Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/ca510c-b6d1-4eb3-8dd1-498f4c10b655/1/3f1U8HcG3gg1d7c-AMV0OeLqnk4.roa
File: 3f1U8HcG3gg1d7c-AMV0OeLqnk4.roa (raw, json)
Hash identifier: 6g/YiGFM7SXH1avma+AWhdPQYeSM8xFquer6wIrnMrw=
Subject key identifier: DD:FD:54:F0:77:06:DE:08:35:77:B7:3E:00:C5:74:39:E2:EA:9E:4E
Certificate issuer: /CN=ded8582b0243863c572ce25786ccb36ff795b22e
Certificate serial: 01941F8C297E4C04F17266D80F774973D963
Authority key identifier: DE:D8:58:2B:02:43:86:3C:57:2C:E2:57:86:CC:B3:6F:F7:95:B2:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3thYKwJDhjxXLOJXhsyzb_eVsi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/ca510c-b6d1-4eb3-8dd1-498f4c10b655/1/3f1U8HcG3gg1d7c-AMV0OeLqnk4.roa
Signing time: Wed 01 Jan 2025 01:47:46 +0000
ROA not before: Wed 01 Jan 2025 01:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34605
IP address blocks: 45.142.88.0/24 maxlen: 24
45.142.90.0/24 maxlen: 24
178.218.64.0/24 maxlen: 24
178.218.65.0/24 maxlen: 24
178.218.66.0/24 maxlen: 24
178.218.67.0/24 maxlen: 24
178.218.68.0/24 maxlen: 24
178.218.69.0/24 maxlen: 24
178.218.70.0/24 maxlen: 24
178.218.71.0/24 maxlen: 24
178.218.72.0/24 maxlen: 24
178.218.73.0/24 maxlen: 24
178.218.74.0/24 maxlen: 24
178.218.75.0/24 maxlen: 24
178.218.76.0/24 maxlen: 24
178.218.77.0/24 maxlen: 24
178.218.78.0/24 maxlen: 24
178.218.79.0/24 maxlen: 24
194.126.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:29:7e:4c:04:f1:72:66:d8:0f:77:49:73:d9:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ded8582b0243863c572ce25786ccb36ff795b22e
Validity
Not Before: Jan 1 01:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddfd54f07706de083577b73e00c57439e2ea9e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:01:79:5e:d8:cc:46:24:27:39:2e:ca:dd:c9:
29:56:2f:c6:bd:82:2b:67:e2:f0:e4:18:7e:a9:ec:
a2:3a:2f:e9:a8:5f:3c:2c:46:2f:05:a3:52:c9:96:
99:6d:a4:8c:d7:33:6d:44:54:9a:5c:4d:5d:85:b3:
a1:8a:ac:07:61:02:af:ab:05:cb:31:e3:45:73:ca:
e5:1d:f1:05:c9:56:02:c6:76:a3:b6:23:57:8c:ce:
82:ff:51:9f:e6:0e:33:be:bb:27:71:12:f0:5b:d3:
cc:f4:b3:59:16:2c:c8:27:0f:9d:4d:7e:40:80:2a:
7f:5a:f7:e0:f7:d8:4c:71:12:a2:3b:05:54:ae:71:
14:6b:5a:14:00:37:de:64:96:aa:12:f5:09:75:d1:
58:12:d7:cc:58:fb:db:71:96:53:b4:29:9b:9e:12:
ad:de:41:6a:e7:00:0c:a8:c1:cc:05:ab:aa:78:68:
5b:fb:0b:93:b2:b1:e5:d9:cd:36:8c:f1:66:8a:6b:
80:e2:69:92:e7:af:20:a9:b4:9b:87:1e:b4:08:9c:
78:cf:e1:85:33:fe:4f:77:50:b2:f2:f0:4b:82:40:
c4:91:cf:d4:c7:b8:16:3e:95:75:17:67:fe:48:d1:
14:69:bd:ea:6b:14:f4:59:e6:09:e6:85:5a:13:89:
fd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:FD:54:F0:77:06:DE:08:35:77:B7:3E:00:C5:74:39:E2:EA:9E:4E
X509v3 Authority Key Identifier:
keyid:DE:D8:58:2B:02:43:86:3C:57:2C:E2:57:86:CC:B3:6F:F7:95:B2:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3thYKwJDhjxXLOJXhsyzb_eVsi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/ca510c-b6d1-4eb3-8dd1-498f4c10b655/1/3f1U8HcG3gg1d7c-AMV0OeLqnk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/ca510c-b6d1-4eb3-8dd1-498f4c10b655/1/3thYKwJDhjxXLOJXhsyzb_eVsi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.88.0/24
45.142.90.0/24
178.218.64.0/20
194.126.204.0/24
Signature Algorithm: sha256WithRSAEncryption
95:4a:3a:97:7e:d4:be:55:20:5b:d6:ee:50:61:57:30:2f:ac:
9d:21:3f:a6:59:c6:d0:2b:65:cf:9a:0d:d4:57:04:31:c8:6e:
70:b7:7d:92:03:77:32:dd:5e:33:47:52:aa:62:d5:9e:c0:f1:
bc:bd:0e:46:1b:99:83:e8:af:78:20:e8:00:79:be:47:ae:9f:
27:90:5e:82:e8:b2:88:4c:15:29:b2:cd:04:ee:8e:64:86:f1:
c2:33:47:5a:83:b1:79:d7:d2:80:cd:24:dc:18:13:84:36:56:
6d:41:de:b7:5c:d4:58:fd:a6:80:6b:20:1f:9f:46:00:93:ae:
39:a7:fc:e1:8d:73:92:5c:94:80:48:3e:94:5f:4c:ca:b9:4d:
4e:15:93:4f:49:b3:2a:51:57:5a:48:de:04:97:12:a3:cc:cb:
6d:c3:77:03:64:cf:94:77:ed:19:f2:cd:bf:cd:61:56:2a:a5:
65:33:17:7a:ce:83:48:dc:01:38:58:85:b6:0c:95:05:71:1f:
80:11:fb:cd:5c:a5:e3:4d:38:0e:5e:93:f2:1e:a9:7f:f3:0c:
45:cb:6a:a3:a9:30:08:9a:79:a5:eb:0a:e0:28:35:9e:21:4f:
0f:0e:d8:8e:13:44:3c:69:72:0a:8f:5a:33:04:0f:76:af:3f:
4f:d7:30:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQfjCl+TATxcmbYD3dJc9ljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZDg1ODJiMDI0Mzg2M2M1NzJjZTI1Nzg2Y2NiMzZmZjc5
NWIyMmUwHhcNMjUwMTAxMDE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGZkNTRmMDc3MDZkZTA4MzU3N2I3M2UwMGM1NzQzOWUyZWE5ZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwF5XtjMRiQnOS7K3ckpVi/GvYIr
Z+Lw5Bh+qeyiOi/pqF88LEYvBaNSyZaZbaSM1zNtRFSaXE1dhbOhiqwHYQKvqwXL
MeNFc8rlHfEFyVYCxnajtiNXjM6C/1Gf5g4zvrsncRLwW9PM9LNZFizIJw+dTX5A
gCp/Wvfg99hMcRKiOwVUrnEUa1oUADfeZJaqEvUJddFYEtfMWPvbcZZTtCmbnhKt
3kFq5wAMqMHMBauqeGhb+wuTsrHl2c02jPFmimuA4mmS568gqbSbhx60CJx4z+GF
M/5Pd1Cy8vBLgkDEkc/Ux7gWPpV1F2f+SNEUab3qaxT0WeYJ5oVaE4n9jwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN39VPB3Bt4INXe3PgDFdDni6p5OMB8GA1UdIwQY
MBaAFN7YWCsCQ4Y8VyziV4bMs2/3lbIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3RoWUt3SkRoanhYTE9KWGhzeXpiX2VWc2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jYTUxMGMtYjZkMS00ZWIzLThkZDEt
NDk4ZjRjMTBiNjU1LzEvM2YxVThIY0czZ2cxZDdjLUFNVjBPZUxxbms0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jYTUxMGMtYjZkMS00ZWIzLThkZDEtNDk4ZjRjMTBiNjU1
LzEvM3RoWUt3SkRoanhYTE9KWGhzeXpiX2VWc2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY5YAwQA
LY5aAwQEstpAAwQAwn7MMA0GCSqGSIb3DQEBCwUAA4IBAQCVSjqXftS+VSBb1u5Q
YVcwL6ydIT+mWcbQK2XPmg3UVwQxyG5wt32SA3cy3V4zR1KqYtWewPG8vQ5GG5mD
6K94IOgAeb5Hrp8nkF6C6LKITBUpss0E7o5khvHCM0dag7F519KAzSTcGBOENlZt
Qd63XNRY/aaAayAfn0YAk645p/zhjXOSXJSASD6UX0zKuU1OFZNPSbMqUVdaSN4E
lxKjzMttw3cDZM+Ud+0Z8s2/zWFWKqVlMxd6zoNI3AE4WIW2DJUFcR+AEfvNXKXj
TTgOXpPyHql/8wxFy2qjqTAImnml6wrgKDWeIU8PDtiOE0Q8aXIKj1ozBA92rz9P
1zCm
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:08 2025 by rpki-client on console.sobornost.net