Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/35dfcb-d92d-48fe-9dad-854381686c7b/1/0EXTA2fh52m_pdzndlQONOR-ALo.roa
File: 0EXTA2fh52m_pdzndlQONOR-ALo.roa (raw, json)
Hash identifier: 6rMWco6WBnZhVNOyIqX9uMPGJDuagIsvvOicEopd/aI=
Subject key identifier: D0:45:D3:03:67:E1:E7:69:BF:A5:DC:E7:76:54:0E:34:E4:7E:00:BA
Certificate issuer: /CN=1e514098a5a9736cda4303e0495e94652390aa91
Certificate serial: 01954C61E903975F6455F4EAB2919831645C
Authority key identifier: 1E:51:40:98:A5:A9:73:6C:DA:43:03:E0:49:5E:94:65:23:90:AA:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlFAmKWpc2zaQwPgSV6UZSOQqpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/35dfcb-d92d-48fe-9dad-854381686c7b/1/0EXTA2fh52m_pdzndlQONOR-ALo.roa
Signing time: Fri 28 Feb 2025 11:47:19 +0000
ROA not before: Fri 28 Feb 2025 11:47:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208959
IP address blocks: 45.86.221.0/24 maxlen: 24
46.232.210.0/23 maxlen: 23
185.207.164.0/22 maxlen: 22
185.207.164.0/24 maxlen: 24
185.207.165.0/24 maxlen: 24
185.207.166.0/24 maxlen: 24
185.207.167.0/24 maxlen: 24
2a11:b00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:61:e9:03:97:5f:64:55:f4:ea:b2:91:98:31:64:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e514098a5a9736cda4303e0495e94652390aa91
Validity
Not Before: Feb 28 11:47:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d045d30367e1e769bfa5dce776540e34e47e00ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bf:5f:04:ad:3d:96:d2:67:bd:fb:5c:a0:fa:
ba:2a:88:b6:81:e8:35:af:5a:e1:76:25:b9:31:85:
86:0e:9e:a1:a0:9b:7d:6d:42:53:8f:b1:8c:0a:4a:
d9:85:2b:53:cb:5b:09:72:04:b1:38:3f:3a:03:74:
e4:28:8f:13:ab:77:60:99:91:bb:6c:09:14:82:53:
80:e3:d4:0e:1e:cb:d9:e1:e9:2b:f1:4f:cc:87:eb:
96:e4:40:6c:3a:e9:cb:5b:11:cb:f1:3b:d2:67:7e:
95:e4:f5:f3:66:1a:5c:42:ec:af:c1:a1:28:62:6e:
65:7d:0b:01:25:0c:d6:92:8c:72:2a:d4:ab:31:e3:
ff:ea:7c:da:f0:9f:19:9e:f5:58:82:53:b9:99:a7:
a2:fa:bf:74:40:5c:0e:6e:1d:36:29:39:6d:0f:e1:
09:ec:a0:3d:52:4e:39:e9:68:77:d3:15:52:be:18:
4e:73:b3:97:64:c0:6d:0f:d2:24:75:33:24:6b:36:
19:5d:fa:2f:4b:81:89:cb:cb:25:76:5d:98:93:8d:
54:25:88:6e:e3:e0:f7:91:97:f2:9d:3a:dc:99:43:
d2:7c:5f:28:dc:ec:45:fd:e3:a1:05:88:99:11:38:
e0:65:f9:45:04:5c:c9:19:aa:c2:fa:6f:5a:d6:ee:
8f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:45:D3:03:67:E1:E7:69:BF:A5:DC:E7:76:54:0E:34:E4:7E:00:BA
X509v3 Authority Key Identifier:
keyid:1E:51:40:98:A5:A9:73:6C:DA:43:03:E0:49:5E:94:65:23:90:AA:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlFAmKWpc2zaQwPgSV6UZSOQqpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/35dfcb-d92d-48fe-9dad-854381686c7b/1/0EXTA2fh52m_pdzndlQONOR-ALo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/35dfcb-d92d-48fe-9dad-854381686c7b/1/HlFAmKWpc2zaQwPgSV6UZSOQqpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.221.0/24
46.232.210.0/23
185.207.164.0/22
IPv6:
2a11:b00::/29
Signature Algorithm: sha256WithRSAEncryption
4f:9e:4c:fb:3c:63:d3:94:4e:ae:a1:d7:3e:37:98:60:0c:67:
29:18:6c:5b:10:d1:d5:14:88:cf:13:e2:51:8c:ab:d0:cc:ad:
8a:d6:c8:31:4c:a6:ef:20:0b:00:df:63:74:4f:79:a6:17:b7:
b6:12:1a:2f:ff:c1:5c:60:e8:66:c0:fb:c6:7d:46:fb:fd:05:
6e:65:40:ba:2e:ef:35:24:03:5f:31:7b:c4:aa:19:dc:db:3f:
3f:d5:a4:f6:b5:66:82:a2:8c:26:e3:88:17:43:f4:87:25:4f:
56:d1:d8:d3:cd:6b:d0:70:cf:cf:97:83:3f:b8:58:c4:96:71:
1f:db:66:69:83:5a:f8:29:a3:71:d9:ac:6c:1a:68:04:b8:e5:
eb:b9:58:2b:33:61:67:7f:d2:f7:ff:9b:6b:52:bb:03:8a:0d:
89:40:88:42:2a:e0:a2:55:55:3b:61:0d:bc:fb:d6:7a:ca:5f:
be:77:e1:38:bf:df:0a:fa:a5:84:8b:64:da:14:87:86:60:38:
47:4b:00:22:77:15:cf:d6:0f:9e:d9:33:b9:87:12:9d:1d:37:
01:ec:ac:8c:bb:5c:57:21:cf:5e:d7:b6:d9:3a:85:12:91:2a:
c0:58:19:df:c1:76:51:95:e0:9c:d6:df:f5:7b:cc:40:63:a6:
86:94:4c:09
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZVMYekDl19kVfTqspGYMWRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNTE0MDk4YTVhOTczNmNkYTQzMDNlMDQ5NWU5NDY1MjM5
MGFhOTEwHhcNMjUwMjI4MTE0NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDQ1ZDMwMzY3ZTFlNzY5YmZhNWRjZTc3NjU0MGUzNGU0N2UwMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr9fBK09ltJnvftcoPq6Koi2geg1
r1rhdiW5MYWGDp6hoJt9bUJTj7GMCkrZhStTy1sJcgSxOD86A3TkKI8Tq3dgmZG7
bAkUglOA49QOHsvZ4ekr8U/Mh+uW5EBsOunLWxHL8TvSZ36V5PXzZhpcQuyvwaEo
Ym5lfQsBJQzWkoxyKtSrMeP/6nza8J8ZnvVYglO5maei+r90QFwObh02KTltD+EJ
7KA9Uk456Wh30xVSvhhOc7OXZMBtD9IkdTMkazYZXfovS4GJy8sldl2Yk41UJYhu
4+D3kZfynTrcmUPSfF8o3OxF/eOhBYiZETjgZflFBFzJGarC+m9a1u6PSwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNBF0wNn4edpv6Xc53ZUDjTkfgC6MB8GA1UdIwQY
MBaAFB5RQJilqXNs2kMD4ElelGUjkKqRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxGQW1LV3BjMnphUXdQZ1NWNlVaU09RcXBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zNWRmY2ItZDkyZC00OGZlLTlkYWQt
ODU0MzgxNjg2YzdiLzEvMEVYVEEyZmg1Mm1fcGR6bmRsUU9OT1ItQUxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zNWRmY2ItZDkyZC00OGZlLTlkYWQtODU0MzgxNjg2Yzdi
LzEvSGxGQW1LV3BjMnphUXdQZ1NWNlVaU09RcXBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALVbdAwQB
LujSAwQCuc+kMA0EAgACMAcDBQMqEQsAMA0GCSqGSIb3DQEBCwUAA4IBAQBPnkz7
PGPTlE6uodc+N5hgDGcpGGxbENHVFIjPE+JRjKvQzK2K1sgxTKbvIAsA32N0T3mm
F7e2Ehov/8FcYOhmwPvGfUb7/QVuZUC6Lu81JANfMXvEqhnc2z8/1aT2tWaCoowm
44gXQ/SHJU9W0djTzWvQcM/Pl4M/uFjElnEf22Zpg1r4KaNx2axsGmgEuOXruVgr
M2Fnf9L3/5trUrsDig2JQIhCKuCiVVU7YQ28+9Z6yl++d+E4v98K+qWEi2TaFIeG
YDhHSwAidxXP1g+e2TO5hxKdHTcB7KyMu1xXIc9e17bZOoUSkSrAWBnfwXZRleCc
1t/1e8xAY6aGlEwJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:14 2025 by rpki-client on console.sobornost.net