Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/dSIvoRbcXmjEhaD-HdyHYcdmt90.roa
File: dSIvoRbcXmjEhaD-HdyHYcdmt90.roa (raw, json)
Hash identifier: JqFQVPXSWhIrd/AlZzo80JSKjqGLV5nybtYrZ/HoQns=
Subject key identifier: 75:22:2F:A1:16:DC:5E:68:C4:85:A0:FE:1D:DC:87:61:C7:66:B7:DD
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 019426D9FEA78DA0EDC67D9BF90454633C3B
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/dSIvoRbcXmjEhaD-HdyHYcdmt90.roa
Signing time: Thu 02 Jan 2025 11:50:08 +0000
ROA not before: Thu 02 Jan 2025 11:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43289
IP address blocks: 45.153.124.0/24 maxlen: 24
89.46.232.0/24 maxlen: 24
92.243.67.0/24 maxlen: 24
2a03:f80:373::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:fe:a7:8d:a0:ed:c6:7d:9b:f9:04:54:63:3c:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 2 11:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75222fa116dc5e68c485a0fe1ddc8761c766b7dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:62:dd:ff:06:c2:e6:08:05:29:d1:fd:cb:8f:
60:c3:ee:0a:bc:3d:49:84:cf:39:a2:35:89:aa:fd:
23:4c:d0:29:85:ff:60:98:12:bc:8c:41:9b:4a:e4:
db:db:7f:2e:f0:8d:79:39:9a:5c:c9:c8:49:76:6e:
9c:cf:0a:43:d4:ee:56:83:eb:b0:11:2c:89:50:77:
29:1f:34:d7:97:06:f1:bc:de:44:ae:0a:87:96:26:
20:65:6e:c7:ea:e8:5d:47:9a:09:43:ab:b6:65:ad:
b5:fd:cb:21:8d:f3:da:89:10:1f:e9:9f:46:da:34:
6c:fb:10:45:30:56:61:85:c3:c5:29:6e:49:30:03:
53:a1:ff:09:81:93:55:3b:d5:b5:77:35:72:f1:34:
3c:3c:59:80:22:5f:a5:65:5d:3d:93:23:06:d7:13:
52:d9:46:48:4d:a9:d1:b6:b5:10:02:19:92:6d:14:
00:b1:68:f0:ed:62:ca:21:19:84:0f:30:f7:07:6c:
1c:33:58:ae:c0:e8:c2:9e:6f:fa:74:ee:ba:80:c1:
16:70:6c:98:0f:08:d2:14:90:9a:5e:4a:1e:bf:b8:
a6:79:5d:7a:f4:bf:92:5a:81:74:00:83:00:df:df:
25:0e:d9:10:41:47:5c:f2:b3:05:e2:14:c5:2e:d6:
19:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:22:2F:A1:16:DC:5E:68:C4:85:A0:FE:1D:DC:87:61:C7:66:B7:DD
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/dSIvoRbcXmjEhaD-HdyHYcdmt90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.124.0/24
89.46.232.0/24
92.243.67.0/24
IPv6:
2a03:f80:373::/48
Signature Algorithm: sha256WithRSAEncryption
ac:33:06:02:d9:0b:f6:f5:11:24:97:64:6a:8d:24:87:92:73:
68:89:21:ff:29:b0:7d:06:31:ab:c6:f6:ff:58:81:f3:22:65:
87:12:8a:10:dd:62:94:e2:fa:93:75:f4:76:f8:f3:25:99:10:
f5:a0:ee:0c:52:ff:9e:3c:8f:27:6e:fd:4d:b5:c1:cd:cb:75:
d0:71:56:9c:a5:64:fa:a8:54:4e:58:22:1a:1e:8a:6e:71:e7:
9d:0d:5d:f8:fc:95:99:42:34:bd:29:54:5e:3a:5a:77:30:af:
26:38:4b:00:15:b6:c1:a4:ef:43:a0:f9:e5:0c:3f:8d:5a:29:
71:d1:f0:c4:51:69:ed:c6:d2:ab:49:d8:2f:f6:52:6f:d0:c2:
d1:17:c6:a2:24:cb:9e:b8:61:cc:c9:86:9c:d8:8d:39:8b:7c:
78:87:d1:58:a7:a3:17:01:80:7d:fd:92:41:51:cd:55:7e:9c:
f8:2b:04:d0:a7:8d:4a:56:ba:2a:f3:ab:ed:cb:63:23:c2:e3:
e3:78:4b:b7:5c:5d:04:a9:2f:9c:95:d7:e3:70:d4:f6:3b:d7:
b3:1f:3e:c0:9f:f1:eb:89:a7:1f:9d:c5:09:19:a0:a6:19:3b:
09:28:d3:0c:18:66:e1:ed:1c:d0:f8:1d:93:cc:94:6c:9e:f9:
17:18:17:b4
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQm2f6njaDtxn2b+QRUYzw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwMTAyMTE1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTIyMmZhMTE2ZGM1ZTY4YzQ4NWEwZmUxZGRjODc2MWM3NjZiN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2Ld/wbC5ggFKdH9y49gw+4KvD1J
hM85ojWJqv0jTNAphf9gmBK8jEGbSuTb238u8I15OZpcychJdm6czwpD1O5Wg+uw
ESyJUHcpHzTXlwbxvN5ErgqHliYgZW7H6uhdR5oJQ6u2Za21/cshjfPaiRAf6Z9G
2jRs+xBFMFZhhcPFKW5JMANTof8JgZNVO9W1dzVy8TQ8PFmAIl+lZV09kyMG1xNS
2UZITanRtrUQAhmSbRQAsWjw7WLKIRmEDzD3B2wcM1iuwOjCnm/6dO66gMEWcGyY
DwjSFJCaXkoev7imeV169L+SWoF0AIMA398lDtkQQUdc8rMF4hTFLtYZCQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHUiL6EW3F5oxIWg/h3ch2HHZrfdMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvZFNJdm9SYmNYbWpFaGFELUhkeUhZY2RtdDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQALZl8AwQA
WS7oAwQAXPNDMA8EAgACMAkDBwAqAw+AA3MwDQYJKoZIhvcNAQELBQADggEBAKwz
BgLZC/b1ESSXZGqNJIeSc2iJIf8psH0GMavG9v9YgfMiZYcSihDdYpTi+pN19Hb4
8yWZEPWg7gxS/548jydu/U21wc3LddBxVpylZPqoVE5YIhoeim5x550NXfj8lZlC
NL0pVF46WncwryY4SwAVtsGk70Og+eUMP41aKXHR8MRRae3G0qtJ2C/2Um/QwtEX
xqIky564YczJhpzYjTmLfHiH0VinoxcBgH39kkFRzVV+nPgrBNCnjUpWuirzq+3L
YyPC4+N4S7dcXQSpL5yV1+Nw1PY717MfPsCf8euJpx+dxQkZoKYZOwko0wwYZuHt
HND4HZPMlGye+RcYF7Q=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:31:22 2025 by rpki-client