Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/9WT5lvrUTbcRS85JMSDk2uyrP5g.roa
File: 9WT5lvrUTbcRS85JMSDk2uyrP5g.roa (raw, json)
Hash identifier: SuEzhNB8Z7i6RNSDwq8VVK9RN7Pd1DtyYQCtgqjgF5k=
Subject key identifier: F5:64:F9:96:FA:D4:4D:B7:11:4B:CE:49:31:20:E4:DA:EC:AB:3F:98
Certificate issuer: /CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00
Certificate serial: 019421442ED92A9405921EADB1F1951F7A3C
Authority key identifier: 67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/9WT5lvrUTbcRS85JMSDk2uyrP5g.roa
Signing time: Wed 01 Jan 2025 09:48:24 +0000
ROA not before: Wed 01 Jan 2025 09:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210920
IP address blocks: 45.157.2.0/24 maxlen: 24
74.220.24.0/21 maxlen: 21
2a10:c882::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2e:d9:2a:94:05:92:1e:ad:b1:f1:95:1f:7a:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00
Validity
Not Before: Jan 1 09:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f564f996fad44db7114bce493120e4daecab3f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:09:e0:de:74:f1:16:0a:38:3b:57:92:db:9c:
ad:f8:23:48:c3:32:5f:1d:c7:39:e5:b7:0d:96:b3:
cd:04:0f:28:0e:0e:d5:3c:43:50:24:05:78:c9:01:
13:15:c2:24:2d:16:f1:65:9a:c8:48:bb:26:c5:e9:
4d:8a:a6:ef:c5:00:c1:7b:e5:d9:58:b5:9b:16:8b:
35:bc:cf:65:6a:a4:bb:3b:7b:04:35:72:fb:02:cd:
e9:9f:ae:9b:b7:28:80:e2:c6:cb:be:ce:72:97:89:
9f:73:b1:8b:3b:e5:67:f8:c0:95:1c:0c:a9:c8:80:
82:ad:cf:8a:2d:89:48:0f:28:e8:ce:95:f0:c2:d3:
cf:ff:34:7f:a2:08:fd:27:3f:6d:4c:3e:ea:d9:31:
5b:a9:0f:43:1b:eb:ca:73:45:ef:55:eb:18:9b:46:
03:37:67:b6:3f:ea:fc:f9:1e:bf:45:24:f5:41:22:
33:14:c3:4c:c4:7d:eb:b8:b1:05:08:b1:14:31:6e:
74:a1:be:8c:4a:95:8e:cd:ba:be:bf:a2:1f:d7:e7:
61:b7:87:55:cd:7e:3f:36:ac:b4:06:27:db:7b:dd:
a5:4c:79:df:61:69:06:c9:5d:10:88:71:98:30:a9:
36:8c:b5:4b:8d:01:7c:8f:5f:33:6c:7a:05:c8:0b:
46:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:64:F9:96:FA:D4:4D:B7:11:4B:CE:49:31:20:E4:DA:EC:AB:3F:98
X509v3 Authority Key Identifier:
keyid:67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/9WT5lvrUTbcRS85JMSDk2uyrP5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.2.0/24
74.220.24.0/21
IPv6:
2a10:c882::/32
Signature Algorithm: sha256WithRSAEncryption
82:e7:88:6a:13:9e:0b:eb:21:4e:91:9f:f2:7c:80:53:b5:e9:
37:10:ba:34:df:14:cd:26:62:1b:04:01:b0:ac:ef:73:41:df:
9b:8a:d1:56:0d:de:0b:19:cd:f2:91:aa:c3:2f:01:84:21:5f:
6e:9d:31:36:05:32:d0:76:2b:16:72:f8:6d:13:56:ed:67:5c:
50:30:5b:bb:36:de:c5:83:53:e0:54:e0:47:aa:e1:b1:7f:bc:
b3:7c:04:25:a2:5a:89:73:93:58:0c:95:a9:98:9d:ba:3a:18:
08:5d:4d:c4:ab:66:da:37:ff:0a:51:fd:dd:ab:0c:d3:7e:c0:
97:9c:29:43:56:73:cb:45:6e:42:d2:d6:39:20:d2:25:1e:3d:
dd:2b:71:af:dd:58:ff:7f:ee:2f:d9:30:b5:c8:2b:f2:b2:50:
b9:4d:15:d3:de:2f:f5:2c:e5:12:c4:d1:7c:e8:28:c8:21:ac:
6f:71:6a:01:80:93:54:9a:65:20:ac:65:73:4c:64:a2:fa:db:
20:d2:84:f3:9c:86:5b:01:18:e5:67:87:a3:f0:fd:c5:79:24:
a8:a1:fb:f6:db:2b:b1:35:e2:94:e6:87:ad:9e:85:10:25:8a:
d8:e6:e7:bc:02:2e:d4:85:e0:3d:96:ce:3c:90:56:57:13:e2:
3a:94:33:47
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhRC7ZKpQFkh6tsfGVH3o8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZTI0YzcyODRlZjQ4ODdlNDVkNGNjZDliZGU2NzljZDlh
YjRmMDAwHhcNMjUwMTAxMDk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTY0Zjk5NmZhZDQ0ZGI3MTE0YmNlNDkzMTIwZTRkYWVjYWIzZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAng3nTxFgo4O1eS25yt+CNIwzJf
Hcc55bcNlrPNBA8oDg7VPENQJAV4yQETFcIkLRbxZZrISLsmxelNiqbvxQDBe+XZ
WLWbFos1vM9laqS7O3sENXL7As3pn66btyiA4sbLvs5yl4mfc7GLO+Vn+MCVHAyp
yICCrc+KLYlIDyjozpXwwtPP/zR/ogj9Jz9tTD7q2TFbqQ9DG+vKc0XvVesYm0YD
N2e2P+r8+R6/RST1QSIzFMNMxH3ruLEFCLEUMW50ob6MSpWOzbq+v6If1+dht4dV
zX4/Nqy0Bifbe92lTHnfYWkGyV0QiHGYMKk2jLVLjQF8j18zbHoFyAtGywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPVk+Zb61E23EUvOSTEg5Nrsqz+YMB8GA1UdIwQY
MBaAFGfiTHKE70iH5F1MzZveZ5zZq08AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzct
MDM3NWE5YzMyYjAwLzEvOVdUNWx2clVUYmNSUzg1Sk1TRGsydXlyUDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzctMDM3NWE5YzMyYjAw
LzEvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALZ0CAwQD
StwYMA0EAgACMAcDBQAqEMiCMA0GCSqGSIb3DQEBCwUAA4IBAQCC54hqE54L6yFO
kZ/yfIBTtek3ELo03xTNJmIbBAGwrO9zQd+bitFWDd4LGc3ykarDLwGEIV9unTE2
BTLQdisWcvhtE1btZ1xQMFu7Nt7Fg1PgVOBHquGxf7yzfAQlolqJc5NYDJWpmJ26
OhgIXU3Eq2baN/8KUf3dqwzTfsCXnClDVnPLRW5C0tY5INIlHj3dK3Gv3Vj/f+4v
2TC1yCvyslC5TRXT3i/1LOUSxNF86CjIIaxvcWoBgJNUmmUgrGVzTGSi+tsg0oTz
nIZbARjlZ4ej8P3FeSSoofv22yuxNeKU5oetnoUQJYrY5ue8Ai7UheA9ls48kFZX
E+I6lDNH
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:55 2025 by rpki-client on console.sobornost.net