Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/244958-aa2d-478c-b0ff-69efad6c3a80/1/Sy9MkTO2BPRvKPMpsGDN-2TnmTk.roa
File: Sy9MkTO2BPRvKPMpsGDN-2TnmTk.roa (raw, json)
Hash identifier: Zvh1o0q4voreyVSKOLfHlxnIapN8G7OyPz3tE/wp4Tg=
Subject key identifier: 4B:2F:4C:91:33:B6:04:F4:6F:28:F3:29:B0:60:CD:FB:64:E7:99:39
Certificate issuer: /CN=50779799a3b8e0f0f1e3c7498c05a33f85fbbbcd
Certificate serial: 01942823F7713235181FA4DC01216460AE17
Authority key identifier: 50:77:97:99:A3:B8:E0:F0:F1:E3:C7:49:8C:05:A3:3F:85:FB:BB:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UHeXmaO44PDx48dJjAWjP4X7u80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/244958-aa2d-478c-b0ff-69efad6c3a80/1/Sy9MkTO2BPRvKPMpsGDN-2TnmTk.roa
Signing time: Thu 02 Jan 2025 17:50:33 +0000
ROA not before: Thu 02 Jan 2025 17:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206775
IP address blocks: 45.132.68.0/22 maxlen: 24
185.124.243.0/24 maxlen: 24
2a10:1340::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:f7:71:32:35:18:1f:a4:dc:01:21:64:60:ae:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50779799a3b8e0f0f1e3c7498c05a33f85fbbbcd
Validity
Not Before: Jan 2 17:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b2f4c9133b604f46f28f329b060cdfb64e79939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:71:28:5e:63:09:ef:9d:b6:ae:db:54:12:ea:
5b:80:1e:2d:e6:4c:66:a6:68:c9:b8:bb:8a:5a:f2:
35:3e:48:8f:b2:14:13:2f:48:76:d6:fe:a5:1b:10:
80:30:b5:b6:18:ac:74:ed:99:49:e8:0e:1d:ae:08:
c4:86:25:5f:10:1d:fa:21:a5:a8:02:d6:bb:96:4e:
04:d1:86:cc:ed:16:47:35:ad:94:4e:e4:88:4b:be:
21:cb:67:4a:ba:c8:76:0c:7a:45:23:17:fe:d2:91:
62:2d:1a:1d:17:89:29:94:39:db:b3:04:c2:53:5b:
81:e7:0d:99:61:b9:7a:03:ec:31:ed:d4:d0:e4:f8:
e1:10:fb:2d:03:47:be:c2:f3:ff:e2:c1:75:6a:c1:
0b:74:2b:ef:06:80:33:00:fd:bb:12:a4:75:86:c6:
36:1b:db:7c:de:04:aa:9b:3d:c4:b0:3f:85:2d:4c:
18:36:42:ad:2a:b4:76:78:04:a0:6d:5b:d4:98:a0:
4c:c0:e0:a9:3f:d2:c3:3c:46:96:6c:68:91:4e:5f:
c7:69:7a:87:12:cd:03:c3:c4:c9:65:e0:41:c1:69:
66:32:09:6d:b4:a7:be:0e:7a:80:22:77:c1:2a:1d:
f5:6f:8e:05:41:c8:43:e0:a7:22:48:34:8c:f1:f2:
4d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:2F:4C:91:33:B6:04:F4:6F:28:F3:29:B0:60:CD:FB:64:E7:99:39
X509v3 Authority Key Identifier:
keyid:50:77:97:99:A3:B8:E0:F0:F1:E3:C7:49:8C:05:A3:3F:85:FB:BB:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHeXmaO44PDx48dJjAWjP4X7u80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/244958-aa2d-478c-b0ff-69efad6c3a80/1/Sy9MkTO2BPRvKPMpsGDN-2TnmTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/244958-aa2d-478c-b0ff-69efad6c3a80/1/UHeXmaO44PDx48dJjAWjP4X7u80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.68.0/22
185.124.243.0/24
IPv6:
2a10:1340::/29
Signature Algorithm: sha256WithRSAEncryption
8b:05:16:be:6b:1d:de:4b:86:9b:69:1b:46:f2:5e:91:e4:32:
00:87:46:86:b2:81:3f:37:16:13:75:d2:df:78:63:b0:cc:d0:
18:4d:56:b6:07:5c:4e:e4:cc:f0:71:ee:e6:d5:85:cd:a7:72:
da:60:c9:cc:c1:d4:45:40:c4:0f:75:45:7c:1a:78:b0:21:4f:
a7:e6:00:16:18:d9:47:5b:e1:0d:81:b2:be:45:fc:26:69:eb:
9f:fa:39:d1:7f:a4:ed:36:2e:5b:70:12:3b:15:75:da:25:58:
eb:e6:f5:62:ff:e1:f8:e9:c6:44:f3:37:9c:d2:be:ea:5e:f1:
12:2b:1a:29:4f:05:cd:60:f7:65:1e:10:bd:39:7e:73:bb:ff:
36:b1:6c:90:3d:68:65:9e:06:d7:33:6a:52:61:95:dc:95:a1:
90:35:d1:32:3d:1b:3a:84:25:62:9d:ac:1b:ca:42:c0:92:6a:
30:8a:19:ea:db:98:a7:00:49:d7:8e:bf:71:66:42:a3:ab:a6:
2d:e5:db:9c:f5:1f:4d:23:f5:a2:e8:e6:d0:00:5e:64:a0:00:
16:33:8f:73:30:08:98:e0:b8:7b:4c:4c:13:ef:1e:93:5b:44:
ba:09:d4:d3:76:97:9b:72:59:6e:51:56:26:32:a8:e1:93:e6:
e0:70:4c:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQoI/dxMjUYH6TcASFkYK4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNzc5Nzk5YTNiOGUwZjBmMWUzYzc0OThjMDVhMzNmODVm
YmJiY2QwHhcNMjUwMTAyMTc1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjJmNGM5MTMzYjYwNGY0NmYyOGYzMjliMDYwY2RmYjY0ZTc5OTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHEoXmMJ7522rttUEupbgB4t5kxm
pmjJuLuKWvI1PkiPshQTL0h21v6lGxCAMLW2GKx07ZlJ6A4drgjEhiVfEB36IaWo
Ata7lk4E0YbM7RZHNa2UTuSIS74hy2dKush2DHpFIxf+0pFiLRodF4kplDnbswTC
U1uB5w2ZYbl6A+wx7dTQ5PjhEPstA0e+wvP/4sF1asELdCvvBoAzAP27EqR1hsY2
G9t83gSqmz3EsD+FLUwYNkKtKrR2eASgbVvUmKBMwOCpP9LDPEaWbGiRTl/HaXqH
Es0Dw8TJZeBBwWlmMglttKe+DnqAInfBKh31b44FQchD4KciSDSM8fJNYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEsvTJEztgT0byjzKbBgzftk55k5MB8GA1UdIwQY
MBaAFFB3l5mjuODw8ePHSYwFoz+F+7vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUhlWG1hTzQ0UER4NDhkSmpBV2pQNFg3dTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yNDQ5NTgtYWEyZC00NzhjLWIwZmYt
NjllZmFkNmMzYTgwLzEvU3k5TWtUTzJCUFJ2S1BNcHNHRE4tMlRubVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yNDQ5NTgtYWEyZC00NzhjLWIwZmYtNjllZmFkNmMzYTgw
LzEvVUhlWG1hTzQ0UER4NDhkSmpBV2pQNFg3dTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYREAwQA
uXzzMA0EAgACMAcDBQMqEBNAMA0GCSqGSIb3DQEBCwUAA4IBAQCLBRa+ax3eS4ab
aRtG8l6R5DIAh0aGsoE/NxYTddLfeGOwzNAYTVa2B1xO5Mzwce7m1YXNp3LaYMnM
wdRFQMQPdUV8GniwIU+n5gAWGNlHW+ENgbK+Rfwmaeuf+jnRf6TtNi5bcBI7FXXa
JVjr5vVi/+H46cZE8zec0r7qXvESKxopTwXNYPdlHhC9OX5zu/82sWyQPWhlngbX
M2pSYZXclaGQNdEyPRs6hCVinawbykLAkmowihnq25inAEnXjr9xZkKjq6Yt5duc
9R9NI/Wi6ObQAF5koAAWM49zMAiY4Lh7TEwT7x6TW0S6CdTTdpebclluUVYmMqjh
k+bgcEzL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:31 2025 by rpki-client on console.sobornost.net