Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1juUcY14ym6Pqo0Ic7RxMAaUhmI.roa
File: 1juUcY14ym6Pqo0Ic7RxMAaUhmI.roa (raw, json)
Hash identifier: fnqoDEH/Uo8cFvXwvP5owbxw3PXfnLX06VQb+a43/do=
Subject key identifier: D6:3B:94:71:8D:78:CA:6E:8F:AA:8D:08:73:B4:71:30:06:94:86:62
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CB5351A1BA31595CDA076EDFB6BCB
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1juUcY14ym6Pqo0Ic7RxMAaUhmI.roa
Signing time: Wed 01 Jan 2025 01:48:22 +0000
ROA not before: Wed 01 Jan 2025 01:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199770
IP address blocks: 45.136.32.0/22 maxlen: 24
185.46.124.0/22 maxlen: 24
185.198.108.0/22 maxlen: 24
188.240.236.0/22 maxlen: 24
2a01:8460::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:b5:35:1a:1b:a3:15:95:cd:a0:76:ed:fb:6b:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d63b94718d78ca6e8faa8d0873b4713006948662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:aa:6a:5d:7f:06:dd:d2:ce:d3:32:b9:ee:88:
97:79:1a:0e:ab:c1:c8:37:af:b6:af:e4:6f:1c:b3:
ea:06:f5:77:02:95:19:ae:3c:b9:7e:a6:83:9c:09:
eb:65:53:dc:81:fb:68:59:17:17:f2:18:08:a2:44:
6a:71:45:50:b9:b0:9f:03:3e:52:ef:87:95:e0:f7:
01:1a:b4:59:34:e1:b6:2b:ac:38:e4:26:eb:4c:69:
db:9e:e7:d7:77:83:20:e4:eb:b4:99:77:1f:a4:e4:
02:b8:56:07:29:91:1d:f4:df:71:e4:68:b5:7a:10:
94:d4:2d:3d:9b:c2:96:62:de:08:96:66:75:71:0e:
4c:c8:01:34:49:c3:ec:e8:a6:84:e6:04:a7:d8:dd:
59:36:c6:a5:9c:08:0b:cd:c3:16:69:39:83:93:9c:
64:3a:d2:b3:10:1b:f9:36:25:68:26:f2:af:dc:71:
eb:cb:b4:ed:da:e7:c1:2c:50:60:91:11:4b:ff:d5:
7f:2a:31:a7:77:1a:19:80:ff:02:13:a9:d5:5d:bb:
ba:eb:42:09:51:cc:2b:cf:2e:96:8e:e7:c3:4a:8e:
1a:e8:2c:f7:41:13:4a:67:ec:a4:54:bb:fe:e5:fb:
12:d2:73:92:21:96:99:a7:f5:1a:fc:06:1f:63:f6:
38:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:3B:94:71:8D:78:CA:6E:8F:AA:8D:08:73:B4:71:30:06:94:86:62
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1juUcY14ym6Pqo0Ic7RxMAaUhmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.32.0/22
185.46.124.0/22
185.198.108.0/22
188.240.236.0/22
IPv6:
2a01:8460::/32
Signature Algorithm: sha256WithRSAEncryption
b3:f2:ab:75:36:d9:b1:81:a2:8c:2f:ba:f4:28:9f:31:13:9d:
d0:30:b2:94:b9:d4:38:e6:bd:f2:50:65:b5:51:5e:aa:69:95:
30:65:74:46:97:10:e9:65:ea:73:1a:da:53:4c:03:15:53:51:
16:f4:16:fc:4c:22:e2:71:f2:34:43:18:6b:6e:8f:5c:34:3a:
68:ad:7c:69:b7:01:22:42:6e:3c:0f:8a:9d:93:3d:41:fa:b0:
f1:2a:2b:93:83:32:40:a5:83:8f:0a:0a:f8:1e:93:ac:3d:27:
c3:a7:b7:fa:a6:4f:9d:d1:ca:5c:f1:0f:9b:5f:13:47:33:12:
5a:a3:c5:8e:cf:6e:c1:ec:8c:c4:6d:83:26:3c:78:a0:e1:dd:
99:34:93:49:e1:5f:05:50:7c:02:23:cd:5f:94:4c:22:40:a3:
12:c4:91:6d:d6:6f:d7:f7:d8:e9:1a:0b:8b:6d:78:e1:ad:d4:
b7:2d:46:02:d9:e1:50:dd:c6:fc:03:79:81:8a:2a:d3:02:f6:
c0:b7:db:c2:4b:9f:0f:f7:50:4f:b9:9c:f2:55:8d:a5:16:43:
c7:dd:65:ff:12:5d:ee:5b:38:be:97:24:09:69:e4:6b:06:65:
54:8c:92:cf:41:8b:e7:47:d7:4e:6c:64:b7:8c:68:30:d7:d1:
67:86:98:30
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQfjLU1GhujFZXNoHbt+2vLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjNiOTQ3MThkNzhjYTZlOGZhYThkMDg3M2I0NzEzMDA2OTQ4NjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqpqXX8G3dLO0zK57oiXeRoOq8HI
N6+2r+RvHLPqBvV3ApUZrjy5fqaDnAnrZVPcgftoWRcX8hgIokRqcUVQubCfAz5S
74eV4PcBGrRZNOG2K6w45CbrTGnbnufXd4Mg5Ou0mXcfpOQCuFYHKZEd9N9x5Gi1
ehCU1C09m8KWYt4IlmZ1cQ5MyAE0ScPs6KaE5gSn2N1ZNsalnAgLzcMWaTmDk5xk
OtKzEBv5NiVoJvKv3HHry7Tt2ufBLFBgkRFL/9V/KjGndxoZgP8CE6nVXbu660IJ
Ucwrzy6WjufDSo4a6Cz3QRNKZ+ykVLv+5fsS0nOSIZaZp/Ua/AYfY/Y4uwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNY7lHGNeMpuj6qNCHO0cTAGlIZiMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvMWp1VWNZMTR5bTZQcW8wSWM3UnhNQWFVaG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLYggAwQC
uS58AwQCucZsAwQCvPDsMA0EAgACMAcDBQAqAYRgMA0GCSqGSIb3DQEBCwUAA4IB
AQCz8qt1NtmxgaKML7r0KJ8xE53QMLKUudQ45r3yUGW1UV6qaZUwZXRGlxDpZepz
GtpTTAMVU1EW9Bb8TCLicfI0Qxhrbo9cNDporXxptwEiQm48D4qdkz1B+rDxKiuT
gzJApYOPCgr4HpOsPSfDp7f6pk+d0cpc8Q+bXxNHMxJao8WOz27B7IzEbYMmPHig
4d2ZNJNJ4V8FUHwCI81flEwiQKMSxJFt1m/X99jpGguLbXjhrdS3LUYC2eFQ3cb8
A3mBiirTAvbAt9vCS58P91BPuZzyVY2lFkPH3WX/El3uWzi+lyQJaeRrBmVUjJLP
QYvnR9dObGS3jGgw19Fnhpgw
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:02 2025 by rpki-client on console.sobornost.net