Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/c3daf9-3721-4591-8890-1e7a505864ba/1/PfFy3e8LNIXwxdL8OuYhM9z12Ws.roa
File: PfFy3e8LNIXwxdL8OuYhM9z12Ws.roa (raw, json)
Hash identifier: 8+uM2+g15li/FppVigQneM82V/zGTOIgt52B/js9MAg=
Subject key identifier: 3D:F1:72:DD:EF:0B:34:85:F0:C5:D2:FC:3A:E6:21:33:DC:F5:D9:6B
Certificate issuer: /CN=1ab7a257e2617897749952fe56df1940c9a38659
Certificate serial: 019426D9DA92654878488CA823A7D82B9F35
Authority key identifier: 1A:B7:A2:57:E2:61:78:97:74:99:52:FE:56:DF:19:40:C9:A3:86:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GreiV-JheJd0mVL-Vt8ZQMmjhlk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/c3daf9-3721-4591-8890-1e7a505864ba/1/PfFy3e8LNIXwxdL8OuYhM9z12Ws.roa
Signing time: Thu 02 Jan 2025 11:49:59 +0000
ROA not before: Thu 02 Jan 2025 11:49:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208457
IP address blocks: 45.135.172.0/22 maxlen: 22
2a0a:36c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:da:92:65:48:78:48:8c:a8:23:a7:d8:2b:9f:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ab7a257e2617897749952fe56df1940c9a38659
Validity
Not Before: Jan 2 11:49:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3df172ddef0b3485f0c5d2fc3ae62133dcf5d96b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6d:5b:4d:3d:50:84:fb:c3:fc:3f:62:2e:a8:
fc:ad:ac:90:c1:76:eb:4d:74:6b:0d:9b:79:3c:c4:
83:55:7b:5a:de:96:56:cc:a0:5d:25:84:a7:78:08:
99:25:d7:02:37:dd:51:44:75:84:fa:27:07:b5:07:
e2:f1:e5:9e:e6:2a:ca:04:86:e0:5f:e0:fe:20:b9:
ea:06:a8:84:61:f5:0f:f6:8d:6e:e5:5f:27:13:56:
9f:cd:ee:4d:04:b8:fa:df:1c:a6:c7:77:0b:dc:5c:
45:30:11:a6:02:24:0b:6c:10:c6:9a:31:9f:af:2b:
f2:42:c7:6d:5c:0e:61:dc:b5:1d:f0:51:d9:92:c3:
8b:e4:24:ae:13:b6:42:74:46:30:d8:92:f1:e7:36:
d5:96:6b:34:80:aa:da:95:7c:a7:16:51:bb:e0:74:
ca:f3:2f:56:ae:08:48:b4:85:b8:bb:86:12:12:d5:
29:f0:5f:a5:a2:ea:29:9b:13:0a:95:a3:d6:86:1f:
cc:50:a0:29:5c:90:dc:f9:87:93:39:81:e2:5e:f4:
4f:5e:aa:0b:59:bc:7f:1b:2e:2f:3b:fc:be:54:22:
28:a0:54:51:8f:11:95:1c:46:65:9b:02:09:40:2b:
05:1e:ad:86:b6:2f:6a:9e:3e:da:12:19:3c:24:7a:
d0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F1:72:DD:EF:0B:34:85:F0:C5:D2:FC:3A:E6:21:33:DC:F5:D9:6B
X509v3 Authority Key Identifier:
keyid:1A:B7:A2:57:E2:61:78:97:74:99:52:FE:56:DF:19:40:C9:A3:86:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GreiV-JheJd0mVL-Vt8ZQMmjhlk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c3daf9-3721-4591-8890-1e7a505864ba/1/PfFy3e8LNIXwxdL8OuYhM9z12Ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c3daf9-3721-4591-8890-1e7a505864ba/1/GreiV-JheJd0mVL-Vt8ZQMmjhlk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.172.0/22
IPv6:
2a0a:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
1c:9b:36:44:54:1d:ba:da:ff:34:02:24:36:82:af:a7:f6:f2:
25:8d:52:48:76:df:f9:95:e9:7e:50:48:11:93:c5:ad:1d:ab:
9f:28:ef:c7:2b:24:c5:ff:b7:d5:53:3a:37:14:a0:25:d8:5b:
5a:be:b7:cb:7e:5e:6f:6b:42:48:82:d0:fc:3a:33:23:75:f4:
67:3c:82:f3:2b:4a:3e:18:33:42:cc:85:b8:8d:c2:26:1a:62:
6d:11:44:12:92:ca:0e:7d:aa:8a:e0:e3:31:c0:11:59:bc:51:
1b:dc:51:44:e1:39:2b:c1:7c:db:e2:fc:15:96:37:fc:4f:e7:
37:d1:ff:d6:39:81:27:c6:8d:58:e4:35:27:85:bf:19:98:bb:
d0:4a:ed:11:04:9c:16:da:91:c5:be:c4:ac:80:08:3b:0a:30:
bf:7f:ff:43:e8:c7:a2:f7:90:24:84:52:5f:74:10:a0:92:12:
ce:90:8f:c4:a3:84:57:18:df:3f:5c:1a:51:b5:ed:8f:5c:ea:
a8:59:a4:30:a7:6f:97:07:81:f6:80:da:e4:2a:33:a0:44:5c:
f9:a9:f9:8e:a8:a5:17:59:07:0c:8f:08:e4:1d:79:ac:36:a5:
73:9d:ee:fc:4c:74:5b:4f:23:89:13:b6:a8:ec:24:db:cd:13:
1e:d1:b3:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2dqSZUh4SIyoI6fYK581MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYjdhMjU3ZTI2MTc4OTc3NDk5NTJmZTU2ZGYxOTQwYzlh
Mzg2NTkwHhcNMjUwMTAyMTE0OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGYxNzJkZGVmMGIzNDg1ZjBjNWQyZmMzYWU2MjEzM2RjZjVkOTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyG1bTT1QhPvD/D9iLqj8rayQwXbr
TXRrDZt5PMSDVXta3pZWzKBdJYSneAiZJdcCN91RRHWE+icHtQfi8eWe5irKBIbg
X+D+ILnqBqiEYfUP9o1u5V8nE1afze5NBLj63xymx3cL3FxFMBGmAiQLbBDGmjGf
ryvyQsdtXA5h3LUd8FHZksOL5CSuE7ZCdEYw2JLx5zbVlms0gKralXynFlG74HTK
8y9WrghItIW4u4YSEtUp8F+louopmxMKlaPWhh/MUKApXJDc+YeTOYHiXvRPXqoL
Wbx/Gy4vO/y+VCIooFRRjxGVHEZlmwIJQCsFHq2Gti9qnj7aEhk8JHrQpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD3xct3vCzSF8MXS/DrmITPc9dlrMB8GA1UdIwQY
MBaAFBq3olfiYXiXdJlS/lbfGUDJo4ZZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3JlaVYtSmhlSmQwbVZMLVZ0OFpRTW1qaGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jM2RhZjktMzcyMS00NTkxLTg4OTAt
MWU3YTUwNTg2NGJhLzEvUGZGeTNlOExOSVh3eGRMOE91WWhNOXoxMldzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jM2RhZjktMzcyMS00NTkxLTg4OTAtMWU3YTUwNTg2NGJh
LzEvR3JlaVYtSmhlSmQwbVZMLVZ0OFpRTW1qaGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYesMA0E
AgACMAcDBQMqCjbAMA0GCSqGSIb3DQEBCwUAA4IBAQAcmzZEVB262v80AiQ2gq+n
9vIljVJIdt/5lel+UEgRk8WtHaufKO/HKyTF/7fVUzo3FKAl2FtavrfLfl5va0JI
gtD8OjMjdfRnPILzK0o+GDNCzIW4jcImGmJtEUQSksoOfaqK4OMxwBFZvFEb3FFE
4TkrwXzb4vwVljf8T+c30f/WOYEnxo1Y5DUnhb8ZmLvQSu0RBJwW2pHFvsSsgAg7
CjC/f/9D6Mei95AkhFJfdBCgkhLOkI/Eo4RXGN8/XBpRte2PXOqoWaQwp2+XB4H2
gNrkKjOgRFz5qfmOqKUXWQcMjwjkHXmsNqVzne78THRbTyOJE7ao7CTbzRMe0bPi
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:09 2025 by rpki-client on console.sobornost.net