Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/36CSh06Ox9mraK8un7y_6AAp-pg.roa
File: 36CSh06Ox9mraK8un7y_6AAp-pg.roa (raw, json)
Hash identifier: jvdOxqlCRm0XFIVOcdWSce8ntia41e6Cx61qkQI3/ug=
Subject key identifier: DF:A0:92:87:4E:8E:C7:D9:AB:68:AF:2E:9F:BC:BF:E8:00:29:FA:98
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 0195DD559A82554797C326FF26784D66B33D
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/36CSh06Ox9mraK8un7y_6AAp-pg.roa
Signing time: Fri 28 Mar 2025 15:18:49 +0000
ROA not before: Fri 28 Mar 2025 15:18:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211680
IP address blocks: 45.156.128.0/24 maxlen: 24
45.156.129.0/24 maxlen: 24
45.156.130.0/24 maxlen: 24
185.180.140.0/24 maxlen: 24
185.180.143.0/24 maxlen: 24
185.226.198.0/24 maxlen: 24
2a10:3c0:1::/48 maxlen: 48
2a10:3c0:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dd:55:9a:82:55:47:97:c3:26:ff:26:78:4d:66:b3:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: Mar 28 15:18:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfa092874e8ec7d9ab68af2e9fbcbfe80029fa98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:45:92:87:b9:4c:6e:f3:80:77:a2:25:cf:21:
fe:50:1b:23:c0:bf:b4:bb:02:ba:6f:e9:4a:21:39:
b8:6d:06:3a:af:26:c1:0a:85:df:ed:48:3d:dc:17:
0c:4c:35:e4:7e:a1:0b:57:32:99:d0:a5:0a:b8:33:
91:6b:6f:60:0b:f0:62:24:2c:21:fe:02:06:0b:c3:
96:2e:07:2b:c0:d5:46:09:34:5e:05:ff:bb:65:59:
48:79:cc:97:55:30:e3:42:dd:3a:64:e0:55:f1:f3:
20:3a:63:4e:35:75:48:ba:4d:26:2b:d1:a8:4b:e4:
04:22:47:40:c9:52:4c:ce:a5:ee:3d:de:d7:04:3f:
54:a7:49:f9:6a:1d:c3:df:25:bb:ed:45:db:80:65:
70:d3:b5:86:32:77:91:49:bc:60:94:9b:36:0c:48:
17:38:b5:4b:a0:53:f2:d9:84:15:7e:2d:a5:32:ee:
fa:16:47:7b:a1:60:3a:2e:b3:de:fd:04:08:ae:6d:
17:aa:6c:92:4e:18:e6:8f:40:04:28:52:1a:b8:ae:
4c:a4:68:c0:d6:ae:5d:fc:9e:fc:6a:fd:25:ea:7c:
79:87:c4:ac:73:75:ee:36:34:9a:49:87:22:01:f8:
5e:19:24:93:fb:de:24:61:f7:52:1a:8f:92:6b:05:
89:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A0:92:87:4E:8E:C7:D9:AB:68:AF:2E:9F:BC:BF:E8:00:29:FA:98
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/36CSh06Ox9mraK8un7y_6AAp-pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.128.0-45.156.130.255
185.180.140.0/24
185.180.143.0/24
185.226.198.0/24
IPv6:
2a10:3c0:1::-2a10:3c0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
77:e3:f7:40:26:7c:41:da:f3:f5:82:44:67:de:24:af:c4:86:
6f:d9:4b:68:99:cc:28:e9:20:2a:ea:fc:62:2f:d7:25:84:83:
7a:36:44:6d:f8:31:8c:74:c7:93:5d:18:47:0a:ec:88:7b:53:
b0:3b:37:37:09:91:0e:30:c4:af:db:9a:18:cb:37:02:95:78:
14:e1:39:30:3d:ed:04:05:02:e9:b8:58:e9:02:e4:13:b8:cd:
da:cc:4f:c3:92:f7:be:a5:60:e6:c3:99:1f:14:c1:d9:a9:7e:
c1:83:dc:8e:d9:c7:6a:e5:1f:73:1b:f3:86:ba:d8:72:64:c7:
03:18:31:66:f4:d3:5d:24:2c:3a:41:84:6d:0f:30:5b:ad:c5:
7e:ee:67:4b:7a:99:a0:43:91:23:d6:c1:f4:58:83:c7:f0:9b:
69:69:9f:8c:cc:ea:26:7d:db:7a:a2:28:7a:ba:ea:83:e7:8e:
e9:63:5c:87:5e:04:f4:a6:fb:74:82:fe:98:9a:03:af:33:09:
49:ba:6a:4b:dc:ec:2f:82:5f:12:04:ba:e8:3c:a1:8d:d6:f2:
d6:4e:b9:82:ab:21:3f:34:55:d7:5f:51:82:fd:50:e8:76:a1:
f4:9d:8f:c6:8f:8b:56:b9:76:d2:29:64:c0:1b:04:9b:a4:29:
9f:23:b8:d2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZXdVZqCVUeXwyb/JnhNZrM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjUwMzI4MTUxODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmEwOTI4NzRlOGVjN2Q5YWI2OGFmMmU5ZmJjYmZlODAwMjlmYTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UWSh7lMbvOAd6IlzyH+UBsjwL+0
uwK6b+lKITm4bQY6rybBCoXf7Ug93BcMTDXkfqELVzKZ0KUKuDORa29gC/BiJCwh
/gIGC8OWLgcrwNVGCTReBf+7ZVlIecyXVTDjQt06ZOBV8fMgOmNONXVIuk0mK9Go
S+QEIkdAyVJMzqXuPd7XBD9Up0n5ah3D3yW77UXbgGVw07WGMneRSbxglJs2DEgX
OLVLoFPy2YQVfi2lMu76Fkd7oWA6LrPe/QQIrm0XqmySThjmj0AEKFIauK5MpGjA
1q5d/J78av0l6nx5h8Ssc3XuNjSaSYciAfheGSST+94kYfdSGo+SawWJywIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFN+gkodOjsfZq2ivLp+8v+gAKfqYMB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvMzZDU2gwNk94OW1yYUs4dW43eV82QUFwLXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAmBAIAATAgMAwDBActnIAD
BAAtnIIDBAC5tIwDBAC5tI8DBAC54sYwGgQCAAIwFDASAwcAKhADwAABAwcAKhAD
wAACMA0GCSqGSIb3DQEBCwUAA4IBAQB34/dAJnxB2vP1gkRn3iSvxIZv2Utomcwo
6SAq6vxiL9clhIN6NkRt+DGMdMeTXRhHCuyIe1OwOzc3CZEOMMSv25oYyzcClXgU
4TkwPe0EBQLpuFjpAuQTuM3azE/Dkve+pWDmw5kfFMHZqX7Bg9yO2cdq5R9zG/OG
uthyZMcDGDFm9NNdJCw6QYRtDzBbrcV+7mdLepmgQ5Ej1sH0WIPH8JtpaZ+MzOom
fdt6oih6uuqD547pY1yHXgT0pvt0gv6YmgOvMwlJumpL3Owvgl8SBLroPKGN1vLW
TrmCqyE/NFXXX1GC/VDodqH0nY/Gj4tWuXbSKWTAGwSbpCmfI7jS
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net