Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/02e962-8ff8-416e-b1ba-a1201cc6e01b/1/g64CYQqOAhZ0eSWUTgojppUOmyU.roa
File: g64CYQqOAhZ0eSWUTgojppUOmyU.roa (raw, json)
Hash identifier: KRvJvpAicOv96+Z1/awJqo3RuCZixmomEl8lk9HVDZo=
Subject key identifier: 83:AE:02:61:0A:8E:02:16:74:79:25:94:4E:0A:23:A6:95:0E:9B:25
Certificate issuer: /CN=96344400396d0af4cb79e3c94666671b7b391f55
Certificate serial: 01942825F46066C8F6211F6705F23B47A96F
Authority key identifier: 96:34:44:00:39:6D:0A:F4:CB:79:E3:C9:46:66:67:1B:7B:39:1F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ljREADltCvTLeePJRmZnG3s5H1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/02e962-8ff8-416e-b1ba-a1201cc6e01b/1/g64CYQqOAhZ0eSWUTgojppUOmyU.roa
Signing time: Thu 02 Jan 2025 17:52:43 +0000
ROA not before: Thu 02 Jan 2025 17:52:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16089
IP address blocks: 45.88.58.0/24 maxlen: 24
79.110.60.0/24 maxlen: 24
91.209.79.0/24 maxlen: 24
2a0c:3bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:f4:60:66:c8:f6:21:1f:67:05:f2:3b:47:a9:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96344400396d0af4cb79e3c94666671b7b391f55
Validity
Not Before: Jan 2 17:52:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83ae02610a8e0216747925944e0a23a6950e9b25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:27:4e:df:87:5e:f1:a4:6d:a6:08:bb:84:a0:
20:b6:f4:66:65:5a:e8:6c:b0:ac:91:3e:71:33:f3:
f2:74:8e:52:e2:33:bf:77:b2:86:97:ee:c8:3f:8a:
0a:1d:d2:e5:bc:3f:16:30:4a:d7:97:f3:c6:87:35:
2b:97:22:3b:ed:1b:e3:d3:93:2c:8e:42:5f:97:f2:
15:ed:cd:23:ca:42:b4:78:5f:f0:c9:9b:7b:ae:eb:
a1:ba:ba:a3:b5:99:3e:0a:32:d1:57:91:f9:4c:9d:
a5:56:b6:d6:ed:66:82:cb:38:50:d6:f5:28:47:4b:
41:dc:c0:7a:a4:c6:00:19:ac:c1:06:3d:37:b4:d5:
61:75:f3:7e:f0:27:d2:50:86:73:9f:42:ed:22:aa:
6b:36:bc:42:18:e7:f8:f5:c3:f8:fa:ca:c6:64:37:
50:7d:46:c7:4d:5f:a4:5b:08:f7:ff:72:7c:e4:77:
68:05:3c:40:31:cb:17:de:13:ee:d9:ba:ad:8a:b1:
de:fd:ff:65:c9:43:cf:a5:f7:4d:ee:53:64:a5:f8:
47:22:cd:77:fc:27:16:80:e5:f7:35:e4:40:ef:c8:
11:be:59:9f:bd:20:98:05:c2:23:58:9d:14:79:03:
6f:92:ef:c8:37:86:bd:00:9e:79:70:54:ac:d9:a1:
ed:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:AE:02:61:0A:8E:02:16:74:79:25:94:4E:0A:23:A6:95:0E:9B:25
X509v3 Authority Key Identifier:
keyid:96:34:44:00:39:6D:0A:F4:CB:79:E3:C9:46:66:67:1B:7B:39:1F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ljREADltCvTLeePJRmZnG3s5H1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/02e962-8ff8-416e-b1ba-a1201cc6e01b/1/g64CYQqOAhZ0eSWUTgojppUOmyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/02e962-8ff8-416e-b1ba-a1201cc6e01b/1/ljREADltCvTLeePJRmZnG3s5H1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.58.0/24
79.110.60.0/24
91.209.79.0/24
IPv6:
2a0c:3bc0::/29
Signature Algorithm: sha256WithRSAEncryption
e8:63:24:6d:75:70:57:92:7e:3f:c5:73:cf:05:fa:8e:07:1f:
db:15:74:99:fb:d2:9f:68:04:a4:09:e3:3b:43:91:7c:7d:4c:
61:1a:d0:0c:f1:6a:1d:75:b7:a8:f6:68:1e:a4:33:92:61:f3:
db:af:59:83:0d:18:d1:21:20:8a:0e:15:1d:53:f5:e5:47:4c:
78:19:71:08:7e:da:30:d5:77:2e:d5:92:7b:2c:f7:44:33:fb:
a6:08:29:2d:e0:23:85:97:b4:bf:10:a7:43:0c:56:48:91:c1:
46:48:d2:cb:72:f7:94:42:94:55:1c:1c:f6:18:ae:43:17:1b:
1b:08:b8:2e:08:7c:2f:b5:16:2d:18:6a:18:bb:09:46:04:14:
bf:d2:ed:a3:a3:3b:9f:dd:38:06:3f:cb:61:56:61:da:ef:de:
f7:6a:c9:a2:27:d1:d7:09:6e:9f:77:b8:75:8c:d6:fb:15:6d:
6e:2f:43:2a:9e:c9:bb:7c:1a:b3:49:b5:b9:c1:60:cb:6f:06:
ed:7c:06:f7:6c:c4:a8:9a:4c:58:9f:c2:04:6c:7b:0a:28:1f:
34:9a:1f:ec:0a:73:a3:ca:f4:42:b1:00:ae:b4:8d:88:a2:51:
54:7c:9d:34:d2:53:fc:a7:f9:98:62:65:16:88:99:4e:91:89:
7a:2a:1b:f5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQoJfRgZsj2IR9nBfI7R6lvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MzQ0NDAwMzk2ZDBhZjRjYjc5ZTNjOTQ2NjY2NzFiN2Iz
OTFmNTUwHhcNMjUwMTAyMTc1MjQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2FlMDI2MTBhOGUwMjE2NzQ3OTI1OTQ0ZTBhMjNhNjk1MGU5YjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+CdO34de8aRtpgi7hKAgtvRmZVro
bLCskT5xM/PydI5S4jO/d7KGl+7IP4oKHdLlvD8WMErXl/PGhzUrlyI77Rvj05Ms
jkJfl/IV7c0jykK0eF/wyZt7ruuhurqjtZk+CjLRV5H5TJ2lVrbW7WaCyzhQ1vUo
R0tB3MB6pMYAGazBBj03tNVhdfN+8CfSUIZzn0LtIqprNrxCGOf49cP4+srGZDdQ
fUbHTV+kWwj3/3J85HdoBTxAMcsX3hPu2bqtirHe/f9lyUPPpfdN7lNkpfhHIs13
/CcWgOX3NeRA78gRvlmfvSCYBcIjWJ0UeQNvku/IN4a9AJ55cFSs2aHtiQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIOuAmEKjgIWdHkllE4KI6aVDpslMB8GA1UdIwQY
MBaAFJY0RAA5bQr0y3njyUZmZxt7OR9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGpSRUFEbHRDdlRMZWVQSlJtWm5HM3M1SDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8wMmU5NjItOGZmOC00MTZlLWIxYmEt
YTEyMDFjYzZlMDFiLzEvZzY0Q1lRcU9BaFowZVNXVVRnb2pwcFVPbXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8wMmU5NjItOGZmOC00MTZlLWIxYmEtYTEyMDFjYzZlMDFi
LzEvbGpSRUFEbHRDdlRMZWVQSlJtWm5HM3M1SDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALVg6AwQA
T248AwQAW9FPMA0EAgACMAcDBQMqDDvAMA0GCSqGSIb3DQEBCwUAA4IBAQDoYyRt
dXBXkn4/xXPPBfqOBx/bFXSZ+9KfaASkCeM7Q5F8fUxhGtAM8Woddbeo9mgepDOS
YfPbr1mDDRjRISCKDhUdU/XlR0x4GXEIftow1Xcu1ZJ7LPdEM/umCCkt4COFl7S/
EKdDDFZIkcFGSNLLcveUQpRVHBz2GK5DFxsbCLguCHwvtRYtGGoYuwlGBBS/0u2j
ozuf3TgGP8thVmHa7973asmiJ9HXCW6fd7h1jNb7FW1uL0Mqnsm7fBqzSbW5wWDL
bwbtfAb3bMSomkxYn8IEbHsKKB80mh/sCnOjyvRCsQCutI2IolFUfJ000lP8p/mY
YmUWiJlOkYl6Khv1
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:23:09 2025 by rpki-client