Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/DC-uL2NgN9rgI2nkNqSP4xi5Bo0.roa
File: DC-uL2NgN9rgI2nkNqSP4xi5Bo0.roa (raw, json)
Hash identifier: RytJ9Vd59f1f7iiFPm9F0d2Cc6DPcsJrsC5wXzliY8E=
Subject key identifier: 0C:2F:AE:2F:63:60:37:DA:E0:23:69:E4:36:A4:8F:E3:18:B9:06:8D
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0194D5ED9E8CF301D2987876AF3566942C94
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/DC-uL2NgN9rgI2nkNqSP4xi5Bo0.roa
Signing time: Wed 05 Feb 2025 11:45:07 +0000
ROA not before: Wed 05 Feb 2025 11:45:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.11.189.0/24 maxlen: 24
45.65.114.0/24 maxlen: 24
45.154.156.0/24 maxlen: 24
45.154.158.0/24 maxlen: 24
185.83.200.0/23 maxlen: 23
185.83.202.0/23 maxlen: 23
188.209.131.0/24 maxlen: 24
188.209.132.0/22 maxlen: 24
188.209.133.0/24 maxlen: 24
188.209.134.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
194.15.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:ed:9e:8c:f3:01:d2:98:78:76:af:35:66:94:2c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Feb 5 11:45:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c2fae2f636037dae02369e436a48fe318b9068d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:88:29:fa:4a:c0:63:d4:1d:d7:00:7f:8c:90:
85:8f:03:c6:74:1e:4b:98:7e:52:82:4c:4d:c1:9c:
01:06:08:7e:0c:31:3e:7a:14:b9:2f:f4:b6:8b:0a:
81:a7:7b:e5:f6:fa:5d:65:62:e3:be:ef:f9:65:a1:
92:95:9f:ea:c9:e0:b7:04:bb:92:4a:fe:b4:77:3e:
43:08:18:8b:83:f5:4e:fe:20:e9:25:65:4d:34:4a:
9d:3d:92:c8:6a:2a:73:16:c6:ae:d0:cf:aa:53:eb:
04:c2:25:5b:e2:dd:ac:04:13:5e:54:8d:ed:7c:0c:
9b:ee:51:a7:db:c6:29:a0:0c:99:fe:5a:0f:ad:7e:
5e:18:d8:94:23:15:bc:28:1a:48:e5:cf:36:2c:eb:
fb:8c:58:ea:f8:72:17:62:8d:1b:a2:f9:ff:61:3b:
15:2f:71:2f:34:17:92:00:8c:9b:51:91:c1:14:b4:
ab:e0:af:c4:80:47:65:88:38:2b:f8:ce:ae:06:26:
b9:88:ce:5e:0a:9c:f9:46:52:90:a6:1f:bc:18:72:
fe:49:9b:4f:4d:4c:84:2f:79:1e:ad:9f:2c:32:8b:
0d:44:a4:9d:7b:46:5c:1b:64:4b:f1:3d:df:b4:04:
84:cc:34:46:98:dd:6e:71:a2:a6:8f:be:b4:a3:71:
98:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2F:AE:2F:63:60:37:DA:E0:23:69:E4:36:A4:8F:E3:18:B9:06:8D
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/DC-uL2NgN9rgI2nkNqSP4xi5Bo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.189.0/24
45.65.114.0/24
45.154.156.0/24
45.154.158.0/24
185.83.200.0/22
188.209.131.0-188.209.135.255
188.209.139.0/24
194.15.99.0/24
Signature Algorithm: sha256WithRSAEncryption
56:aa:56:03:55:01:e7:7d:b2:c1:c7:cb:ab:20:ec:b4:db:74:
45:68:f0:19:a7:0f:70:97:c2:2a:36:2b:7a:b0:2d:77:36:49:
20:96:12:9a:5b:9f:c7:94:da:f9:47:73:eb:75:d3:10:66:2b:
e4:61:e5:1c:b6:7e:76:55:83:df:b0:09:8d:d9:1a:d6:c7:72:
49:50:25:c6:3c:3a:a4:df:cc:ae:8e:b8:19:58:ae:94:60:a3:
91:be:1c:2e:a9:4d:78:98:be:09:c6:f7:1a:11:ef:1c:c0:5c:
52:dc:55:8d:dc:26:ee:30:f4:cd:36:bc:14:91:60:07:18:ca:
24:98:40:58:8b:a3:96:62:48:18:b6:3b:ee:c2:de:49:ee:dc:
e7:53:7f:ea:6f:71:e2:f1:a7:a4:34:35:6e:5c:f1:f1:17:28:
4d:bc:72:21:95:64:a3:9f:7f:6e:ac:4e:e3:16:15:e8:91:fa:
b2:ec:c0:57:b5:5e:05:23:3b:eb:e3:ed:f4:49:e8:04:0f:04:
07:18:61:d2:3a:4f:5a:f0:c4:7c:15:c7:66:c8:24:1b:06:3e:
9e:88:ee:67:40:e6:bb:32:6b:64:44:91:ba:31:8b:00:14:d6:
6e:29:84:e1:47:42:c6:dd:5c:0a:b1:3a:ee:34:9d:fb:54:e8:
29:7a:51:47
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZTV7Z6M8wHSmHh2rzVmlCyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjUwMjA1MTE0NTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJmYWUyZjYzNjAzN2RhZTAyMzY5ZTQzNmE0OGZlMzE4YjkwNjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiogp+krAY9Qd1wB/jJCFjwPGdB5L
mH5SgkxNwZwBBgh+DDE+ehS5L/S2iwqBp3vl9vpdZWLjvu/5ZaGSlZ/qyeC3BLuS
Sv60dz5DCBiLg/VO/iDpJWVNNEqdPZLIaipzFsau0M+qU+sEwiVb4t2sBBNeVI3t
fAyb7lGn28YpoAyZ/loPrX5eGNiUIxW8KBpI5c82LOv7jFjq+HIXYo0bovn/YTsV
L3EvNBeSAIybUZHBFLSr4K/EgEdliDgr+M6uBia5iM5eCpz5RlKQph+8GHL+SZtP
TUyEL3kerZ8sMosNRKSde0ZcG2RL8T3ftASEzDRGmN1ucaKmj760o3GY3QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAwvri9jYDfa4CNp5Dakj+MYuQaNMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvREMtdUwyTmdOOXJnSTJua05xU1A0eGk1Qm8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALQu9AwQA
LUFyAwQALZqcAwQALZqeAwQCuVPIMAwDBAC80YMDBAO80YADBAC80YsDBADCD2Mw
DQYJKoZIhvcNAQELBQADggEBAFaqVgNVAed9ssHHy6sg7LTbdEVo8BmnD3CXwio2
K3qwLXc2SSCWEppbn8eU2vlHc+t10xBmK+Rh5Ry2fnZVg9+wCY3ZGtbHcklQJcY8
OqTfzK6OuBlYrpRgo5G+HC6pTXiYvgnG9xoR7xzAXFLcVY3cJu4w9M02vBSRYAcY
yiSYQFiLo5ZiSBi2O+7C3knu3OdTf+pvceLxp6Q0NW5c8fEXKE28ciGVZKOff26s
TuMWFeiR+rLswFe1XgUjO+vj7fRJ6AQPBAcYYdI6T1rwxHwVx2bIJBsGPp6I7mdA
5rsya2REkboxiwAU1m4phOFHQsbdXAqxOu40nftU6Cl6UUc=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:28 2025 by rpki-client