Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/ApvhjKPqS54Ym0klIaNKAJ8kwfA.roa
File: ApvhjKPqS54Ym0klIaNKAJ8kwfA.roa (raw, json)
Hash identifier: G7CMBZzYEWEowN0oeXl4yB4eRy4GZVwzz9Vsjln2SbY=
Subject key identifier: 02:9B:E1:8C:A3:EA:4B:9E:18:9B:49:25:21:A3:4A:00:9F:24:C1:F0
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 019525D7ED15D6426989758B39E0AAC5455E
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/ApvhjKPqS54Ym0klIaNKAJ8kwfA.roa
Signing time: Fri 21 Feb 2025 00:11:02 +0000
ROA not before: Fri 21 Feb 2025 00:11:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 45.86.156.0/24 maxlen: 24
45.86.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:25:d7:ed:15:d6:42:69:89:75:8b:39:e0:aa:c5:45:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Feb 21 00:11:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=029be18ca3ea4b9e189b492521a34a009f24c1f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c5:85:3a:5b:bb:35:77:f9:d4:e9:69:61:a7:
3a:5e:9f:2b:50:e8:4c:75:e3:7f:1b:da:19:bf:26:
b2:7d:ef:1e:12:25:46:25:90:46:37:1a:44:a4:ec:
82:ea:6e:57:bf:2c:b5:09:48:7b:a5:f0:55:61:78:
6f:6e:de:65:15:ec:32:78:b5:b9:35:23:91:d3:35:
3d:f0:5a:49:83:93:f2:0e:b1:4b:21:e1:60:87:8f:
a0:ae:38:86:7e:39:b0:74:79:44:67:1b:3f:2f:72:
4f:24:23:49:dc:c7:8f:07:1c:1c:be:c3:b2:48:6c:
c7:13:f7:95:1a:08:cb:ae:b2:3a:21:a4:cd:1a:6c:
c3:bf:14:1d:77:52:a0:68:45:61:c5:00:cc:d1:8f:
91:8b:b9:53:a0:17:6c:27:c7:52:99:9c:cd:49:62:
9c:57:a7:81:60:73:51:67:cd:1b:f5:bd:d6:90:a3:
30:94:c6:e8:c3:07:b4:59:fa:b8:e5:7b:f0:42:43:
de:4e:d7:d8:22:cf:7b:d6:f3:2e:b2:13:b1:5a:f4:
7d:4a:08:a4:07:1e:b5:79:86:7b:ab:30:21:87:cb:
f4:f0:79:24:98:2b:21:91:d0:5e:2f:d0:18:c8:b0:
c0:79:d1:cc:f8:a6:9d:95:8e:78:77:c2:53:cb:79:
49:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9B:E1:8C:A3:EA:4B:9E:18:9B:49:25:21:A3:4A:00:9F:24:C1:F0
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/ApvhjKPqS54Ym0klIaNKAJ8kwfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.156.0/24
45.86.159.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:6b:af:40:22:7a:f3:a0:03:07:1f:02:a1:09:43:b2:22:97:
e7:17:d0:57:63:33:9e:ba:09:f6:d6:d9:c7:66:67:97:f6:f4:
be:fb:b7:4f:ce:1a:de:87:20:9e:b8:ff:8b:23:a0:a1:da:1f:
7f:65:89:9a:05:1c:8e:c5:da:32:b6:1b:35:4e:52:4a:66:65:
80:b6:dc:8e:83:23:c7:d4:f9:0f:85:8c:48:61:3d:ef:1d:44:
d0:88:80:7e:b8:18:66:c8:24:d2:76:12:85:52:4e:77:cb:67:
db:6d:44:f4:81:e9:d5:5d:16:09:11:f5:99:98:eb:a8:2a:9f:
40:63:c9:c7:89:2c:52:da:d9:78:77:ab:b2:d2:9e:ea:80:82:
5a:4c:a5:30:8c:0a:5b:b2:30:87:b9:64:3d:76:c9:46:c7:49:
c6:76:f7:7d:76:cd:c4:da:c2:77:c6:c0:b3:37:53:a4:bf:c8:
d8:bf:96:65:ab:42:bd:66:d2:c6:85:08:35:1a:6a:fb:c8:78:
28:9e:c2:8d:a4:5c:bc:b2:b7:5e:52:6c:f8:18:0f:da:d0:e4:
32:2f:36:f9:51:bc:b2:27:fe:0b:c4:88:26:ad:34:6d:19:9b:
3c:0a:b9:82:b6:a3:15:2f:76:1b:80:39:0e:c2:b5:38:5e:1b:
59:a6:ac:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUl1+0V1kJpiXWLOeCqxUVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjUwMjIxMDAxMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjliZTE4Y2EzZWE0YjllMTg5YjQ5MjUyMWEzNGEwMDlmMjRjMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sWFOlu7NXf51OlpYac6Xp8rUOhM
deN/G9oZvyayfe8eEiVGJZBGNxpEpOyC6m5Xvyy1CUh7pfBVYXhvbt5lFewyeLW5
NSOR0zU98FpJg5PyDrFLIeFgh4+grjiGfjmwdHlEZxs/L3JPJCNJ3MePBxwcvsOy
SGzHE/eVGgjLrrI6IaTNGmzDvxQdd1KgaEVhxQDM0Y+Ri7lToBdsJ8dSmZzNSWKc
V6eBYHNRZ80b9b3WkKMwlMbowwe0Wfq45XvwQkPeTtfYIs971vMushOxWvR9Sgik
Bx61eYZ7qzAhh8v08HkkmCshkdBeL9AYyLDAedHM+KadlY54d8JTy3lJgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAKb4Yyj6kueGJtJJSGjSgCfJMHwMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvQXB2aGpLUHFTNTRZbTBrbElhTktBSjhrd2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVacAwQA
LVafMA0GCSqGSIb3DQEBCwUAA4IBAQBra69AInrzoAMHHwKhCUOyIpfnF9BXYzOe
ugn21tnHZmeX9vS++7dPzhrehyCeuP+LI6Ch2h9/ZYmaBRyOxdoyths1TlJKZmWA
ttyOgyPH1PkPhYxIYT3vHUTQiIB+uBhmyCTSdhKFUk53y2fbbUT0genVXRYJEfWZ
mOuoKp9AY8nHiSxS2tl4d6uy0p7qgIJaTKUwjApbsjCHuWQ9dslGx0nGdvd9ds3E
2sJ3xsCzN1Okv8jYv5Zlq0K9ZtLGhQg1Gmr7yHgonsKNpFy8srdeUmz4GA/a0OQy
Lzb5UbyyJ/4LxIgmrTRtGZs8CrmCtqMVL3YbgDkOwrU4XhtZpqwE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:32 2025 by rpki-client on console.sobornost.net