Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/dN1vRCcHRSnbvQADNvtYm9Gw-TM.roa
File: dN1vRCcHRSnbvQADNvtYm9Gw-TM.roa (raw, json)
Hash identifier: D+OiPGlBYkixwnt9NBRJj4rRA3Pw0fqCQSZtwrK+kFU=
Subject key identifier: 74:DD:6F:44:27:07:45:29:DB:BD:00:03:36:FB:58:9B:D1:B0:F9:33
Certificate issuer: /CN=94948e5f2fa04b222a6e96883b840f7124531556
Certificate serial: 019426D913DF2CAC3A52490532237CCC1B6B
Authority key identifier: 94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/dN1vRCcHRSnbvQADNvtYm9Gw-TM.roa
Signing time: Thu 02 Jan 2025 11:49:08 +0000
ROA not before: Thu 02 Jan 2025 11:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60117
IP address blocks: 185.45.192.0/24 maxlen: 24
185.45.194.0/24 maxlen: 24
185.45.195.0/24 maxlen: 24
185.82.200.0/24 maxlen: 24
185.82.202.0/24 maxlen: 24
185.106.120.0/24 maxlen: 24
185.106.122.0/24 maxlen: 24
185.106.123.0/24 maxlen: 24
185.117.72.0/24 maxlen: 24
185.117.73.0/24 maxlen: 24
185.141.24.0/24 maxlen: 24
185.141.27.0/24 maxlen: 24
185.183.97.0/24 maxlen: 24
185.183.98.0/24 maxlen: 24
185.198.56.0/24 maxlen: 24
185.198.58.0/24 maxlen: 24
185.198.59.0/24 maxlen: 24
185.244.148.0/24 maxlen: 24
185.244.149.0/24 maxlen: 24
185.244.151.0/24 maxlen: 24
188.116.36.0/24 maxlen: 24
194.36.188.0/24 maxlen: 24
194.36.190.0/24 maxlen: 24
194.36.191.0/24 maxlen: 24
212.8.251.0/24 maxlen: 24
2a03:660::/32 maxlen: 32
2a04:dd00::/29 maxlen: 29
2a04:dd00::/32 maxlen: 32
2a04:dd01::/32 maxlen: 32
2a04:dd02::/32 maxlen: 32
2a05:9340::/29 maxlen: 29
2a05:9340::/32 maxlen: 32
2a05:9341::/32 maxlen: 32
2a05:9342::/32 maxlen: 32
2a06:3d80::/29 maxlen: 29
2a0e:df40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:13:df:2c:ac:3a:52:49:05:32:23:7c:cc:1b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94948e5f2fa04b222a6e96883b840f7124531556
Validity
Not Before: Jan 2 11:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74dd6f4427074529dbbd000336fb589bd1b0f933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8d:3f:39:c4:68:f8:a1:9d:31:16:09:c0:84:
3c:58:40:85:f5:ee:99:c0:ba:5e:b4:a8:72:ef:b5:
1a:ec:01:af:99:23:c9:e1:b1:78:ac:a0:68:de:93:
de:61:ca:47:8e:ed:96:a8:eb:13:cc:9d:1c:c9:96:
62:a6:4c:80:2a:69:bb:ec:6d:52:13:18:60:a6:11:
80:3c:b1:0a:50:8e:a8:7f:37:e4:3a:83:58:72:6c:
87:6b:89:ce:01:37:68:60:72:ea:ef:19:3a:ee:cf:
db:0c:80:68:c0:91:5d:18:8b:db:e5:15:80:14:1d:
29:0d:48:60:4b:cd:8c:d9:77:3e:8b:fd:5d:5b:ae:
21:78:15:ff:67:58:91:85:31:a5:94:f2:47:e0:f4:
f3:d1:de:32:a1:67:1c:60:c7:dc:1f:a7:c7:5d:e7:
6a:b6:54:49:65:d1:3d:9f:41:ba:4d:d8:bd:3f:4d:
92:c4:82:11:7a:28:85:ec:a4:0c:14:04:a7:11:51:
29:c9:5d:d7:87:07:18:f0:da:63:2a:f9:36:47:51:
98:1e:43:9f:1c:06:f6:7c:fa:59:b3:17:7b:14:7d:
82:8a:59:53:74:bc:7d:72:16:16:21:a4:a0:74:bb:
f4:84:30:37:ce:a7:b9:7f:8f:bf:44:04:8a:39:02:
0e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:DD:6F:44:27:07:45:29:DB:BD:00:03:36:FB:58:9B:D1:B0:F9:33
X509v3 Authority Key Identifier:
keyid:94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/dN1vRCcHRSnbvQADNvtYm9Gw-TM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.192.0/24
185.45.194.0/23
185.82.200.0/24
185.82.202.0/24
185.106.120.0/24
185.106.122.0/23
185.117.72.0/23
185.141.24.0/24
185.141.27.0/24
185.183.97.0-185.183.98.255
185.198.56.0/24
185.198.58.0/23
185.244.148.0/23
185.244.151.0/24
188.116.36.0/24
194.36.188.0/24
194.36.190.0/23
212.8.251.0/24
IPv6:
2a03:660::/32
2a04:dd00::/29
2a05:9340::/29
2a06:3d80::/29
2a0e:df40::/32
Signature Algorithm: sha256WithRSAEncryption
7f:f1:fb:18:f8:c0:3b:29:5f:07:a2:86:df:1d:a6:4c:b7:b4:
d1:c6:e8:89:7f:5c:bf:96:39:d0:3e:88:87:f7:e3:59:10:31:
93:6c:26:7d:29:a7:88:97:ca:e6:76:3c:1d:81:cb:01:ef:c7:
59:1c:19:5a:73:00:6e:2c:4c:9d:16:b6:96:d4:b8:89:39:af:
ba:89:36:3e:c4:4f:e1:78:20:1b:3e:6c:60:a3:dc:81:d1:99:
2c:d0:65:72:29:cf:9d:b0:36:56:69:ed:57:1e:f1:90:4b:81:
a9:a6:15:57:62:4e:d4:b2:92:3d:24:0b:46:86:b7:d1:92:29:
4a:bc:17:d9:60:7e:81:08:70:ad:c5:d4:39:59:ec:28:e0:88:
81:6a:27:f2:ac:32:ca:7a:34:76:5a:26:96:bc:c4:1f:32:61:
09:70:52:9c:cf:01:99:73:29:25:59:32:78:fd:7c:e2:a7:0f:
4d:d1:58:fd:86:db:e3:bd:e6:c6:60:78:c7:62:80:05:69:db:
77:1a:29:ba:01:7a:6b:25:06:c2:d4:9a:fc:4f:df:f0:ac:34:
89:37:2c:7c:98:95:b8:31:0d:92:09:a4:50:55:54:a0:f4:b2:
2e:69:cd:32:eb:02:95:e6:71:64:93:56:e4:2a:20:35:a5:5e:
59:34:d9:2b
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZQm2RPfLKw6UkkFMiN8zBtrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTQ4ZTVmMmZhMDRiMjIyYTZlOTY4ODNiODQwZjcxMjQ1
MzE1NTYwHhcNMjUwMTAyMTE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGRkNmY0NDI3MDc0NTI5ZGJiZDAwMDMzNmZiNTg5YmQxYjBmOTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1I0/OcRo+KGdMRYJwIQ8WECF9e6Z
wLpetKhy77Ua7AGvmSPJ4bF4rKBo3pPeYcpHju2WqOsTzJ0cyZZipkyAKmm77G1S
ExhgphGAPLEKUI6ofzfkOoNYcmyHa4nOATdoYHLq7xk67s/bDIBowJFdGIvb5RWA
FB0pDUhgS82M2Xc+i/1dW64heBX/Z1iRhTGllPJH4PTz0d4yoWccYMfcH6fHXedq
tlRJZdE9n0G6Tdi9P02SxIIReiiF7KQMFASnEVEpyV3XhwcY8NpjKvk2R1GYHkOf
HAb2fPpZsxd7FH2CillTdLx9chYWIaSgdLv0hDA3zqe5f4+/RASKOQIO9QIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFHTdb0QnB0Up270AAzb7WJvRsPkzMB8GA1UdIwQY
MBaAFJSUjl8voEsiKm6WiDuED3EkUxVWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODct
NjQxYjhlNjBkM2UyLzEvZE4xdlJDY0hSU25idlFBRE52dFltOUd3LVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODctNjQxYjhlNjBkM2Uy
LzEvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzB6BAIAATB0AwQAuS3A
AwQBuS3CAwQAuVLIAwQAuVLKAwQAuWp4AwQBuWp6AwQBuXVIAwQAuY0YAwQAuY0b
MAwDBAC5t2EDBAC5t2IDBAC5xjgDBAG5xjoDBAG59JQDBAC59JcDBAC8dCQDBADC
JLwDBAHCJL4DBADUCPswKQQCAAIwIwMFACoDBmADBQMqBN0AAwUDKgWTQAMFAyoG
PYADBQAqDt9AMA0GCSqGSIb3DQEBCwUAA4IBAQB/8fsY+MA7KV8HoobfHaZMt7TR
xuiJf1y/ljnQPoiH9+NZEDGTbCZ9KaeIl8rmdjwdgcsB78dZHBlacwBuLEydFraW
1LiJOa+6iTY+xE/heCAbPmxgo9yB0Zks0GVyKc+dsDZWae1XHvGQS4GpphVXYk7U
spI9JAtGhrfRkilKvBfZYH6BCHCtxdQ5Wewo4IiBaifyrDLKejR2WiaWvMQfMmEJ
cFKczwGZcyklWTJ4/Xzipw9N0Vj9htvjvebGYHjHYoAFadt3Gim6AXprJQbC1Jr8
T9/wrDSJNyx8mJW4MQ2SCaRQVVSg9LIuac0y6wKV5nFkk1bkKiA1pV5ZNNkr
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:37:50 2025 by rpki-client