Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/xHUWp-IhZmk_U8CwKK_n9BGOcbI.roa
File: xHUWp-IhZmk_U8CwKK_n9BGOcbI.roa (raw, json)
Hash identifier: 2RFD3xexMzAEEdEVrKN657pvNZq2T3uOKQ0MCXLlbXI=
Subject key identifier: C4:75:16:A7:E2:21:66:69:3F:53:C0:B0:28:AF:E7:F4:11:8E:71:B2
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 019425220737F9E5D242F6C814634BE5B1F2
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/xHUWp-IhZmk_U8CwKK_n9BGOcbI.roa
Signing time: Thu 02 Jan 2025 03:49:34 +0000
ROA not before: Thu 02 Jan 2025 03:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8342
IP address blocks: 45.153.74.0/23 maxlen: 23
185.66.12.0/22 maxlen: 22
185.80.148.0/22 maxlen: 22
185.126.84.0/23 maxlen: 23
185.126.86.0/23 maxlen: 23
195.158.224.0/23 maxlen: 23
195.190.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:07:37:f9:e5:d2:42:f6:c8:14:63:4b:e5:b1:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Jan 2 03:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c47516a7e22166693f53c0b028afe7f4118e71b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cc:51:e7:c1:70:3c:0a:45:09:ea:7b:2b:2c:
05:d0:a4:8e:d3:bb:59:ef:a2:d7:d4:20:5a:97:3f:
c4:47:53:06:af:7d:cd:ab:6f:d9:0b:06:ad:2e:30:
b6:bb:0d:e2:98:f6:1d:06:a7:37:b4:9e:7d:ba:45:
a0:ce:73:f4:63:ea:69:97:2c:e2:aa:6e:a4:b2:89:
4a:9b:17:d5:9c:53:2a:b8:53:53:fa:eb:c4:98:10:
53:78:0e:9d:72:ac:07:b3:41:bf:0c:9e:1b:41:11:
ca:14:7b:da:3b:c0:db:60:45:ef:e1:ff:82:61:68:
f4:ac:38:f8:59:57:01:1b:79:f9:41:5d:d6:fa:69:
d1:ba:d7:ac:b1:91:f4:4f:b5:0f:87:db:e2:9c:5c:
9b:47:66:b1:82:d1:b0:6a:e6:f9:22:45:a3:54:b5:
8e:98:45:a0:b5:f9:4b:4d:37:a7:88:ae:ba:d4:b0:
48:c6:35:60:06:29:0d:e3:de:1b:1d:d7:a7:f7:53:
c0:a8:b6:29:3f:4d:56:eb:02:dc:5e:1e:17:12:86:
7d:d8:0f:fb:7d:7e:76:96:0d:5a:fe:bf:9c:3b:4f:
bd:da:51:b3:19:38:50:b9:0d:75:20:91:c5:39:8c:
50:a5:6a:72:cb:43:c3:38:84:c5:f3:5f:ee:53:69:
88:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:75:16:A7:E2:21:66:69:3F:53:C0:B0:28:AF:E7:F4:11:8E:71:B2
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/xHUWp-IhZmk_U8CwKK_n9BGOcbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.74.0/23
185.66.12.0/22
185.80.148.0/22
185.126.84.0/22
195.158.224.0/23
195.190.12.0/24
Signature Algorithm: sha256WithRSAEncryption
29:d4:df:1a:65:6f:ec:26:59:9d:f3:2f:d0:20:9e:c6:26:68:
42:de:86:fa:ed:92:bd:0e:83:b2:f2:54:d2:ce:ae:63:54:aa:
a5:fe:62:cc:67:78:8c:31:41:4c:5e:a2:23:26:f5:f4:19:a0:
43:a3:e8:c1:90:e6:c0:ec:15:6c:4f:ea:fd:36:4d:34:1a:c6:
18:9b:7b:2d:02:dc:7b:89:4f:66:c5:09:6f:c6:e9:c3:c3:f1:
66:40:5f:3a:84:11:57:95:0b:bd:b1:fd:0d:aa:fd:c1:44:fc:
74:2a:80:6e:c6:a9:35:bd:ca:1d:d3:d5:d4:be:72:d0:24:06:
4c:9c:32:cc:58:6e:1c:0f:2b:61:06:20:5d:2e:7a:1a:d2:9c:
07:aa:b2:0d:1f:a4:8a:b7:e9:9d:82:f3:d1:e4:ff:3c:05:66:
a6:46:34:1d:f2:22:ab:b2:37:73:28:76:68:70:b3:0d:a3:9d:
a7:70:d1:65:f8:9c:bb:bb:c8:40:69:d2:8b:02:97:fc:62:3d:
63:e2:5b:44:79:a2:65:1b:49:78:55:53:2d:cc:e9:80:fe:4e:
8b:f0:dd:1f:08:64:28:fe:c5:b8:78:30:99:47:1b:59:38:1a:
e8:8a:4b:8d:a4:41:72:46:70:a2:ae:d0:88:a9:8d:37:01:e0:
22:35:4d:1f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQlIgc3+eXSQvbIFGNL5bHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjUwMTAyMDM0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDc1MTZhN2UyMjE2NjY5M2Y1M2MwYjAyOGFmZTdmNDExOGU3MWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcxR58FwPApFCep7KywF0KSO07tZ
76LX1CBalz/ER1MGr33Nq2/ZCwatLjC2uw3imPYdBqc3tJ59ukWgznP0Y+pplyzi
qm6ksolKmxfVnFMquFNT+uvEmBBTeA6dcqwHs0G/DJ4bQRHKFHvaO8DbYEXv4f+C
YWj0rDj4WVcBG3n5QV3W+mnRutessZH0T7UPh9vinFybR2axgtGwaub5IkWjVLWO
mEWgtflLTTeniK661LBIxjVgBikN494bHden91PAqLYpP01W6wLcXh4XEoZ92A/7
fX52lg1a/r+cO0+92lGzGThQuQ11IJHFOYxQpWpyy0PDOITF81/uU2mIbQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMR1FqfiIWZpP1PAsCiv5/QRjnGyMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEveEhVV3AtSWhabWtfVThDd0tLX245QkdPY2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLZlKAwQC
uUIMAwQCuVCUAwQCuX5UAwQBw57gAwQAw74MMA0GCSqGSIb3DQEBCwUAA4IBAQAp
1N8aZW/sJlmd8y/QIJ7GJmhC3ob67ZK9DoOy8lTSzq5jVKql/mLMZ3iMMUFMXqIj
JvX0GaBDo+jBkObA7BVsT+r9Nk00GsYYm3stAtx7iU9mxQlvxunDw/FmQF86hBFX
lQu9sf0Nqv3BRPx0KoBuxqk1vcod09XUvnLQJAZMnDLMWG4cDythBiBdLnoa0pwH
qrINH6SKt+mdgvPR5P88BWamRjQd8iKrsjdzKHZocLMNo52ncNFl+Jy7u8hAadKL
Apf8Yj1j4ltEeaJlG0l4VVMtzOmA/k6L8N0fCGQo/sW4eDCZRxtZOBroikuNpEFy
RnCirtCIqY03AeAiNU0f
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:43 2025 by rpki-client