Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/r4VU_uNqDC_tYxTm1Z-aicTmAoU.roa
File: r4VU_uNqDC_tYxTm1Z-aicTmAoU.roa (raw, json)
Hash identifier: GEBOWS5Nmk+ZdCwQMB5B+9yuw+vJ1/5swydSImIPrxc=
Subject key identifier: AF:85:54:FE:E3:6A:0C:2F:ED:63:14:E6:D5:9F:9A:89:C4:E6:02:85
Certificate issuer: /CN=0c477abf0a27ede886fbc42413d7a89c226b11fa
Certificate serial: 019424B2AE007936219B96346039239F4C5D
Authority key identifier: 0C:47:7A:BF:0A:27:ED:E8:86:FB:C4:24:13:D7:A8:9C:22:6B:11:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEd6vwon7eiG-8QkE9eonCJrEfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/r4VU_uNqDC_tYxTm1Z-aicTmAoU.roa
Signing time: Thu 02 Jan 2025 01:47:57 +0000
ROA not before: Thu 02 Jan 2025 01:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213078
IP address blocks: 45.87.208.0/22 maxlen: 22
2a06:bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:ae:00:79:36:21:9b:96:34:60:39:23:9f:4c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c477abf0a27ede886fbc42413d7a89c226b11fa
Validity
Not Before: Jan 2 01:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af8554fee36a0c2fed6314e6d59f9a89c4e60285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:73:fc:28:81:1e:36:ee:19:95:49:ee:dd:ca:
d3:d5:c2:94:26:d3:59:43:dc:f3:87:9b:57:a8:2b:
74:f4:61:21:96:dc:db:19:08:e3:47:0c:4d:c3:27:
f7:c6:82:53:90:7c:e9:3a:2e:f8:5b:b1:76:e4:ee:
b9:0d:65:a1:c2:01:e4:b8:c4:41:b8:df:c7:dd:94:
74:2c:00:f9:89:9f:cd:21:b1:3f:c4:dc:24:23:bc:
51:cc:45:f2:28:14:ce:d0:d6:75:bb:01:b7:c0:8d:
3e:b4:9a:86:b4:52:62:e6:74:73:d0:d5:14:e3:84:
d7:3c:9e:ac:7d:ff:74:f8:3b:fa:ed:df:c9:72:d4:
01:f6:1e:a7:5b:bb:33:5a:82:8c:2f:92:5c:03:e5:
a1:08:d9:77:c6:cd:9b:25:48:6c:20:cf:2f:b0:3b:
cf:a7:66:d8:fa:9c:6e:6b:71:0c:30:30:96:9e:1a:
c9:23:0d:41:b3:5b:73:56:5a:37:3a:5e:ac:3a:cb:
5c:69:92:5f:f9:cc:e0:83:c3:6c:ee:c6:03:d9:e3:
95:9c:3f:6d:10:5c:ce:f5:79:b8:03:49:c9:36:4f:
22:63:14:1d:b7:c4:c2:78:ba:7f:e3:43:83:3c:ff:
47:14:85:97:f6:eb:d3:8f:c0:0b:d8:a4:28:0c:25:
c3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:85:54:FE:E3:6A:0C:2F:ED:63:14:E6:D5:9F:9A:89:C4:E6:02:85
X509v3 Authority Key Identifier:
keyid:0C:47:7A:BF:0A:27:ED:E8:86:FB:C4:24:13:D7:A8:9C:22:6B:11:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEd6vwon7eiG-8QkE9eonCJrEfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/r4VU_uNqDC_tYxTm1Z-aicTmAoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/DEd6vwon7eiG-8QkE9eonCJrEfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.208.0/22
IPv6:
2a06:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
31:b4:21:e2:8d:49:16:3c:13:6b:21:64:df:54:b7:22:0a:ac:
fc:c6:42:50:0d:ad:80:73:63:b4:df:1a:50:d0:0a:5a:ec:c1:
fb:0d:4f:06:b5:64:cf:8f:e3:1b:81:2d:b6:75:48:c6:12:ab:
bc:4a:e4:c2:e1:ca:79:ab:6d:df:44:48:18:9c:dd:dc:8e:31:
6b:75:c7:b3:60:bf:2e:b2:8e:29:87:99:a5:76:13:d3:d5:d2:
89:9a:1c:25:23:ff:06:96:14:06:cc:4c:b9:1d:ba:54:29:0e:
03:1e:72:7a:4b:b4:1f:7d:8d:c4:3e:2f:6c:14:03:a6:cc:6e:
15:0d:2e:69:a4:48:62:4a:74:1a:c9:ed:5e:7c:d4:46:79:5e:
58:b2:c2:3c:29:dd:14:e2:9b:25:1e:1d:2a:02:67:e2:b2:ba:
ea:f7:f7:47:b8:3b:a8:e5:50:91:e8:ec:e5:96:e4:80:3e:2b:
5b:bf:20:c6:78:7f:bf:43:8d:60:f8:d5:67:db:c3:a9:39:1e:
bc:73:3d:3b:c5:f9:ea:ac:16:f0:ee:60:23:97:52:88:0f:40:
eb:26:21:d4:84:65:1a:e9:cd:d4:f2:90:27:c2:52:c6:5e:17:
66:98:6d:ee:3e:2f:a9:ac:c8:3a:a7:d8:77:d8:ce:60:22:91:
b2:21:c0:a9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQksq4AeTYhm5Y0YDkjn0xdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDc3YWJmMGEyN2VkZTg4NmZiYzQyNDEzZDdhODljMjI2
YjExZmEwHhcNMjUwMTAyMDE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjg1NTRmZWUzNmEwYzJmZWQ2MzE0ZTZkNTlmOWE4OWM0ZTYwMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXP8KIEeNu4ZlUnu3crT1cKUJtNZ
Q9zzh5tXqCt09GEhltzbGQjjRwxNwyf3xoJTkHzpOi74W7F25O65DWWhwgHkuMRB
uN/H3ZR0LAD5iZ/NIbE/xNwkI7xRzEXyKBTO0NZ1uwG3wI0+tJqGtFJi5nRz0NUU
44TXPJ6sff90+Dv67d/JctQB9h6nW7szWoKML5JcA+WhCNl3xs2bJUhsIM8vsDvP
p2bY+pxua3EMMDCWnhrJIw1Bs1tzVlo3Ol6sOstcaZJf+czgg8Ns7sYD2eOVnD9t
EFzO9Xm4A0nJNk8iYxQdt8TCeLp/40ODPP9HFIWX9uvTj8AL2KQoDCXDvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK+FVP7jagwv7WMU5tWfmonE5gKFMB8GA1UdIwQY
MBaAFAxHer8KJ+3ohvvEJBPXqJwiaxH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVkNnZ3b243ZWlHLThRa0U5ZW9uQ0pyRWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81NTZkM2QtMDQyMi00NjEyLWEyMTct
MThmNGY2NmE1MGEwLzEvcjRWVV91TnFEQ190WXhUbTFaLWFpY1RtQW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81NTZkM2QtMDQyMi00NjEyLWEyMTctMThmNGY2NmE1MGEw
LzEvREVkNnZ3b243ZWlHLThRa0U5ZW9uQ0pyRWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVfQMA0E
AgACMAcDBQMqBgvAMA0GCSqGSIb3DQEBCwUAA4IBAQAxtCHijUkWPBNrIWTfVLci
Cqz8xkJQDa2Ac2O03xpQ0Apa7MH7DU8GtWTPj+MbgS22dUjGEqu8SuTC4cp5q23f
REgYnN3cjjFrdcezYL8uso4ph5mldhPT1dKJmhwlI/8GlhQGzEy5HbpUKQ4DHnJ6
S7QffY3EPi9sFAOmzG4VDS5ppEhiSnQaye1efNRGeV5YssI8Kd0U4pslHh0qAmfi
srrq9/dHuDuo5VCR6OzlluSAPitbvyDGeH+/Q41g+NVn28OpOR68cz07xfnqrBbw
7mAjl1KID0DrJiHUhGUa6c3U8pAnwlLGXhdmmG3uPi+prMg6p9h32M5gIpGyIcCp
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:49 2025 by rpki-client on console.sobornost.net