Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/UtfGmlfffX0cIYFRWQAmKmCxHBQ.roa
File: UtfGmlfffX0cIYFRWQAmKmCxHBQ.roa (raw, json)
Hash identifier: eIoevFtzl4KgjvBzeT/oQJHdGPIhlQ4d3q4XFG6eYig=
Subject key identifier: 52:D7:C6:9A:57:DF:7D:7D:1C:21:81:51:59:00:26:2A:60:B1:1C:14
Certificate issuer: /CN=d07dc35ebcd88dd0e2a8db3a5a08654bc3be0262
Certificate serial: 019426D9A9B757EA1D5846113D4629218B62
Authority key identifier: D0:7D:C3:5E:BC:D8:8D:D0:E2:A8:DB:3A:5A:08:65:4B:C3:BE:02:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H3DXrzYjdDiqNs6WghlS8O-AmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/UtfGmlfffX0cIYFRWQAmKmCxHBQ.roa
Signing time: Thu 02 Jan 2025 11:49:46 +0000
ROA not before: Thu 02 Jan 2025 11:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214988
IP address blocks: 45.145.140.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:a9:b7:57:ea:1d:58:46:11:3d:46:29:21:8b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07dc35ebcd88dd0e2a8db3a5a08654bc3be0262
Validity
Not Before: Jan 2 11:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52d7c69a57df7d7d1c2181515900262a60b11c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:eb:be:ed:19:84:b1:76:bf:8d:b9:c0:3c:70:
14:c5:f6:70:f2:19:b4:4e:ab:26:b5:98:3a:9d:06:
4f:f6:e9:e3:2a:b0:2b:d4:d5:ac:7b:e2:1f:6b:80:
5c:c7:0c:c4:ef:fc:e4:66:dd:bf:16:59:87:92:5c:
1d:15:00:94:4a:2a:08:5a:03:76:a5:36:f5:33:82:
3e:b3:94:46:e3:14:cc:d5:44:87:03:0c:7d:0f:5d:
a1:3f:23:a5:91:cf:d2:9e:54:3a:58:f3:16:d8:a3:
0d:aa:38:2b:08:c6:6d:b3:77:47:26:68:0b:33:19:
5c:ab:79:a5:c1:2e:10:0b:75:d9:03:cd:56:95:94:
25:91:50:1e:ca:f6:80:ba:a2:26:67:82:5e:d8:53:
b0:30:48:13:17:d4:dc:a8:4b:67:e2:ca:2b:6d:1c:
37:b7:a2:8f:f0:41:90:d1:cd:9c:cd:63:da:5b:0d:
e0:ed:ab:7c:32:b3:93:28:50:59:5f:49:1c:cf:97:
aa:a1:6d:01:53:82:7c:0e:4e:40:6f:10:b9:ce:5a:
bb:1b:f9:57:9d:70:3a:66:20:97:48:08:d9:70:a2:
a2:7d:90:17:b7:df:47:17:cf:4e:3a:4e:b4:66:d6:
7e:38:d5:a0:7b:23:cb:fa:45:74:41:4b:8d:fa:25:
3b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D7:C6:9A:57:DF:7D:7D:1C:21:81:51:59:00:26:2A:60:B1:1C:14
X509v3 Authority Key Identifier:
keyid:D0:7D:C3:5E:BC:D8:8D:D0:E2:A8:DB:3A:5A:08:65:4B:C3:BE:02:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H3DXrzYjdDiqNs6WghlS8O-AmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/UtfGmlfffX0cIYFRWQAmKmCxHBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/0H3DXrzYjdDiqNs6WghlS8O-AmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.140.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:d1:70:3f:af:22:c8:46:c3:ce:2b:5d:de:b5:87:b3:c5:16:
8b:5b:b9:f4:e1:ff:5c:01:3e:92:0c:97:1e:37:2f:75:40:6c:
64:d4:04:bb:c4:3f:19:43:fa:73:e8:9f:86:43:dd:a2:91:a8:
4e:19:10:19:40:1b:7a:88:a6:28:22:91:85:07:6a:20:42:b1:
af:c4:1a:6a:a2:56:e1:f1:6e:60:3d:b1:45:21:69:0d:bf:61:
53:6b:6d:fc:26:f2:ce:5a:9a:0d:47:57:44:45:e0:2e:cf:88:
f2:7a:6c:4e:06:64:33:2a:80:9f:09:e8:7a:af:19:ff:68:04:
b0:85:e8:2e:26:4b:e9:13:a9:99:b9:a8:67:fd:69:e2:8e:dd:
61:92:f9:15:ec:35:a3:53:53:2b:05:42:1b:7d:fb:25:04:f2:
40:e9:db:f4:b2:ab:4a:20:43:94:d3:a1:e6:c0:99:55:db:bc:
0b:1d:24:67:f1:f8:6d:31:24:80:37:63:ae:6a:68:d5:1f:2e:
c0:cb:a5:5c:85:d6:f2:69:6d:32:51:8d:8c:53:d5:24:0e:f0:
6f:7f:31:2d:13:62:7f:4e:ad:55:20:90:14:e2:75:9d:56:96:
29:8a:6b:b3:a4:07:98:99:bd:bb:2c:52:b0:fa:93:63:5d:7b:
0f:0f:48:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2am3V+odWEYRPUYpIYtiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2RjMzVlYmNkODhkZDBlMmE4ZGIzYTVhMDg2NTRiYzNi
ZTAyNjIwHhcNMjUwMTAyMTE0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmQ3YzY5YTU3ZGY3ZDdkMWMyMTgxNTE1OTAwMjYyYTYwYjExYzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+u+7RmEsXa/jbnAPHAUxfZw8hm0
TqsmtZg6nQZP9unjKrAr1NWse+Ifa4BcxwzE7/zkZt2/FlmHklwdFQCUSioIWgN2
pTb1M4I+s5RG4xTM1USHAwx9D12hPyOlkc/SnlQ6WPMW2KMNqjgrCMZts3dHJmgL
Mxlcq3mlwS4QC3XZA81WlZQlkVAeyvaAuqImZ4Je2FOwMEgTF9TcqEtn4sorbRw3
t6KP8EGQ0c2czWPaWw3g7at8MrOTKFBZX0kcz5eqoW0BU4J8Dk5AbxC5zlq7G/lX
nXA6ZiCXSAjZcKKifZAXt99HF89OOk60ZtZ+ONWgeyPL+kV0QUuN+iU7EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFLXxppX3319HCGBUVkAJipgsRwUMB8GA1UdIwQY
MBaAFNB9w1682I3Q4qjbOloIZUvDvgJiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgzRFhyellqZERpcU5zNldnaGxTOE8tQW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8xYzcxOGQtZTdhMC00MGFjLWExODEt
Y2JhYTQyYTYyNzI3LzEvVXRmR21sZmZmWDBjSVlGUldRQW1LbUN4SEJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8xYzcxOGQtZTdhMC00MGFjLWExODEtY2JhYTQyYTYyNzI3
LzEvMEgzRFhyellqZERpcU5zNldnaGxTOE8tQW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZGMMA0G
CSqGSIb3DQEBCwUAA4IBAQCO0XA/ryLIRsPOK13etYezxRaLW7n04f9cAT6SDJce
Ny91QGxk1AS7xD8ZQ/pz6J+GQ92ikahOGRAZQBt6iKYoIpGFB2ogQrGvxBpqolbh
8W5gPbFFIWkNv2FTa238JvLOWpoNR1dEReAuz4jyemxOBmQzKoCfCeh6rxn/aASw
heguJkvpE6mZuahn/Wnijt1hkvkV7DWjU1MrBUIbffslBPJA6dv0sqtKIEOU06Hm
wJlV27wLHSRn8fhtMSSAN2OuamjVHy7Ay6VchdbyaW0yUY2MU9UkDvBvfzEtE2J/
Tq1VIJAU4nWdVpYpimuzpAeYmb27LFKw+pNjXXsPD0gu
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:31 2025 by rpki-client on console.sobornost.net