Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2UX9cTdK8elfWFjB5EuIwgaQrms.roa
File: 2UX9cTdK8elfWFjB5EuIwgaQrms.roa (raw, json)
Hash identifier: g4Xp2pC1B02rVB3OrmbaVgjwBbE5hxsLEES/dQX5edQ=
Subject key identifier: D9:45:FD:71:37:4A:F1:E9:5F:58:58:C1:E4:4B:88:C2:06:90:AE:6B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019621AF22E90CD5F7F32636C69972ABE063
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2UX9cTdK8elfWFjB5EuIwgaQrms.roa
Signing time: Thu 10 Apr 2025 21:50:48 +0000
ROA not before: Thu 10 Apr 2025 21:50:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13335
IP address blocks: 45.86.12.0/24 maxlen: 24
2a0a:2d07:fc42::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:21:af:22:e9:0c:d5:f7:f3:26:36:c6:99:72:ab:e0:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 10 21:50:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d945fd71374af1e95f5858c1e44b88c20690ae6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f4:b8:3f:6f:64:ca:6d:85:6f:ca:50:f1:53:
34:3c:33:3d:e2:81:44:c1:af:9a:2f:c9:82:9b:8d:
98:17:e7:e3:c3:00:7b:4e:de:f1:6e:85:c5:6f:25:
a7:2c:c2:b3:40:ee:15:c5:75:22:e9:81:26:3d:a8:
d9:47:bc:cd:76:e5:b2:87:d1:dc:0c:4e:e9:29:49:
92:4b:a2:a0:6d:06:9f:31:a2:d8:b1:ec:8e:60:5e:
03:e3:f1:03:ca:82:30:c1:f2:85:91:4a:30:28:a1:
6c:01:8e:46:a8:ce:5f:1a:8a:f9:32:dd:ea:11:07:
32:aa:fa:08:31:dd:a1:40:ba:ca:18:7a:8a:84:54:
08:52:87:c1:e1:76:c8:98:fb:be:04:bc:20:8d:21:
84:28:39:7a:90:c3:1b:e7:3d:49:7e:9b:a6:73:fa:
71:b5:7e:8e:16:ce:b3:7e:52:6c:90:57:34:fd:99:
41:f2:9f:3c:8d:c7:49:69:ce:7a:75:d6:7b:20:56:
ec:97:51:3e:e8:f8:23:73:06:e5:33:92:4a:75:fc:
51:89:1a:87:71:2d:31:fd:0b:95:17:44:94:56:63:
a3:66:36:48:8a:a7:3f:de:48:a9:61:79:42:0e:89:
f1:70:25:7f:d9:84:b1:0b:c8:2d:6d:68:db:fb:bb:
40:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:45:FD:71:37:4A:F1:E9:5F:58:58:C1:E4:4B:88:C2:06:90:AE:6B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2UX9cTdK8elfWFjB5EuIwgaQrms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.12.0/24
IPv6:
2a0a:2d07:fc42::/48
Signature Algorithm: sha256WithRSAEncryption
60:89:fe:85:0a:11:4a:ff:7c:e8:39:a8:9f:9e:20:32:cc:11:
04:6e:54:a7:fb:b7:46:31:34:f2:44:f4:da:81:c1:e5:02:11:
e8:4d:32:bf:92:0b:47:46:96:15:5f:a8:0e:66:ce:3e:38:af:
c2:c0:80:9e:07:e6:d8:05:98:9c:ab:ef:4b:20:88:d7:e3:78:
2c:71:ff:4b:b2:b8:df:86:3f:b4:67:bb:c6:b8:2d:84:59:e0:
20:27:d0:c3:ea:59:f2:63:2f:f0:06:c5:e0:a2:b9:60:41:aa:
d1:02:39:a0:cc:d2:91:92:68:77:e9:0d:7e:59:f6:dc:e7:c5:
bf:42:18:19:2d:b2:b1:6c:76:d4:98:0d:2c:64:f5:a1:2f:f6:
73:4a:99:59:e6:0c:c9:83:09:a0:0c:39:1c:8a:29:83:c3:24:
ae:24:e3:ee:40:40:83:68:4c:07:5c:35:8f:16:ef:da:31:f0:
11:93:8a:c8:2e:6a:c7:e5:63:6f:5e:af:c5:5a:a2:d0:51:d9:
ae:53:eb:62:b3:74:76:5b:5d:23:b7:f8:0e:08:b0:9a:5f:26:
bc:dd:20:91:62:14:73:0b:e9:1b:e1:63:55:94:85:35:b0:5d:
95:74:e0:c1:c3:22:87:45:c9:64:ff:8d:3b:c3:2a:91:e7:6d:
9e:1e:e2:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZYhryLpDNX38yY2xplyq+BjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDEwMjE1MDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQ1ZmQ3MTM3NGFmMWU5NWY1ODU4YzFlNDRiODhjMjA2OTBhZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfS4P29kym2Fb8pQ8VM0PDM94oFE
wa+aL8mCm42YF+fjwwB7Tt7xboXFbyWnLMKzQO4VxXUi6YEmPajZR7zNduWyh9Hc
DE7pKUmSS6KgbQafMaLYseyOYF4D4/EDyoIwwfKFkUowKKFsAY5GqM5fGor5Mt3q
EQcyqvoIMd2hQLrKGHqKhFQIUofB4XbImPu+BLwgjSGEKDl6kMMb5z1Jfpumc/px
tX6OFs6zflJskFc0/ZlB8p88jcdJac56ddZ7IFbsl1E+6PgjcwblM5JKdfxRiRqH
cS0x/QuVF0SUVmOjZjZIiqc/3kipYXlCDonxcCV/2YSxC8gtbWjb+7tAqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNlF/XE3SvHpX1hYweRLiMIGkK5rMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMlVYOWNUZEs4ZWxmV0ZqQjVFdUl3Z2FRcm1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALVYMMA8E
AgACMAkDBwAqCi0H/EIwDQYJKoZIhvcNAQELBQADggEBAGCJ/oUKEUr/fOg5qJ+e
IDLMEQRuVKf7t0YxNPJE9NqBweUCEehNMr+SC0dGlhVfqA5mzj44r8LAgJ4H5tgF
mJyr70sgiNfjeCxx/0uyuN+GP7Rnu8a4LYRZ4CAn0MPqWfJjL/AGxeCiuWBBqtEC
OaDM0pGSaHfpDX5Z9tznxb9CGBktsrFsdtSYDSxk9aEv9nNKmVnmDMmDCaAMORyK
KYPDJK4k4+5AQINoTAdcNY8W79ox8BGTisguasflY29er8VaotBR2a5T62KzdHZb
XSO3+A4IsJpfJrzdIJFiFHML6RvhY1WUhTWwXZV04MHDIodFyWT/jTvDKpHnbZ4e
4nI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:56 2025 by rpki-client on console.sobornost.net