Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/K6xaLl2fknJBgw1Nb2Cj0TA8oJA.roa
File: K6xaLl2fknJBgw1Nb2Cj0TA8oJA.roa (raw, json)
Hash identifier: +DXRxtDiDTuNPP3XfbOuBoSJqxfeETnbTJao9qkvOp4=
Subject key identifier: 2B:AC:5A:2E:5D:9F:92:72:41:83:0D:4D:6F:60:A3:D1:30:3C:A0:90
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 01961BFAA01742575E21CB2DCE9A52CB28B2
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/K6xaLl2fknJBgw1Nb2Cj0TA8oJA.roa
Signing time: Wed 09 Apr 2025 19:15:31 +0000
ROA not before: Wed 09 Apr 2025 19:15:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46450
IP address blocks: 45.152.165.0/24 maxlen: 24
152.89.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1b:fa:a0:17:42:57:5e:21:cb:2d:ce:9a:52:cb:28:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Apr 9 19:15:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bac5a2e5d9f927241830d4d6f60a3d1303ca090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:27:f5:45:33:6c:fe:5f:ff:9b:b1:71:78:07:
f8:79:79:98:23:dd:60:0b:d3:93:53:4a:29:75:96:
81:1e:37:3b:37:af:52:2c:f0:c6:43:58:56:1d:d4:
0b:9f:43:ed:00:95:ea:6f:3e:eb:2f:04:30:50:48:
81:a1:6c:6d:a3:08:59:32:9d:dd:26:f0:f1:27:66:
91:ff:f6:56:96:86:e5:26:fc:17:0d:35:d1:56:60:
7c:e2:c0:63:40:72:eb:da:a3:c9:4e:ce:76:9c:a3:
f9:79:27:b0:94:c7:73:79:62:65:4a:51:43:6f:10:
bd:15:c2:6c:06:47:a5:45:37:8f:18:6f:5f:32:d2:
7a:cd:6e:22:e9:2f:98:2f:1d:62:57:7f:73:6c:03:
75:77:c5:b9:ca:08:85:3c:c5:78:7b:6a:da:26:05:
69:bc:d0:e1:b4:40:f8:ca:25:83:2e:35:d8:f6:46:
ca:2c:90:54:dc:28:4c:5d:79:b9:8c:ba:bb:14:1c:
50:46:c5:a5:72:ee:7d:e8:0c:09:1a:39:5e:63:2e:
d8:53:00:77:4b:af:ee:e8:32:03:27:32:5d:bc:d7:
4d:ef:0f:bf:5b:1e:cd:58:ba:ea:fc:4a:53:1a:a9:
0e:3b:9e:87:96:96:4e:b4:7d:60:a6:9c:65:f6:1c:
4b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:AC:5A:2E:5D:9F:92:72:41:83:0D:4D:6F:60:A3:D1:30:3C:A0:90
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/K6xaLl2fknJBgw1Nb2Cj0TA8oJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.165.0/24
152.89.194.0/24
Signature Algorithm: sha256WithRSAEncryption
06:55:9e:d3:6f:9e:32:2e:64:33:4b:b0:c5:eb:00:bf:5e:34:
1d:5d:5c:80:e4:ea:50:8b:12:4a:55:46:e5:4e:3d:f7:82:7e:
e6:ce:97:e3:33:cd:ea:04:b5:a0:4b:af:c2:dc:2e:85:d1:8f:
25:ce:8f:f9:71:fd:fc:80:3a:ac:68:d5:67:9f:d2:67:16:ef:
a7:74:a8:a7:d5:b6:05:0a:9d:b4:9d:25:f2:e3:46:46:6d:49:
bf:62:3b:a2:1d:9c:36:f6:3d:c1:c4:2d:03:e5:62:d2:d8:b2:
41:84:a5:28:d1:db:e7:d5:12:29:9b:9c:71:f5:1f:5f:d2:40:
3c:32:91:2b:57:d4:0f:fb:09:7c:a5:4f:7f:9f:24:57:7e:bb:
33:04:79:9c:73:98:1b:b1:27:41:81:d6:9c:49:9e:cb:a1:bd:
b7:6b:32:77:2d:b9:0e:7d:ba:b4:1c:ed:a9:eb:cb:c9:f3:6d:
25:41:fd:0d:50:50:5a:a5:96:ef:a6:15:54:58:34:ae:da:8b:
5d:f6:7e:af:ba:6a:89:77:ef:b0:0a:ab:76:b5:0a:fa:4a:cb:
8e:5a:43:c7:34:ff:96:3c:2a:d5:fd:3b:f6:d7:2d:8d:bd:4f:
ee:c4:b4:c6:89:e8:06:8c:b8:3b:9d:ac:bb:60:86:50:8d:39:
b0:76:a3:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYb+qAXQldeIcstzppSyyiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwNDA5MTkxNTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmFjNWEyZTVkOWY5MjcyNDE4MzBkNGQ2ZjYwYTNkMTMwM2NhMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSf1RTNs/l//m7FxeAf4eXmYI91g
C9OTU0opdZaBHjc7N69SLPDGQ1hWHdQLn0PtAJXqbz7rLwQwUEiBoWxtowhZMp3d
JvDxJ2aR//ZWloblJvwXDTXRVmB84sBjQHLr2qPJTs52nKP5eSewlMdzeWJlSlFD
bxC9FcJsBkelRTePGG9fMtJ6zW4i6S+YLx1iV39zbAN1d8W5ygiFPMV4e2raJgVp
vNDhtED4yiWDLjXY9kbKLJBU3ChMXXm5jLq7FBxQRsWlcu596AwJGjleYy7YUwB3
S6/u6DIDJzJdvNdN7w+/Wx7NWLrq/EpTGqkOO56HlpZOtH1gppxl9hxLKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCusWi5dn5JyQYMNTW9go9EwPKCQMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvSzZ4YUxsMmZrbkpCZ3cxTmIyQ2owVEE4b0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZilAwQA
mFnCMA0GCSqGSIb3DQEBCwUAA4IBAQAGVZ7Tb54yLmQzS7DF6wC/XjQdXVyA5OpQ
ixJKVUblTj33gn7mzpfjM83qBLWgS6/C3C6F0Y8lzo/5cf38gDqsaNVnn9JnFu+n
dKin1bYFCp20nSXy40ZGbUm/YjuiHZw29j3BxC0D5WLS2LJBhKUo0dvn1RIpm5xx
9R9f0kA8MpErV9QP+wl8pU9/nyRXfrszBHmcc5gbsSdBgdacSZ7Lob23azJ3LbkO
fbq0HO2p68vJ820lQf0NUFBapZbvphVUWDSu2otd9n6vumqJd++wCqt2tQr6SsuO
WkPHNP+WPCrV/Tv21y2NvU/uxLTGiegGjLg7nay7YIZQjTmwdqN1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net