Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/URqx76c-BTlEFhbjvPYaGB1fkXc.roa
File: URqx76c-BTlEFhbjvPYaGB1fkXc.roa (raw, json)
Hash identifier: MMBhMnJJvKqPysVYni3GDO4oiV7xhfsULe5C/WgMClQ=
Subject key identifier: 51:1A:B1:EF:A7:3E:05:39:44:16:16:E3:BC:F6:1A:18:1D:5F:91:77
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 0193D6676C59A16C9DC7FE191D04387C75CD
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/URqx76c-BTlEFhbjvPYaGB1fkXc.roa
Signing time: Tue 17 Dec 2024 20:55:22 +0000
ROA not before: Tue 17 Dec 2024 20:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396073
IP address blocks: 45.13.214.0/24 maxlen: 24
45.142.194.0/24 maxlen: 24
92.118.37.0/24 maxlen: 24
193.32.163.0/24 maxlen: 24
2a0c:9f00:a001::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d6:67:6c:59:a1:6c:9d:c7:fe:19:1d:04:38:7c:75:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Dec 17 20:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=511ab1efa73e0539441616e3bcf61a181d5f9177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:62:e5:63:ee:2e:96:56:4d:f5:7e:d6:32:4c:
f8:03:ce:c6:96:a8:ef:c8:c4:44:fc:e8:54:de:cf:
14:8e:3e:02:ad:a4:4b:73:2a:9a:cb:bc:07:e9:c6:
02:0e:62:16:f1:01:04:fb:52:c5:b8:5c:8d:4a:c8:
4a:c5:05:90:68:13:30:ad:99:ca:8d:45:46:af:f6:
f6:5b:98:46:ca:f3:61:ca:b8:1c:fc:a9:74:d2:ec:
45:28:14:45:13:1a:d7:01:1b:76:85:1e:dc:08:8c:
71:a2:35:db:c1:53:7d:5f:6f:d1:61:f8:de:7f:5f:
df:30:b0:59:f7:74:22:97:00:30:b9:54:64:0f:1a:
e0:12:16:82:e5:dc:7e:f0:5d:04:ff:4b:1d:10:96:
50:2c:91:c4:32:79:40:d8:6a:74:af:39:26:f2:0f:
6c:3d:0d:fe:0e:c8:e5:2d:a1:1c:ea:18:cd:23:75:
52:84:5f:0c:32:44:6e:eb:98:e8:ac:25:19:e0:2f:
fb:46:b0:7e:d7:e4:ed:50:29:54:31:49:e2:87:57:
50:f9:03:f2:72:97:eb:ff:fb:37:5d:a6:05:72:07:
c6:fc:49:74:ca:5d:8e:78:55:12:05:fa:7a:1f:2d:
ec:28:e2:fe:66:95:58:33:d7:ed:06:8d:2a:9f:47:
93:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1A:B1:EF:A7:3E:05:39:44:16:16:E3:BC:F6:1A:18:1D:5F:91:77
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/URqx76c-BTlEFhbjvPYaGB1fkXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.214.0/24
45.142.194.0/24
92.118.37.0/24
193.32.163.0/24
IPv6:
2a0c:9f00:a001::/48
Signature Algorithm: sha256WithRSAEncryption
55:ee:8b:90:b1:f6:47:18:24:d0:36:2c:4f:db:26:e9:43:89:
f3:04:c2:c0:be:f7:e5:76:98:c7:e2:bf:dc:16:f2:11:4f:ec:
62:d6:66:f7:7d:1c:a2:ae:5e:be:3b:92:c4:b5:f9:f3:ac:02:
92:1f:23:22:ca:0a:da:5e:39:33:e3:e5:c9:aa:24:5d:0c:d8:
50:36:89:ce:db:ee:ea:a2:95:58:d2:eb:db:ec:72:36:b6:9a:
d2:f9:0c:b6:1c:90:ae:e1:5c:ac:15:34:b7:a6:47:f7:43:a7:
30:7e:35:07:4f:0a:60:73:7a:20:04:83:b1:70:fb:67:63:c7:
2f:a9:f8:b8:90:1a:e5:2f:eb:9a:2a:6b:28:1f:fb:d6:38:b0:
f5:98:bf:f8:69:84:97:7e:a7:f4:58:83:5e:86:4e:8e:85:c0:
f9:ec:95:f0:69:7e:61:e6:09:b3:ca:9e:24:02:85:69:59:e8:
1c:dd:e4:3a:3e:9b:23:67:d1:d5:f8:6c:6f:ad:80:9b:7b:ae:
2f:0c:69:ab:5e:c9:d2:d3:df:8f:b9:6c:48:d5:01:6e:30:9f:
76:c0:d2:60:8c:d9:e9:d4:8b:72:32:74:e2:45:36:97:ed:da:
62:cf:82:c8:2f:a5:1b:97:98:5c:6f:fa:68:78:e5:0d:be:36:
56:fc:e6:b3
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZPWZ2xZoWydx/4ZHQQ4fHXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzEyYjUyN2E1ZDFmOGI4YmNmMjMwZWI2MTFmNTJmMTFk
NTJiYmYwHhcNMjQxMjE3MjA1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFhYjFlZmE3M2UwNTM5NDQxNjE2ZTNiY2Y2MWExODFkNWY5MTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWLlY+4ullZN9X7WMkz4A87Glqjv
yMRE/OhU3s8Ujj4CraRLcyqay7wH6cYCDmIW8QEE+1LFuFyNSshKxQWQaBMwrZnK
jUVGr/b2W5hGyvNhyrgc/Kl00uxFKBRFExrXARt2hR7cCIxxojXbwVN9X2/RYfje
f1/fMLBZ93QilwAwuVRkDxrgEhaC5dx+8F0E/0sdEJZQLJHEMnlA2Gp0rzkm8g9s
PQ3+DsjlLaEc6hjNI3VShF8MMkRu65jorCUZ4C/7RrB+1+TtUClUMUnih1dQ+QPy
cpfr//s3XaYFcgfG/El0yl2OeFUSBfp6Hy3sKOL+ZpVYM9ftBo0qn0eTkQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFFEase+nPgU5RBYW47z2GhgdX5F3MB8GA1UdIwQY
MBaAFMLBK1J6XR+Li88jDrYR9S8R1Su/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMt
NDZlZTU3OGEwYmZlLzEvVVJxeDc2Yy1CVGxFRmhianZQWWFHQjFma1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMtNDZlZTU3OGEwYmZl
LzEvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQALQ3WAwQA
LY7CAwQAXHYlAwQAwSCjMA8EAgACMAkDBwAqDJ8AoAEwDQYJKoZIhvcNAQELBQAD
ggEBAFXui5Cx9kcYJNA2LE/bJulDifMEwsC+9+V2mMfiv9wW8hFP7GLWZvd9HKKu
Xr47ksS1+fOsApIfIyLKCtpeOTPj5cmqJF0M2FA2ic7b7uqilVjS69vscja2mtL5
DLYckK7hXKwVNLemR/dDpzB+NQdPCmBzeiAEg7Fw+2djxy+p+LiQGuUv65oqaygf
+9Y4sPWYv/hphJd+p/RYg16GTo6FwPnslfBpfmHmCbPKniQChWlZ6Bzd5Do+myNn
0dX4bG+tgJt7ri8MaateydLT34+5bEjVAW4wn3bA0mCM2enUi3IydOJFNpft2mLP
gsgvpRuXmFxv+mh45Q2+Nlb85rM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:01 2025 by rpki-client