Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/CMrHF8H9YG0k4ImZKJ0Wv5prbiU.roa
File: CMrHF8H9YG0k4ImZKJ0Wv5prbiU.roa (raw, json)
Hash identifier: 7mi0g+KT3QF83gURKdhKKpg94gTD0horBgadWGVDb8E=
Subject key identifier: 08:CA:C7:17:C1:FD:60:6D:24:E0:89:99:28:9D:16:BF:9A:6B:6E:25
Certificate issuer: /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial: 019421B24C7CEADC48AE9801F80AD852BFFA
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/CMrHF8H9YG0k4ImZKJ0Wv5prbiU.roa
Signing time: Wed 01 Jan 2025 11:48:40 +0000
ROA not before: Wed 01 Jan 2025 11:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216361
IP address blocks: 45.139.9.0/24 maxlen: 24
185.217.39.0/24 maxlen: 24
194.36.172.0/24 maxlen: 24
194.36.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4c:7c:ea:dc:48:ae:98:01:f8:0a:d8:52:bf:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
Validity
Not Before: Jan 1 11:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08cac717c1fd606d24e08999289d16bf9a6b6e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0f:c6:62:20:52:ac:21:18:45:a0:0f:d4:09:
3a:0d:af:af:36:01:f2:e8:cb:ff:41:c2:82:ad:c3:
ed:1a:68:21:81:d8:d0:5d:5e:87:d0:6f:9f:be:6e:
f1:f6:74:91:4b:b8:30:e5:35:28:08:78:5d:c2:4b:
dd:c2:da:b6:07:b8:57:60:c0:67:5e:e4:65:24:43:
55:e5:d9:e3:dd:51:3b:f1:63:46:65:6e:9b:60:6e:
57:c7:18:03:a6:fc:1a:ba:7d:8e:22:7b:af:66:c2:
08:3e:28:de:77:f1:6d:ab:48:af:bf:e4:96:8a:ff:
bc:0e:f3:08:41:d7:d8:be:7e:ad:08:8d:d2:7b:63:
c8:41:f3:63:16:ba:29:67:87:60:c2:02:7a:4a:6e:
d4:f3:fb:b6:50:25:01:3c:67:0d:bb:4c:5c:39:3b:
13:a7:94:8f:ec:87:0b:21:b4:c1:2c:e5:93:f6:98:
e4:76:af:85:3e:cc:d9:7a:02:7e:bb:ad:a4:fd:6b:
8d:e5:1d:c0:09:10:72:85:d0:22:60:35:11:c6:d8:
18:95:bd:42:a0:52:6e:20:07:55:01:6b:d6:d5:f2:
04:85:64:9a:5d:38:36:33:59:7e:44:d0:5a:15:be:
3a:82:ba:d3:2d:d7:38:10:d3:6a:ab:b5:48:68:2f:
1d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:CA:C7:17:C1:FD:60:6D:24:E0:89:99:28:9D:16:BF:9A:6B:6E:25
X509v3 Authority Key Identifier:
keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/CMrHF8H9YG0k4ImZKJ0Wv5prbiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.9.0/24
185.217.39.0/24
194.36.172.0/23
Signature Algorithm: sha256WithRSAEncryption
58:25:94:0a:ce:0c:91:8d:97:8b:90:c1:07:fe:a2:a2:d5:b4:
0d:67:e3:2d:52:ec:f5:cf:32:45:a6:72:ea:6f:4d:85:4a:f8:
85:8f:ea:ae:59:8e:9b:0d:f2:fc:2c:8a:6d:4b:94:4e:3c:f2:
3c:b9:22:5e:20:08:f3:2b:e3:70:4d:56:7b:12:f2:05:b4:20:
5b:17:ef:0c:2c:8a:95:b0:7c:f7:63:ba:94:cd:7e:3b:74:20:
fe:03:76:c2:15:6c:e6:f8:e5:9f:d9:89:68:36:c4:4b:3f:9f:
4a:02:a7:b6:93:73:93:d0:a7:62:89:3b:ee:de:6e:e4:27:ef:
36:9c:09:55:20:6b:4f:c0:90:d3:1c:7d:b2:81:6c:30:47:20:
6c:43:e6:52:d1:ca:aa:41:ce:f9:16:5c:fa:b5:ec:b5:b1:52:
db:92:e6:0b:fe:a6:44:7d:97:6e:6b:d6:f5:58:78:13:a6:6f:
c6:1f:ae:3e:8f:99:92:fd:4a:64:3c:a0:61:e7:5c:85:8d:7f:
21:45:1f:72:83:88:37:af:e4:15:f9:d5:3f:09:84:07:5d:ea:
48:e3:b3:88:35:de:8d:17:a6:16:fb:80:a2:27:dd:9b:95:89:
57:3b:2f:4d:fc:f1:2d:fe:73:c5:7d:56:2d:0d:0b:f1:6b:53:
88:81:06:1f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhskx86txIrpgB+ArYUr/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjUwMTAxMTE0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGNhYzcxN2MxZmQ2MDZkMjRlMDg5OTkyODlkMTZiZjlhNmI2ZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApg/GYiBSrCEYRaAP1Ak6Da+vNgHy
6Mv/QcKCrcPtGmghgdjQXV6H0G+fvm7x9nSRS7gw5TUoCHhdwkvdwtq2B7hXYMBn
XuRlJENV5dnj3VE78WNGZW6bYG5XxxgDpvwaun2OInuvZsIIPijed/Ftq0ivv+SW
iv+8DvMIQdfYvn6tCI3Se2PIQfNjFropZ4dgwgJ6Sm7U8/u2UCUBPGcNu0xcOTsT
p5SP7IcLIbTBLOWT9pjkdq+FPszZegJ+u62k/WuN5R3ACRByhdAiYDURxtgYlb1C
oFJuIAdVAWvW1fIEhWSaXTg2M1l+RNBaFb46grrTLdc4ENNqq7VIaC8dAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAjKxxfB/WBtJOCJmSidFr+aa24lMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvQ01ySEY4SDlZRzBrNEltWktKMFd2NXByYmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYsJAwQA
udknAwQBwiSsMA0GCSqGSIb3DQEBCwUAA4IBAQBYJZQKzgyRjZeLkMEH/qKi1bQN
Z+MtUuz1zzJFpnLqb02FSviFj+quWY6bDfL8LIptS5ROPPI8uSJeIAjzK+NwTVZ7
EvIFtCBbF+8MLIqVsHz3Y7qUzX47dCD+A3bCFWzm+OWf2YloNsRLP59KAqe2k3OT
0KdiiTvu3m7kJ+82nAlVIGtPwJDTHH2ygWwwRyBsQ+ZS0cqqQc75Flz6tey1sVLb
kuYL/qZEfZdua9b1WHgTpm/GH64+j5mS/UpkPKBh51yFjX8hRR9yg4g3r+QV+dU/
CYQHXepI47OINd6NF6YW+4CiJ92blYlXOy9N/PEt/nPFfVYtDQvxa1OIgQYf
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:06:22 2025 by rpki-client