Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/0vJK_vyasIrWUmMeEUC9qBRt1hU.roa
File: 0vJK_vyasIrWUmMeEUC9qBRt1hU.roa (raw, json)
Hash identifier: 8dnpR0wliwI6ds+bwuYSSa8p5H39NL3zBM5biG+2pNc=
Subject key identifier: D2:F2:4A:FE:FC:9A:B0:8A:D6:52:63:1E:11:40:BD:A8:14:6D:D6:15
Certificate issuer: /CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Certificate serial: 019422FC48182E1D5E833BA41C8C64BBD372
Authority key identifier: 5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/0vJK_vyasIrWUmMeEUC9qBRt1hU.roa
Signing time: Wed 01 Jan 2025 17:49:06 +0000
ROA not before: Wed 01 Jan 2025 17:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208683
IP address blocks: 45.89.132.0/22 maxlen: 22
2a0b:cf00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:48:18:2e:1d:5e:83:3b:a4:1c:8c:64:bb:d3:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Validity
Not Before: Jan 1 17:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2f24afefc9ab08ad652631e1140bda8146dd615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5d:df:1f:df:c7:20:15:f8:99:b6:41:48:c6:
05:24:a3:8e:f5:9d:e8:e5:e3:82:46:a0:0f:a4:4c:
58:e2:bf:9b:35:45:ab:6c:e2:a3:fc:18:6b:2c:f6:
7c:27:ee:8d:9e:84:3f:e2:95:2b:97:f3:87:7c:7e:
f2:b7:0b:0b:2c:9f:0e:31:0d:45:c4:c2:ae:65:e9:
77:eb:7b:82:68:03:a8:2a:50:e7:6b:e0:f2:2f:ea:
43:00:cf:87:58:72:ec:d9:6a:36:e6:40:40:2a:ac:
7a:35:6f:32:dc:60:a5:bd:97:29:f5:77:0d:08:31:
db:a0:84:ce:5d:75:ab:55:ce:6b:30:b3:57:5a:da:
e6:ed:7f:87:0c:01:cc:f0:49:f0:16:0c:b8:0f:88:
0e:f0:23:5f:d1:7a:5c:5b:40:4f:3c:9d:a4:10:6a:
43:51:84:1d:62:41:6a:41:34:33:58:9e:3d:63:8f:
49:df:ee:df:e2:c9:98:2e:3e:9e:b1:d0:99:93:90:
c6:68:8f:ba:bb:72:ae:a3:83:35:ab:a1:a2:6b:08:
7d:81:ff:d6:26:5a:36:1f:fc:37:7c:d5:9b:ea:45:
6b:74:3b:22:62:40:93:e5:26:ae:b8:a0:c2:79:c3:
e0:00:53:ae:25:d0:33:52:5e:90:67:31:91:b2:12:
61:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F2:4A:FE:FC:9A:B0:8A:D6:52:63:1E:11:40:BD:A8:14:6D:D6:15
X509v3 Authority Key Identifier:
keyid:5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/0vJK_vyasIrWUmMeEUC9qBRt1hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.132.0/22
IPv6:
2a0b:cf00::/32
Signature Algorithm: sha256WithRSAEncryption
69:61:80:32:ff:ea:b3:40:b0:4b:65:37:af:40:d4:c3:2e:1e:
97:65:d9:fa:6b:3b:9a:8e:a4:31:76:90:dc:0a:39:da:ea:62:
9a:c8:86:aa:b9:1e:67:2e:2a:3f:d4:fb:5b:36:e3:02:1c:83:
c1:6c:fa:bf:bb:48:77:d1:ee:3b:18:74:e1:7b:6e:c2:97:74:
d9:14:d5:1d:d8:c0:a9:24:99:50:96:3b:fb:0b:6c:c5:ee:e2:
8f:de:37:5e:4b:a1:17:b3:85:d3:31:b7:d8:ed:6a:1d:28:99:
e8:c9:9b:f0:05:bf:f6:9a:4a:2f:6e:cf:f3:1d:55:d5:6c:a9:
e1:5c:c2:36:2d:dc:d9:ed:7c:c1:7c:8e:89:3a:e4:ed:9b:f9:
24:28:56:2f:f7:e5:81:b0:39:27:fd:9a:2e:b6:59:54:c3:8f:
b1:de:83:a5:56:05:82:d4:7f:d6:d1:57:f7:43:83:82:10:b0:
3a:3f:a9:ad:89:8e:6b:7a:9e:b3:41:fd:9f:a5:58:32:67:ad:
b3:67:18:68:8e:cd:02:f0:82:e6:a0:5d:20:00:3e:a5:4e:bf:
ef:0a:fd:81:65:ba:ab:1c:66:bf:a0:80:5f:6b:3a:5f:40:02:
e0:27:e5:76:fa:d4:eb:c3:97:de:f4:e3:b8:07:99:ff:99:49:
a6:77:f6:85
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/EgYLh1egzukHIxku9NyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmU4ZDcyNTI2ZTRlNzNhM2I1N2Q5MzYwZjNhNTFiZWI1
OWE0NWYwHhcNMjUwMTAxMTc0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmYyNGFmZWZjOWFiMDhhZDY1MjYzMWUxMTQwYmRhODE0NmRkNjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvl3fH9/HIBX4mbZBSMYFJKOO9Z3o
5eOCRqAPpExY4r+bNUWrbOKj/BhrLPZ8J+6NnoQ/4pUrl/OHfH7ytwsLLJ8OMQ1F
xMKuZel363uCaAOoKlDna+DyL+pDAM+HWHLs2Wo25kBAKqx6NW8y3GClvZcp9XcN
CDHboITOXXWrVc5rMLNXWtrm7X+HDAHM8EnwFgy4D4gO8CNf0XpcW0BPPJ2kEGpD
UYQdYkFqQTQzWJ49Y49J3+7f4smYLj6esdCZk5DGaI+6u3Kuo4M1q6Giawh9gf/W
Jlo2H/w3fNWb6kVrdDsiYkCT5SauuKDCecPgAFOuJdAzUl6QZzGRshJhkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNLySv78mrCK1lJjHhFAvagUbdYVMB8GA1UdIwQY
MBaAFFz+jXJSbk5zo7V9k2DzpRvrWaRfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMt
ZTRkZGZhMzJlNTJlLzEvMHZKS192eWFzSXJXVW1NZUVVQzlxQlJ0MWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMtZTRkZGZhMzJlNTJl
LzEvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVmEMA0E
AgACMAcDBQAqC88AMA0GCSqGSIb3DQEBCwUAA4IBAQBpYYAy/+qzQLBLZTevQNTD
Lh6XZdn6azuajqQxdpDcCjna6mKayIaquR5nLio/1PtbNuMCHIPBbPq/u0h30e47
GHThe27Cl3TZFNUd2MCpJJlQljv7C2zF7uKP3jdeS6EXs4XTMbfY7WodKJnoyZvw
Bb/2mkovbs/zHVXVbKnhXMI2LdzZ7XzBfI6JOuTtm/kkKFYv9+WBsDkn/ZoutllU
w4+x3oOlVgWC1H/W0Vf3Q4OCELA6P6mtiY5rep6zQf2fpVgyZ62zZxhojs0C8ILm
oF0gAD6lTr/vCv2BZbqrHGa/oIBfazpfQALgJ+V2+tTrw5fe9OO4B5n/mUmmd/aF
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:09 2025 by rpki-client on console.sobornost.net