Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/d56c11-25e1-49c8-8863-7f37b778c011/1/o1Invfm5a-IuNysIWHt4ChcWwgI.roa
File: o1Invfm5a-IuNysIWHt4ChcWwgI.roa (raw, json)
Hash identifier: gMX4tPW+RL6Xt4ksxgpRLp72pxNXeej67eQtVQ5iB/g=
Subject key identifier: A3:52:27:BD:F9:B9:6B:E2:2E:37:2B:08:58:7B:78:0A:17:16:C2:02
Certificate issuer: /CN=70980b60e0d30e498de1baa645a1be57a952049d
Certificate serial: 01946EFDFCDFA11BFB715F1EAC9D6FCBBB72
Authority key identifier: 70:98:0B:60:E0:D3:0E:49:8D:E1:BA:A6:45:A1:BE:57:A9:52:04:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJgLYODTDkmN4bqmRaG-V6lSBJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/d56c11-25e1-49c8-8863-7f37b778c011/1/o1Invfm5a-IuNysIWHt4ChcWwgI.roa
Signing time: Thu 16 Jan 2025 12:02:06 +0000
ROA not before: Thu 16 Jan 2025 12:02:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39900
IP address blocks: 45.15.67.0/24 maxlen: 24
2a12:b2c0:6::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:fd:fc:df:a1:1b:fb:71:5f:1e:ac:9d:6f:cb:bb:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70980b60e0d30e498de1baa645a1be57a952049d
Validity
Not Before: Jan 16 12:02:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a35227bdf9b96be22e372b08587b780a1716c202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cb:e1:de:4b:49:61:6b:a7:14:09:dd:11:52:
a3:c0:35:33:54:7b:e1:30:59:e1:79:b3:e2:8b:b1:
25:ca:58:51:7f:b1:2e:58:d2:cc:65:97:27:64:4d:
32:c3:55:94:5e:e1:c4:cf:5c:a0:c3:1b:9d:43:fd:
ee:d4:c8:d2:f2:ab:c8:61:95:de:9e:b0:88:66:7f:
c6:29:b5:81:8f:aa:81:1d:09:0c:d7:00:8f:ac:7c:
88:15:c9:6e:21:87:44:15:9e:79:cb:bd:e3:b5:08:
62:23:e2:0d:43:64:9e:6d:3e:f0:ef:c4:77:57:e2:
8f:0f:61:ad:96:bd:86:01:88:5a:df:b8:05:b3:a0:
79:9f:57:60:7a:1b:17:18:be:72:ad:14:a6:c4:7e:
d2:dd:6a:14:9e:f9:7c:5d:f4:4e:56:2e:4d:05:a2:
66:1a:7a:82:44:da:7e:a2:f6:8f:49:62:a5:7f:6d:
54:ec:20:42:38:ef:77:aa:e1:b9:f4:dc:83:06:80:
f6:ee:1f:bd:7e:ef:60:c4:0a:a5:5f:a7:a2:9c:d2:
6c:c1:b5:c8:9b:01:71:69:e2:eb:5f:3a:05:18:35:
eb:22:db:fd:5c:8e:c1:ac:aa:43:7e:06:d9:42:bb:
dd:51:bf:a4:68:59:af:17:aa:9f:3f:fb:b6:50:03:
8f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:52:27:BD:F9:B9:6B:E2:2E:37:2B:08:58:7B:78:0A:17:16:C2:02
X509v3 Authority Key Identifier:
keyid:70:98:0B:60:E0:D3:0E:49:8D:E1:BA:A6:45:A1:BE:57:A9:52:04:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJgLYODTDkmN4bqmRaG-V6lSBJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d56c11-25e1-49c8-8863-7f37b778c011/1/o1Invfm5a-IuNysIWHt4ChcWwgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d56c11-25e1-49c8-8863-7f37b778c011/1/cJgLYODTDkmN4bqmRaG-V6lSBJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.67.0/24
IPv6:
2a12:b2c0:6::/48
Signature Algorithm: sha256WithRSAEncryption
7d:97:d0:e5:86:ce:fc:03:d3:2c:3b:a9:90:df:b0:d5:96:8c:
48:31:71:b5:9b:87:74:35:e2:33:38:4c:97:ba:d6:4a:79:f3:
c1:9c:9a:56:7c:4c:a9:ac:e0:68:36:32:23:52:16:fc:4b:39:
c0:99:dd:87:3c:a0:41:8f:42:8a:ea:63:43:a7:32:3e:cc:93:
66:2c:2b:41:e0:c3:4d:0c:01:4a:a3:c9:b7:55:5e:d4:5d:a8:
b7:77:aa:d3:33:5f:6f:59:a4:3c:ee:14:97:77:d5:5e:e3:76:
f4:7d:5a:5e:72:1d:74:6b:e1:cd:41:59:3c:b1:ad:6a:e9:95:
0b:2d:f8:bb:8b:33:a5:80:c1:5f:f3:7a:79:c1:6b:fa:13:7f:
f4:22:d3:cb:01:b4:c4:2e:c4:a1:d6:a8:b7:93:08:98:b1:d9:
d3:05:c8:f4:86:4d:a2:9f:ac:6f:75:58:bb:d3:e8:67:6a:71:
d6:f6:0c:34:22:47:dd:a9:0e:3c:30:4e:d2:66:b6:6f:94:b2:
e4:cb:dd:91:bd:56:e0:17:55:72:50:67:98:6e:eb:28:33:d2:
31:4c:86:07:d0:a7:a8:d2:30:8b:02:35:e3:04:02:52:67:d3:
fa:73:8f:12:c3:a8:bd:b2:af:7d:3e:cc:94:f0:0b:b3:49:35:
eb:a9:ab:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZRu/fzfoRv7cV8erJ1vy7tyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTgwYjYwZTBkMzBlNDk4ZGUxYmFhNjQ1YTFiZTU3YTk1
MjA0OWQwHhcNMjUwMTE2MTIwMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzUyMjdiZGY5Yjk2YmUyMmUzNzJiMDg1ODdiNzgwYTE3MTZjMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8vh3ktJYWunFAndEVKjwDUzVHvh
MFnhebPii7ElylhRf7EuWNLMZZcnZE0yw1WUXuHEz1ygwxudQ/3u1MjS8qvIYZXe
nrCIZn/GKbWBj6qBHQkM1wCPrHyIFcluIYdEFZ55y73jtQhiI+INQ2SebT7w78R3
V+KPD2Gtlr2GAYha37gFs6B5n1dgehsXGL5yrRSmxH7S3WoUnvl8XfROVi5NBaJm
GnqCRNp+ovaPSWKlf21U7CBCOO93quG59NyDBoD27h+9fu9gxAqlX6einNJswbXI
mwFxaeLrXzoFGDXrItv9XI7BrKpDfgbZQrvdUb+kaFmvF6qfP/u2UAOPmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKNSJ735uWviLjcrCFh7eAoXFsICMB8GA1UdIwQY
MBaAFHCYC2Dg0w5JjeG6pkWhvlepUgSdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pnTFlPRFREa21ONGJxbVJhRy1WNmxTQkowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9kNTZjMTEtMjVlMS00OWM4LTg4NjMt
N2YzN2I3NzhjMDExLzEvbzFJbnZmbTVhLUl1TnlzSVdIdDRDaGNXd2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9kNTZjMTEtMjVlMS00OWM4LTg4NjMtN2YzN2I3NzhjMDEx
LzEvY0pnTFlPRFREa21ONGJxbVJhRy1WNmxTQkowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALQ9DMA8E
AgACMAkDBwAqErLAAAYwDQYJKoZIhvcNAQELBQADggEBAH2X0OWGzvwD0yw7qZDf
sNWWjEgxcbWbh3Q14jM4TJe61kp588GcmlZ8TKms4Gg2MiNSFvxLOcCZ3Yc8oEGP
QorqY0OnMj7Mk2YsK0Hgw00MAUqjybdVXtRdqLd3qtMzX29ZpDzuFJd31V7jdvR9
Wl5yHXRr4c1BWTyxrWrplQst+LuLM6WAwV/zennBa/oTf/Qi08sBtMQuxKHWqLeT
CJix2dMFyPSGTaKfrG91WLvT6Gdqcdb2DDQiR92pDjwwTtJmtm+UsuTL3ZG9VuAX
VXJQZ5hu6ygz0jFMhgfQp6jSMIsCNeMEAlJn0/pzjxLDqL2yr30+zJTwC7NJNeup
q+8=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:41 2025 by rpki-client on console.sobornost.net