Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/X4a-Qf5i928k6fBowsifO77drpQ.roa
File: X4a-Qf5i928k6fBowsifO77drpQ.roa (raw, json)
Hash identifier: 0SA7Gjyf4hrwbMq74YvOp5Iqw5XR+jO2HfVvIkeizew=
Subject key identifier: 5F:86:BE:41:FE:62:F7:6F:24:E9:F0:68:C2:C8:9F:3B:BE:DD:AE:94
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D70AE1F9029080CFE1D024B41BEF4F
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/X4a-Qf5i928k6fBowsifO77drpQ.roa
Signing time: Wed 01 Jan 2025 21:48:03 +0000
ROA not before: Wed 01 Jan 2025 21:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35196
IP address blocks: 45.9.73.179/32 maxlen: 32
45.9.73.184/32 maxlen: 32
45.9.73.236/32 maxlen: 32
45.89.65.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.128.176.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.136.67/32 maxlen: 32
94.142.139.0/24 maxlen: 24
185.5.248.0/22 maxlen: 22
185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.250.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.87.48.18/32 maxlen: 32
185.87.49.0/24 maxlen: 24
185.87.50.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.125.216.0/22 maxlen: 22
185.125.218.0/23 maxlen: 23
185.125.229.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.194.0/23 maxlen: 23
194.67.196.0/22 maxlen: 22
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
195.47.250.0/24 maxlen: 24
2a09:5302:ffff::/48 maxlen: 48
2a0a:9300:1000::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:0a:e1:f9:02:90:80:cf:e1:d0:24:b4:1b:ef:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f86be41fe62f76f24e9f068c2c89f3bbeddae94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4f:a1:b6:67:12:67:30:f9:9f:af:78:a4:3c:
c6:6d:68:df:87:7f:2e:21:82:92:b1:fc:cd:68:01:
2e:df:b3:9c:2a:d3:13:15:a8:51:3e:dc:4e:37:7c:
bf:39:93:a2:2d:a7:d6:01:8d:5e:0b:45:9c:f7:9f:
d2:45:97:7f:35:1f:e4:ea:f2:de:43:7e:d5:2b:ae:
3c:d4:18:b4:03:ad:c1:4a:08:6c:ee:85:1d:ae:2a:
a3:e4:df:93:6c:03:a1:8f:1c:9c:8e:4a:30:81:9c:
0c:02:1b:b4:a8:34:58:51:2d:7b:22:7b:cc:53:19:
20:b5:da:b8:71:97:5a:3f:1e:a1:6e:60:90:42:86:
5b:21:6f:c1:07:d9:ad:a1:a1:1f:1b:a0:a5:e3:3a:
d3:d3:2b:37:4c:87:ac:41:34:7a:54:06:c1:dc:08:
94:da:38:c0:9c:df:8c:35:98:24:83:3d:05:21:4b:
25:27:88:bd:2e:07:9a:24:8f:0c:dd:e4:d0:0d:d0:
eb:47:ad:bb:5a:bf:3e:8a:c0:ca:66:57:0e:40:e7:
7e:40:0a:81:16:61:08:38:82:84:01:bc:eb:95:e6:
e8:34:74:4d:b4:20:94:4a:39:88:f0:be:6d:88:22:
56:d2:d1:8e:b1:2a:58:96:80:14:1f:e0:98:dc:17:
51:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:86:BE:41:FE:62:F7:6F:24:E9:F0:68:C2:C8:9F:3B:BE:DD:AE:94
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/X4a-Qf5i928k6fBowsifO77drpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.73.179/32
45.9.73.184/32
45.9.73.236/32
45.89.65.0-45.89.67.255
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.229.0/24
185.125.231.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a09:5302:ffff::/48
2a0a:9300:1000::/48
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
Signature Algorithm: sha256WithRSAEncryption
b9:03:02:0e:cc:33:41:b4:76:c5:58:4e:fa:97:ee:56:58:5d:
a4:73:b6:55:ed:82:8f:8b:9f:61:9b:1e:82:99:da:89:16:01:
a0:9f:5a:c0:52:4e:49:4c:91:37:1c:72:82:db:8c:22:2a:93:
e5:69:4e:0d:47:36:9f:b7:0b:00:7c:32:aa:c7:34:29:bc:a1:
61:4d:d2:4e:bc:e4:04:ff:91:b3:84:22:9e:97:6e:c7:3a:4a:
d6:50:f4:eb:64:3c:e2:68:fa:2b:47:e3:60:21:c4:6e:ff:16:
f8:78:c9:09:4f:ca:58:cf:ff:b2:87:8d:39:9a:8f:70:df:ed:
bc:b8:5c:d9:56:e2:a3:c9:d2:8a:ab:dd:03:16:6c:77:b5:31:
e7:a6:04:f2:21:5b:4b:22:de:7d:8d:1f:a6:94:e5:87:ef:d0:
17:ac:f7:0f:9f:00:c9:bb:ee:fb:a5:a7:9c:4a:6a:65:5d:20:
9f:20:c9:2b:c1:ec:25:a6:17:4b:09:55:88:89:ca:2a:9d:d9:
22:26:24:b7:13:cf:3d:68:24:dc:7d:8d:3d:64:e3:ed:9b:96:
42:bc:9a:d2:76:d2:eb:3f:26:a5:01:fa:94:84:bb:18:ba:ee:
0b:ef:c1:f3:6b:52:fe:24:c4:c5:ac:d1:36:dc:f5:a5:f2:48:
8b:2e:12:c4
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZQj1wrh+QKQgM/h0CS0G+9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjg2YmU0MWZlNjJmNzZmMjRlOWYwNjhjMmM4OWYzYmJlZGRhZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0U+htmcSZzD5n694pDzGbWjfh38u
IYKSsfzNaAEu37OcKtMTFahRPtxON3y/OZOiLafWAY1eC0Wc95/SRZd/NR/k6vLe
Q37VK6481Bi0A63BSghs7oUdriqj5N+TbAOhjxycjkowgZwMAhu0qDRYUS17InvM
Uxkgtdq4cZdaPx6hbmCQQoZbIW/BB9mtoaEfG6Cl4zrT0ys3TIesQTR6VAbB3AiU
2jjAnN+MNZgkgz0FIUslJ4i9LgeaJI8M3eTQDdDrR627Wr8+isDKZlcOQOd+QAqB
FmEIOIKEAbzrleboNHRNtCCUSjmI8L5tiCJW0tGOsSpYloAUH+CY3BdROwIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFF+GvkH+YvdvJOnwaMLInzu+3a6UMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvWDRhLVFmNWk5MjhrNmZCb3dzaWZPNzdkcnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDB3BAIAATBxAwUALQlJ
swMFAC0JSbgDBQAtCUnsMAwDBAAtWUEDBAItWUADBAItgLADBABb2VADBANejogD
BAK5BfgDBAK5OswDBAK5VzADBAG5aXQDBAK5dZgDBAK5fdgDBAC5feUDBAC5fecD
BAXCQ8ADBADDL/owMQQCAAIwKwMHACoJUwL//wMHACoKkwAQADAQAwUAKgqTAQMH
ACoKkwEAAgMFACoKkwIwDQYJKoZIhvcNAQELBQADggEBALkDAg7MM0G0dsVYTvqX
7lZYXaRztlXtgo+Ln2GbHoKZ2okWAaCfWsBSTklMkTcccoLbjCIqk+VpTg1HNp+3
CwB8MqrHNCm8oWFN0k685AT/kbOEIp6Xbsc6StZQ9OtkPOJo+itH42AhxG7/Fvh4
yQlPyljP/7KHjTmaj3Df7by4XNlW4qPJ0oqr3QMWbHe1MeemBPIhW0si3n2NH6aU
5Yfv0Bes9w+fAMm77vulp5xKamVdIJ8gySvB7CWmF0sJVYiJyiqd2SImJLcTzz1o
JNx9jT1k4+2blkK8mtJ20us/JqUB+pSEuxi67gvvwfNrUv4kxMWs0Tbc9aXySIsu
EsQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:22:04 2025 by rpki-client