Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/6WdB6zghlfjcIJ9nL3la4NypHd8.roa
File: 6WdB6zghlfjcIJ9nL3la4NypHd8.roa (raw, json)
Hash identifier: 2r8YaLSW3AM1t4EOyLsrjIwShnThX50gk1JUDW3w1DI=
Subject key identifier: E9:67:41:EB:38:21:95:F8:DC:20:9F:67:2F:79:5A:E0:DC:A9:1D:DF
Certificate issuer: /CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Certificate serial: 0194FF977267B68CB964F65303B7201A8AA6
Authority key identifier: 16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/6WdB6zghlfjcIJ9nL3la4NypHd8.roa
Signing time: Thu 13 Feb 2025 13:55:02 +0000
ROA not before: Thu 13 Feb 2025 13:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203847
IP address blocks: 45.142.15.0/24 maxlen: 24
62.112.200.0/22 maxlen: 22
77.83.132.0/22 maxlen: 22
178.210.240.0/21 maxlen: 21
185.122.44.0/24 maxlen: 24
185.122.45.0/24 maxlen: 24
185.122.46.0/24 maxlen: 24
185.122.47.0/24 maxlen: 24
185.206.52.0/23 maxlen: 23
193.162.128.0/24 maxlen: 24
2a01:57e0:1::/48 maxlen: 48
2a01:57e0:200::/39 maxlen: 39
2a01:57e0:400::/39 maxlen: 39
2a01:57e0:600::/39 maxlen: 39
2a01:57e0:800::/37 maxlen: 37
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ff:97:72:67:b6:8c:b9:64:f6:53:03:b7:20:1a:8a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Validity
Not Before: Feb 13 13:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e96741eb382195f8dc209f672f795ae0dca91ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:06:0c:63:e3:b2:d3:ab:90:ac:0d:c1:ec:12:
fb:c8:8b:e8:99:30:55:18:73:78:8f:1f:a2:ef:0b:
94:43:19:4d:95:b0:ed:9e:a8:da:9e:0f:0e:10:88:
78:75:a4:3a:b5:b2:8d:c0:23:b3:71:6a:81:56:e5:
be:44:a4:91:55:e5:3c:34:6e:23:7f:29:7c:28:fd:
b8:c2:c5:43:7c:1a:77:ce:e1:80:45:5f:5d:90:39:
1c:28:e6:eb:a1:09:89:1d:d9:c3:77:d9:c9:cc:02:
5d:c5:41:67:49:1c:e6:8c:e5:0b:93:1f:45:3c:ee:
3d:d4:5b:78:40:9a:62:11:dd:e5:52:d0:e5:ef:5c:
13:a0:84:0b:98:98:0a:26:9a:78:e8:78:19:00:e3:
49:5a:e2:9e:96:ac:30:04:6e:9c:ef:09:02:f1:fa:
53:b7:c4:f6:18:ec:6f:f3:59:81:dc:e9:ff:75:44:
41:0f:98:72:ea:97:d9:23:24:57:07:d4:54:f0:0b:
6c:06:aa:50:da:0a:d3:02:03:c0:6b:2a:1f:4b:57:
e8:11:15:39:98:49:cd:75:c6:d1:79:92:4a:2a:d6:
fc:6a:f8:60:12:0c:df:f4:75:5e:78:af:f2:ee:92:
63:af:60:74:dc:e1:5c:4f:28:19:19:49:26:1f:ce:
da:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:67:41:EB:38:21:95:F8:DC:20:9F:67:2F:79:5A:E0:DC:A9:1D:DF
X509v3 Authority Key Identifier:
keyid:16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/6WdB6zghlfjcIJ9nL3la4NypHd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.15.0/24
62.112.200.0/22
77.83.132.0/22
178.210.240.0/21
185.122.44.0/22
185.206.52.0/23
193.162.128.0/24
IPv6:
2a01:57e0:1::/48
2a01:57e0:200::-2a01:57e0:fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:32:a7:ae:cb:fb:87:be:19:0d:79:80:98:f5:57:1d:67:ee:
35:12:53:3f:f0:1c:13:40:fa:95:2b:06:79:ea:07:cf:53:94:
b9:2b:41:9b:90:b8:ab:e1:0b:84:d1:0f:ca:c9:db:58:0b:72:
c5:73:fc:ec:91:4e:e5:95:ed:f0:a1:41:d3:fb:ec:41:de:59:
b0:a6:b9:cb:be:cf:7b:02:e9:88:b9:1b:cb:80:9f:ba:a2:17:
9c:05:ae:f9:92:50:0c:3f:3a:c6:43:c3:d9:15:69:f9:80:7d:
a4:5d:f5:33:0e:01:28:8d:fe:63:53:3f:22:24:9f:d4:70:5d:
dd:b0:aa:bc:c9:43:82:60:c0:4f:41:92:be:1b:c1:8c:26:95:
27:c7:1d:b7:74:d6:6f:59:af:2e:24:ed:05:7e:bf:46:b3:08:
49:61:f3:97:aa:1e:39:11:ce:6f:e9:60:f9:cf:51:a4:e4:75:
d7:17:12:a9:db:f9:1f:b6:ae:5b:fc:7a:f2:b2:3c:0f:42:7a:
e8:24:a1:80:b7:1c:6c:7a:29:37:94:fa:9a:8b:3d:03:bc:be:
8b:b1:17:5b:e3:bc:18:b1:1a:8a:c7:9a:61:68:7d:12:cf:71:
a6:bb:dd:8d:e4:49:6a:7f:4e:ec:b8:08:e6:d6:37:c8:f8:f7:
d0:c8:fb:4d
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZT/l3Jntoy5ZPZTA7cgGoqmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmFmYzUxYzkyMmZkODQyZmVjNWIwY2JiZDI2ZWJkYmQx
YTE2MWUwHhcNMjUwMjEzMTM1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTY3NDFlYjM4MjE5NWY4ZGMyMDlmNjcyZjc5NWFlMGRjYTkxZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AYMY+Oy06uQrA3B7BL7yIvomTBV
GHN4jx+i7wuUQxlNlbDtnqjang8OEIh4daQ6tbKNwCOzcWqBVuW+RKSRVeU8NG4j
fyl8KP24wsVDfBp3zuGARV9dkDkcKObroQmJHdnDd9nJzAJdxUFnSRzmjOULkx9F
PO491Ft4QJpiEd3lUtDl71wToIQLmJgKJpp46HgZAONJWuKelqwwBG6c7wkC8fpT
t8T2GOxv81mB3On/dURBD5hy6pfZIyRXB9RU8AtsBqpQ2grTAgPAayofS1foERU5
mEnNdcbReZJKKtb8avhgEgzf9HVeeK/y7pJjr2B03OFcTygZGUkmH87aqQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFOlnQes4IZX43CCfZy95WuDcqR3fMB8GA1UdIwQY
MBaAFBZq/FHJIv2EL+xbDLvSbr29GhYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEt
MTNiOTExMGNlMjBjLzEvNldkQjZ6Z2hsZmpjSUo5bkwzbGE0TnlwSGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEtMTNiOTExMGNlMjBj
LzEvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAwBAIAATAqAwQALY4PAwQC
PnDIAwQCTVOEAwQDstLwAwQCuXosAwQBuc40AwQAwaKAMCEEAgACMBsDBwAqAVfg
AAEwEAMGASoBV+ACAwYEKgFX4AAwDQYJKoZIhvcNAQELBQADggEBAEAyp67L+4e+
GQ15gJj1Vx1n7jUSUz/wHBNA+pUrBnnqB89TlLkrQZuQuKvhC4TRD8rJ21gLcsVz
/OyRTuWV7fChQdP77EHeWbCmucu+z3sC6Yi5G8uAn7qiF5wFrvmSUAw/OsZDw9kV
afmAfaRd9TMOASiN/mNTPyIkn9RwXd2wqrzJQ4JgwE9Bkr4bwYwmlSfHHbd01m9Z
ry4k7QV+v0azCElh85eqHjkRzm/pYPnPUaTkddcXEqnb+R+2rlv8evKyPA9Ceugk
oYC3HGx6KTeU+pqLPQO8vouxF1vjvBixGorHmmFofRLPcaa73Y3kSWp/Tuy4CObW
N8j499DI+00=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:00:49 2025 by rpki-client