Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/beHrO-Ecsm9nYavU38ZW-27a_K8.roa
File: beHrO-Ecsm9nYavU38ZW-27a_K8.roa (raw, json)
Hash identifier: l5SdjojLmpkW+MiQTGODTc8pWDCbtNkzwuX9QBI8m3k=
Subject key identifier: 6D:E1:EB:3B:E1:1C:B2:6F:67:61:AB:D4:DF:C6:56:FB:6E:DA:FC:AF
Certificate issuer: /CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Certificate serial: 019422FBF6FF0A0CEAA87ED71D241B5BF85B
Authority key identifier: 16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/beHrO-Ecsm9nYavU38ZW-27a_K8.roa
Signing time: Wed 01 Jan 2025 17:48:45 +0000
ROA not before: Wed 01 Jan 2025 17:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203847
IP address blocks: 45.142.15.0/24 maxlen: 24
62.112.200.0/22 maxlen: 22
77.83.132.0/22 maxlen: 22
185.122.44.0/24 maxlen: 24
185.122.45.0/24 maxlen: 24
185.122.46.0/24 maxlen: 24
185.122.47.0/24 maxlen: 24
185.206.52.0/23 maxlen: 23
193.162.128.0/24 maxlen: 24
2a01:57e0:1::/48 maxlen: 48
2a01:57e0:200::/39 maxlen: 39
2a01:57e0:400::/39 maxlen: 39
2a01:57e0:600::/39 maxlen: 39
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:f6:ff:0a:0c:ea:a8:7e:d7:1d:24:1b:5b:f8:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Validity
Not Before: Jan 1 17:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6de1eb3be11cb26f6761abd4dfc656fb6edafcaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:86:3c:3d:0b:2e:ba:41:7f:c7:29:ab:0e:e6:
7a:a2:8b:d1:65:32:55:c7:13:70:09:06:5f:6c:c7:
a7:29:0f:a1:04:d3:84:76:98:87:f3:d1:ff:a9:5f:
67:6b:6f:2f:50:87:fb:83:9a:2c:67:29:3e:b5:93:
76:38:e9:ec:97:b3:88:7f:57:71:a6:d6:51:83:9e:
75:29:ca:50:92:42:fd:23:17:48:b3:84:b8:98:e9:
02:02:8f:05:f2:6e:f3:b2:d0:34:ff:25:d7:50:87:
af:c6:a3:63:ad:34:bf:b6:df:01:ac:eb:b8:d8:ff:
62:90:1e:f7:0c:8c:bb:ec:00:45:1b:70:95:49:74:
56:a5:fb:7c:ae:0e:3f:28:18:97:31:c2:7c:60:6c:
52:bd:73:8d:35:67:18:e7:26:dd:75:dd:2b:8e:18:
f7:eb:2b:fc:dc:88:7e:18:d0:ce:76:96:84:94:b9:
3f:87:6e:08:c2:d8:83:b8:d8:ce:28:f4:92:99:53:
7d:db:8a:e2:64:ac:3d:2b:ca:9a:75:e3:aa:ad:cf:
85:2d:08:c4:99:5a:c6:33:1e:06:52:54:e5:f1:cc:
2d:16:db:dd:70:75:d0:4c:78:40:50:e9:e6:47:2b:
db:46:98:1c:c7:f6:77:33:97:93:a2:c2:3d:4a:a7:
d8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E1:EB:3B:E1:1C:B2:6F:67:61:AB:D4:DF:C6:56:FB:6E:DA:FC:AF
X509v3 Authority Key Identifier:
keyid:16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/beHrO-Ecsm9nYavU38ZW-27a_K8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.15.0/24
62.112.200.0/22
77.83.132.0/22
185.122.44.0/22
185.206.52.0/23
193.162.128.0/24
IPv6:
2a01:57e0:1::/48
2a01:57e0:200::-2a01:57e0:7ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9a:58:a8:f4:4e:18:d9:72:b7:c8:75:22:a8:cb:34:95:c6:b5:
3b:d7:bd:7d:7a:ed:33:eb:ae:57:5b:3e:55:96:17:31:cc:fc:
ac:cb:38:35:68:41:23:3d:be:1a:0e:47:28:28:6a:a6:a3:62:
6b:62:8a:bb:a8:da:71:31:3d:9c:a5:7b:84:b8:aa:bc:4c:41:
4e:c5:85:63:1d:9a:f5:2e:9e:30:1c:82:ca:a3:83:cd:a6:df:
c9:4e:d8:09:3c:a9:7c:90:03:ee:71:ce:42:3f:53:1a:8b:22:
ca:45:0b:4b:2d:dd:38:69:60:dc:81:00:0f:a9:17:53:14:75:
a9:26:33:f6:23:55:44:b5:de:3e:06:43:f6:ca:66:f8:0f:e0:
99:d0:19:c1:a7:41:8e:fa:7c:40:e2:7f:31:58:73:b0:22:67:
79:ce:3e:d8:de:a3:3c:ac:a7:cf:ce:3a:68:9a:ee:db:74:d5:
b2:16:21:db:31:0a:13:de:87:a2:45:f1:98:0f:43:52:70:ea:
32:0a:23:92:7a:00:46:3b:8c:53:e2:7b:56:39:c2:96:a7:3b:
a1:35:77:60:27:1a:38:a4:46:c2:dd:49:8c:db:a4:1e:81:d9:
03:a2:d4:a8:00:51:1b:b9:65:de:94:7b:93:26:df:ed:ed:ce:
2f:cf:af:19
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZQi+/b/CgzqqH7XHSQbW/hbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmFmYzUxYzkyMmZkODQyZmVjNWIwY2JiZDI2ZWJkYmQx
YTE2MWUwHhcNMjUwMTAxMTc0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGUxZWIzYmUxMWNiMjZmNjc2MWFiZDRkZmM2NTZmYjZlZGFmY2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4Y8PQsuukF/xymrDuZ6oovRZTJV
xxNwCQZfbMenKQ+hBNOEdpiH89H/qV9na28vUIf7g5osZyk+tZN2OOnsl7OIf1dx
ptZRg551KcpQkkL9IxdIs4S4mOkCAo8F8m7zstA0/yXXUIevxqNjrTS/tt8BrOu4
2P9ikB73DIy77ABFG3CVSXRWpft8rg4/KBiXMcJ8YGxSvXONNWcY5ybddd0rjhj3
6yv83Ih+GNDOdpaElLk/h24IwtiDuNjOKPSSmVN924riZKw9K8qadeOqrc+FLQjE
mVrGMx4GUlTl8cwtFtvdcHXQTHhAUOnmRyvbRpgcx/Z3M5eTosI9SqfYvQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFG3h6zvhHLJvZ2Gr1N/GVvtu2vyvMB8GA1UdIwQY
MBaAFBZq/FHJIv2EL+xbDLvSbr29GhYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEt
MTNiOTExMGNlMjBjLzEvYmVIck8tRWNzbTluWWF2VTM4WlctMjdhX0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEtMTNiOTExMGNlMjBj
LzEvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAqBAIAATAkAwQALY4PAwQC
PnDIAwQCTVOEAwQCuXosAwQBuc40AwQAwaKAMCEEAgACMBsDBwAqAVfgAAEwEAMG
ASoBV+ACAwYDKgFX4AAwDQYJKoZIhvcNAQELBQADggEBAJpYqPROGNlyt8h1IqjL
NJXGtTvXvX167TPrrldbPlWWFzHM/KzLODVoQSM9vhoORygoaqajYmtiiruo2nEx
PZyle4S4qrxMQU7FhWMdmvUunjAcgsqjg82m38lO2Ak8qXyQA+5xzkI/UxqLIspF
C0st3ThpYNyBAA+pF1MUdakmM/YjVUS13j4GQ/bKZvgP4JnQGcGnQY76fEDifzFY
c7AiZ3nOPtjeozysp8/OOmia7tt01bIWIdsxChPeh6JF8ZgPQ1Jw6jIKI5J6AEY7
jFPie1Y5wpanO6E1d2AnGjikRsLdSYzbpB6B2QOi1KgAURu5Zd6Ue5Mm3+3tzi/P
rxk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:34:08 2025 by rpki-client