Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/GNZwrjRIYc1FlZcovbMZOvnHmo0.roa
File: GNZwrjRIYc1FlZcovbMZOvnHmo0.roa (raw, json)
Hash identifier: feuxTanudfs7xWsZPFb7Q5cnYgmt/bDsXwnBT8d4YsY=
Subject key identifier: 18:D6:70:AE:34:48:61:CD:45:95:97:28:BD:B3:19:3A:F9:C7:9A:8D
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 0191A36A8AB8983E7CEACB3B2CDCC84A634A
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/GNZwrjRIYc1FlZcovbMZOvnHmo0.roa
Signing time: Fri 30 Aug 2024 13:12:34 +0000
ROA not before: Fri 30 Aug 2024 13:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47890
IP address blocks: 2.57.122.0/24 maxlen: 24
45.13.212.0/24 maxlen: 24
45.13.213.0/24 maxlen: 24
45.129.14.0/24 maxlen: 24
45.129.15.0/24 maxlen: 24
45.138.96.0/24 maxlen: 24
45.138.97.0/24 maxlen: 24
45.138.98.0/24 maxlen: 24
45.148.9.0/24 maxlen: 24
45.148.11.0/24 maxlen: 24
80.94.92.0/24 maxlen: 24
80.94.94.0/24 maxlen: 24
92.118.39.0/24 maxlen: 24
185.232.64.0/24 maxlen: 24
185.232.66.0/24 maxlen: 24
193.32.162.0/24 maxlen: 24
193.46.254.0/24 maxlen: 24
193.46.255.0/24 maxlen: 24
193.47.69.0/24 maxlen: 24
2a0c:9f00::/48 maxlen: 48
2a0c:9f00:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a3:6a:8a:b8:98:3e:7c:ea:cb:3b:2c:dc:c8:4a:63:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Aug 30 13:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18d670ae344861cd45959728bdb3193af9c79a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c6:9d:1f:c7:17:d5:f8:f2:f1:29:17:a9:47:
8d:11:af:9a:f1:dc:70:26:20:4f:ab:95:3f:ff:d9:
b1:20:3c:29:27:2c:b1:8b:f8:39:de:b7:fd:45:95:
d1:25:53:4b:c0:1b:37:46:f8:12:da:20:b9:20:f0:
a2:f0:bf:db:d6:c2:ee:98:18:8e:07:e8:1b:e6:71:
f3:a0:f4:4c:ae:75:77:26:df:50:58:4f:f5:8e:63:
d7:5b:69:fb:ed:5c:dc:c9:33:8b:e9:cd:8f:91:21:
a7:d3:8a:6e:e8:8f:2d:04:4d:6d:70:5c:b1:e6:55:
43:94:26:c4:ef:ba:5a:fe:be:df:df:50:4f:e7:a6:
36:5f:9d:e8:5b:b0:9f:37:77:ea:3b:42:9c:cb:c3:
c4:78:93:33:58:8a:8c:c7:08:fb:0a:67:1c:fc:f0:
db:ef:21:04:72:c3:53:c8:db:14:10:98:d2:70:1e:
45:51:c2:94:03:82:e2:33:29:b2:d7:47:81:19:49:
e0:08:34:a6:8a:ad:27:2c:5e:d6:18:a5:ea:88:39:
c3:06:47:50:5f:6e:5e:48:95:4d:f9:03:b7:5c:cb:
aa:1f:fa:94:99:c9:43:d6:3e:03:08:33:b9:12:30:
60:ac:9f:89:92:b6:84:b3:0a:01:03:8c:21:b0:a3:
13:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D6:70:AE:34:48:61:CD:45:95:97:28:BD:B3:19:3A:F9:C7:9A:8D
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/GNZwrjRIYc1FlZcovbMZOvnHmo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.122.0/24
45.13.212.0/23
45.129.14.0/23
45.138.96.0-45.138.98.255
45.148.9.0/24
45.148.11.0/24
80.94.92.0/24
80.94.94.0/24
92.118.39.0/24
185.232.64.0/24
185.232.66.0/24
193.32.162.0/24
193.46.254.0/23
193.47.69.0/24
IPv6:
2a0c:9f00::/48
2a0c:9f00:2::/48
Signature Algorithm: sha256WithRSAEncryption
09:dd:a1:7d:c0:73:d5:9b:3c:3d:3a:e7:5b:8d:1f:ea:40:4a:
2c:89:bb:04:64:58:3e:2f:93:4a:2f:87:4a:fb:45:63:4a:82:
9b:50:2d:02:f9:9f:f6:3a:0c:ee:ed:e2:86:a8:d1:15:54:8e:
bc:e4:b7:c0:82:30:06:f7:f0:40:1c:5e:11:93:3a:4a:9b:d3:
8f:92:6e:20:4f:37:79:a2:85:22:90:22:fc:65:ab:01:2c:e7:
71:51:b9:27:c5:20:ba:10:01:54:bd:c2:23:ea:fd:cb:57:dd:
fa:11:05:e1:c8:2c:40:87:a0:61:5b:c3:2c:8c:49:93:16:64:
e0:f8:9f:9f:4a:2e:95:33:80:8f:3f:3d:57:c4:57:83:b7:a5:
13:f9:28:56:09:f1:93:03:f2:01:aa:ac:26:02:39:8d:c9:66:
2a:0d:fb:47:eb:c0:65:5c:5d:43:ca:e6:df:e9:7b:cf:48:e2:
5f:2d:1a:ea:8e:98:ab:82:13:3a:4e:5f:bd:d9:5a:44:52:5a:
e5:a8:42:59:15:2e:52:f8:fd:0e:ba:c8:10:dc:a7:3d:6b:d4:
70:71:ad:cf:3f:e2:a1:5c:09:7d:e0:1f:e6:2b:bb:6f:73:21:
0b:5d:b5:2d:06:4d:ef:96:b8:0e:d4:79:dc:87:43:be:c7:54:
22:a5:6e:ee
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZGjaoq4mD586ss7LNzISmNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzEyYjUyN2E1ZDFmOGI4YmNmMjMwZWI2MTFmNTJmMTFk
NTJiYmYwHhcNMjQwODMwMTMxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQ2NzBhZTM0NDg2MWNkNDU5NTk3MjhiZGIzMTkzYWY5Yzc5YThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMadH8cX1fjy8SkXqUeNEa+a8dxw
JiBPq5U//9mxIDwpJyyxi/g53rf9RZXRJVNLwBs3RvgS2iC5IPCi8L/b1sLumBiO
B+gb5nHzoPRMrnV3Jt9QWE/1jmPXW2n77VzcyTOL6c2PkSGn04pu6I8tBE1tcFyx
5lVDlCbE77pa/r7f31BP56Y2X53oW7CfN3fqO0Kcy8PEeJMzWIqMxwj7Cmcc/PDb
7yEEcsNTyNsUEJjScB5FUcKUA4LiMymy10eBGUngCDSmiq0nLF7WGKXqiDnDBkdQ
X25eSJVN+QO3XMuqH/qUmclD1j4DCDO5EjBgrJ+JkraEswoBA4whsKMTsQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFBjWcK40SGHNRZWXKL2zGTr5x5qNMB8GA1UdIwQY
MBaAFMLBK1J6XR+Li88jDrYR9S8R1Su/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMt
NDZlZTU3OGEwYmZlLzEvR05ad3JqUklZYzFGbFpjb3ZiTVpPdm5IbW8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMtNDZlZTU3OGEwYmZl
LzEvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGIEAgABMFwDBAACOXoD
BAEtDdQDBAEtgQ4wDAMEBS2KYAMEAC2KYgMEAC2UCQMEAC2UCwMEAFBeXAMEAFBe
XgMEAFx2JwMEALnoQAMEALnoQgMEAMEgogMEAcEu/gMEAMEvRTAYBAIAAjASAwcA
KgyfAAAAAwcAKgyfAAACMA0GCSqGSIb3DQEBCwUAA4IBAQAJ3aF9wHPVmzw9Oudb
jR/qQEosibsEZFg+L5NKL4dK+0VjSoKbUC0C+Z/2Ogzu7eKGqNEVVI685LfAgjAG
9/BAHF4RkzpKm9OPkm4gTzd5ooUikCL8ZasBLOdxUbknxSC6EAFUvcIj6v3LV936
EQXhyCxAh6BhW8MsjEmTFmTg+J+fSi6VM4CPPz1XxFeDt6UT+ShWCfGTA/IBqqwm
AjmNyWYqDftH68BlXF1Dyubf6XvPSOJfLRrqjpirghM6Tl+92VpEUlrlqEJZFS5S
+P0OusgQ3Kc9a9Rwca3PP+KhXAl94B/mK7tvcyELXbUtBk3vlrgO1Hnch0O+x1Qi
pW7u
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:07 2025 by rpki-client