Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/eSXeCRptVt9DSCIe5AyXsR8k9N4.roa
File: eSXeCRptVt9DSCIe5AyXsR8k9N4.roa (raw, json)
Hash identifier: ZYeCC+m0CNvWI9rBnFY3gC3qiKYb44FRv0GdmCbDIBs=
Subject key identifier: 79:25:DE:09:1A:6D:56:DF:43:48:22:1E:E4:0C:97:B1:1F:24:F4:DE
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 019423D709140F1B8F615D013473CD103728
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/eSXeCRptVt9DSCIe5AyXsR8k9N4.roa
Signing time: Wed 01 Jan 2025 21:48:02 +0000
ROA not before: Wed 01 Jan 2025 21:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58305
IP address blocks: 45.43.64.0/19 maxlen: 24
45.43.66.0/23 maxlen: 24
45.43.74.0/23 maxlen: 24
45.43.76.0/22 maxlen: 24
107.161.160.0/24 maxlen: 24
107.161.161.0/24 maxlen: 24
107.161.162.0/24 maxlen: 24
107.161.168.0/24 maxlen: 24
107.161.169.0/24 maxlen: 24
107.161.170.0/24 maxlen: 24
107.161.171.0/24 maxlen: 24
107.161.174.0/23 maxlen: 24
107.181.128.0/19 maxlen: 24
107.181.138.0/23 maxlen: 24
107.181.144.0/23 maxlen: 24
113.20.156.0/22 maxlen: 24
155.254.32.0/19 maxlen: 24
155.254.32.0/22 maxlen: 24
155.254.62.0/24 maxlen: 24
162.217.250.0/24 maxlen: 24
162.217.251.0/24 maxlen: 24
162.220.240.0/21 maxlen: 24
162.220.240.0/24 maxlen: 24
162.220.241.0/24 maxlen: 24
162.220.242.0/24 maxlen: 24
198.105.96.0/19 maxlen: 24
198.105.116.0/23 maxlen: 24
198.105.124.0/23 maxlen: 24
2a02:2ca0::/29 maxlen: 48
2a05:9f40::/29 maxlen: 48
2a07:9940::/29 maxlen: 48
2a07:9942:39d7::/48 maxlen: 48
2a07:9944:10::/48 maxlen: 48
2a07:9944:20::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:09:14:0f:1b:8f:61:5d:01:34:73:cd:10:37:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 21:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7925de091a6d56df4348221ee40c97b11f24f4de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f7:1b:e5:85:cd:0e:b4:99:68:f6:97:65:5b:
6d:33:ed:4a:e0:35:5e:4b:28:72:d3:22:da:0f:37:
4f:f9:79:9e:64:d5:86:51:fa:3a:eb:d9:dd:e4:39:
3e:29:2d:e0:b3:20:a2:09:1d:27:db:43:7b:98:c8:
e0:2d:18:9f:df:2c:52:bb:98:da:df:7e:3d:10:a5:
ca:18:43:c7:92:25:8a:92:af:3b:41:34:1f:e2:3c:
de:83:ff:dc:09:d4:7a:a8:46:bb:94:17:26:87:1c:
a1:99:59:a9:cd:15:8a:04:4d:66:d4:84:32:8f:53:
e2:81:22:1b:42:71:4f:d6:13:1e:d2:cb:64:b0:c0:
4f:1d:67:b2:5c:b2:0b:dc:a7:72:b0:fc:01:31:8f:
dc:42:e7:5b:89:5f:b4:91:41:65:69:89:51:2e:dc:
d5:f5:15:c3:d0:02:2e:40:43:1a:59:95:86:7f:20:
39:bc:ec:24:69:2f:87:11:c6:f2:e5:9b:1e:a5:dd:
21:c9:ae:8e:9d:a4:5e:e5:49:7d:f8:49:df:b0:1d:
f5:8d:d0:b5:00:e4:2c:93:01:ab:55:66:35:d1:7b:
8f:e9:25:6c:2f:9e:d5:18:f0:63:88:40:f8:b9:15:
98:7a:75:7a:ab:55:00:9f:2d:d1:a7:83:49:fe:74:
b1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:25:DE:09:1A:6D:56:DF:43:48:22:1E:E4:0C:97:B1:1F:24:F4:DE
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/eSXeCRptVt9DSCIe5AyXsR8k9N4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/19
107.161.160.0-107.161.162.255
107.161.168.0/22
107.161.174.0/23
107.181.128.0/19
113.20.156.0/22
155.254.32.0/19
162.217.250.0/23
162.220.240.0/21
198.105.96.0/19
IPv6:
2a02:2ca0::/29
2a05:9f40::/29
2a07:9940::/29
Signature Algorithm: sha256WithRSAEncryption
2f:3d:f2:d3:b0:c5:6b:8d:56:5c:2c:cc:37:5c:67:3c:44:f7:
4e:a5:1e:42:fc:42:5d:15:e2:a3:70:38:53:f5:81:ff:04:b8:
2d:fe:85:31:fe:13:6a:8e:f7:74:20:6b:4c:c9:a6:3f:39:5c:
34:38:49:82:37:74:2d:e3:60:5a:72:5d:60:cd:d4:f3:64:2d:
66:0a:e3:eb:3a:dd:f2:46:15:2c:82:92:8b:16:8e:f8:ad:fd:
c5:39:50:9e:8b:47:45:79:26:d5:3e:0c:c6:2b:b6:89:18:95:
91:f9:f1:e3:f7:14:7f:01:2b:73:be:47:db:97:14:e3:84:c0:
53:4b:73:7c:ae:cf:66:7c:47:37:d7:ac:bb:2b:5d:7d:8b:e3:
c2:86:c7:5e:2f:72:8e:af:81:1e:30:f3:b3:a9:41:21:b7:9d:
cf:c0:eb:ce:7a:52:80:61:8b:25:33:07:df:36:30:26:1d:e5:
62:f1:96:b8:19:e1:fd:d2:27:d2:25:b9:04:c1:9e:de:6c:da:
73:78:50:7c:ae:8a:b5:0f:01:0a:71:d2:c8:f8:7c:b9:6a:ba:
93:8d:e1:42:d6:1d:18:c7:7c:3e:44:0c:41:35:af:bf:a9:6f:
1b:18:07:d5:94:c4:f3:0a:18:a5:8f:b0:b1:fd:6e:63:80:3c:
30:ca:72:d1
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZQj1wkUDxuPYV0BNHPNEDcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMTAxMjE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTI1ZGUwOTFhNmQ1NmRmNDM0ODIyMWVlNDBjOTdiMTFmMjRmNGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPcb5YXNDrSZaPaXZVttM+1K4DVe
Syhy0yLaDzdP+XmeZNWGUfo669nd5Dk+KS3gsyCiCR0n20N7mMjgLRif3yxSu5ja
3349EKXKGEPHkiWKkq87QTQf4jzeg//cCdR6qEa7lBcmhxyhmVmpzRWKBE1m1IQy
j1PigSIbQnFP1hMe0stksMBPHWeyXLIL3KdysPwBMY/cQudbiV+0kUFlaYlRLtzV
9RXD0AIuQEMaWZWGfyA5vOwkaS+HEcby5Zsepd0hya6OnaRe5Ul9+EnfsB31jdC1
AOQskwGrVWY10XuP6SVsL57VGPBjiED4uRWYenV6q1UAny3Rp4NJ/nSxGwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFHkl3gkabVbfQ0giHuQMl7EfJPTeMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvZVNYZUNScHRWdDlEU0NJZTVBeVhzUjhrOU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBKBAIAATBEAwQFLStAMAwD
BAVroaADBABroaIDBAJroagDBAFroa4DBAVrtYADBAJxFJwDBAWb/iADBAGi2foD
BAOi3PADBAXGaWAwGwQCAAIwFQMFAyoCLKADBQMqBZ9AAwUDKgeZQDANBgkqhkiG
9w0BAQsFAAOCAQEALz3y07DFa41WXCzMN1xnPET3TqUeQvxCXRXio3A4U/WB/wS4
Lf6FMf4Tao73dCBrTMmmPzlcNDhJgjd0LeNgWnJdYM3U82QtZgrj6zrd8kYVLIKS
ixaO+K39xTlQnotHRXkm1T4Mxiu2iRiVkfnx4/cUfwErc75H25cU44TAU0tzfK7P
ZnxHN9esuytdfYvjwobHXi9yjq+BHjDzs6lBIbedz8DrznpSgGGLJTMH3zYwJh3l
YvGWuBnh/dIn0iW5BMGe3mzac3hQfK6KtQ8BCnHSyPh8uWq6k43hQtYdGMd8PkQM
QTWvv6lvGxgH1ZTE8woYpY+wsf1uY4A8MMpy0Q==
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:31:48 2025 by rpki-client