Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/Rg-rwznqAAZZCpXiUsH9yNT4n6M.roa
File: Rg-rwznqAAZZCpXiUsH9yNT4n6M.roa (raw, json)
Hash identifier: R0tTH3SJW7iuGtYToatlEGOWh2QhWznFnYDn8BYzsO4=
Subject key identifier: 46:0F:AB:C3:39:EA:00:06:59:0A:95:E2:52:C1:FD:C8:D4:F8:9F:A3
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 0195426754BF4BAB335C6719782985DBF73E
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/Rg-rwznqAAZZCpXiUsH9yNT4n6M.roa
Signing time: Wed 26 Feb 2025 13:17:02 +0000
ROA not before: Wed 26 Feb 2025 13:17:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215224
IP address blocks: 45.8.178.0/24 maxlen: 24
45.8.179.0/24 maxlen: 24
45.12.32.0/24 maxlen: 24
45.12.33.0/24 maxlen: 24
45.142.0.0/24 maxlen: 24
45.142.3.0/24 maxlen: 24
45.148.147.0/24 maxlen: 24
185.224.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:42:67:54:bf:4b:ab:33:5c:67:19:78:29:85:db:f7:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Feb 26 13:17:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=460fabc339ea0006590a95e252c1fdc8d4f89fa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2b:a2:ff:90:e6:f6:dd:69:4f:0b:c1:09:fa:
86:9f:7c:7b:0c:e1:81:3e:9d:73:2a:ac:9d:41:55:
30:2f:42:89:5d:43:b1:45:52:61:d6:4a:30:b0:9d:
c8:25:42:0e:f1:9b:30:da:a2:b2:17:12:6f:ff:f0:
55:51:48:0f:97:33:5b:4d:0d:52:e4:35:41:73:37:
ce:ff:40:8d:63:0e:4a:dd:fe:80:33:9e:53:43:4b:
cc:f8:b0:3c:4f:4a:47:c6:66:a7:de:c1:7e:31:20:
61:a1:8c:8c:50:8a:0a:e9:12:bd:cd:06:d5:e7:7c:
86:90:ca:ec:ce:cd:ea:59:73:cd:ae:ed:fd:01:f9:
ee:6c:e6:ba:72:58:71:a6:6c:72:f6:59:bd:a6:3a:
56:6c:bd:1b:75:92:6c:1d:41:4d:d0:03:f9:69:ef:
16:19:41:57:c5:63:6a:38:b9:91:fd:e9:ce:6c:34:
15:69:40:cb:d0:19:1a:d1:57:85:10:71:e2:7b:2d:
43:95:bb:83:94:61:84:ee:f5:35:4d:a2:60:74:0d:
aa:b0:6d:ad:7e:16:95:23:d8:43:99:04:3e:88:82:
1f:7d:d7:99:68:31:69:3f:0e:a7:e8:62:5a:d3:49:
fd:34:77:a1:f4:bc:3c:2e:5a:06:8e:99:82:f1:97:
c3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:0F:AB:C3:39:EA:00:06:59:0A:95:E2:52:C1:FD:C8:D4:F8:9F:A3
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/Rg-rwznqAAZZCpXiUsH9yNT4n6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.178.0/23
45.12.32.0/23
45.142.0.0/24
45.142.3.0/24
45.148.147.0/24
185.224.217.0/24
Signature Algorithm: sha256WithRSAEncryption
28:97:bd:2c:73:32:0d:4c:15:34:18:eb:77:83:42:ad:6f:08:
c1:1e:3e:8d:71:dc:8c:95:5e:8e:3e:a6:f6:82:d3:fc:85:4b:
84:c3:11:54:89:23:8a:ce:cc:12:1f:8a:ca:5d:d5:5a:63:03:
b5:ef:df:9e:ab:a2:80:53:07:67:b6:04:d7:ef:a6:97:a6:24:
ad:4a:14:60:23:00:61:b3:89:44:e5:30:5f:a7:4c:0e:85:06:
fc:47:b0:3e:cf:29:d7:e8:1b:08:d6:6c:e7:8c:aa:5f:c5:23:
47:c5:ab:9b:8f:42:c1:77:ac:4f:fe:8b:f0:89:97:2a:88:d5:
b1:bb:69:40:24:80:8d:04:21:34:e3:45:d0:5a:0d:be:52:77:
94:8c:49:1e:92:3a:1d:60:43:53:94:0e:b8:e1:60:99:29:c2:
58:70:9d:b9:4c:5d:3e:16:00:1b:f6:ae:6f:9c:99:cf:1f:80:
44:af:9f:c1:3a:d5:5b:4d:08:de:04:45:dd:c3:98:c6:10:cc:
e1:27:86:39:f4:15:e8:b2:7a:55:df:ac:e9:c5:79:18:a6:a5:
14:09:86:8d:07:ab:62:6a:62:39:33:0f:34:09:00:ad:1f:bf:
39:77:a0:92:26:3e:0c:58:93:5e:18:0d:ad:79:54:8e:12:db:
56:3f:fa:ce
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZVCZ1S/S6szXGcZeCmF2/c+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjUwMjI2MTMxNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjBmYWJjMzM5ZWEwMDA2NTkwYTk1ZTI1MmMxZmRjOGQ0Zjg5ZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCui/5Dm9t1pTwvBCfqGn3x7DOGB
Pp1zKqydQVUwL0KJXUOxRVJh1kowsJ3IJUIO8Zsw2qKyFxJv//BVUUgPlzNbTQ1S
5DVBczfO/0CNYw5K3f6AM55TQ0vM+LA8T0pHxman3sF+MSBhoYyMUIoK6RK9zQbV
53yGkMrszs3qWXPNru39AfnubOa6clhxpmxy9lm9pjpWbL0bdZJsHUFN0AP5ae8W
GUFXxWNqOLmR/enObDQVaUDL0Bka0VeFEHHiey1DlbuDlGGE7vU1TaJgdA2qsG2t
fhaVI9hDmQQ+iIIffdeZaDFpPw6n6GJa00n9NHeh9Lw8LloGjpmC8ZfDgQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEYPq8M56gAGWQqV4lLB/cjU+J+jMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvUmctcnd6bnFBQVpaQ3BYaVVzSDl5TlQ0bjZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLQiyAwQB
LQwgAwQALY4AAwQALY4DAwQALZSTAwQAueDZMA0GCSqGSIb3DQEBCwUAA4IBAQAo
l70sczINTBU0GOt3g0KtbwjBHj6NcdyMlV6OPqb2gtP8hUuEwxFUiSOKzswSH4rK
XdVaYwO179+eq6KAUwdntgTX76aXpiStShRgIwBhs4lE5TBfp0wOhQb8R7A+zynX
6BsI1mznjKpfxSNHxaubj0LBd6xP/ovwiZcqiNWxu2lAJICNBCE040XQWg2+UneU
jEkekjodYENTlA644WCZKcJYcJ25TF0+FgAb9q5vnJnPH4BEr5/BOtVbTQjeBEXd
w5jGEMzhJ4Y59BXosnpV36zpxXkYpqUUCYaNB6tiamI5Mw80CQCtH785d6CSJj4M
WJNeGA2teVSOEttWP/rO
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:14:53 2025 by rpki-client