Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/1FhxmjQY59YAJAMVhG_T6zF5XSA.roa
File: 1FhxmjQY59YAJAMVhG_T6zF5XSA.roa (raw, json)
Hash identifier: LhK5E0yQbIvlUPrgw8D5iXHjua3tvso8AKzY9lfo4J0=
Subject key identifier: D4:58:71:9A:34:18:E7:D6:00:24:03:15:84:6F:D3:EB:31:79:5D:20
Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d
Certificate serial: 01941FFA4EB96D087483D890B331087B7F74
Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/1FhxmjQY59YAJAMVhG_T6zF5XSA.roa
Signing time: Wed 01 Jan 2025 03:48:05 +0000
ROA not before: Wed 01 Jan 2025 03:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49685
IP address blocks: 45.86.176.0/22 maxlen: 24
93.90.64.0/22 maxlen: 24
157.97.112.0/21 maxlen: 24
185.54.180.0/22 maxlen: 24
193.148.20.0/22 maxlen: 24
2a02:4660::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:4e:b9:6d:08:74:83:d8:90:b3:31:08:7b:7f:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d
Validity
Not Before: Jan 1 03:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d458719a3418e7d600240315846fd3eb31795d20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:92:f2:5c:28:65:eb:e2:7b:60:06:84:90:8d:
ad:5d:ec:99:45:8d:0a:a0:82:bd:ce:ac:76:31:8c:
f8:2d:5b:a6:70:5e:8d:b0:92:79:70:11:41:03:b3:
fb:42:3b:cf:ae:0e:3b:76:7b:7d:d0:09:c0:85:44:
4f:ba:fb:8d:24:cb:6a:cc:6d:33:23:57:d1:14:cb:
f1:ae:09:ef:82:0f:a5:87:1c:81:7e:41:a6:aa:d1:
90:4e:57:93:9b:cf:cc:f6:12:44:af:2f:b4:d3:de:
a5:d6:b9:14:4e:2f:36:87:15:27:ad:a6:6f:39:e6:
29:05:9e:37:c8:11:f6:09:01:dd:bf:0b:d9:f2:2a:
d5:81:9a:39:8a:18:a0:d7:bb:a7:2b:ae:1a:a1:b6:
72:05:db:f1:4e:1f:a7:68:79:27:3c:54:69:2c:18:
54:a2:26:2f:7f:f1:98:25:29:86:dd:11:16:63:d7:
75:a2:59:9c:a6:f8:e1:ac:9e:46:b4:50:a5:7a:7c:
31:62:7d:ed:1a:38:8f:0b:01:0e:59:31:70:70:83:
68:8d:8d:f1:6d:ea:f9:2c:b6:fa:80:37:e4:7f:85:
ac:d3:3f:1b:96:a7:59:a6:cd:1e:79:36:85:1c:e8:
af:62:88:4d:63:eb:17:d0:f6:51:b5:85:be:c7:0f:
b3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:58:71:9A:34:18:E7:D6:00:24:03:15:84:6F:D3:EB:31:79:5D:20
X509v3 Authority Key Identifier:
keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/1FhxmjQY59YAJAMVhG_T6zF5XSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.176.0/22
93.90.64.0/22
157.97.112.0/21
185.54.180.0/22
193.148.20.0/22
IPv6:
2a02:4660::/32
Signature Algorithm: sha256WithRSAEncryption
c0:53:09:13:5e:d4:79:2c:27:62:78:2f:bd:6b:a8:c1:2b:e8:
f0:af:e6:93:31:27:2e:64:12:85:58:29:a8:46:0a:11:23:11:
67:75:13:ac:42:d6:59:50:48:27:c6:c6:4c:e7:80:43:52:b6:
1a:e4:61:bc:c8:e3:74:52:fe:cf:55:bb:58:cd:bf:2f:a5:37:
02:b1:84:38:73:ec:37:53:d8:53:54:9c:ab:fa:9d:a7:cd:aa:
dd:c7:ec:f1:a3:6d:15:9f:9c:68:df:62:88:31:a6:ab:58:a9:
f7:e9:af:14:c5:f5:e0:41:a8:41:d5:9a:81:17:57:ae:f9:95:
e6:07:2a:46:da:d8:a4:9c:1c:b5:27:24:d1:d6:1f:88:29:3e:
0d:b4:2e:3f:fc:85:84:1a:84:e8:6c:2c:b0:10:5f:1e:77:03:
26:58:00:fc:53:64:f1:3a:43:e5:ec:14:a3:cb:db:d0:96:ae:
c4:6d:54:c2:7e:2e:60:17:7a:07:50:41:24:28:65:f2:7d:c1:
5f:5a:f2:96:12:c3:83:c4:bd:0e:8a:5b:cc:d4:6c:e7:cc:3d:
15:9f:91:1d:ab:41:3d:7b:6f:e0:73:35:bd:e5:f5:e0:cf:26:
d1:b6:13:2d:44:27:95:2c:89:38:04:25:b8:44:fc:0d:74:15:
4b:d5:c2:8a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQf+k65bQh0g9iQszEIe390MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx
MjI1NWQwHhcNMjUwMTAxMDM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDU4NzE5YTM0MThlN2Q2MDAyNDAzMTU4NDZmZDNlYjMxNzk1ZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JLyXChl6+J7YAaEkI2tXeyZRY0K
oIK9zqx2MYz4LVumcF6NsJJ5cBFBA7P7QjvPrg47dnt90AnAhURPuvuNJMtqzG0z
I1fRFMvxrgnvgg+lhxyBfkGmqtGQTleTm8/M9hJEry+0096l1rkUTi82hxUnraZv
OeYpBZ43yBH2CQHdvwvZ8irVgZo5ihig17unK64aobZyBdvxTh+naHknPFRpLBhU
oiYvf/GYJSmG3REWY9d1olmcpvjhrJ5GtFClenwxYn3tGjiPCwEOWTFwcINojY3x
ber5LLb6gDfkf4Ws0z8blqdZps0eeTaFHOivYohNY+sX0PZRtYW+xw+z1wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNRYcZo0GOfWACQDFYRv0+sxeV0gMB8GA1UdIwQY
MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt
NWM2MDJmZGU5NjNiLzEvMUZoeG1qUVk1OVlBSkFNVmhHX1Q2ekY1WFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi
LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVawAwQC
XVpAAwQDnWFwAwQCuTa0AwQCwZQUMA0EAgACMAcDBQAqAkZgMA0GCSqGSIb3DQEB
CwUAA4IBAQDAUwkTXtR5LCdieC+9a6jBK+jwr+aTMScuZBKFWCmoRgoRIxFndROs
QtZZUEgnxsZM54BDUrYa5GG8yON0Uv7PVbtYzb8vpTcCsYQ4c+w3U9hTVJyr+p2n
zardx+zxo20Vn5xo32KIMaarWKn36a8UxfXgQahB1ZqBF1eu+ZXmBypG2tiknBy1
JyTR1h+IKT4NtC4//IWEGoTobCywEF8edwMmWAD8U2TxOkPl7BSjy9vQlq7EbVTC
fi5gF3oHUEEkKGXyfcFfWvKWEsODxL0OilvM1GznzD0Vn5Edq0E9e2/gczW95fXg
zybRthMtRCeVLIk4BCW4RPwNdBVL1cKK
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:28:56 2025 by rpki-client