Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/ce0b21-d65c-42e6-874b-f4cb867f90d8/1/F6Kyl6Uj1WrTJxNXU6pC7-r8nXU.roa
File: F6Kyl6Uj1WrTJxNXU6pC7-r8nXU.roa (raw, json)
Hash identifier: 9hn305gUH3AH1wnNY9lS7H2kAzSEtCJIXFVhQkyiOE4=
Subject key identifier: 17:A2:B2:97:A5:23:D5:6A:D3:27:13:57:53:AA:42:EF:EA:FC:9D:75
Certificate issuer: /CN=b06f4040491a656ff7526d2f17611b0d68acbd0c
Certificate serial: 01936CE9EC6A5EEA2681AB07FBF4598D050F
Authority key identifier: B0:6F:40:40:49:1A:65:6F:F7:52:6D:2F:17:61:1B:0D:68:AC:BD:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sG9AQEkaZW_3Um0vF2EbDWisvQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/ce0b21-d65c-42e6-874b-f4cb867f90d8/1/F6Kyl6Uj1WrTJxNXU6pC7-r8nXU.roa
Signing time: Wed 27 Nov 2024 09:18:09 +0000
ROA not before: Wed 27 Nov 2024 09:18:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204996
IP address blocks: 45.67.8.0/22 maxlen: 22
45.67.8.0/24 maxlen: 24
45.67.9.0/24 maxlen: 24
185.170.248.0/22 maxlen: 24
185.170.248.0/23 maxlen: 23
185.170.248.0/24 maxlen: 24
185.170.249.0/24 maxlen: 24
185.170.250.0/23 maxlen: 23
185.170.250.0/24 maxlen: 24
185.170.251.0/24 maxlen: 24
193.30.134.0/24 maxlen: 24
193.30.162.0/24 maxlen: 24
193.30.165.0/24 maxlen: 24
193.30.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:e9:ec:6a:5e:ea:26:81:ab:07:fb:f4:59:8d:05:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b06f4040491a656ff7526d2f17611b0d68acbd0c
Validity
Not Before: Nov 27 09:18:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17a2b297a523d56ad327135753aa42efeafc9d75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:22:d2:00:13:7f:03:5b:cf:38:0e:50:7c:89:
61:54:e0:ec:dc:4d:4f:3b:86:9d:f7:c5:1f:81:68:
bb:7f:83:ac:3b:27:1e:d8:d4:90:2f:0b:9d:67:7a:
5a:c4:2f:c9:dc:b0:bf:8a:d5:fe:7d:f1:61:95:b6:
90:ae:91:2d:b7:cd:de:4b:fe:70:e6:ef:8b:fe:9f:
d3:de:ae:78:14:c6:8b:ea:1f:c2:6e:a2:a4:cb:f6:
7d:0f:af:e4:18:62:28:09:90:b1:2f:72:06:76:f6:
b2:f7:05:89:a9:d9:4b:43:bc:11:39:c8:01:cb:67:
e7:a8:a4:ff:d9:c1:30:e5:f1:d7:49:86:78:57:cd:
84:8b:3d:da:c2:7b:83:07:05:fc:3c:ea:cd:c2:20:
80:60:48:15:8d:64:11:16:eb:12:93:33:be:51:12:
75:43:a3:3e:c2:44:6a:88:f6:1e:1a:1a:40:42:c2:
83:a8:2e:bb:1d:89:cf:e0:f8:33:f5:62:8c:7e:ca:
8d:39:ff:5c:3a:e5:76:1b:8a:b2:5a:ba:14:68:ae:
59:c8:d4:9d:5c:9a:fe:f3:d6:ca:18:29:ea:98:be:
13:6a:a0:4e:b2:ad:b2:18:21:6c:f7:7b:44:5c:18:
fc:f2:a2:34:d8:af:73:12:97:cf:af:64:aa:b5:91:
31:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A2:B2:97:A5:23:D5:6A:D3:27:13:57:53:AA:42:EF:EA:FC:9D:75
X509v3 Authority Key Identifier:
keyid:B0:6F:40:40:49:1A:65:6F:F7:52:6D:2F:17:61:1B:0D:68:AC:BD:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sG9AQEkaZW_3Um0vF2EbDWisvQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ce0b21-d65c-42e6-874b-f4cb867f90d8/1/F6Kyl6Uj1WrTJxNXU6pC7-r8nXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ce0b21-d65c-42e6-874b-f4cb867f90d8/1/sG9AQEkaZW_3Um0vF2EbDWisvQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.8.0/22
185.170.248.0/22
193.30.134.0/24
193.30.162.0/24
193.30.165.0-193.30.166.255
Signature Algorithm: sha256WithRSAEncryption
1c:63:41:30:07:a8:6b:d3:3b:ab:57:f4:a0:13:0a:79:2e:36:
73:55:db:d1:f4:bd:b8:79:57:d4:b0:e7:0e:ba:98:4a:9b:7e:
a2:84:4b:28:eb:1d:bd:0c:2e:36:42:24:64:2d:a9:d3:51:23:
c1:c3:e1:38:41:78:62:09:92:a6:24:cb:99:17:c4:7c:2b:07:
58:a1:46:4d:82:0e:70:8f:a1:0f:65:f0:32:0e:d1:ea:cf:56:
be:02:07:ef:0a:79:69:ed:8c:08:07:c0:1c:40:d2:e5:4e:ac:
c7:81:49:96:04:05:38:26:6a:67:f7:37:d0:d7:64:12:84:21:
9f:42:d4:05:75:81:5e:92:32:3d:26:6b:68:90:09:70:aa:70:
8d:a5:c2:a7:9f:b0:6b:d2:c4:a2:ee:21:e3:88:ac:01:df:6f:
d3:db:05:ef:eb:03:bd:95:cb:0b:b7:ac:dc:21:53:17:88:e3:
86:13:cd:b7:50:f7:83:96:a1:1d:ac:ec:02:67:c6:1a:0b:a6:
d6:f9:9b:be:e5:53:55:9e:e6:a6:dc:19:db:77:1d:fa:37:34:
13:69:a1:4d:22:12:a8:4c:bd:0a:92:b6:f9:0e:f7:16:70:f6:
68:94:b6:94:2e:15:d6:ee:80:9a:3b:3c:91:c0:da:80:50:bb:
39:f6:25:9f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZNs6exqXuomgasH+/RZjQUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNmY0MDQwNDkxYTY1NmZmNzUyNmQyZjE3NjExYjBkNjhh
Y2JkMGMwHhcNMjQxMTI3MDkxODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2EyYjI5N2E1MjNkNTZhZDMyNzEzNTc1M2FhNDJlZmVhZmM5ZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSLSABN/A1vPOA5QfIlhVODs3E1P
O4ad98UfgWi7f4OsOyce2NSQLwudZ3paxC/J3LC/itX+ffFhlbaQrpEtt83eS/5w
5u+L/p/T3q54FMaL6h/CbqKky/Z9D6/kGGIoCZCxL3IGdvay9wWJqdlLQ7wROcgB
y2fnqKT/2cEw5fHXSYZ4V82Eiz3awnuDBwX8POrNwiCAYEgVjWQRFusSkzO+URJ1
Q6M+wkRqiPYeGhpAQsKDqC67HYnP4Pgz9WKMfsqNOf9cOuV2G4qyWroUaK5ZyNSd
XJr+89bKGCnqmL4TaqBOsq2yGCFs93tEXBj88qI02K9zEpfPr2SqtZExoQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBeispelI9Vq0ycTV1OqQu/q/J11MB8GA1UdIwQY
MBaAFLBvQEBJGmVv91JtLxdhGw1orL0MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0c5QVFFa2FaV18zVW0wdkYyRWJEV2lzdlF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9jZTBiMjEtZDY1Yy00MmU2LTg3NGIt
ZjRjYjg2N2Y5MGQ4LzEvRjZLeWw2VWoxV3JUSnhOWFU2cEM3LXI4blhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9jZTBiMjEtZDY1Yy00MmU2LTg3NGItZjRjYjg2N2Y5MGQ4
LzEvc0c5QVFFa2FaV18zVW0wdkYyRWJEV2lzdlF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCLUMIAwQC
uar4AwQAwR6GAwQAwR6iMAwDBADBHqUDBADBHqYwDQYJKoZIhvcNAQELBQADggEB
ABxjQTAHqGvTO6tX9KATCnkuNnNV29H0vbh5V9Sw5w66mEqbfqKESyjrHb0MLjZC
JGQtqdNRI8HD4ThBeGIJkqYky5kXxHwrB1ihRk2CDnCPoQ9l8DIO0erPVr4CB+8K
eWntjAgHwBxA0uVOrMeBSZYEBTgmamf3N9DXZBKEIZ9C1AV1gV6SMj0ma2iQCXCq
cI2lwqefsGvSxKLuIeOIrAHfb9PbBe/rA72Vywu3rNwhUxeI44YTzbdQ94OWoR2s
7AJnxhoLptb5m77lU1We5qbcGdt3Hfo3NBNpoU0iEqhMvQqStvkO9xZw9miUtpQu
FdbugJo7PJHA2oBQuzn2JZ8=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:07 2025 by rpki-client