Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/WFf6Jerwqd2C-BFibPzm-Lka3eU.roa
File: WFf6Jerwqd2C-BFibPzm-Lka3eU.roa (raw, json)
Hash identifier: s9WRsSQBELE3Ty4pE3kuIdFgKdgljG6diDmFtITQwRw=
Subject key identifier: 58:57:FA:25:EA:F0:A9:DD:82:F8:11:62:6C:FC:E6:F8:B9:1A:DD:E5
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0194266BA2BD80B5278D1918BF37BED43D96
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/WFf6Jerwqd2C-BFibPzm-Lka3eU.roa
Signing time: Thu 02 Jan 2025 09:49:35 +0000
ROA not before: Thu 02 Jan 2025 09:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22773
IP address blocks: 45.133.112.0/22 maxlen: 24
45.136.24.0/22 maxlen: 24
45.147.8.0/22 maxlen: 24
45.147.232.0/22 maxlen: 24
91.132.124.0/23 maxlen: 24
93.177.94.0/23 maxlen: 24
193.142.36.0/22 maxlen: 24
194.180.232.0/23 maxlen: 24
194.180.236.0/23 maxlen: 24
212.87.216.0/24 maxlen: 24
212.87.218.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:a2:bd:80:b5:27:8d:19:18:bf:37:be:d4:3d:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jan 2 09:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5857fa25eaf0a9dd82f811626cfce6f8b91adde5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b0:c0:2e:70:96:cf:a8:3f:4e:94:12:9b:aa:
d8:ba:f7:95:32:d5:f9:c7:26:1e:e9:22:60:5e:82:
eb:44:36:88:7d:c5:7f:ec:b9:60:1f:3b:a4:ef:85:
b5:2a:0d:91:5b:10:36:fe:e2:46:ae:8a:c1:fa:10:
d7:5b:05:d9:7a:1d:93:eb:13:ee:a5:57:58:f9:df:
f9:29:2e:4a:d5:af:1f:92:71:a5:e1:84:b1:37:fb:
ee:ce:13:92:91:06:7e:53:e3:c1:77:83:af:54:f6:
a3:ea:0f:89:4b:af:31:ae:88:d7:a0:2b:4f:31:e0:
5f:8b:0e:70:77:34:b5:93:3d:97:9f:10:97:44:c8:
80:10:18:95:16:29:3e:07:b7:e2:a2:bd:94:f2:3a:
e6:fd:54:f5:45:80:8e:4e:9c:90:c9:b4:b1:a8:f3:
81:d5:6a:62:b4:d4:6b:47:c0:9a:76:e7:61:fa:1b:
8c:70:2c:5e:1c:6c:5e:19:05:55:6c:11:ed:00:ec:
1c:87:b3:93:f3:6d:09:e0:93:a7:ce:45:ac:f2:bd:
f7:f2:7f:38:06:2d:74:33:98:c1:b3:83:b4:f5:f3:
e4:67:b6:e3:88:06:a6:ae:e3:46:39:9e:e3:c8:47:
85:f1:aa:4c:a7:41:0c:45:74:27:ce:07:ac:01:80:
37:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:57:FA:25:EA:F0:A9:DD:82:F8:11:62:6C:FC:E6:F8:B9:1A:DD:E5
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/WFf6Jerwqd2C-BFibPzm-Lka3eU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.112.0/22
45.136.24.0/22
45.147.8.0/22
45.147.232.0/22
91.132.124.0/23
93.177.94.0/23
193.142.36.0/22
194.180.232.0/23
194.180.236.0/23
212.87.216.0/24
212.87.218.0/23
Signature Algorithm: sha256WithRSAEncryption
41:26:f1:f3:6e:b9:f9:74:77:9a:1a:fa:c0:ef:bc:83:4f:1c:
bc:2a:b1:a1:1a:33:20:dc:e1:33:59:1d:e7:2e:a5:99:a0:a5:
30:3e:d5:7c:c3:45:34:08:51:f7:59:3e:89:2f:23:17:26:c9:
9f:56:59:cd:2a:87:98:a4:ff:5b:0c:6a:2c:80:74:6c:b4:67:
93:9c:05:35:33:61:f6:5e:4b:b1:5a:c9:92:d6:6a:9f:72:9a:
c2:84:91:c6:51:f2:1c:51:cf:8b:bb:8b:cc:05:c6:a3:7b:8a:
f3:f1:d4:fa:43:b9:09:63:b3:c9:83:81:13:e3:e0:d9:82:06:
1b:61:c0:88:e0:97:cc:ff:4f:58:30:50:69:48:fd:58:6a:38:
e9:41:e5:59:db:93:0a:7f:ce:97:13:6c:3d:28:6e:7d:05:ff:
6b:a3:f9:8e:9a:f3:3e:aa:9c:41:d4:6b:96:7e:f5:c3:1b:5e:
07:6e:0b:2b:c2:47:7d:9c:d2:fe:a7:69:6d:0e:63:0c:51:35:
e9:59:71:d0:d9:e1:84:ec:77:7d:44:f4:a8:13:b1:97:0a:a1:
f8:35:e2:3a:9f:41:65:ec:20:55:ec:d9:b8:1c:9e:6c:75:df:
a4:65:6d:aa:81:61:94:aa:ac:51:a2:19:3c:ab:87:35:b3:0a:
11:9f:0f:d4
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQma6K9gLUnjRkYvze+1D2WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwMTAyMDk0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODU3ZmEyNWVhZjBhOWRkODJmODExNjI2Y2ZjZTZmOGI5MWFkZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLDALnCWz6g/TpQSm6rYuveVMtX5
xyYe6SJgXoLrRDaIfcV/7LlgHzuk74W1Kg2RWxA2/uJGrorB+hDXWwXZeh2T6xPu
pVdY+d/5KS5K1a8fknGl4YSxN/vuzhOSkQZ+U+PBd4OvVPaj6g+JS68xrojXoCtP
MeBfiw5wdzS1kz2XnxCXRMiAEBiVFik+B7fior2U8jrm/VT1RYCOTpyQybSxqPOB
1WpitNRrR8Cadudh+huMcCxeHGxeGQVVbBHtAOwch7OT820J4JOnzkWs8r338n84
Bi10M5jBs4O09fPkZ7bjiAamruNGOZ7jyEeF8apMp0EMRXQnzgesAYA3nwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFhX+iXq8KndgvgRYmz85vi5Gt3lMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvV0ZmNkplcndxZDJDLUJGaWJQem0tTGthM2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLYVwAwQC
LYgYAwQCLZMIAwQCLZPoAwQBW4R8AwQBXbFeAwQCwY4kAwQBwrToAwQBwrTsAwQA
1FfYAwQB1FfaMA0GCSqGSIb3DQEBCwUAA4IBAQBBJvHzbrn5dHeaGvrA77yDTxy8
KrGhGjMg3OEzWR3nLqWZoKUwPtV8w0U0CFH3WT6JLyMXJsmfVlnNKoeYpP9bDGos
gHRstGeTnAU1M2H2XkuxWsmS1mqfcprChJHGUfIcUc+Lu4vMBcaje4rz8dT6Q7kJ
Y7PJg4ET4+DZggYbYcCI4JfM/09YMFBpSP1YajjpQeVZ25MKf86XE2w9KG59Bf9r
o/mOmvM+qpxB1GuWfvXDG14Hbgsrwkd9nNL+p2ltDmMMUTXpWXHQ2eGE7Hd9RPSo
E7GXCqH4NeI6n0Fl7CBV7Nm4HJ5sdd+kZW2qgWGUqqxRohk8q4c1swoRnw/U
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:04:04 2025 by rpki-client