Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa
File: JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa (raw, json)
Hash identifier: FrjQUqzgc9bbbA26gpxWpuyB85Zjnu+GzKv9yBO8vww=
Subject key identifier: 25:2A:89:D3:62:6C:C5:93:32:AB:51:59:D4:3B:35:5A:70:17:7F:33
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 01951F193D382A1903E81C7C4B4A362856FE
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa
Signing time: Wed 19 Feb 2025 16:45:02 +0000
ROA not before: Wed 19 Feb 2025 16:45:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48294
IP address blocks: 45.86.222.0/23 maxlen: 23
45.91.36.0/22 maxlen: 22
84.252.104.0/24 maxlen: 24
91.132.128.0/22 maxlen: 22
185.70.32.0/22 maxlen: 22
185.124.0.0/22 maxlen: 22
185.126.160.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1f:19:3d:38:2a:19:03:e8:1c:7c:4b:4a:36:28:56:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Feb 19 16:45:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=252a89d3626cc59332ab5159d43b355a70177f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b4:43:94:7a:d5:2d:49:74:ad:c0:50:f3:75:
81:80:70:78:71:66:63:40:d1:29:89:83:45:70:79:
9e:13:5b:09:05:81:41:48:51:24:7c:64:49:b3:58:
b1:15:46:21:e8:62:2b:55:47:81:46:3a:6e:22:aa:
e8:ff:3f:3a:e9:46:1c:24:ea:7b:2e:5a:9b:fe:f2:
2f:7d:a0:61:4c:7e:a0:f3:2b:8c:3d:46:57:d3:61:
a4:8f:50:df:6d:af:11:0d:b3:2e:23:0b:e3:f6:95:
03:77:3c:29:f2:61:bc:69:6b:7c:a3:d2:88:cb:e1:
3f:e5:26:87:4b:6b:d4:ce:5e:c5:89:f8:a9:15:ce:
4f:10:56:6d:4c:1b:e9:4d:34:6f:37:08:5d:83:c7:
b7:ad:0f:1f:55:31:fb:bc:02:91:9d:42:29:56:be:
8e:49:c7:66:01:97:e8:3f:d9:18:c8:8c:ff:fe:2e:
74:0e:8d:be:da:70:48:c1:a1:b4:3b:3e:4f:1d:8f:
1e:4a:ba:bf:a4:6d:ea:ba:1e:37:92:f5:b2:e3:b5:
7a:b5:fb:de:cd:d0:4b:37:1a:68:e7:1a:37:be:1e:
f2:5c:97:2b:44:4a:41:2d:4d:28:01:c9:32:83:58:
8e:5c:80:d8:1a:6f:93:d5:d7:74:b9:c2:6a:d1:67:
e8:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:2A:89:D3:62:6C:C5:93:32:AB:51:59:D4:3B:35:5A:70:17:7F:33
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.222.0/23
45.91.36.0/22
84.252.104.0/24
91.132.128.0/22
185.70.32.0/22
185.124.0.0/22
185.126.160.0/22
Signature Algorithm: sha256WithRSAEncryption
47:e6:90:84:56:00:10:6c:a3:f8:3c:64:f5:7e:c6:9b:ee:8a:
03:48:a2:9b:77:08:19:92:58:b1:bd:d7:aa:97:db:75:6e:54:
0b:7c:a2:97:65:e5:a7:77:8a:09:ea:86:36:21:f8:21:bb:5b:
6d:6e:ac:09:fb:2c:c3:02:83:7a:2c:9d:28:77:e1:ab:55:80:
56:35:bb:a0:6b:a2:0f:7c:0d:c1:01:5c:9e:f8:86:21:aa:58:
10:dc:e5:5f:a2:a7:a4:10:7b:1d:2b:01:e7:6a:bc:85:a7:aa:
31:65:fe:d1:76:b6:9c:8b:45:4d:51:1d:db:2d:97:71:39:8a:
bd:4a:83:45:51:c6:4b:7a:3c:0d:b9:0e:d8:be:60:de:50:b4:
dd:50:39:73:bc:34:d0:35:42:0e:ae:0f:a7:c2:90:6a:1c:29:
e5:f7:e3:09:dd:26:d4:79:21:16:4d:72:59:64:88:99:8d:b7:
42:07:6f:1a:c4:6b:b9:09:e2:0d:a2:18:fd:28:b7:ad:81:78:
8b:57:af:d1:a9:b7:ce:a5:d5:99:de:30:57:35:63:a3:64:10:
34:8d:f7:01:e2:07:29:f5:3c:b6:8f:5d:93:d1:af:f2:96:13:
ae:74:4f:4e:32:8a:0c:0c:60:b2:0c:0f:84:00:aa:dc:70:90:
2e:c0:19:6d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZUfGT04KhkD6Bx8S0o2KFb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjUwMjE5MTY0NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTJhODlkMzYyNmNjNTkzMzJhYjUxNTlkNDNiMzU1YTcwMTc3ZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLRDlHrVLUl0rcBQ83WBgHB4cWZj
QNEpiYNFcHmeE1sJBYFBSFEkfGRJs1ixFUYh6GIrVUeBRjpuIqro/z866UYcJOp7
Llqb/vIvfaBhTH6g8yuMPUZX02Gkj1Dfba8RDbMuIwvj9pUDdzwp8mG8aWt8o9KI
y+E/5SaHS2vUzl7FifipFc5PEFZtTBvpTTRvNwhdg8e3rQ8fVTH7vAKRnUIpVr6O
ScdmAZfoP9kYyIz//i50Do2+2nBIwaG0Oz5PHY8eSrq/pG3quh43kvWy47V6tfve
zdBLNxpo5xo3vh7yXJcrREpBLU0oAckyg1iOXIDYGm+T1dd0ucJq0WfoXwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCUqidNibMWTMqtRWdQ7NVpwF38zMB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvSlNxSjAySnN4Wk15cTFGWjFEczFXbkFYZnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLVbeAwQC
LVskAwQAVPxoAwQCW4SAAwQCuUYgAwQCuXwAAwQCuX6gMA0GCSqGSIb3DQEBCwUA
A4IBAQBH5pCEVgAQbKP4PGT1fsab7ooDSKKbdwgZklixvdeql9t1blQLfKKXZeWn
d4oJ6oY2Ifghu1ttbqwJ+yzDAoN6LJ0od+GrVYBWNbuga6IPfA3BAVye+IYhqlgQ
3OVfoqekEHsdKwHnaryFp6oxZf7Rdraci0VNUR3bLZdxOYq9SoNFUcZLejwNuQ7Y
vmDeULTdUDlzvDTQNUIOrg+nwpBqHCnl9+MJ3SbUeSEWTXJZZIiZjbdCB28axGu5
CeINohj9KLetgXiLV6/RqbfOpdWZ3jBXNWOjZBA0jfcB4gcp9Ty2j12T0a/ylhOu
dE9OMooMDGCyDA+EAKrccJAuwBlt
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:56 2025 by rpki-client on console.sobornost.net