Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/iY3FMIsJNjhP3S0dlVsMULHhtY0.roa
File: iY3FMIsJNjhP3S0dlVsMULHhtY0.roa (raw, json)
Hash identifier: TljNvQzIog8ui4qP/HN0ytrkO8SO2+RdR/V67J5IPW0=
Subject key identifier: 89:8D:C5:30:8B:09:36:38:4F:DD:2D:1D:95:5B:0C:50:B1:E1:B5:8D
Certificate issuer: /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial: 0185018BDA4440C8461DCAE9784AA27BAB2A
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/iY3FMIsJNjhP3S0dlVsMULHhtY0.roa
Signing time: Sun 11 Dec 2022 14:17:00 +0000
ROA not before: Sun 11 Dec 2022 14:17:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 45.146.81.0/24 maxlen: 24
45.146.80.0/24 maxlen: 24
45.149.186.0/23 maxlen: 24
193.111.125.0/24 maxlen: 24
193.176.128.0/24 maxlen: 24
194.147.6.0/23 maxlen: 24
193.142.4.0/24 maxlen: 24
194.5.148.0/24 maxlen: 24
194.5.148.0/23 maxlen: 24
45.158.8.0/24 maxlen: 24
45.158.8.0/23 maxlen: 23
45.153.6.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:01:8b:da:44:40:c8:46:1d:ca:e9:78:4a:a2:7b:ab:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Validity
Not Before: Dec 11 14:17:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=898dc5308b0936384fdd2d1d955b0c50b1e1b58d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d1:7b:eb:5c:b7:da:60:5c:01:5e:aa:47:f8:
ae:89:a6:ee:87:49:47:ba:53:0f:c4:69:02:6f:05:
e9:8b:44:18:67:64:3b:ec:6a:39:cb:91:ea:4b:30:
b7:b0:0e:b3:ac:dc:28:3b:1b:7d:f9:47:3e:a2:10:
84:89:f1:fe:98:e7:9c:fd:ef:46:76:d2:d1:9b:ea:
63:16:a4:d1:f3:46:c3:84:2a:ef:1e:a6:bd:48:f4:
3a:cd:85:28:46:37:8a:07:19:37:20:4c:84:18:d4:
47:c3:ce:07:9c:83:92:00:ad:57:f0:51:13:85:74:
c1:f0:0e:93:93:88:09:cc:89:4f:f0:b8:62:55:f4:
79:4d:9d:69:2d:ef:0c:0d:e7:5e:bb:fc:24:e1:5e:
74:3b:b6:97:57:c1:0f:3d:cc:5d:d4:34:64:ff:ea:
7e:e0:b7:7c:b1:11:d3:0b:2c:16:b1:6a:ca:4e:f4:
62:7e:2e:05:8d:4b:9e:8d:df:f8:97:47:12:a8:c3:
52:cf:6a:d5:62:be:12:67:41:d0:3a:a7:09:7d:e4:
6b:6d:a3:86:e7:22:27:9d:76:74:3b:b1:9a:c9:52:
f7:50:00:f8:f4:c1:bf:1c:c5:f9:14:48:a8:7f:f2:
84:c5:36:e3:13:6a:f1:3b:24:59:e0:3b:4a:8f:8e:
03:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8D:C5:30:8B:09:36:38:4F:DD:2D:1D:95:5B:0C:50:B1:E1:B5:8D
X509v3 Authority Key Identifier:
keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/iY3FMIsJNjhP3S0dlVsMULHhtY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.80.0/23
45.149.186.0/23
45.153.6.0/23
45.158.8.0/23
193.111.125.0/24
193.142.4.0/24
193.176.128.0/24
194.5.148.0/23
194.147.6.0/23
Signature Algorithm: sha256WithRSAEncryption
38:cd:2d:9e:00:f6:a4:15:35:b4:45:dc:6a:1a:4a:46:55:ac:
e9:0a:ed:9e:f4:60:3d:aa:df:39:42:9a:f9:45:a8:d0:e6:dc:
fb:58:31:8b:1d:92:4c:14:46:4a:3e:8c:9d:3f:a5:bf:f3:ac:
b2:36:8c:47:e8:a6:14:72:4c:eb:de:60:65:73:3a:42:bf:5b:
b8:43:12:0a:5b:a0:8a:f4:3e:ca:f0:0b:f7:2f:03:1e:a4:f3:
68:ec:b8:61:07:80:5e:83:9c:9c:25:4b:ff:19:0b:ce:db:ef:
0f:3e:ea:f4:4f:14:bd:df:4a:7c:25:94:9b:a5:3a:59:6a:8f:
cf:fc:41:e0:9b:70:9b:19:21:10:9c:60:e7:5a:ed:a9:d3:19:
64:65:a6:6a:69:04:11:ef:a9:6d:2a:8b:0e:d0:41:22:f5:58:
f5:6f:82:23:2c:e2:1b:73:7e:4b:8e:40:18:0f:df:8b:c4:da:
ed:23:85:55:e0:ac:ce:8b:8c:22:28:fb:bc:5c:bb:cb:96:0f:
19:01:87:6e:e2:61:8b:4b:fe:82:ed:22:54:88:6a:64:cd:f9:
5f:c4:19:af:bb:38:60:85:62:4e:3c:1e:35:ca:39:b2:bc:8f:
c9:f9:b7:81:58:3c:b4:c9:78:18:ad:98:e7:8b:d8:80:4b:80:
c2:f6:ce:3d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYUBi9pEQMhGHcrpeEqie6sqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIxMjExMTQxNzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OThkYzUzMDhiMDkzNjM4NGZkZDJkMWQ5NTViMGM1MGIxZTFiNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tF761y32mBcAV6qR/iuiabuh0lH
ulMPxGkCbwXpi0QYZ2Q77Go5y5HqSzC3sA6zrNwoOxt9+Uc+ohCEifH+mOec/e9G
dtLRm+pjFqTR80bDhCrvHqa9SPQ6zYUoRjeKBxk3IEyEGNRHw84HnIOSAK1X8FET
hXTB8A6Tk4gJzIlP8LhiVfR5TZ1pLe8MDedeu/wk4V50O7aXV8EPPcxd1DRk/+p+
4Ld8sRHTCywWsWrKTvRifi4FjUuejd/4l0cSqMNSz2rVYr4SZ0HQOqcJfeRrbaOG
5yInnXZ0O7GayVL3UAD49MG/HMX5FEiof/KExTbjE2rxOyRZ4DtKj44DzQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFImNxTCLCTY4T90tHZVbDFCx4bWNMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvaVkzRk1Jc0pOamhQM1MwZGxWc01VTEhodFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBLZJQAwQB
LZW6AwQBLZkGAwQBLZ4IAwQAwW99AwQAwY4EAwQAwbCAAwQBwgWUAwQBwpMGMA0G
CSqGSIb3DQEBCwUAA4IBAQA4zS2eAPakFTW0RdxqGkpGVazpCu2e9GA9qt85Qpr5
RajQ5tz7WDGLHZJMFEZKPoydP6W/86yyNoxH6KYUckzr3mBlczpCv1u4QxIKW6CK
9D7K8Av3LwMepPNo7LhhB4Beg5ycJUv/GQvO2+8PPur0TxS930p8JZSbpTpZao/P
/EHgm3CbGSEQnGDnWu2p0xlkZaZqaQQR76ltKosO0EEi9Vj1b4IjLOIbc35LjkAY
D9+LxNrtI4VV4KzOi4wiKPu8XLvLlg8ZAYdu4mGLS/6C7SJUiGpkzflfxBmvuzhg
hWJOPB41yjmyvI/J+beBWDy0yXgYrZjni9iAS4DC9s49
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:07 2025 by rpki-client