Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b72cb0-0e57-468c-89f0-abcb1e7582b3/1/cLGpimzWzwHzqIbopne7t52wISg.roa
File: cLGpimzWzwHzqIbopne7t52wISg.roa (raw, json)
Hash identifier: 9i9sbe7IcV9dEAByxfhmrcjdOqaaf18dgDnNY+xafnk=
Subject key identifier: 70:B1:A9:8A:6C:D6:CF:01:F3:A8:86:E8:A6:77:BB:B7:9D:B0:21:28
Certificate issuer: /CN=a55cf89ee562797e775aa4d1d1f7e45f466a73c3
Certificate serial: 0195673D84D0C438B9FD51C2EC01432268C4
Authority key identifier: A5:5C:F8:9E:E5:62:79:7E:77:5A:A4:D1:D1:F7:E4:5F:46:6A:73:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pVz4nuVieX53WqTR0ffkX0Zqc8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b72cb0-0e57-468c-89f0-abcb1e7582b3/1/cLGpimzWzwHzqIbopne7t52wISg.roa
Signing time: Wed 05 Mar 2025 16:57:19 +0000
ROA not before: Wed 05 Mar 2025 16:57:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208058
IP address blocks: 45.145.39.0/24 maxlen: 24
2a13:5a40::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:67:3d:84:d0:c4:38:b9:fd:51:c2:ec:01:43:22:68:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a55cf89ee562797e775aa4d1d1f7e45f466a73c3
Validity
Not Before: Mar 5 16:57:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70b1a98a6cd6cf01f3a886e8a677bbb79db02128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ad:c0:5e:95:ac:f9:4a:65:e8:a2:eb:d0:74:
d5:f3:9f:e3:c2:3b:20:56:e6:2e:48:f9:de:b7:7e:
33:bd:5d:5f:71:1c:69:d8:e5:0b:dc:64:e6:45:b5:
62:88:c6:65:90:a7:bf:e1:44:ee:ca:2d:e6:41:60:
d2:2a:ea:d8:9d:99:17:ef:5f:71:bc:f3:af:bd:d8:
ba:ac:b1:0c:df:3e:85:89:3b:90:ca:10:ef:ef:df:
5d:1f:8a:a1:16:50:0f:eb:7a:1e:f0:65:a2:c7:78:
88:00:6f:b9:7d:8c:e7:51:9c:0a:27:86:35:ea:db:
fc:cb:c7:80:00:17:bd:a5:01:4c:a7:bd:12:04:a2:
3b:36:d3:9e:ae:6c:f7:a1:35:d1:fc:d3:98:0e:55:
24:39:19:e3:ad:d4:79:d5:9f:b8:42:66:2a:e0:80:
7d:73:8e:31:de:52:3f:49:45:1f:17:34:8c:b2:df:
05:ad:3a:1f:77:10:91:dd:e3:9d:1e:ae:cf:07:0e:
24:36:db:19:0d:29:3b:5f:3a:b3:69:bd:b4:1e:2c:
e9:e5:ba:9d:42:7c:90:68:26:ac:11:a5:9e:4a:8e:
f8:5d:96:c3:4e:c5:c6:e7:bf:b0:d7:8d:23:b5:16:
0f:e1:70:9f:ef:f0:a3:e5:0d:95:7e:db:87:72:8f:
46:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B1:A9:8A:6C:D6:CF:01:F3:A8:86:E8:A6:77:BB:B7:9D:B0:21:28
X509v3 Authority Key Identifier:
keyid:A5:5C:F8:9E:E5:62:79:7E:77:5A:A4:D1:D1:F7:E4:5F:46:6A:73:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pVz4nuVieX53WqTR0ffkX0Zqc8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b72cb0-0e57-468c-89f0-abcb1e7582b3/1/cLGpimzWzwHzqIbopne7t52wISg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b72cb0-0e57-468c-89f0-abcb1e7582b3/1/pVz4nuVieX53WqTR0ffkX0Zqc8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.39.0/24
IPv6:
2a13:5a40::/32
Signature Algorithm: sha256WithRSAEncryption
79:8b:04:03:06:92:0e:69:fe:7a:03:66:2e:aa:8c:b8:91:fc:
52:d1:60:8b:bb:09:74:42:7d:bc:af:42:14:ae:60:d6:c0:45:
42:c7:ef:88:64:60:c8:d3:bf:67:da:f1:00:3e:35:45:25:e8:
34:f6:cc:87:9a:68:27:8d:87:30:92:c1:08:09:60:7f:a1:8e:
58:de:93:3a:e3:ef:fd:8f:03:68:e0:7c:09:7a:9c:e6:06:8c:
69:55:7b:88:e0:51:e8:00:67:25:06:77:9f:dd:e3:20:ff:94:
c9:c4:0b:bc:9a:3a:60:06:20:7f:4f:90:59:9c:d8:7a:fb:ee:
8e:fa:74:7b:a0:21:91:06:21:70:10:87:dc:01:41:fc:00:30:
9a:8b:c6:d4:8f:69:fa:48:e9:57:68:57:b4:b3:0d:d4:22:e1:
ed:06:48:f8:17:9b:87:ba:94:2c:50:91:e1:fe:e3:bc:ce:14:
60:c3:6c:2a:69:3b:cf:48:b5:7c:ff:04:0c:79:6c:1c:2a:f0:
e4:28:85:1f:12:7f:69:cf:39:6e:f7:c4:44:19:be:e1:9e:e9:
12:fc:d6:a9:81:b2:b9:eb:ef:46:e1:d8:2b:48:0a:08:75:15:
f4:ff:3d:bd:ee:2b:ab:c3:ad:fc:9e:5c:da:84:e0:cf:aa:4d:
be:b3:42:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZVnPYTQxDi5/VHC7AFDImjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NWNmODllZTU2Mjc5N2U3NzVhYTRkMWQxZjdlNDVmNDY2
YTczYzMwHhcNMjUwMzA1MTY1NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGIxYTk4YTZjZDZjZjAxZjNhODg2ZThhNjc3YmJiNzlkYjAyMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAya3AXpWs+Upl6KLr0HTV85/jwjsg
VuYuSPnet34zvV1fcRxp2OUL3GTmRbViiMZlkKe/4UTuyi3mQWDSKurYnZkX719x
vPOvvdi6rLEM3z6FiTuQyhDv799dH4qhFlAP63oe8GWix3iIAG+5fYznUZwKJ4Y1
6tv8y8eAABe9pQFMp70SBKI7NtOermz3oTXR/NOYDlUkORnjrdR51Z+4QmYq4IB9
c44x3lI/SUUfFzSMst8FrTofdxCR3eOdHq7PBw4kNtsZDSk7Xzqzab20Hizp5bqd
QnyQaCasEaWeSo74XZbDTsXG57+w140jtRYP4XCf7/Cj5Q2VftuHco9GRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHCxqYps1s8B86iG6KZ3u7edsCEoMB8GA1UdIwQY
MBaAFKVc+J7lYnl+d1qk0dH35F9GanPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFZ6NG51VmllWDUzV3FUUjBmZmtYMFpxYzhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iNzJjYjAtMGU1Ny00NjhjLTg5ZjAt
YWJjYjFlNzU4MmIzLzEvY0xHcGlteld6d0h6cUlib3BuZTd0NTJ3SVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iNzJjYjAtMGU1Ny00NjhjLTg5ZjAtYWJjYjFlNzU4MmIz
LzEvcFZ6NG51VmllWDUzV3FUUjBmZmtYMFpxYzhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALZEnMA0E
AgACMAcDBQAqE1pAMA0GCSqGSIb3DQEBCwUAA4IBAQB5iwQDBpIOaf56A2Yuqoy4
kfxS0WCLuwl0Qn28r0IUrmDWwEVCx++IZGDI079n2vEAPjVFJeg09syHmmgnjYcw
ksEICWB/oY5Y3pM64+/9jwNo4HwJepzmBoxpVXuI4FHoAGclBnef3eMg/5TJxAu8
mjpgBiB/T5BZnNh6++6O+nR7oCGRBiFwEIfcAUH8ADCai8bUj2n6SOlXaFe0sw3U
IuHtBkj4F5uHupQsUJHh/uO8zhRgw2wqaTvPSLV8/wQMeWwcKvDkKIUfEn9pzzlu
98REGb7hnukS/NapgbK56+9G4dgrSAoIdRX0/z297iurw638nlzahODPqk2+s0Kl
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:09 2025 by rpki-client on console.sobornost.net