Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1bcef4-131d-4db5-94c7-24c79b1cb4da/1/Sdx0s8uspLK2JEfxE0Zqq-P7qdc.roa
File: Sdx0s8uspLK2JEfxE0Zqq-P7qdc.roa (raw, json)
Hash identifier: SB/yO/98dSqVsNjGD6z9bUudXfStWVjKdpjSXqLPG2I=
Subject key identifier: 49:DC:74:B3:CB:AC:A4:B2:B6:24:47:F1:13:46:6A:AB:E3:FB:A9:D7
Certificate issuer: /CN=2e872826fce02bd9485ef276641d2b584f599b37
Certificate serial: 01958B6F1D5073648C74421E0642A5AD3861
Authority key identifier: 2E:87:28:26:FC:E0:2B:D9:48:5E:F2:76:64:1D:2B:58:4F:59:9B:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LocoJvzgK9lIXvJ2ZB0rWE9Zmzc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1bcef4-131d-4db5-94c7-24c79b1cb4da/1/Sdx0s8uspLK2JEfxE0Zqq-P7qdc.roa
Signing time: Wed 12 Mar 2025 17:37:49 +0000
ROA not before: Wed 12 Mar 2025 17:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42156
IP address blocks: 45.67.74.0/24 maxlen: 24
2a10:d600::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8b:6f:1d:50:73:64:8c:74:42:1e:06:42:a5:ad:38:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e872826fce02bd9485ef276641d2b584f599b37
Validity
Not Before: Mar 12 17:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49dc74b3cbaca4b2b62447f113466aabe3fba9d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:65:56:19:fb:1a:ec:f9:5d:7e:8a:38:97:d5:
d0:db:1b:77:87:e7:71:5d:bc:ac:a8:65:a9:08:f8:
1b:03:3d:91:00:48:0b:fc:49:a6:39:92:6b:cd:22:
b7:e5:5e:37:a4:59:44:52:3f:a0:e1:43:48:ab:5a:
9a:b2:79:5c:6c:29:06:84:27:62:38:8f:bd:de:fb:
be:43:54:e0:43:9d:de:7e:52:97:22:68:98:6f:95:
ea:51:a6:bc:7f:c0:dc:90:e0:98:88:d5:6f:b9:fb:
c5:7f:dc:28:f7:d5:df:20:df:92:43:ff:7d:a4:84:
28:20:06:28:72:f5:f8:6d:ce:37:54:18:54:9c:81:
55:f3:4d:8b:e7:20:4a:fd:ab:97:dc:17:41:e0:5e:
f8:1a:48:2c:4d:cc:d1:0f:ca:fc:d2:96:d6:e0:d2:
c1:4b:75:23:ac:d2:d4:d2:ba:6f:68:68:02:c5:d0:
17:42:b7:06:cd:58:59:bf:ea:6c:fa:35:0d:ed:d5:
78:b0:00:f1:8e:f2:5f:df:6d:2e:e2:66:f9:78:89:
4c:b3:f1:43:77:03:26:d3:75:09:eb:e9:fb:07:b0:
49:f4:8f:bb:ac:f1:12:4f:c9:cc:03:5c:79:30:45:
d5:2f:67:4a:df:ed:17:f7:51:23:e2:99:fc:82:58:
e2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:DC:74:B3:CB:AC:A4:B2:B6:24:47:F1:13:46:6A:AB:E3:FB:A9:D7
X509v3 Authority Key Identifier:
keyid:2E:87:28:26:FC:E0:2B:D9:48:5E:F2:76:64:1D:2B:58:4F:59:9B:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LocoJvzgK9lIXvJ2ZB0rWE9Zmzc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1bcef4-131d-4db5-94c7-24c79b1cb4da/1/Sdx0s8uspLK2JEfxE0Zqq-P7qdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1bcef4-131d-4db5-94c7-24c79b1cb4da/1/LocoJvzgK9lIXvJ2ZB0rWE9Zmzc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.74.0/24
IPv6:
2a10:d600::/48
Signature Algorithm: sha256WithRSAEncryption
c5:c5:6b:5b:49:0a:07:df:89:40:81:58:22:1c:ae:0a:0f:b8:
8e:d5:23:c6:d4:e1:ff:31:b6:f8:03:fa:c0:c3:99:e4:d9:fd:
88:4a:fe:5e:3b:ef:74:a7:fe:57:6a:78:93:00:3d:38:27:90:
40:94:f8:70:b1:83:6d:80:ad:30:59:24:29:31:28:61:9a:20:
78:cb:1f:f0:da:a1:e6:e2:4c:22:62:b8:ec:26:36:23:11:d9:
80:9a:9f:4f:b2:b5:0b:54:5a:d6:b0:71:72:36:e6:ec:7c:03:
08:fb:32:ce:24:90:b5:63:63:a9:34:3c:e6:1a:5d:33:03:87:
72:4a:f4:18:52:ab:54:28:54:2b:9f:d0:60:48:a6:76:27:db:
c6:b8:b9:83:51:49:38:71:5e:22:c5:06:ab:d3:b5:9c:31:47:
da:f5:a3:85:a5:90:ed:90:04:6f:cb:2e:21:b1:fc:46:dd:1c:
0a:be:af:3c:bf:23:52:98:ae:2f:04:26:c8:16:03:bd:5f:0f:
d0:3b:2f:b9:ae:c9:06:d7:0d:91:29:d6:fe:87:f7:ea:cb:25:
7f:47:75:15:14:fc:a0:bf:e7:de:48:11:fe:89:24:fa:b6:b1:
75:6b:0e:29:25:9d:a0:93:a1:6c:f8:d6:0f:c5:6d:58:99:5f:
86:82:6b:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZWLbx1Qc2SMdEIeBkKlrThhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODcyODI2ZmNlMDJiZDk0ODVlZjI3NjY0MWQyYjU4NGY1
OTliMzcwHhcNMjUwMzEyMTczNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWRjNzRiM2NiYWNhNGIyYjYyNDQ3ZjExMzQ2NmFhYmUzZmJhOWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7GVWGfsa7Pldfoo4l9XQ2xt3h+dx
XbysqGWpCPgbAz2RAEgL/EmmOZJrzSK35V43pFlEUj+g4UNIq1qasnlcbCkGhCdi
OI+93vu+Q1TgQ53eflKXImiYb5XqUaa8f8DckOCYiNVvufvFf9wo99XfIN+SQ/99
pIQoIAYocvX4bc43VBhUnIFV802L5yBK/auX3BdB4F74GkgsTczRD8r80pbW4NLB
S3UjrNLU0rpvaGgCxdAXQrcGzVhZv+ps+jUN7dV4sADxjvJf320u4mb5eIlMs/FD
dwMm03UJ6+n7B7BJ9I+7rPEST8nMA1x5MEXVL2dK3+0X91Ej4pn8gljijQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEncdLPLrKSytiRH8RNGaqvj+6nXMB8GA1UdIwQY
MBaAFC6HKCb84CvZSF7ydmQdK1hPWZs3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9jb0p2emdLOWxJWHZKMlpCMHJXRTlabXpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xYmNlZjQtMTMxZC00ZGI1LTk0Yzct
MjRjNzliMWNiNGRhLzEvU2R4MHM4dXNwTEsySkVmeEUwWnFxLVA3cWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xYmNlZjQtMTMxZC00ZGI1LTk0YzctMjRjNzliMWNiNGRh
LzEvTG9jb0p2emdLOWxJWHZKMlpCMHJXRTlabXpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALUNKMA8E
AgACMAkDBwAqENYAAAAwDQYJKoZIhvcNAQELBQADggEBAMXFa1tJCgffiUCBWCIc
rgoPuI7VI8bU4f8xtvgD+sDDmeTZ/YhK/l4773Sn/ldqeJMAPTgnkECU+HCxg22A
rTBZJCkxKGGaIHjLH/DaoebiTCJiuOwmNiMR2YCan0+ytQtUWtawcXI25ux8Awj7
Ms4kkLVjY6k0POYaXTMDh3JK9BhSq1QoVCuf0GBIpnYn28a4uYNRSThxXiLFBqvT
tZwxR9r1o4WlkO2QBG/LLiGx/EbdHAq+rzy/I1KYri8EJsgWA71fD9A7L7muyQbX
DZEp1v6H9+rLJX9HdRUU/KC/595IEf6JJPq2sXVrDiklnaCToWz41g/FbViZX4aC
a10=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:14 2025 by rpki-client on console.sobornost.net