Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c43b2f-10ba-4170-b521-c722217e53b6/1/1pfflrWL-bwxSYtCoyCJ-yY9sDg.roa
File: 1pfflrWL-bwxSYtCoyCJ-yY9sDg.roa (raw, json)
Hash identifier: GQomu/TYWDDZCVUe6xLQFaU9+r7oU6WwcMu5JseyRnc=
Subject key identifier: D6:97:DF:96:B5:8B:F9:BC:31:49:8B:42:A3:20:89:FB:26:3D:B0:38
Certificate issuer: /CN=61877f4ce0d361617724d4b289a8918c5c6d722d
Certificate serial: 0194228DB669BD7BF9E867B3E3B460BD8F74
Authority key identifier: 61:87:7F:4C:E0:D3:61:61:77:24:D4:B2:89:A8:91:8C:5C:6D:72:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYd_TODTYWF3JNSyiaiRjFxtci0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c43b2f-10ba-4170-b521-c722217e53b6/1/1pfflrWL-bwxSYtCoyCJ-yY9sDg.roa
Signing time: Wed 01 Jan 2025 15:48:20 +0000
ROA not before: Wed 01 Jan 2025 15:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35625
IP address blocks: 45.86.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:b6:69:bd:7b:f9:e8:67:b3:e3:b4:60:bd:8f:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61877f4ce0d361617724d4b289a8918c5c6d722d
Validity
Not Before: Jan 1 15:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d697df96b58bf9bc31498b42a32089fb263db038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:91:c0:dc:9e:a2:3a:9d:b9:9f:96:24:6b:a5:
82:b1:7a:0a:25:ea:75:41:51:63:dd:ae:bb:a7:52:
71:59:eb:ce:1e:0e:c0:c7:10:51:53:35:7a:99:3c:
85:8e:56:db:11:79:cf:b0:8f:6e:87:b2:30:99:33:
e8:70:87:a3:ed:47:0d:04:30:bf:9e:4a:2c:c6:b6:
6b:05:0d:af:9a:6f:51:63:dc:97:3f:d4:29:cd:6f:
5b:60:1e:0e:42:54:51:8d:f6:33:f2:21:4d:30:45:
59:1e:a6:dc:d1:00:81:e9:d2:68:30:d5:cf:ee:dd:
e6:6d:07:ce:13:3d:f5:5e:45:6b:4f:47:f4:b9:f5:
31:e5:ee:79:70:31:d5:06:a3:b2:74:df:be:e7:08:
16:13:cb:6d:73:a0:bf:81:f3:aa:76:32:3a:89:7d:
94:82:f6:82:7c:fc:7a:8c:92:bb:e9:35:97:68:d1:
a2:80:60:07:56:0c:d4:27:90:41:90:03:a5:4a:d6:
3c:6f:43:ba:f3:56:a2:4b:4f:fc:ab:a0:fb:c3:36:
03:49:2c:74:07:46:a3:4b:39:f8:ea:28:68:7e:ea:
6b:c4:fa:34:f2:cc:39:88:5d:00:ad:f6:b6:1a:44:
a3:d1:4a:bc:d9:fe:bc:4a:5c:8d:6f:39:33:5b:9d:
54:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:97:DF:96:B5:8B:F9:BC:31:49:8B:42:A3:20:89:FB:26:3D:B0:38
X509v3 Authority Key Identifier:
keyid:61:87:7F:4C:E0:D3:61:61:77:24:D4:B2:89:A8:91:8C:5C:6D:72:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYd_TODTYWF3JNSyiaiRjFxtci0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c43b2f-10ba-4170-b521-c722217e53b6/1/1pfflrWL-bwxSYtCoyCJ-yY9sDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c43b2f-10ba-4170-b521-c722217e53b6/1/YYd_TODTYWF3JNSyiaiRjFxtci0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.205.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:3e:82:fa:31:df:9c:d8:86:91:67:3e:15:51:24:c9:24:e0:
ce:6f:23:d0:28:80:2b:1a:74:3c:be:ca:f1:f5:02:bd:76:e2:
e9:6f:b9:3c:1e:b5:39:b1:0b:b2:4d:cd:57:69:4e:00:4a:17:
57:fe:f5:d2:df:a2:df:1f:64:25:52:d5:f2:c3:f5:be:9a:43:
58:84:af:62:89:83:f3:b7:4a:db:bb:cc:14:5a:ed:7a:9b:39:
88:e7:15:39:11:42:f2:f5:d7:d2:9a:e8:e9:ea:f8:cb:e6:c2:
ec:6d:2a:9a:e1:5b:0a:68:31:5d:9d:76:40:97:b7:a9:3b:c8:
79:97:ec:d3:53:ee:a3:b9:58:ea:f7:9e:df:a9:6c:61:ab:36:
86:67:af:f9:92:99:c0:52:80:33:d9:24:ee:72:a2:a0:c9:25:
fa:31:9a:63:13:67:f9:62:1e:44:96:87:5a:18:91:04:33:e6:
30:b5:e2:6c:eb:05:f5:0c:84:17:c6:16:bb:1d:58:8f:7e:7c:
de:2f:fd:74:39:d8:a6:79:59:4a:05:ab:d3:81:7e:3f:23:6c:
10:c0:bc:4d:52:0d:d3:54:c5:f7:00:86:9f:18:fc:73:b6:38:
21:2b:94:25:5f:ee:86:74:fb:2f:e4:73:e2:96:67:f7:80:1d:
c6:62:b8:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijbZpvXv56Gez47RgvY90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODc3ZjRjZTBkMzYxNjE3NzI0ZDRiMjg5YTg5MThjNWM2
ZDcyMmQwHhcNMjUwMTAxMTU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjk3ZGY5NmI1OGJmOWJjMzE0OThiNDJhMzIwODlmYjI2M2RiMDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8pHA3J6iOp25n5Yka6WCsXoKJep1
QVFj3a67p1JxWevOHg7AxxBRUzV6mTyFjlbbEXnPsI9uh7IwmTPocIej7UcNBDC/
nkosxrZrBQ2vmm9RY9yXP9QpzW9bYB4OQlRRjfYz8iFNMEVZHqbc0QCB6dJoMNXP
7t3mbQfOEz31XkVrT0f0ufUx5e55cDHVBqOydN++5wgWE8ttc6C/gfOqdjI6iX2U
gvaCfPx6jJK76TWXaNGigGAHVgzUJ5BBkAOlStY8b0O681aiS0/8q6D7wzYDSSx0
B0ajSzn46ihofuprxPo08sw5iF0Arfa2GkSj0Uq82f68SlyNbzkzW51UWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNaX35a1i/m8MUmLQqMgifsmPbA4MB8GA1UdIwQY
MBaAFGGHf0zg02FhdyTUsomokYxcbXItMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlkX1RPRFRZV0YzSk5TeWlhaVJqRnh0Y2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jNDNiMmYtMTBiYS00MTcwLWI1MjEt
YzcyMjIxN2U1M2I2LzEvMXBmZmxyV0wtYnd4U1l0Q295Q0oteVk5c0RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jNDNiMmYtMTBiYS00MTcwLWI1MjEtYzcyMjIxN2U1M2I2
LzEvWVlkX1RPRFRZV0YzSk5TeWlhaVJqRnh0Y2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVbNMA0G
CSqGSIb3DQEBCwUAA4IBAQANPoL6Md+c2IaRZz4VUSTJJODObyPQKIArGnQ8vsrx
9QK9duLpb7k8HrU5sQuyTc1XaU4AShdX/vXS36LfH2QlUtXyw/W+mkNYhK9iiYPz
t0rbu8wUWu16mzmI5xU5EULy9dfSmujp6vjL5sLsbSqa4VsKaDFdnXZAl7epO8h5
l+zTU+6juVjq957fqWxhqzaGZ6/5kpnAUoAz2STucqKgySX6MZpjE2f5Yh5Eloda
GJEEM+YwteJs6wX1DIQXxha7HViPfnzeL/10OdimeVlKBavTgX4/I2wQwLxNUg3T
VMX3AIafGPxztjghK5QlX+6GdPsv5HPilmf3gB3GYrjk
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:45 2025 by rpki-client on console.sobornost.net