Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/4qFSko06M6ldKhEnW5jCnn4ySD4.roa
File: 4qFSko06M6ldKhEnW5jCnn4ySD4.roa (raw, json)
Hash identifier: 9ZDGMUNQVPx9Ca0E8soIFoMtBGmde/WvzWxmQVvH3aE=
Subject key identifier: E2:A1:52:92:8D:3A:33:A9:5D:2A:11:27:5B:98:C2:9E:7E:32:48:3E
Certificate issuer: /CN=5d0a0d396f769369365f2b983c531afeca9710a7
Certificate serial: 019422FC212CA0571C572BF867CC506CF4F1
Authority key identifier: 5D:0A:0D:39:6F:76:93:69:36:5F:2B:98:3C:53:1A:FE:CA:97:10:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XQoNOW92k2k2XyuYPFMa_sqXEKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/4qFSko06M6ldKhEnW5jCnn4ySD4.roa
Signing time: Wed 01 Jan 2025 17:48:56 +0000
ROA not before: Wed 01 Jan 2025 17:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48350
IP address blocks: 45.148.236.0/22 maxlen: 22
45.148.236.0/24 maxlen: 24
45.148.237.0/24 maxlen: 24
45.148.238.0/24 maxlen: 24
45.148.239.0/24 maxlen: 24
91.208.130.0/24 maxlen: 24
91.209.111.0/24 maxlen: 24
2a0f:7a00::/32 maxlen: 48
2a0f:7a02::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:21:2c:a0:57:1c:57:2b:f8:67:cc:50:6c:f4:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d0a0d396f769369365f2b983c531afeca9710a7
Validity
Not Before: Jan 1 17:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2a152928d3a33a95d2a11275b98c29e7e32483e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:55:5a:ed:f4:89:fd:c6:95:f5:e3:ca:36:64:
7b:c7:a2:0e:17:ff:08:be:2c:5e:0b:c7:92:31:ee:
0d:20:ca:55:81:1d:6c:74:fc:0b:96:3e:d6:89:fe:
65:5b:95:90:ee:46:ab:34:eb:bc:f7:a0:7e:11:4e:
6c:86:c7:6f:c9:0c:c5:9a:ec:27:4e:1d:14:0a:13:
82:1e:71:96:05:fd:9f:ea:2d:60:b6:b1:c1:b5:03:
ea:cc:46:3c:6c:03:be:b1:c6:38:92:ca:35:0b:69:
54:9d:2b:b6:c8:8f:57:0e:d8:66:65:3e:f9:92:ff:
a2:04:da:fc:4d:70:0c:6c:61:e3:91:0c:f4:5d:36:
a9:15:1e:54:89:7d:11:8c:1b:e7:d4:d9:3f:e3:42:
de:41:a8:60:6f:eb:27:d3:53:5c:70:70:b0:2f:32:
09:41:9f:79:07:45:a9:cf:d0:86:fc:bc:75:21:e3:
f7:27:15:28:bf:95:2b:a3:21:50:be:3b:c3:0b:22:
50:90:82:c2:dd:a7:a4:b9:63:90:9c:b6:c0:80:3f:
03:39:95:6b:f9:5d:8f:88:a6:3f:31:f2:47:f0:04:
3b:67:7b:06:76:4b:6e:35:ad:db:33:43:a4:7d:4a:
89:40:04:f2:3c:4b:32:66:29:8a:12:bf:3f:45:e0:
e3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A1:52:92:8D:3A:33:A9:5D:2A:11:27:5B:98:C2:9E:7E:32:48:3E
X509v3 Authority Key Identifier:
keyid:5D:0A:0D:39:6F:76:93:69:36:5F:2B:98:3C:53:1A:FE:CA:97:10:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XQoNOW92k2k2XyuYPFMa_sqXEKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/4qFSko06M6ldKhEnW5jCnn4ySD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/XQoNOW92k2k2XyuYPFMa_sqXEKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.236.0/22
91.208.130.0/24
91.209.111.0/24
IPv6:
2a0f:7a00::/32
2a0f:7a02::/32
Signature Algorithm: sha256WithRSAEncryption
6c:6c:f0:2f:22:71:03:c9:67:78:f0:1d:26:f6:8b:57:f3:30:
1b:ae:66:0a:63:e1:06:b9:98:e9:19:23:1f:03:b8:8d:f8:d5:
8b:65:ed:cd:2d:3d:97:9e:47:ba:e5:e9:5a:84:2c:73:f1:f8:
9a:87:9c:bb:2d:fd:0a:06:f3:9f:dd:a3:b4:ad:c3:08:b7:40:
a1:a4:4a:29:62:8b:22:52:66:b0:a2:ee:ff:7b:10:bc:a1:80:
fd:06:f4:91:84:bb:50:ff:ba:60:f1:f0:79:91:7f:2f:fb:fe:
4f:55:da:21:aa:55:16:9a:6e:b2:c3:9e:3a:5b:79:31:02:e3:
76:74:bc:2f:42:64:fc:09:7c:b4:4c:cb:29:41:17:33:34:ff:
76:03:e2:2d:36:b3:8b:65:d2:9a:d8:96:aa:91:f8:70:05:49:
48:8b:8a:75:a9:54:8a:35:3c:68:aa:8b:44:c0:97:65:b5:f7:
7d:4d:ae:49:29:4f:94:b3:b0:9c:8c:18:85:0a:31:f7:13:f8:
d9:0a:ae:21:5a:cd:7e:e5:5d:b3:49:47:f0:75:69:68:47:df:
3f:e2:40:c5:1b:17:db:d5:48:4d:23:de:78:a7:a6:bd:7e:21:
92:70:98:ef:5e:c4:5d:ab:69:43:10:17:4d:95:4c:c0:2d:9e:
b0:23:78:40
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQi/CEsoFccVyv4Z8xQbPTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMGEwZDM5NmY3NjkzNjkzNjVmMmI5ODNjNTMxYWZlY2E5
NzEwYTcwHhcNMjUwMTAxMTc0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmExNTI5MjhkM2EzM2E5NWQyYTExMjc1Yjk4YzI5ZTdlMzI0ODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVVa7fSJ/caV9ePKNmR7x6IOF/8I
vixeC8eSMe4NIMpVgR1sdPwLlj7Wif5lW5WQ7karNOu896B+EU5shsdvyQzFmuwn
Th0UChOCHnGWBf2f6i1gtrHBtQPqzEY8bAO+scY4kso1C2lUnSu2yI9XDthmZT75
kv+iBNr8TXAMbGHjkQz0XTapFR5UiX0RjBvn1Nk/40LeQahgb+sn01NccHCwLzIJ
QZ95B0Wpz9CG/Lx1IeP3JxUov5UroyFQvjvDCyJQkILC3aekuWOQnLbAgD8DOZVr
+V2PiKY/MfJH8AQ7Z3sGdktuNa3bM0OkfUqJQATyPEsyZimKEr8/ReDjbQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOKhUpKNOjOpXSoRJ1uYwp5+Mkg+MB8GA1UdIwQY
MBaAFF0KDTlvdpNpNl8rmDxTGv7KlxCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFFvTk9XOTJrMmsyWHl1WVBGTWFfc3FYRUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yMjNkOGYtNThhYy00ZGY3LWJmMWUt
NDQyMDEwYjU3OWVmLzEvNHFGU2tvMDZNNmxkS2hFblc1akNubjR5U0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yMjNkOGYtNThhYy00ZGY3LWJmMWUtNDQyMDEwYjU3OWVm
LzEvWFFvTk9XOTJrMmsyWHl1WVBGTWFfc3FYRUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLZTsAwQA
W9CCAwQAW9FvMBQEAgACMA4DBQAqD3oAAwUAKg96AjANBgkqhkiG9w0BAQsFAAOC
AQEAbGzwLyJxA8lnePAdJvaLV/MwG65mCmPhBrmY6RkjHwO4jfjVi2XtzS09l55H
uuXpWoQsc/H4moecuy39Cgbzn92jtK3DCLdAoaRKKWKLIlJmsKLu/3sQvKGA/Qb0
kYS7UP+6YPHweZF/L/v+T1XaIapVFppussOeOlt5MQLjdnS8L0Jk/Al8tEzLKUEX
MzT/dgPiLTazi2XSmtiWqpH4cAVJSIuKdalUijU8aKqLRMCXZbX3fU2uSSlPlLOw
nIwYhQox9xP42QquIVrNfuVds0lH8HVpaEffP+JAxRsX29VITSPeeKemvX4hknCY
717EXatpQxAXTZVMwC2esCN4QA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:12 2025 by rpki-client on console.sobornost.net