Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/eKH7sDg5yYdFRz8F_2Bc9QaP5Gg.roa
File: eKH7sDg5yYdFRz8F_2Bc9QaP5Gg.roa (raw, json)
Hash identifier: fKEKNoY8K8oqfF8flgZOfAN4868TUUarPjwdfD7Z0ME=
Subject key identifier: 78:A1:FB:B0:38:39:C9:87:45:47:3F:05:FF:60:5C:F5:06:8F:E4:68
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 018CC26D4C744229B3A3E037B9EFB82CAE50
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/eKH7sDg5yYdFRz8F_2Bc9QaP5Gg.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49468
IP address blocks: 193.32.160.0/24 maxlen: 24
193.32.161.0/24 maxlen: 24
2.57.123.0/24 maxlen: 24
45.129.12.0/24 maxlen: 24
45.148.8.0/24 maxlen: 24
45.134.49.0/24 maxlen: 24
45.134.50.0/24 maxlen: 24
45.13.214.0/24 maxlen: 24
45.13.215.0/24 maxlen: 24
193.29.12.0/24 maxlen: 24
45.142.193.0/24 maxlen: 24
45.13.36.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4c:74:42:29:b3:a3:e0:37:b9:ef:b8:2c:ae:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78a1fbb03839c98745473f05ff605cf5068fe468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f6:87:3b:bc:cb:24:94:f3:1d:fc:8c:44:7e:
28:0a:99:73:91:ea:f0:21:d2:bf:29:9d:bb:04:86:
1a:ee:e7:d5:d2:6b:c6:ce:5f:68:39:9b:00:1c:79:
67:4b:c0:92:e9:27:1c:10:95:4b:6e:9b:b7:25:8b:
72:32:65:10:53:2e:0b:1a:65:4d:fb:75:55:66:7e:
50:1b:93:f3:bf:9e:e8:64:3b:5c:af:ae:21:3e:49:
f3:37:5b:7a:c5:33:7f:b9:bf:a1:86:1e:f0:71:09:
2a:42:49:06:06:2e:9f:6d:4f:c6:74:5c:48:5b:3a:
83:f9:c8:34:09:7a:11:8e:5c:d0:fa:e5:29:a8:e8:
f0:ad:13:fa:a9:3f:75:ac:6c:bc:98:b7:57:f8:9c:
72:4c:db:01:74:10:7d:b0:c2:53:7a:3f:d0:f0:16:
10:e4:1b:45:87:65:eb:07:9d:76:59:86:f4:04:04:
36:de:44:a1:ae:dd:80:6b:9f:3b:3c:16:91:b9:62:
cb:62:53:c1:06:79:58:86:fd:f7:16:a7:ac:b0:40:
ae:5c:85:a1:b2:dd:a2:5a:4d:3f:fa:cd:bd:aa:73:
b5:27:3b:b8:36:96:82:29:3f:46:49:f8:84:93:41:
2c:3e:8a:ba:52:12:5d:3e:06:f5:6a:6f:27:2a:27:
b0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A1:FB:B0:38:39:C9:87:45:47:3F:05:FF:60:5C:F5:06:8F:E4:68
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/eKH7sDg5yYdFRz8F_2Bc9QaP5Gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.123.0/24
45.13.36.0/24
45.13.214.0/23
45.129.12.0/24
45.134.49.0-45.134.50.255
45.142.193.0/24
45.148.8.0/24
193.29.12.0/24
193.32.160.0/23
Signature Algorithm: sha256WithRSAEncryption
50:a5:56:69:7f:67:8f:a8:cb:9b:fc:52:dd:dd:0b:00:17:91:
84:23:a6:69:85:fd:44:5a:3b:4c:fe:08:6b:e0:15:a6:62:e4:
64:f5:57:78:3e:6e:1b:30:e6:16:5a:a0:a6:47:5a:25:2f:73:
6d:7e:21:cf:62:92:b2:b5:5a:b8:9d:89:3c:13:a4:26:ad:1a:
2d:69:b2:73:15:24:72:53:fa:dc:4f:8c:38:58:11:4b:39:fe:
c1:39:66:43:a0:b3:64:37:78:13:78:40:fa:98:c7:13:ff:d3:
c7:e4:2c:d5:1b:d3:bd:00:51:cf:5f:e1:b1:3f:4f:27:f8:b5:
ec:46:35:e3:ab:b0:2f:7e:f1:4d:30:53:7f:9c:d2:46:ee:d9:
b0:2a:39:79:5d:53:e9:3e:a3:ca:5f:7c:ba:48:ac:5a:e5:2b:
8f:15:16:96:49:b1:9b:5b:97:c8:20:f5:b0:be:bd:df:9d:8c:
c2:78:c5:e7:f5:2d:a1:1b:a8:cb:56:96:27:b1:4d:21:55:b6:
41:b2:47:99:a6:2f:6a:84:54:e1:ec:1f:f1:ad:37:f2:28:a8:
16:47:dd:86:5c:8a:10:9e:33:a1:1d:85:af:35:fc:fe:e0:ad:
55:34:df:98:b7:ad:49:5b:4b:1b:21:80:16:f2:24:de:f9:f4:
4b:43:6e:06
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzCbUx0Qimzo+A3ue+4LK5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzEyYjUyN2E1ZDFmOGI4YmNmMjMwZWI2MTFmNTJmMTFk
NTJiYmYwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGExZmJiMDM4MzljOTg3NDU0NzNmMDVmZjYwNWNmNTA2OGZlNDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPaHO7zLJJTzHfyMRH4oCplzkerw
IdK/KZ27BIYa7ufV0mvGzl9oOZsAHHlnS8CS6SccEJVLbpu3JYtyMmUQUy4LGmVN
+3VVZn5QG5Pzv57oZDtcr64hPknzN1t6xTN/ub+hhh7wcQkqQkkGBi6fbU/GdFxI
WzqD+cg0CXoRjlzQ+uUpqOjwrRP6qT91rGy8mLdX+JxyTNsBdBB9sMJTej/Q8BYQ
5BtFh2XrB512WYb0BAQ23kShrt2Aa587PBaRuWLLYlPBBnlYhv33FqessECuXIWh
st2iWk0/+s29qnO1Jzu4NpaCKT9GSfiEk0EsPoq6UhJdPgb1am8nKiewjwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFHih+7A4OcmHRUc/Bf9gXPUGj+RoMB8GA1UdIwQY
MBaAFMLBK1J6XR+Li88jDrYR9S8R1Su/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMt
NDZlZTU3OGEwYmZlLzEvZUtIN3NEZzV5WWRGUno4Rl8yQmM5UWFQNUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMtNDZlZTU3OGEwYmZl
LzEvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAAjl7AwQA
LQ0kAwQBLQ3WAwQALYEMMAwDBAAthjEDBAAthjIDBAAtjsEDBAAtlAgDBADBHQwD
BAHBIKAwDQYJKoZIhvcNAQELBQADggEBAFClVml/Z4+oy5v8Ut3dCwAXkYQjpmmF
/URaO0z+CGvgFaZi5GT1V3g+bhsw5hZaoKZHWiUvc21+Ic9ikrK1WridiTwTpCat
Gi1psnMVJHJT+txPjDhYEUs5/sE5ZkOgs2Q3eBN4QPqYxxP/08fkLNUb070AUc9f
4bE/Tyf4texGNeOrsC9+8U0wU3+c0kbu2bAqOXldU+k+o8pffLpIrFrlK48VFpZJ
sZtbl8gg9bC+vd+djMJ4xef1LaEbqMtWliexTSFVtkGyR5mmL2qEVOHsH/GtN/Io
qBZH3YZcihCeM6Edha81/P7grVU035i3rUlbSxshgBbyJN759EtDbgY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:12 2025 by rpki-client