Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/361c57-ea42-47e2-a68f-ec967b511d7f/1/rkGv9bkZwGnroE2E1JMq5CMdQAQ.roa
File: rkGv9bkZwGnroE2E1JMq5CMdQAQ.roa (raw, json)
Hash identifier: DQuQsqAZ9ADD7G7O8fgD2/H25auaCw74dHGUBLobCk0=
Subject key identifier: AE:41:AF:F5:B9:19:C0:69:EB:A0:4D:84:D4:93:2A:E4:23:1D:40:04
Certificate issuer: /CN=f8fbc8415821486e8fe0860b5bec3e9283b80385
Certificate serial: 01942067F1657D3380EA579F7AF6B021F2C3
Authority key identifier: F8:FB:C8:41:58:21:48:6E:8F:E0:86:0B:5B:EC:3E:92:83:B8:03:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-PvIQVghSG6P4IYLW-w-koO4A4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/361c57-ea42-47e2-a68f-ec967b511d7f/1/rkGv9bkZwGnroE2E1JMq5CMdQAQ.roa
Signing time: Wed 01 Jan 2025 05:47:50 +0000
ROA not before: Wed 01 Jan 2025 05:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31169
IP address blocks: 45.134.208.0/22 maxlen: 22
79.170.80.0/21 maxlen: 21
84.247.63.0/24 maxlen: 24
89.34.22.0/23 maxlen: 23
89.45.165.0/24 maxlen: 24
91.126.0.0/20 maxlen: 20
92.114.96.0/23 maxlen: 23
185.28.128.0/22 maxlen: 22
193.247.181.0/24 maxlen: 24
193.247.183.0/24 maxlen: 24
193.247.192.0/24 maxlen: 24
193.247.202.0/24 maxlen: 24
194.104.97.0/24 maxlen: 24
194.104.98.0/24 maxlen: 24
194.104.112.0/24 maxlen: 24
194.104.126.0/24 maxlen: 24
195.88.32.0/23 maxlen: 23
217.17.208.0/20 maxlen: 20
2a04:2740::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f1:65:7d:33:80:ea:57:9f:7a:f6:b0:21:f2:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8fbc8415821486e8fe0860b5bec3e9283b80385
Validity
Not Before: Jan 1 05:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae41aff5b919c069eba04d84d4932ae4231d4004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:56:ae:45:5e:da:b7:8f:da:7b:96:66:3f:78:
4b:b0:c6:45:41:a9:9e:7f:3e:0e:e8:dd:b4:3f:f2:
67:8c:8e:03:d2:f9:ef:44:b2:2c:f9:f1:7d:96:2a:
f3:b6:d4:87:c5:0a:56:2b:a2:14:c1:d1:87:e2:30:
25:93:da:dc:12:d7:20:07:6c:6b:2b:86:05:96:fa:
a0:ac:b0:c9:78:f1:69:17:59:87:e8:fb:c0:58:03:
5f:8e:eb:d2:2a:1f:f1:32:a8:62:3b:3b:32:d8:36:
62:a8:ed:13:1b:e7:82:99:c1:68:66:03:88:a7:cb:
bd:72:5a:ac:31:98:85:01:3d:73:c0:8b:08:90:1b:
c1:ba:ed:0a:b8:30:5c:f0:d2:1f:b9:09:99:52:a8:
fc:f9:7e:cd:43:5e:c9:99:0d:b1:5f:93:87:d4:a3:
8d:7a:37:c0:11:2f:1a:c1:c4:3b:cd:61:1d:84:1f:
c7:66:d3:63:f3:e8:56:6a:99:e3:46:9e:2a:35:69:
5b:fc:36:2d:db:72:52:ee:2c:db:44:41:9f:01:8a:
f1:dd:71:94:f1:35:9c:ef:4b:22:30:5c:9b:c6:29:
85:b5:a6:6b:0a:a2:ee:1a:d8:ae:e2:11:5b:b4:c2:
bd:11:ee:76:c2:92:67:73:bc:b7:a6:c8:68:fe:60:
50:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:41:AF:F5:B9:19:C0:69:EB:A0:4D:84:D4:93:2A:E4:23:1D:40:04
X509v3 Authority Key Identifier:
keyid:F8:FB:C8:41:58:21:48:6E:8F:E0:86:0B:5B:EC:3E:92:83:B8:03:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-PvIQVghSG6P4IYLW-w-koO4A4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/361c57-ea42-47e2-a68f-ec967b511d7f/1/rkGv9bkZwGnroE2E1JMq5CMdQAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/361c57-ea42-47e2-a68f-ec967b511d7f/1/1-PvIQVghSG6P4IYLW-w-koO4A4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.208.0/22
79.170.80.0/21
84.247.63.0/24
89.34.22.0/23
89.45.165.0/24
91.126.0.0/20
92.114.96.0/23
185.28.128.0/22
193.247.181.0/24
193.247.183.0/24
193.247.192.0/24
193.247.202.0/24
194.104.97.0-194.104.98.255
194.104.112.0/24
194.104.126.0/24
195.88.32.0/23
217.17.208.0/20
IPv6:
2a04:2740::/29
Signature Algorithm: sha256WithRSAEncryption
43:07:d5:23:00:cd:c9:3e:fd:e6:e7:35:bd:ee:e9:f7:6a:23:
3a:b8:71:ba:30:4a:5c:6f:86:43:74:81:eb:46:5e:93:5b:03:
17:a8:d7:1a:ab:f5:01:ce:a1:05:2e:b1:59:c1:0f:9d:66:a0:
9f:51:d7:d2:38:d5:60:17:db:96:5a:80:d7:59:d2:59:17:4a:
38:8f:fe:69:6c:c0:61:b4:73:72:a8:f9:da:0b:30:71:9c:24:
08:7d:37:95:27:de:6e:7c:38:27:9e:2f:61:f7:d8:54:9a:da:
6b:7f:07:7f:17:61:b3:6a:9d:ec:a4:04:66:61:ba:15:05:df:
8c:9f:dd:d4:d8:c8:7c:e1:a8:bc:2c:a6:a8:e3:b1:27:cc:ef:
4f:f5:b3:6e:2a:d0:bc:d5:7c:47:f5:86:f9:51:43:c7:eb:bd:
c5:82:74:86:10:72:cd:a5:73:8c:42:e0:04:45:d9:2c:6c:0c:
94:cf:bc:e4:f7:93:70:f8:11:63:a3:4d:d8:5a:72:79:87:48:
7f:6a:29:b0:02:59:e8:26:6b:23:1b:23:20:a6:c7:07:95:97:
0f:06:1d:66:de:79:54:82:59:b0:6d:03:27:e4:47:e7:ba:76:
71:64:ae:dc:71:c0:27:97:63:cd:5d:d1:1d:d8:63:55:b9:5e:
e8:d0:ff:29
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZQgZ/FlfTOA6lefevawIfLDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZmJjODQxNTgyMTQ4NmU4ZmUwODYwYjViZWMzZTkyODNi
ODAzODUwHhcNMjUwMTAxMDU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTQxYWZmNWI5MTljMDY5ZWJhMDRkODRkNDkzMmFlNDIzMWQ0MDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA91auRV7at4/ae5ZmP3hLsMZFQame
fz4O6N20P/JnjI4D0vnvRLIs+fF9lirzttSHxQpWK6IUwdGH4jAlk9rcEtcgB2xr
K4YFlvqgrLDJePFpF1mH6PvAWANfjuvSKh/xMqhiOzsy2DZiqO0TG+eCmcFoZgOI
p8u9clqsMZiFAT1zwIsIkBvBuu0KuDBc8NIfuQmZUqj8+X7NQ17JmQ2xX5OH1KON
ejfAES8awcQ7zWEdhB/HZtNj8+hWapnjRp4qNWlb/DYt23JS7izbREGfAYrx3XGU
8TWc70siMFybximFtaZrCqLuGtiu4hFbtMK9Ee52wpJnc7y3psho/mBQlQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFK5Br/W5GcBp66BNhNSTKuQjHUAEMB8GA1UdIwQY
MBaAFPj7yEFYIUhuj+CGC1vsPpKDuAOFMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1QdklRVmdoU0c2UDRJWUxXLXcta29PNEE0VS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvMzYxYzU3LWVhNDItNDdlMi1hNjhm
LWVjOTY3YjUxMWQ3Zi8xL3JrR3Y5Ymtad0ducm9FMkUxSk1xNUNNZFFBUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvMzYxYzU3LWVhNDItNDdlMi1hNjhmLWVjOTY3YjUxMWQ3
Zi8xLzEtUHZJUVZnaFNHNlA0SVlMVy13LWtvTzRBNFUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZgGCCsGAQUFBwEHAQH/BIGIMIGFMHQEAgABMG4DBAIt
htADBANPqlADBABU9z8DBAFZIhYDBABZLaUDBARbfgADBAFccmADBAK5HIADBADB
97UDBADB97cDBADB98ADBADB98owDAMEAMJoYQMEAMJoYgMEAMJocAMEAMJofgME
AcNYIAMEBNkR0DANBAIAAjAHAwUDKgQnQDANBgkqhkiG9w0BAQsFAAOCAQEAQwfV
IwDNyT795uc1ve7p92ojOrhxujBKXG+GQ3SB60Zek1sDF6jXGqv1Ac6hBS6xWcEP
nWagn1HX0jjVYBfbllqA11nSWRdKOI/+aWzAYbRzcqj52gswcZwkCH03lSfebnw4
J54vYffYVJraa38Hfxdhs2qd7KQEZmG6FQXfjJ/d1NjIfOGovCymqOOxJ8zvT/Wz
birQvNV8R/WG+VFDx+u9xYJ0hhByzaVzjELgBEXZLGwMlM+85PeTcPgRY6NN2Fpy
eYdIf2opsAJZ6CZrIxsjIKbHB5WXDwYdZt55VIJZsG0DJ+RH57p2cWSu3HHAJ5dj
zV3RHdhjVble6ND/KQ==
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:46:49 2025 by rpki-client