Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/fUXrv6-AqG-Sdl9xICl4cQAU7yA.roa
File: fUXrv6-AqG-Sdl9xICl4cQAU7yA.roa (raw, json)
Hash identifier: jv2v4x0octz1D9witRg3iiWbwIrgi4wxjje3xLewI+U=
Subject key identifier: 7D:45:EB:BF:AF:80:A8:6F:92:76:5F:71:20:29:78:71:00:14:EF:20
Certificate issuer: /CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Certificate serial: 0194C70C1A85D202882FAB7D9591C86ADA66
Authority key identifier: B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/fUXrv6-AqG-Sdl9xICl4cQAU7yA.roa
Signing time: Sun 02 Feb 2025 14:24:06 +0000
ROA not before: Sun 02 Feb 2025 14:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215366
IP address blocks: 45.67.157.0/24 maxlen: 24
2a09:7ac1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c7:0c:1a:85:d2:02:88:2f:ab:7d:95:91:c8:6a:da:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Validity
Not Before: Feb 2 14:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d45ebbfaf80a86f92765f71202978710014ef20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:45:fb:24:2f:4f:d0:1b:5a:1d:d3:32:4b:bb:
82:97:a0:09:15:96:25:23:f8:f4:b8:f1:69:a7:03:
ea:d9:81:61:9e:ee:88:4f:b5:fc:30:be:27:36:e4:
a1:d9:c1:db:70:78:ac:02:1e:06:9e:9c:c0:5b:b7:
a4:80:b3:b7:08:30:d4:d9:db:70:3d:b2:30:c4:25:
3a:ac:c4:ce:1c:f1:90:70:3d:98:2b:29:3c:7c:be:
b9:b5:13:a5:4b:1e:b4:49:62:c3:c7:df:9a:26:ec:
56:63:f7:59:9d:bf:cd:61:00:e3:2b:7f:a1:2a:b1:
2b:bd:68:33:51:33:b9:ef:78:dc:fe:58:76:21:0b:
91:ab:5d:2e:f4:1f:4c:72:20:ea:e2:97:e9:00:75:
52:40:ab:3c:75:6b:cb:17:42:bc:28:82:75:b7:69:
bb:3a:90:cf:8a:9e:be:96:0a:6a:97:6c:db:95:32:
57:a5:05:af:03:6f:dc:f9:fc:4a:09:c4:d5:e7:e7:
3f:c1:f0:f0:3a:b0:72:12:1f:18:95:e6:1d:d2:ab:
2e:66:3a:96:64:92:fb:20:51:f2:97:ea:79:75:bb:
57:be:0f:fa:78:a3:21:61:77:f9:c1:c5:c9:0f:bc:
e1:90:39:0f:b6:d1:e5:64:2f:15:74:51:41:c0:4b:
06:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:45:EB:BF:AF:80:A8:6F:92:76:5F:71:20:29:78:71:00:14:EF:20
X509v3 Authority Key Identifier:
keyid:B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/fUXrv6-AqG-Sdl9xICl4cQAU7yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.157.0/24
IPv6:
2a09:7ac1::/48
Signature Algorithm: sha256WithRSAEncryption
05:bc:60:a5:5c:f6:cd:e0:7e:e2:ad:ff:7c:87:a8:81:0b:b7:
2b:01:3e:e5:55:3d:06:02:38:ec:a3:36:63:f9:e9:28:37:3b:
34:26:48:8a:d7:49:2f:ef:64:e5:6b:39:11:6f:a2:23:58:d5:
f9:12:17:f1:2f:18:ac:ee:df:3e:44:09:46:58:e7:13:61:a7:
1b:18:87:9a:c4:41:59:39:f2:fb:98:1e:fa:97:85:3a:37:b9:
7a:1e:eb:44:1b:00:49:f7:f2:84:ca:14:5b:bd:7d:ea:5a:8e:
57:b9:be:f8:56:e1:a1:b3:e1:ea:e6:fa:54:e8:95:a2:75:5b:
74:0a:a3:98:5e:55:79:38:a5:66:31:21:02:49:db:e5:15:7d:
a2:aa:74:89:be:0d:f5:5c:51:ae:b1:38:ca:f3:51:6c:8d:13:
42:15:76:d9:ca:0a:4e:75:24:b1:f1:fe:9d:8b:60:6a:f9:b6:
9a:68:6f:1e:5c:85:91:45:80:71:c3:e6:01:d7:20:d2:46:bf:
00:a5:e1:96:3b:61:b9:76:b4:74:a2:05:45:45:dc:10:54:48:
5d:62:a2:60:e3:d8:e6:a4:ee:52:ac:0f:76:48:72:a6:59:30:
72:87:5b:7f:1b:3a:49:af:46:50:cb:c4:88:85:16:fe:12:83:
d1:af:ee:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZTHDBqF0gKIL6t9lZHIatpmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NDI3ZWE0OWY5NzJkMTljNTYzOTNhNjg5ZTdjYmViOTkw
ZDVkN2EwHhcNMjUwMjAyMTQyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDQ1ZWJiZmFmODBhODZmOTI3NjVmNzEyMDI5Nzg3MTAwMTRlZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0X7JC9P0BtaHdMyS7uCl6AJFZYl
I/j0uPFppwPq2YFhnu6IT7X8ML4nNuSh2cHbcHisAh4GnpzAW7ekgLO3CDDU2dtw
PbIwxCU6rMTOHPGQcD2YKyk8fL65tROlSx60SWLDx9+aJuxWY/dZnb/NYQDjK3+h
KrErvWgzUTO573jc/lh2IQuRq10u9B9MciDq4pfpAHVSQKs8dWvLF0K8KIJ1t2m7
OpDPip6+lgpql2zblTJXpQWvA2/c+fxKCcTV5+c/wfDwOrByEh8YleYd0qsuZjqW
ZJL7IFHyl+p5dbtXvg/6eKMhYXf5wcXJD7zhkDkPttHlZC8VdFFBwEsGBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH1F67+vgKhvknZfcSApeHEAFO8gMB8GA1UdIwQY
MBaAFLVCfqSfly0ZxWOTponny+uZDV16MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1Mjgt
MGM0OTU0NzdjYTEwLzEvZlVYcnY2LUFxRy1TZGw5eElDbDRjUUFVN3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1MjgtMGM0OTU0NzdjYTEw
LzEvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALUOdMA8E
AgACMAkDBwAqCXrBAAAwDQYJKoZIhvcNAQELBQADggEBAAW8YKVc9s3gfuKt/3yH
qIELtysBPuVVPQYCOOyjNmP56Sg3OzQmSIrXSS/vZOVrORFvoiNY1fkSF/EvGKzu
3z5ECUZY5xNhpxsYh5rEQVk58vuYHvqXhTo3uXoe60QbAEn38oTKFFu9fepajle5
vvhW4aGz4erm+lTolaJ1W3QKo5heVXk4pWYxIQJJ2+UVfaKqdIm+DfVcUa6xOMrz
UWyNE0IVdtnKCk51JLHx/p2LYGr5tppobx5chZFFgHHD5gHXINJGvwCl4ZY7Ybl2
tHSiBUVF3BBUSF1iomDj2Oak7lKsD3ZIcqZZMHKHW38bOkmvRlDLxIiFFv4Sg9Gv
7sI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net