Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/9f37d1-14ca-4dcf-98f7-2e7213767628/1/2BLzMpQppQIzMULCcWC3cZT9k_s.roa
File: 2BLzMpQppQIzMULCcWC3cZT9k_s.roa (raw, json)
Hash identifier: 9ppFZ5NTdqvnyOW3fgV2zOryT5Kz4P3yq37cnn0pzH8=
Subject key identifier: D8:12:F3:32:94:29:A5:02:33:31:42:C2:71:60:B7:71:94:FD:93:FB
Certificate issuer: /CN=8a009e171baf8c2a3a94d29b24879ef97f096602
Certificate serial: 019423D8048057B58D088EE2612E562C1582
Authority key identifier: 8A:00:9E:17:1B:AF:8C:2A:3A:94:D2:9B:24:87:9E:F9:7F:09:66:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/igCeFxuvjCo6lNKbJIee-X8JZgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/9f37d1-14ca-4dcf-98f7-2e7213767628/1/2BLzMpQppQIzMULCcWC3cZT9k_s.roa
Signing time: Wed 01 Jan 2025 21:49:06 +0000
ROA not before: Wed 01 Jan 2025 21:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51447
IP address blocks: 45.137.20.0/24 maxlen: 24
45.137.21.0/24 maxlen: 24
45.137.22.0/24 maxlen: 24
45.137.23.0/24 maxlen: 24
185.222.56.0/24 maxlen: 24
185.222.57.0/24 maxlen: 24
185.222.58.0/24 maxlen: 24
185.222.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d8:04:80:57:b5:8d:08:8e:e2:61:2e:56:2c:15:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a009e171baf8c2a3a94d29b24879ef97f096602
Validity
Not Before: Jan 1 21:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d812f3329429a502333142c27160b77194fd93fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:42:84:c8:98:b8:cc:8c:f5:f4:c3:ab:e3:6a:
ec:ca:3b:93:89:6e:ec:6b:6d:34:6f:64:72:45:78:
fe:8b:f1:37:00:47:3e:56:05:80:7a:9b:99:6a:3d:
d3:15:2f:57:2f:46:4c:75:ad:2c:90:d3:e6:3e:d4:
8e:95:f8:45:1a:9a:6c:cf:9c:b8:17:e7:27:5b:fe:
a7:11:be:36:e9:1b:8e:4b:c7:7c:e8:cc:18:c7:a1:
c4:7b:6d:a9:70:f5:2a:ce:8c:a6:25:2d:6c:09:a8:
fb:a2:bf:9a:04:ba:9e:d5:d7:61:25:8b:61:0a:5b:
63:6d:a0:81:ed:4c:f1:2b:26:c7:32:5b:62:d6:c8:
a4:2d:32:41:3e:71:25:80:e1:9b:be:e8:95:b3:9f:
85:51:3a:80:49:4e:a6:95:0d:3d:c3:77:cb:5c:05:
10:50:c2:34:13:62:39:eb:b5:92:db:5b:45:57:a8:
48:d9:92:70:c3:56:15:6e:f4:a3:27:b7:d9:b3:71:
42:be:7d:47:e3:e2:c0:24:ba:6a:88:27:e9:ce:d0:
c8:47:d5:f1:52:e1:3d:2b:31:2c:a8:8b:81:89:f2:
74:df:2b:d6:ad:f0:33:0f:f1:ca:39:12:77:28:8a:
a0:a4:7a:3a:b2:7a:fe:6c:6b:9a:d9:07:b0:d3:78:
95:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:12:F3:32:94:29:A5:02:33:31:42:C2:71:60:B7:71:94:FD:93:FB
X509v3 Authority Key Identifier:
keyid:8A:00:9E:17:1B:AF:8C:2A:3A:94:D2:9B:24:87:9E:F9:7F:09:66:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/igCeFxuvjCo6lNKbJIee-X8JZgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9f37d1-14ca-4dcf-98f7-2e7213767628/1/2BLzMpQppQIzMULCcWC3cZT9k_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9f37d1-14ca-4dcf-98f7-2e7213767628/1/igCeFxuvjCo6lNKbJIee-X8JZgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.20.0/22
185.222.56.0/22
Signature Algorithm: sha256WithRSAEncryption
23:7e:ac:94:a3:2f:6b:34:55:f3:a4:69:28:82:ff:99:92:35:
29:0e:f3:b1:d7:b0:2e:a5:9c:a7:52:9f:84:54:4d:93:48:20:
7c:fe:4c:37:de:1b:2f:e0:58:c6:fb:83:2e:a9:f2:55:6b:84:
04:47:3f:cb:e3:42:5c:96:5a:41:0a:95:72:91:58:16:36:bd:
5d:97:f7:99:99:a7:20:f5:c2:13:a8:6a:df:bb:24:ad:e3:bb:
04:79:d7:d9:1e:c5:69:4a:83:27:7d:a1:be:00:9e:ec:6a:d1:
36:d9:4e:65:c4:88:74:d2:70:51:2e:17:7d:af:7b:9e:5c:4c:
ef:a9:94:9f:14:e8:e7:1f:35:be:27:a4:60:d8:0c:fb:0c:3c:
11:64:c4:8d:2e:02:3f:e3:fe:29:09:97:0f:d1:a1:c1:a6:e8:
b3:ef:94:00:68:4c:10:6c:27:4f:72:a3:f1:62:07:99:ec:30:
1b:c9:c9:7c:c2:06:f1:b5:47:9d:eb:30:a9:16:bc:54:32:6c:
21:77:33:8b:05:5e:33:bb:50:d8:88:78:e5:0a:34:b0:92:18:
21:cf:d8:55:71:43:49:88:3a:9f:bf:b7:eb:d2:63:8b:1e:1f:
7a:17:b8:e3:c2:c4:cf:74:97:42:dd:e8:21:77:1c:1d:34:0b:
5f:61:92:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj2ASAV7WNCI7iYS5WLBWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMDA5ZTE3MWJhZjhjMmEzYTk0ZDI5YjI0ODc5ZWY5N2Yw
OTY2MDIwHhcNMjUwMTAxMjE0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODEyZjMzMjk0MjlhNTAyMzMzMTQyYzI3MTYwYjc3MTk0ZmQ5M2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEKEyJi4zIz19MOr42rsyjuTiW7s
a200b2RyRXj+i/E3AEc+VgWAepuZaj3TFS9XL0ZMda0skNPmPtSOlfhFGppsz5y4
F+cnW/6nEb426RuOS8d86MwYx6HEe22pcPUqzoymJS1sCaj7or+aBLqe1ddhJYth
CltjbaCB7UzxKybHMlti1sikLTJBPnElgOGbvuiVs5+FUTqASU6mlQ09w3fLXAUQ
UMI0E2I567WS21tFV6hI2ZJww1YVbvSjJ7fZs3FCvn1H4+LAJLpqiCfpztDIR9Xx
UuE9KzEsqIuBifJ03yvWrfAzD/HKORJ3KIqgpHo6snr+bGua2Qew03iVywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNgS8zKUKaUCMzFCwnFgt3GU/ZP7MB8GA1UdIwQY
MBaAFIoAnhcbr4wqOpTSmySHnvl/CWYCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWdDZUZ4dXZqQ282bE5LYkpJZWUtWDhKWmdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85ZjM3ZDEtMTRjYS00ZGNmLTk4Zjct
MmU3MjEzNzY3NjI4LzEvMkJMek1wUXBwUUl6TVVMQ2NXQzNjWlQ5a19zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85ZjM3ZDEtMTRjYS00ZGNmLTk4ZjctMmU3MjEzNzY3NjI4
LzEvaWdDZUZ4dXZqQ282bE5LYkpJZWUtWDhKWmdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYkUAwQC
ud44MA0GCSqGSIb3DQEBCwUAA4IBAQAjfqyUoy9rNFXzpGkogv+ZkjUpDvOx17Au
pZynUp+EVE2TSCB8/kw33hsv4FjG+4MuqfJVa4QERz/L40JcllpBCpVykVgWNr1d
l/eZmacg9cITqGrfuySt47sEedfZHsVpSoMnfaG+AJ7satE22U5lxIh00nBRLhd9
r3ueXEzvqZSfFOjnHzW+J6Rg2Az7DDwRZMSNLgI/4/4pCZcP0aHBpuiz75QAaEwQ
bCdPcqPxYgeZ7DAbycl8wgbxtUed6zCpFrxUMmwhdzOLBV4zu1DYiHjlCjSwkhgh
z9hVcUNJiDqfv7fr0mOLHh96F7jjwsTPdJdC3eghdxwdNAtfYZKj
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:58:41 2025 by rpki-client