Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/TjCkJR8qj6olugjRfD8NHtt3pZQ.roa
File: TjCkJR8qj6olugjRfD8NHtt3pZQ.roa (raw, json)
Hash identifier: qhX3u+/8KbHWKUW3NatWO53LfU8WF9QKEMeAjJDe1Jc=
Subject key identifier: 4E:30:A4:25:1F:2A:8F:AA:25:BA:08:D1:7C:3F:0D:1E:DB:77:A5:94
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 01961E6B04A17F36E54ECA4088F9281CBB15
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/TjCkJR8qj6olugjRfD8NHtt3pZQ.roa
Signing time: Thu 10 Apr 2025 06:37:32 +0000
ROA not before: Thu 10 Apr 2025 06:37:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59542
IP address blocks: 145.7.49.0/24 maxlen: 24
145.7.56.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1e:6b:04:a1:7f:36:e5:4e:ca:40:88:f9:28:1c:bb:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Apr 10 06:37:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e30a4251f2a8faa25ba08d17c3f0d1edb77a594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1e:af:e3:82:94:47:b4:9d:fa:7c:af:02:1c:
32:b9:06:fa:b8:05:bc:e8:82:ce:41:61:67:bf:8f:
49:88:d4:ce:62:b5:c9:29:d3:ea:74:d8:e0:ea:db:
42:63:5d:32:db:6a:20:a5:45:f3:5a:72:1a:00:99:
e6:b1:62:9e:5e:dd:2a:f4:0a:f8:0a:b8:bc:d4:41:
b4:96:bc:43:e6:a7:5b:94:59:8f:0a:7e:26:e0:49:
31:af:12:18:11:00:4b:bb:e3:85:bf:3d:fd:8f:32:
23:77:89:ee:40:61:f2:7d:a6:04:f6:e4:a6:fd:f9:
cc:93:b2:8f:1c:1f:d0:e0:94:64:ec:28:76:6b:ac:
d4:f7:9c:2a:01:2b:d3:4a:e3:ba:18:d7:ac:27:03:
47:a5:94:3f:5c:89:7c:60:4e:a5:f5:9f:c2:92:ba:
c6:34:60:7d:b0:8f:15:e5:46:1e:de:d6:01:14:ed:
9e:9d:7e:43:a9:ba:70:c8:df:e8:e8:09:ff:08:10:
bc:41:48:3b:e0:a2:91:f9:a4:b1:1c:3e:af:76:99:
73:98:2b:39:2d:b6:0e:d3:8f:93:41:d3:43:15:d0:
c7:ad:c5:10:5f:68:81:e9:c8:02:94:0e:a4:ab:47:
90:53:67:21:a3:a8:6f:97:95:2f:14:e5:55:4c:fb:
94:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:30:A4:25:1F:2A:8F:AA:25:BA:08:D1:7C:3F:0D:1E:DB:77:A5:94
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/TjCkJR8qj6olugjRfD8NHtt3pZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.7.49.0/24
145.7.56.0/21
Signature Algorithm: sha256WithRSAEncryption
2a:9c:11:ac:19:1e:c5:0a:9e:ef:00:63:7f:2c:df:2a:56:1c:
42:bf:ff:a3:eb:a2:d3:2e:0c:99:da:5a:f3:3e:e0:d8:e8:3b:
7b:c9:a1:8d:67:0a:23:90:f2:6b:63:b2:52:c3:d4:d4:47:5b:
36:8d:0c:ad:a7:8b:58:8b:e1:98:28:d0:be:40:85:98:04:32:
9b:67:43:ee:2c:3a:d7:58:72:21:22:15:c2:35:22:b9:2c:c8:
94:e6:a1:d3:f6:0f:55:c3:62:01:1e:2f:d4:9a:fc:19:e4:70:
a9:30:5e:22:ec:71:0c:08:6a:3b:71:cb:b2:26:b7:83:12:64:
8a:bd:ff:35:90:ec:72:ae:8d:14:2a:bb:57:78:0e:dc:76:f2:
f3:07:0d:e7:0d:ca:fc:4e:e6:68:4a:7a:2e:01:4a:fb:0c:4b:
7c:70:cd:4f:7c:97:4b:b9:11:75:21:88:84:dc:0e:7e:1d:ef:
56:19:67:52:2d:58:51:0d:06:64:83:2c:a1:46:6a:b2:e4:a5:
73:58:81:25:47:a8:6a:8a:f3:5b:1b:fa:94:33:fc:46:a0:79:
93:02:2d:ea:84:b5:96:e3:48:ae:5b:e8:42:e7:cd:f6:0c:8b:
99:a9:5b:ad:2d:38:83:08:67:89:ff:b6:37:24:e4:38:d1:fc:
e5:b4:7f:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYeawShfzblTspAiPkoHLsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjUwNDEwMDYzNzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTMwYTQyNTFmMmE4ZmFhMjViYTA4ZDE3YzNmMGQxZWRiNzdhNTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuR6v44KUR7Sd+nyvAhwyuQb6uAW8
6ILOQWFnv49JiNTOYrXJKdPqdNjg6ttCY10y22ogpUXzWnIaAJnmsWKeXt0q9Ar4
Cri81EG0lrxD5qdblFmPCn4m4EkxrxIYEQBLu+OFvz39jzIjd4nuQGHyfaYE9uSm
/fnMk7KPHB/Q4JRk7Ch2a6zU95wqASvTSuO6GNesJwNHpZQ/XIl8YE6l9Z/CkrrG
NGB9sI8V5UYe3tYBFO2enX5DqbpwyN/o6An/CBC8QUg74KKR+aSxHD6vdplzmCs5
LbYO04+TQdNDFdDHrcUQX2iB6cgClA6kq0eQU2cho6hvl5UvFOVVTPuUMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE4wpCUfKo+qJboI0Xw/DR7bd6WUMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvVGpDa0pSOHFqNm9sdWdqUmZEOE5IdHQzcFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkQcxAwQD
kQc4MA0GCSqGSIb3DQEBCwUAA4IBAQAqnBGsGR7FCp7vAGN/LN8qVhxCv/+j66LT
LgyZ2lrzPuDY6Dt7yaGNZwojkPJrY7JSw9TUR1s2jQytp4tYi+GYKNC+QIWYBDKb
Z0PuLDrXWHIhIhXCNSK5LMiU5qHT9g9Vw2IBHi/UmvwZ5HCpMF4i7HEMCGo7ccuy
JreDEmSKvf81kOxyro0UKrtXeA7cdvLzBw3nDcr8TuZoSnouAUr7DEt8cM1PfJdL
uRF1IYiE3A5+He9WGWdSLVhRDQZkgyyhRmqy5KVzWIElR6hqivNbG/qUM/xGoHmT
Ai3qhLWW40iuW+hC5832DIuZqVutLTiDCGeJ/7Y3JOQ40fzltH/B
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:38 2025 by rpki-client on console.sobornost.net