Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/DBXYEcRKqG9TE7D7t30yvl3s7BU.roa
File: DBXYEcRKqG9TE7D7t30yvl3s7BU.roa (raw, json)
Hash identifier: mCooDNiO1ZqwllyH5Jkb8uGbf1FrnJydalex/jIta2I=
Subject key identifier: 0C:15:D8:11:C4:4A:A8:6F:53:13:B0:FB:B7:7D:32:BE:5D:EC:EC:15
Certificate issuer: /CN=22c5feb2d25fac4dd8baa4f71d8dc2268186a039
Certificate serial: 019424B371286C7553AEFA0E20C31E6CD0AD
Authority key identifier: 22:C5:FE:B2:D2:5F:AC:4D:D8:BA:A4:F7:1D:8D:C2:26:81:86:A0:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsX-stJfrE3YuqT3HY3CJoGGoDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/DBXYEcRKqG9TE7D7t30yvl3s7BU.roa
Signing time: Thu 02 Jan 2025 01:48:47 +0000
ROA not before: Thu 02 Jan 2025 01:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48399
IP address blocks: 45.15.254.0/24 maxlen: 24
45.93.13.0/24 maxlen: 24
85.193.70.0/23 maxlen: 23
178.170.223.0/24 maxlen: 24
185.190.116.0/23 maxlen: 23
185.190.118.0/23 maxlen: 23
192.70.196.0/23 maxlen: 23
192.70.198.0/23 maxlen: 23
2a07:ecc0::/30 maxlen: 30
2a07:ecc4::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:71:28:6c:75:53:ae:fa:0e:20:c3:1e:6c:d0:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c5feb2d25fac4dd8baa4f71d8dc2268186a039
Validity
Not Before: Jan 2 01:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c15d811c44aa86f5313b0fbb77d32be5decec15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e9:8a:44:40:24:e1:04:42:85:9a:93:93:5b:
35:fa:6f:49:03:b2:83:e7:ea:42:5e:d5:ef:fa:0a:
e5:6a:72:a5:22:4a:7f:46:ca:51:4c:47:af:5d:b9:
e2:63:9d:90:62:23:61:8a:5c:c2:10:9a:22:b8:bf:
2b:a5:9d:6b:2c:e8:19:cb:49:3e:bc:73:c9:ff:af:
76:a3:0f:e1:4c:c3:d9:a5:72:8f:65:8c:b9:87:a1:
d3:b2:9c:97:4b:81:83:83:89:f4:00:72:7f:5f:f6:
3d:70:69:9f:59:d3:2e:5b:b9:73:d6:1d:64:e9:9b:
bf:8b:01:0d:f5:d2:24:ab:e7:c4:6e:24:e2:5d:d7:
df:21:c2:7c:a2:73:33:f1:86:90:23:75:67:eb:fc:
ba:ed:6d:db:c2:83:7d:b0:44:92:b0:2b:f3:af:10:
e6:b6:cd:f7:79:dd:ef:7d:be:66:1d:b5:38:74:82:
4a:29:c9:ba:0f:98:4d:e7:2f:37:ad:f0:69:1e:e9:
0f:67:9f:dc:47:a7:ad:0d:ba:11:f2:ac:66:10:ad:
99:36:96:a5:71:52:b0:79:04:37:58:b2:98:30:2b:
66:43:bf:96:25:35:71:06:0b:32:ac:ed:a4:fd:ec:
21:dc:11:d4:f7:69:f4:26:c2:d0:dd:74:f8:0e:79:
10:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:15:D8:11:C4:4A:A8:6F:53:13:B0:FB:B7:7D:32:BE:5D:EC:EC:15
X509v3 Authority Key Identifier:
keyid:22:C5:FE:B2:D2:5F:AC:4D:D8:BA:A4:F7:1D:8D:C2:26:81:86:A0:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsX-stJfrE3YuqT3HY3CJoGGoDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/DBXYEcRKqG9TE7D7t30yvl3s7BU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/IsX-stJfrE3YuqT3HY3CJoGGoDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.254.0/24
45.93.13.0/24
85.193.70.0/23
178.170.223.0/24
185.190.116.0/22
192.70.196.0/22
IPv6:
2a07:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
0f:3f:b0:f6:42:1c:55:2c:cf:6b:5e:db:c4:83:60:5a:dd:53:
3c:f4:42:4a:db:40:28:42:dc:02:3e:06:b4:61:0a:c8:36:15:
83:fa:2c:35:a5:f6:0b:b9:ed:b5:b2:64:42:d2:28:10:09:ed:
da:1c:20:6f:d1:5a:2b:8d:64:0f:10:49:73:87:08:2e:25:e1:
c7:1d:a6:e1:d8:32:3f:22:93:6e:15:6b:b4:da:45:0b:45:09:
f9:91:15:06:0c:7a:a2:ed:fa:9e:af:a8:f4:d3:49:b2:0f:21:
87:45:05:7e:d8:01:53:8f:9e:4d:85:ed:8b:60:78:fc:fa:9e:
c7:47:b9:a8:be:72:74:cc:3e:4d:f9:e6:6e:f2:2a:7a:dc:ea:
6c:83:ee:4d:fe:c0:7f:52:50:8b:0d:97:11:04:3e:cb:08:8a:
b6:2c:3d:70:d5:06:64:33:48:99:a2:58:da:86:59:29:fc:1d:
b0:9e:a5:b0:30:7f:6d:9e:17:2c:86:87:4e:a3:d2:ea:d0:1f:
f0:bf:d8:a8:8e:b3:39:ee:34:0e:ab:71:92:29:0b:aa:a3:51:
7c:98:2b:73:d4:c8:6c:d7:8d:03:3f:0d:31:af:0a:a6:b3:09:
ea:ef:89:e2:07:74:c2:95:49:25:02:8d:5d:37:74:b1:33:7c:
b5:20:d9:c0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQks3EobHVTrvoOIMMebNCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzVmZWIyZDI1ZmFjNGRkOGJhYTRmNzFkOGRjMjI2ODE4
NmEwMzkwHhcNMjUwMTAyMDE0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzE1ZDgxMWM0NGFhODZmNTMxM2IwZmJiNzdkMzJiZTVkZWNlYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0umKREAk4QRChZqTk1s1+m9JA7KD
5+pCXtXv+grlanKlIkp/RspRTEevXbniY52QYiNhilzCEJoiuL8rpZ1rLOgZy0k+
vHPJ/692ow/hTMPZpXKPZYy5h6HTspyXS4GDg4n0AHJ/X/Y9cGmfWdMuW7lz1h1k
6Zu/iwEN9dIkq+fEbiTiXdffIcJ8onMz8YaQI3Vn6/y67W3bwoN9sESSsCvzrxDm
ts33ed3vfb5mHbU4dIJKKcm6D5hN5y83rfBpHukPZ5/cR6etDboR8qxmEK2ZNpal
cVKweQQ3WLKYMCtmQ7+WJTVxBgsyrO2k/ewh3BHU92n0JsLQ3XT4DnkQlQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAwV2BHESqhvUxOw+7d9Mr5d7OwVMB8GA1UdIwQY
MBaAFCLF/rLSX6xN2Lqk9x2NwiaBhqA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNYLXN0SmZyRTNZdXFUM0hZM0NKb0dHb0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kMjE2ZWQtOWE3Ni00YTkzLWI2YTkt
NDY4ZjQ5OGZhZjFjLzEvREJYWUVjUktxRzlURTdEN3QzMHl2bDNzN0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kMjE2ZWQtOWE3Ni00YTkzLWI2YTktNDY4ZjQ5OGZhZjFj
LzEvSXNYLXN0SmZyRTNZdXFUM0hZM0NKb0dHb0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALQ/+AwQA
LV0NAwQBVcFGAwQAsqrfAwQCub50AwQCwEbEMA0EAgACMAcDBQMqB+zAMA0GCSqG
SIb3DQEBCwUAA4IBAQAPP7D2QhxVLM9rXtvEg2Ba3VM89EJK20AoQtwCPga0YQrI
NhWD+iw1pfYLue21smRC0igQCe3aHCBv0VorjWQPEElzhwguJeHHHabh2DI/IpNu
FWu02kULRQn5kRUGDHqi7fqer6j000myDyGHRQV+2AFTj55Nhe2LYHj8+p7HR7mo
vnJ0zD5N+eZu8ip63Opsg+5N/sB/UlCLDZcRBD7LCIq2LD1w1QZkM0iZoljahlkp
/B2wnqWwMH9tnhcshodOo9Lq0B/wv9iojrM57jQOq3GSKQuqo1F8mCtz1Mhs140D
Pw0xrwqmswnq74niB3TClUklAo1dN3SxM3y1INnA
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:55:58 2025 by rpki-client on console.sobornost.net