Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/lO1h-E6bKpXhV0awEzc3ziBx-Hs.roa
File: lO1h-E6bKpXhV0awEzc3ziBx-Hs.roa (raw, json)
Hash identifier: 6ZLzJ6p72ZxH2QZqjbunK1Na/XaXqvcFzB2ukNCzzI4=
Subject key identifier: 94:ED:61:F8:4E:9B:2A:95:E1:57:46:B0:13:37:37:CE:20:71:F8:7B
Certificate issuer: /CN=a65fbcb4ea308a98b09397625e63866383c16dd0
Certificate serial: 0194258F2D69B117F952DA52EAE7A5502260
Authority key identifier: A6:5F:BC:B4:EA:30:8A:98:B0:93:97:62:5E:63:86:63:83:C1:6D:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pl-8tOowipiwk5diXmOGY4PBbdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/lO1h-E6bKpXhV0awEzc3ziBx-Hs.roa
Signing time: Thu 02 Jan 2025 05:48:47 +0000
ROA not before: Thu 02 Jan 2025 05:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32708
IP address blocks: 45.65.44.0/22 maxlen: 22
45.65.44.0/24 maxlen: 24
45.65.45.0/24 maxlen: 24
45.65.46.0/23 maxlen: 23
45.65.47.0/24 maxlen: 24
85.92.100.0/22 maxlen: 22
85.92.100.0/24 maxlen: 24
85.92.101.0/24 maxlen: 24
85.92.102.0/24 maxlen: 24
85.92.103.0/24 maxlen: 24
103.91.56.0/22 maxlen: 22
103.91.56.0/24 maxlen: 24
103.91.57.0/24 maxlen: 24
103.91.58.0/24 maxlen: 24
103.91.59.0/24 maxlen: 24
103.108.188.0/23 maxlen: 23
103.108.188.0/24 maxlen: 24
103.108.189.0/24 maxlen: 24
103.115.204.0/23 maxlen: 23
103.115.204.0/24 maxlen: 24
103.115.205.0/24 maxlen: 24
103.143.86.0/23 maxlen: 23
103.143.86.0/24 maxlen: 24
103.143.87.0/24 maxlen: 24
103.211.0.0/22 maxlen: 22
103.211.0.0/24 maxlen: 24
103.211.1.0/24 maxlen: 24
103.211.2.0/24 maxlen: 24
103.211.3.0/24 maxlen: 24
123.253.104.0/22 maxlen: 22
123.253.104.0/24 maxlen: 24
123.253.105.0/24 maxlen: 24
123.253.106.0/24 maxlen: 24
123.253.107.0/24 maxlen: 24
185.211.78.0/24 maxlen: 24
2a0d:b8c0::/48 maxlen: 48
2a0d:b8c0:1::/48 maxlen: 48
2a11:b000:1::/48 maxlen: 48
2a11:b000:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:2d:69:b1:17:f9:52:da:52:ea:e7:a5:50:22:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a65fbcb4ea308a98b09397625e63866383c16dd0
Validity
Not Before: Jan 2 05:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94ed61f84e9b2a95e15746b0133737ce2071f87b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c9:43:81:f9:5b:42:ae:6e:48:19:5b:d3:c2:
34:19:94:e5:ae:da:bd:2c:58:d1:8d:4e:61:13:c3:
81:8c:74:69:80:75:72:da:9e:3e:84:b1:bd:a7:12:
40:ba:5a:66:92:6f:68:91:67:f9:e4:9d:c4:cd:9b:
e6:cf:57:fa:da:12:dd:23:b5:f3:05:9a:4d:5d:71:
3c:98:82:f9:eb:b4:44:5f:07:6a:8f:50:2a:ac:9b:
15:a3:7f:f7:e8:4c:1b:f6:ea:1c:ed:aa:d2:bc:a0:
dc:4c:aa:a6:e7:25:75:a8:3d:f0:f6:73:5c:92:a2:
c7:0f:dc:5b:66:b5:67:7d:64:76:37:a3:d4:99:9b:
53:53:0d:ef:9f:b0:85:1f:c5:2f:95:16:06:52:cc:
72:dd:39:12:25:cf:1f:61:62:07:0c:85:a9:e3:43:
aa:7e:5a:5b:71:4d:29:d1:ab:73:21:09:5c:37:e8:
9a:c4:10:c4:39:90:bb:82:fc:31:96:d7:20:46:2c:
21:51:76:e2:ac:04:41:1e:25:14:a8:31:97:7d:b2:
81:80:a9:03:a0:0a:e4:e0:73:4f:7f:50:46:c2:c0:
ee:ef:24:a7:50:41:2e:5f:62:27:e4:01:98:24:92:
b1:ba:82:f1:c1:d3:0e:17:ab:d4:c7:34:be:48:9d:
f4:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:ED:61:F8:4E:9B:2A:95:E1:57:46:B0:13:37:37:CE:20:71:F8:7B
X509v3 Authority Key Identifier:
keyid:A6:5F:BC:B4:EA:30:8A:98:B0:93:97:62:5E:63:86:63:83:C1:6D:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pl-8tOowipiwk5diXmOGY4PBbdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/lO1h-E6bKpXhV0awEzc3ziBx-Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/pl-8tOowipiwk5diXmOGY4PBbdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.44.0/22
85.92.100.0/22
103.91.56.0/22
103.108.188.0/23
103.115.204.0/23
103.143.86.0/23
103.211.0.0/22
123.253.104.0/22
185.211.78.0/24
IPv6:
2a0d:b8c0::/47
2a11:b000:1::-2a11:b000:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:72:fa:a1:52:0c:d5:ca:df:fa:f2:3a:02:fe:58:4f:53:ae:
76:c5:68:dd:6f:63:78:62:16:ac:9c:81:4b:c0:5f:6d:8b:a0:
c4:fa:4d:2b:3e:90:69:af:5d:88:09:1b:84:76:57:ab:62:55:
47:ea:8c:09:10:ed:01:57:ac:cf:8c:cc:30:ba:f9:a2:7c:f3:
22:6a:c4:2d:b7:ac:20:a6:02:0a:dc:62:de:54:68:6e:e6:71:
b8:3b:b9:5a:f5:90:dc:02:05:3f:9d:9e:28:16:2e:f3:f7:40:
50:7f:8a:54:ec:5b:84:c9:a5:c6:9c:fa:7b:d0:e2:50:ad:ac:
b6:81:93:6c:45:02:00:ae:99:bc:e3:b1:0a:01:82:84:5b:81:
a5:7e:9c:dd:46:b5:40:22:6b:fc:b4:6a:c4:12:4d:3f:df:30:
11:49:06:a5:79:77:c2:8f:b0:0c:64:9f:dc:ab:7b:22:e3:02:
2b:b4:a5:f6:38:cc:ea:d7:43:47:50:34:f5:f2:0a:54:2f:98:
89:c6:13:5a:0c:90:0f:27:ce:9b:6a:92:94:a5:3d:80:25:bd:
24:d5:b8:e1:21:30:8a:0a:a4:5b:64:be:25:7c:22:a8:6a:3c:
54:46:00:c3:28:63:c8:be:76:e6:7c:03:72:b5:2a:b8:4d:39:
ce:fa:b7:9f
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZQljy1psRf5UtpS6uelUCJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NWZiY2I0ZWEzMDhhOThiMDkzOTc2MjVlNjM4NjYzODNj
MTZkZDAwHhcNMjUwMTAyMDU0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGVkNjFmODRlOWIyYTk1ZTE1NzQ2YjAxMzM3MzdjZTIwNzFmODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8lDgflbQq5uSBlb08I0GZTlrtq9
LFjRjU5hE8OBjHRpgHVy2p4+hLG9pxJAulpmkm9okWf55J3EzZvmz1f62hLdI7Xz
BZpNXXE8mIL567REXwdqj1AqrJsVo3/36Ewb9uoc7arSvKDcTKqm5yV1qD3w9nNc
kqLHD9xbZrVnfWR2N6PUmZtTUw3vn7CFH8UvlRYGUsxy3TkSJc8fYWIHDIWp40Oq
flpbcU0p0atzIQlcN+iaxBDEOZC7gvwxltcgRiwhUXbirARBHiUUqDGXfbKBgKkD
oArk4HNPf1BGwsDu7ySnUEEuX2In5AGYJJKxuoLxwdMOF6vUxzS+SJ309wIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFJTtYfhOmyqV4VdGsBM3N84gcfh7MB8GA1UdIwQY
MBaAFKZfvLTqMIqYsJOXYl5jhmODwW3QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGwtOHRPb3dpcGl3azVkaVhtT0dZNFBCYmRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9mNzIzMWQtYzU2MS00YWEyLWI4MGUt
NjJkNDJmZTZmZDNjLzEvbE8xaC1FNmJLcFhoVjBhd0V6YzN6aUJ4LUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9mNzIzMWQtYzU2MS00YWEyLWI4MGUtNjJkNDJmZTZmZDNj
LzEvcGwtOHRPb3dpcGl3azVkaVhtT0dZNFBCYmRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzA8BAIAATA2AwQCLUEsAwQC
VVxkAwQCZ1s4AwQBZ2y8AwQBZ3PMAwQBZ49WAwQCZ9MAAwQCe/1oAwQAudNOMCME
AgACMB0DBwEqDbjAAAAwEgMHACoRsAAAAQMHACoRsAAAAjANBgkqhkiG9w0BAQsF
AAOCAQEAYnL6oVIM1crf+vI6Av5YT1OudsVo3W9jeGIWrJyBS8BfbYugxPpNKz6Q
aa9diAkbhHZXq2JVR+qMCRDtAVesz4zMMLr5onzzImrELbesIKYCCtxi3lRobuZx
uDu5WvWQ3AIFP52eKBYu8/dAUH+KVOxbhMmlxpz6e9DiUK2stoGTbEUCAK6ZvOOx
CgGChFuBpX6c3Ua1QCJr/LRqxBJNP98wEUkGpXl3wo+wDGSf3Kt7IuMCK7Sl9jjM
6tdDR1A09fIKVC+YicYTWgyQDyfOm2qSlKU9gCW9JNW44SEwigqkW2S+JXwiqGo8
VEYAwyhjyL525nwDcrUquE05zvq3nw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:56:52 2025 by rpki-client