Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/oZLWF8gLajZCT_M6ta5KOw1e-uE.roa
File: oZLWF8gLajZCT_M6ta5KOw1e-uE.roa (raw, json)
Hash identifier: Nxxg96Yg+gJgdj/JmtToAVEJngCcIJHEBAsuLi0S7A0=
Subject key identifier: A1:92:D6:17:C8:0B:6A:36:42:4F:F3:3A:B5:AE:4A:3B:0D:5E:FA:E1
Certificate issuer: /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial: 0194D5B8832338B759ACDA65CBBF27888550
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/oZLWF8gLajZCT_M6ta5KOw1e-uE.roa
Signing time: Wed 05 Feb 2025 10:47:06 +0000
ROA not before: Wed 05 Feb 2025 10:47:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39521
IP address blocks: 45.10.16.0/23 maxlen: 23
45.10.18.0/24 maxlen: 24
45.88.5.0/24 maxlen: 24
45.88.6.0/24 maxlen: 24
45.88.7.0/24 maxlen: 24
45.95.40.0/24 maxlen: 24
45.95.41.0/24 maxlen: 24
45.130.100.0/22 maxlen: 22
83.229.34.0/24 maxlen: 24
95.178.107.0/24 maxlen: 24
185.144.56.0/22 maxlen: 24
188.191.48.0/22 maxlen: 22
217.194.153.0/24 maxlen: 24
2a05:e4c0::/29 maxlen: 32
2a07:3bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:b8:83:23:38:b7:59:ac:da:65:cb:bf:27:88:85:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Validity
Not Before: Feb 5 10:47:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a192d617c80b6a36424ff33ab5ae4a3b0d5efae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fc:52:a1:89:ef:37:d6:13:74:3b:39:d5:2c:
58:84:9b:32:20:5e:f7:a4:43:df:24:ad:8b:59:94:
8d:0a:01:01:ec:6f:2c:a9:36:d8:6a:59:ca:41:89:
fc:ff:91:58:a9:41:9d:e3:e6:92:52:ca:2a:62:5b:
95:83:61:1b:7b:6f:68:75:5e:a6:54:9a:d9:82:70:
4a:f6:1e:99:92:2b:21:a1:d9:94:97:fc:19:82:d6:
9e:2a:f8:3b:ae:0b:78:06:76:10:45:a2:2b:d7:21:
d1:f7:6c:28:d9:06:8c:72:6e:05:36:cc:a3:26:3b:
80:3c:fb:1b:08:89:8c:da:da:8c:2e:bd:a6:f7:f1:
4c:88:10:25:0a:bf:8d:e7:33:72:c6:8c:4c:95:9e:
27:dd:3c:59:69:a0:03:15:e8:89:58:6a:c3:bd:82:
9c:35:85:32:06:cc:86:24:34:5d:c0:67:a7:03:9e:
c5:dd:50:07:79:50:a0:4d:80:16:4b:14:04:0b:92:
c3:a4:84:ab:e1:90:01:0e:f2:68:5f:94:bc:44:19:
8c:c8:cf:df:c1:21:49:ba:4d:f7:66:2e:cd:8f:3f:
1f:59:37:a7:07:3b:08:d2:e1:eb:69:54:1e:c0:0c:
8c:d9:21:dd:00:5e:66:ae:1c:f6:41:6f:3b:47:42:
08:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:92:D6:17:C8:0B:6A:36:42:4F:F3:3A:B5:AE:4A:3B:0D:5E:FA:E1
X509v3 Authority Key Identifier:
keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/oZLWF8gLajZCT_M6ta5KOw1e-uE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.16.0-45.10.18.255
45.88.5.0-45.88.7.255
45.95.40.0/23
45.130.100.0/22
83.229.34.0/24
95.178.107.0/24
185.144.56.0/22
188.191.48.0/22
217.194.153.0/24
IPv6:
2a05:e4c0::/29
2a07:3bc0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:78:ed:75:52:20:91:9c:a7:c5:6e:51:74:20:86:81:f9:c0:
87:ba:12:bb:17:48:15:14:89:0f:a2:03:b7:aa:9c:00:eb:e1:
5a:0c:f4:48:76:f0:e3:44:78:8a:ba:61:5a:36:1f:a9:f4:e9:
98:77:63:26:34:47:a2:57:51:c4:dc:81:df:31:1c:d8:5b:cf:
91:36:66:82:1d:b0:6e:d2:c8:b5:03:16:23:9a:28:a4:d7:df:
61:3a:1e:3a:29:42:2a:7e:68:85:32:d9:a7:e3:fe:37:fc:06:
ca:07:d8:2b:61:11:6f:d7:37:df:3b:e9:1a:71:b9:11:d6:78:
95:bc:b4:7d:71:a4:84:7f:a2:78:5d:39:0c:66:92:d6:bd:30:
52:4b:6e:00:6d:d2:cc:aa:99:90:eb:9b:ea:03:a9:d5:ae:16:
f1:c0:4a:77:81:9d:34:58:44:f6:61:f9:7a:db:a6:44:2f:c5:
91:6e:f2:ea:e9:a7:3c:09:8f:4a:76:f3:ae:cf:0d:05:67:01:
0a:58:48:22:72:63:2d:97:fc:80:f0:a8:ef:7d:a4:2c:95:6d:
8c:36:82:65:c3:89:fd:56:a1:98:c9:67:a5:a9:5c:04:24:10:
3c:d7:a7:bd:44:6f:e1:ea:37:fd:77:ea:ed:da:3b:d2:e6:03:
5d:ad:62:0a
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZTVuIMjOLdZrNply78niIVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjIxMGYxMjk5YTFlMGFlZTcxZGMxZDc5ZTVmYjEyMDky
ZDMwYTkwHhcNMjUwMjA1MTA0NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTkyZDYxN2M4MGI2YTM2NDI0ZmYzM2FiNWFlNGEzYjBkNWVmYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvxSoYnvN9YTdDs51SxYhJsyIF73
pEPfJK2LWZSNCgEB7G8sqTbYalnKQYn8/5FYqUGd4+aSUsoqYluVg2Ebe29odV6m
VJrZgnBK9h6ZkishodmUl/wZgtaeKvg7rgt4BnYQRaIr1yHR92wo2QaMcm4FNsyj
JjuAPPsbCImM2tqMLr2m9/FMiBAlCr+N5zNyxoxMlZ4n3TxZaaADFeiJWGrDvYKc
NYUyBsyGJDRdwGenA57F3VAHeVCgTYAWSxQEC5LDpISr4ZABDvJoX5S8RBmMyM/f
wSFJuk33Zi7Njz8fWTenBzsI0uHraVQewAyM2SHdAF5mrhz2QW87R0II0wIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFKGS1hfIC2o2Qk/zOrWuSjsNXvrhMB8GA1UdIwQY
MBaAFHPyEPEpmh4K7nHcHXnl+xIJLTCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDkt
Yjk0NjQ3MThiYTM3LzEvb1pMV0Y4Z0xhalpDVF9NNnRhNUtPdzFlLXVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDktYjk0NjQ3MThiYTM3
LzEvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBMBAIAATBGMAwDBAQtChAD
BAAtChIwDAMEAC1YBQMEAy1YAAMEAS1fKAMEAi2CZAMEAFPlIgMEAF+yawMEArmQ
OAMEAry/MAMEANnCmTAUBAIAAjAOAwUDKgXkwAMFAyoHO8AwDQYJKoZIhvcNAQEL
BQADggEBAI147XVSIJGcp8VuUXQghoH5wIe6ErsXSBUUiQ+iA7eqnADr4VoM9Eh2
8ONEeIq6YVo2H6n06Zh3YyY0R6JXUcTcgd8xHNhbz5E2ZoIdsG7SyLUDFiOaKKTX
32E6HjopQip+aIUy2afj/jf8BsoH2CthEW/XN9876RpxuRHWeJW8tH1xpIR/onhd
OQxmkta9MFJLbgBt0syqmZDrm+oDqdWuFvHASneBnTRYRPZh+XrbpkQvxZFu8urp
pzwJj0p2867PDQVnAQpYSCJyYy2X/IDwqO99pCyVbYw2gmXDif1WoZjJZ6WpXAQk
EDzXp71Eb+HqN/136u3aO9LmA12tYgo=
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:13:23 2025 by rpki-client