Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/lqxGizsVmZbvi7xpd3yzs2I4ILw.roa
File: lqxGizsVmZbvi7xpd3yzs2I4ILw.roa (raw, json)
Hash identifier: aTi4SECMvkjegR9/FyzL9HTmeGkM0AsiVgyipWCsYrY=
Subject key identifier: 96:AC:46:8B:3B:15:99:96:EF:8B:BC:69:77:7C:B3:B3:62:38:20:BC
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 019427473515E8A5B8D34058463917F66F44
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/lqxGizsVmZbvi7xpd3yzs2I4ILw.roa
Signing time: Thu 02 Jan 2025 13:49:25 +0000
ROA not before: Thu 02 Jan 2025 13:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42708
IP address blocks: 45.11.182.0/24 maxlen: 24
91.242.219.0/24 maxlen: 24
109.230.199.0/24 maxlen: 24
194.76.224.0/24 maxlen: 24
2a0b:7140:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:35:15:e8:a5:b8:d3:40:58:46:39:17:f6:6f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 13:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96ac468b3b159996ef8bbc69777cb3b3623820bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5d:38:3e:35:83:50:91:bc:7c:82:59:1b:f9:
73:e6:d5:8f:74:65:ed:8d:36:4e:59:7c:a1:a4:38:
e5:66:c1:be:18:9c:c6:23:83:dd:cc:60:d8:a9:36:
83:4a:36:e3:5c:bb:dd:71:58:86:e9:c3:29:77:c5:
2e:9c:75:88:10:2e:74:1a:24:6f:24:45:d8:20:57:
18:81:70:7c:ee:74:93:ae:1a:a2:b9:27:57:f6:45:
d8:69:33:23:01:fc:43:51:a7:20:ac:26:3b:25:e0:
0d:24:07:6a:d7:34:44:51:bc:07:d7:64:c3:3f:fc:
ad:30:6e:11:fe:7d:cd:a5:87:43:58:8f:1c:de:2f:
6f:ff:13:65:6f:81:65:55:b7:00:ef:45:96:2c:93:
2f:ab:aa:5d:b3:ed:98:5a:66:48:e0:8a:f7:18:4f:
a6:6f:eb:2a:1d:65:03:ed:dc:2d:9a:c6:fb:a9:86:
0a:60:36:b5:93:6b:91:1b:16:19:23:3b:ac:5a:74:
9e:7d:3a:08:26:a8:0b:3a:97:1e:90:18:be:07:74:
b0:13:8e:39:61:50:fc:25:f0:ef:15:09:86:b0:4d:
b8:4b:8e:bb:27:f7:bb:8d:01:9f:2f:3c:54:60:67:
77:ff:33:8d:45:9c:a6:cd:cf:27:dc:46:ce:d9:4e:
b0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:AC:46:8B:3B:15:99:96:EF:8B:BC:69:77:7C:B3:B3:62:38:20:BC
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/lqxGizsVmZbvi7xpd3yzs2I4ILw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.182.0/24
91.242.219.0/24
109.230.199.0/24
194.76.224.0/24
IPv6:
2a0b:7140:3::/48
Signature Algorithm: sha256WithRSAEncryption
67:e5:2b:7a:5b:40:82:40:e2:87:c7:5d:65:c6:83:e0:30:34:
2f:eb:5c:17:8c:1c:60:45:03:1f:0e:81:67:33:b3:02:be:f6:
47:53:9f:d3:99:9b:6f:94:25:9e:9a:62:ac:0a:c3:ed:07:29:
70:9f:94:37:fc:11:dc:8a:da:9a:aa:43:9a:7b:69:c0:6e:fa:
f1:bd:04:18:f5:ad:11:34:4a:24:db:c7:06:5c:63:fd:19:62:
9d:47:b9:a1:7e:d9:3f:d7:df:09:2f:66:ef:c7:63:81:12:14:
56:e1:b2:f8:77:7a:46:bd:31:60:f2:dd:59:4c:f3:b0:be:6f:
b3:cd:a6:68:35:7b:5a:40:1e:5c:3c:ce:5d:15:49:7b:21:d8:
8f:91:26:a6:1a:e8:25:3a:cf:c9:72:79:44:6e:b6:86:6f:ea:
41:ef:97:52:f7:d3:a1:65:f3:26:76:a3:b6:cb:fa:25:c2:07:
48:96:66:62:9f:9c:1b:b7:bd:2e:e3:97:3b:05:60:95:58:d8:
a7:e4:a8:f4:9c:b3:da:dd:95:ce:97:41:d1:99:91:fb:10:e9:
80:f9:47:7a:65:8e:87:cd:91:a5:52:9c:30:19:90:a8:b4:d5:
66:b8:d8:e4:6e:11:fb:4a:5c:bd:6d:16:c0:64:07:00:7b:3c:
ba:2b:6f:c6
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQnRzUV6KW400BYRjkX9m9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjUwMTAyMTM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmFjNDY4YjNiMTU5OTk2ZWY4YmJjNjk3NzdjYjNiMzYyMzgyMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlV04PjWDUJG8fIJZG/lz5tWPdGXt
jTZOWXyhpDjlZsG+GJzGI4PdzGDYqTaDSjbjXLvdcViG6cMpd8UunHWIEC50GiRv
JEXYIFcYgXB87nSTrhqiuSdX9kXYaTMjAfxDUacgrCY7JeANJAdq1zREUbwH12TD
P/ytMG4R/n3NpYdDWI8c3i9v/xNlb4FlVbcA70WWLJMvq6pds+2YWmZI4Ir3GE+m
b+sqHWUD7dwtmsb7qYYKYDa1k2uRGxYZIzusWnSefToIJqgLOpcekBi+B3SwE445
YVD8JfDvFQmGsE24S467J/e7jQGfLzxUYGd3/zONRZymzc8n3EbO2U6w9QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJasRos7FZmW74u8aXd8s7NiOCC8MB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvbHF4R2l6c1ZtWmJ2aTd4cGQzeXpzMkk0SUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQALQu2AwQA
W/LbAwQAbebHAwQAwkzgMA8EAgACMAkDBwAqC3FAAAMwDQYJKoZIhvcNAQELBQAD
ggEBAGflK3pbQIJA4ofHXWXGg+AwNC/rXBeMHGBFAx8OgWczswK+9kdTn9OZm2+U
JZ6aYqwKw+0HKXCflDf8EdyK2pqqQ5p7acBu+vG9BBj1rRE0SiTbxwZcY/0ZYp1H
uaF+2T/X3wkvZu/HY4ESFFbhsvh3eka9MWDy3VlM87C+b7PNpmg1e1pAHlw8zl0V
SXsh2I+RJqYa6CU6z8lyeURutoZv6kHvl1L306Fl8yZ2o7bL+iXCB0iWZmKfnBu3
vS7jlzsFYJVY2KfkqPScs9rdlc6XQdGZkfsQ6YD5R3pljofNkaVSnDAZkKi01Wa4
2ORuEftKXL1tFsBkBwB7PLorb8Y=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:45:29 2025 by rpki-client