKE9BdlPijJ+meUzJnbyfeHcEGVF5Zt1vME4uHlBJaHVJzxRX0lve
ZEGy7FgdGzhxyUaQPvFWFslDOQxEumNXfX66fjChr6MHVntTdAcaUBpULMhN/D85
73Fi2KAWaUZJ7Yx47kc34RDNmkQq21RdC3jhtfdlhkDjmKwws0Tc6Vn1EAy6XPeI
Wgjxd6jbeiGreMD+bgBKCdVQZs4j1e9mLTunMXaq3sUBrrGkE2XxmwUY0QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJZfGYBA956WZogCO3H/g3/B1eeiMB8GA1UdIwQY
MBaAFMq5NrNfks3sXpDfM73FCGYcJ7RVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAt
NTU5MjM2MGUzZThlLzEvbGw4WmdFRDNucFptaUFJN2NmLURmOEhWNTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAtNTU5MjM2MGUzZThl
LzEveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLV5kAwQC
wbIsMA0EAgACMAcDBQAqErhAMA0GCSqGSIb3DQEBCwUAA4IBAQCGw4CVNe3WNZ+o
Ph6kddLDi1iykbKjwASPHeEYlGmo3Gj7OSe2PMQTZKG+muMBLMcOsWLuU/ScLav2
OQ8FQXljjKIObKqL/KbN18u0OX5dftqPmLXqoiFlu+uZFOHy0B64M+4RmaQUqoYR
vFnWNKKYzLH6KNHt0YSeQJN9qkDYvDeWwrejgzLda+BdX6mF0afnu5PTdzRj50lW
Rb38THqSwdjxeO4PSXOSLuuPGLPDF29Xj3WIm3lLWRSwiR5zz//IuaorIJYPLEPV
mwXm1gZk7wMIFPBXIlar+vgeTZ0qVNtmTfTTkS97PKvosTgOaGtsXCF5I0bHqXwi
SAMvWufp
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:53:48 2025 by rpki-client on console.sobornost.net