Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/AlDLgq4a_thE-qXe6l8E_xWLXFc.roa
File: AlDLgq4a_thE-qXe6l8E_xWLXFc.roa (raw, json)
Hash identifier: 0ufopEuWXow9IQPbSAY5y6lUJPxjAppqenIRissIhOM=
Subject key identifier: 02:50:CB:82:AE:1A:FE:D8:44:FA:A5:DE:EA:5F:04:FF:15:8B:5C:57
Certificate issuer: /CN=80ad8c520bb9677461ddc4ec09b76d733b7d8370
Certificate serial: 0194221F75FF9E88622138382C3DC71C7DFD
Authority key identifier: 80:AD:8C:52:0B:B9:67:74:61:DD:C4:EC:09:B7:6D:73:3B:7D:83:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/AlDLgq4a_thE-qXe6l8E_xWLXFc.roa
Signing time: Wed 01 Jan 2025 13:47:54 +0000
ROA not before: Wed 01 Jan 2025 13:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202391
IP address blocks: 45.142.191.0/24 maxlen: 24
185.141.36.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:75:ff:9e:88:62:21:38:38:2c:3d:c7:1c:7d:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80ad8c520bb9677461ddc4ec09b76d733b7d8370
Validity
Not Before: Jan 1 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0250cb82ae1afed844faa5deea5f04ff158b5c57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:88:23:df:f2:20:ce:9b:26:02:fb:1e:27:19:
57:93:4a:47:5f:a1:76:65:df:ff:c7:21:80:9e:f2:
dc:10:28:da:82:90:e9:50:49:36:29:74:4b:5f:ab:
7f:bd:06:2c:a6:21:7d:78:bf:17:ab:de:3c:b4:08:
17:28:1f:54:2a:13:3d:8b:b5:62:e8:20:43:cc:8b:
cd:d6:23:f1:34:7a:13:af:e5:5b:40:ce:e5:0d:e9:
b9:fb:d7:1a:d4:96:4f:ee:7c:01:93:c8:7a:2f:88:
8b:98:59:48:7d:3c:05:1e:86:29:6e:75:13:40:0d:
93:e3:8a:d2:27:d1:96:9a:14:8c:b6:1e:ac:e5:5e:
25:8e:a8:05:a2:bb:8b:c3:7e:31:cb:c6:39:2e:61:
29:6e:7a:7c:5e:8d:df:74:99:e7:7f:db:e5:d3:08:
bc:b3:60:1f:40:e3:b3:9e:93:6d:91:13:be:98:91:
db:3c:43:8c:5f:cd:eb:3c:9b:db:88:97:6e:0d:d9:
70:05:fe:68:a1:99:62:f0:c7:70:58:c9:10:3e:62:
ae:58:aa:a2:ef:be:a4:bf:72:5c:af:08:9c:a0:e0:
9e:fa:69:2e:2e:99:50:d0:17:ee:91:e7:eb:c6:30:
f8:c0:ff:b8:39:71:3a:ae:51:68:33:69:98:99:ea:
ac:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:50:CB:82:AE:1A:FE:D8:44:FA:A5:DE:EA:5F:04:FF:15:8B:5C:57
X509v3 Authority Key Identifier:
keyid:80:AD:8C:52:0B:B9:67:74:61:DD:C4:EC:09:B7:6D:73:3B:7D:83:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/AlDLgq4a_thE-qXe6l8E_xWLXFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.191.0/24
185.141.36.0/22
Signature Algorithm: sha256WithRSAEncryption
51:d4:49:ba:bf:64:e2:d2:58:42:b7:d7:42:b8:68:d4:54:07:
78:2f:34:fe:08:d8:c7:23:7e:49:2e:e5:95:d0:2e:57:b2:16:
76:f0:09:80:0e:c0:a0:d9:3c:4e:8d:0b:5c:ff:e6:c2:a5:40:
1a:38:2f:7d:e5:fe:0a:2a:25:b8:ed:dd:4f:c2:20:7f:27:0d:
a0:78:47:2d:4b:ee:b0:f0:27:09:c5:11:60:0d:8f:93:0c:12:
c5:0c:ff:e4:58:37:33:29:8a:77:e7:e4:29:52:33:5a:9a:37:
f1:6d:25:01:2d:fa:9c:93:fc:8e:9b:a0:1d:f9:89:57:94:e1:
3b:6d:67:d2:4b:8c:60:85:4e:38:af:38:0c:5e:56:cd:aa:2a:
94:e9:09:6f:72:e4:11:90:a7:c4:2f:23:18:51:96:27:f7:95:
90:5f:39:20:d7:28:f3:e6:26:4a:4f:ae:2b:4d:40:55:84:33:
8f:87:d4:ae:8c:ad:59:ed:f9:8a:23:b8:ba:97:60:ff:eb:9f:
7d:4a:ad:c6:65:52:d8:41:11:1e:c2:0b:97:b6:cf:6b:69:1c:
75:80:6a:b9:c5:9b:9c:2a:83:f8:58:5e:b0:ad:2e:40:ef:5b:
ba:47:ca:83:f7:b2:91:15:28:ea:82:37:30:cb:bf:a5:6d:3b:
2a:f3:a6:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH3X/nohiITg4LD3HHH39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYWQ4YzUyMGJiOTY3NzQ2MWRkYzRlYzA5Yjc2ZDczM2I3
ZDgzNzAwHhcNMjUwMTAxMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjUwY2I4MmFlMWFmZWQ4NDRmYWE1ZGVlYTVmMDRmZjE1OGI1YzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYgj3/IgzpsmAvseJxlXk0pHX6F2
Zd//xyGAnvLcECjagpDpUEk2KXRLX6t/vQYspiF9eL8Xq948tAgXKB9UKhM9i7Vi
6CBDzIvN1iPxNHoTr+VbQM7lDem5+9ca1JZP7nwBk8h6L4iLmFlIfTwFHoYpbnUT
QA2T44rSJ9GWmhSMth6s5V4ljqgForuLw34xy8Y5LmEpbnp8Xo3fdJnnf9vl0wi8
s2AfQOOznpNtkRO+mJHbPEOMX83rPJvbiJduDdlwBf5ooZli8MdwWMkQPmKuWKqi
776kv3JcrwicoOCe+mkuLplQ0BfukefrxjD4wP+4OXE6rlFoM2mYmeqsHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAJQy4KuGv7YRPql3upfBP8Vi1xXMB8GA1UdIwQY
MBaAFICtjFILuWd0Yd3E7Am3bXM7fYNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0syTVVndTVaM1JoM2NUc0NiZHRjenQ5ZzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yMjVlYzMtMDM4Ny00YjVkLTg4YzEt
YzYxNzUxYzZiMTk1LzEvQWxETGdxNGFfdGhFLXFYZTZsOEVfeFdMWEZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yMjVlYzMtMDM4Ny00YjVkLTg4YzEtYzYxNzUxYzZiMTk1
LzEvZ0syTVVndTVaM1JoM2NUc0NiZHRjenQ5ZzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY6/AwQC
uY0kMA0GCSqGSIb3DQEBCwUAA4IBAQBR1Em6v2Ti0lhCt9dCuGjUVAd4LzT+CNjH
I35JLuWV0C5XshZ28AmADsCg2TxOjQtc/+bCpUAaOC995f4KKiW47d1PwiB/Jw2g
eEctS+6w8CcJxRFgDY+TDBLFDP/kWDczKYp35+QpUjNamjfxbSUBLfqck/yOm6Ad
+YlXlOE7bWfSS4xghU44rzgMXlbNqiqU6QlvcuQRkKfELyMYUZYn95WQXzkg1yjz
5iZKT64rTUBVhDOPh9SujK1Z7fmKI7i6l2D/6599Sq3GZVLYQREewguXts9raRx1
gGq5xZucKoP4WF6wrS5A71u6R8qD97KRFSjqgjcwy7+lbTsq86bS
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:26:07 2025 by rpki-client