Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/_8ynXS5HiKcYDFRZfIweiLfUiJs.roa
File: _8ynXS5HiKcYDFRZfIweiLfUiJs.roa (raw, json)
Hash identifier: lvqMY1sNj9Il5qS9y4k3F8h0VoCGpDQtuLeu9Ax6iu0=
Subject key identifier: FF:CC:A7:5D:2E:47:88:A7:18:0C:54:59:7C:8C:1E:88:B7:D4:88:9B
Certificate issuer: /CN=1ab5c22bf53b705c7a2bb273ba73e3f0c0595b7b
Certificate serial: 019421B1C68F24140D29CC4EBD6E671E4AA0
Authority key identifier: 1A:B5:C2:2B:F5:3B:70:5C:7A:2B:B2:73:BA:73:E3:F0:C0:59:5B:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GrXCK_U7cFx6K7JzunPj8MBZW3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/_8ynXS5HiKcYDFRZfIweiLfUiJs.roa
Signing time: Wed 01 Jan 2025 11:48:06 +0000
ROA not before: Wed 01 Jan 2025 11:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60446
IP address blocks: 45.131.196.0/24 maxlen: 24
45.131.197.0/24 maxlen: 24
45.131.198.0/24 maxlen: 24
45.131.199.0/24 maxlen: 24
185.128.112.0/24 maxlen: 24
185.128.113.0/24 maxlen: 24
185.128.114.0/24 maxlen: 24
185.128.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c6:8f:24:14:0d:29:cc:4e:bd:6e:67:1e:4a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ab5c22bf53b705c7a2bb273ba73e3f0c0595b7b
Validity
Not Before: Jan 1 11:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffcca75d2e4788a7180c54597c8c1e88b7d4889b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:01:ed:5b:21:ac:13:b4:0b:55:14:73:e2:c0:
91:63:46:2f:6a:39:32:19:5f:23:e2:f5:c7:84:c8:
e2:68:e9:6c:b7:ba:df:31:21:c5:d0:1b:cc:21:24:
2a:ab:ab:0a:d3:ad:8f:57:ee:6b:93:bf:1c:48:24:
c0:4f:91:42:77:5a:ed:1f:3d:12:a7:4c:06:b9:c6:
56:ac:7b:d6:5a:eb:77:a0:63:66:c3:5f:d8:d3:3a:
ec:30:09:42:b8:92:3a:12:24:fa:5d:0b:6e:3c:be:
9d:e7:c2:24:5b:47:a2:87:fd:d6:84:85:d4:76:cd:
b2:a2:1d:e8:eb:a8:b8:49:02:81:b1:a4:00:4d:54:
17:70:61:cf:a0:04:17:04:ca:78:4f:1c:11:8c:93:
bb:0b:e8:c1:93:58:18:c8:60:80:d0:71:4e:98:64:
16:43:16:b9:0b:b7:0e:ec:76:6c:2c:ea:83:64:73:
c7:bb:19:fa:3e:87:c7:da:53:d7:14:28:78:a7:5f:
3f:36:94:4f:48:dd:e9:a5:c5:cf:81:38:0e:80:57:
cd:0e:48:ae:90:d5:83:b0:ad:d6:1d:af:12:28:f9:
b5:40:c1:47:52:b7:81:b8:bd:50:cf:40:02:23:ba:
ce:51:92:ce:23:c9:b0:ae:49:da:a2:82:fc:91:4d:
2c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CC:A7:5D:2E:47:88:A7:18:0C:54:59:7C:8C:1E:88:B7:D4:88:9B
X509v3 Authority Key Identifier:
keyid:1A:B5:C2:2B:F5:3B:70:5C:7A:2B:B2:73:BA:73:E3:F0:C0:59:5B:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GrXCK_U7cFx6K7JzunPj8MBZW3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/_8ynXS5HiKcYDFRZfIweiLfUiJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/GrXCK_U7cFx6K7JzunPj8MBZW3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.196.0/22
185.128.112.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:c8:e6:33:57:d6:90:5c:63:63:47:c8:b3:ba:18:88:66:48:
8b:4e:b6:cc:1f:74:7e:ee:55:49:c2:b0:de:0f:8a:88:ea:ae:
b1:de:3f:c7:16:b5:e0:6a:b0:66:6b:af:fb:a9:bf:b0:dd:e6:
52:77:e1:e3:61:47:06:ac:f9:28:62:e5:5d:c8:4d:a4:61:78:
f9:1b:29:ae:b9:2d:3a:af:b1:09:52:56:72:6e:a9:10:2e:65:
f9:3c:17:d1:f3:23:bc:e2:29:ec:8e:b5:d5:a7:3a:b4:8a:4b:
cb:ff:06:87:67:5b:39:ed:91:60:84:ef:89:6a:4c:88:4b:b5:
f1:88:ec:3c:af:38:62:dd:54:61:b0:54:a7:f3:6f:d8:02:c9:
c8:73:8a:57:68:45:81:5a:6d:08:72:0a:84:33:da:32:8d:57:
77:e9:48:51:fc:c6:38:75:dd:f0:2d:78:4a:b4:21:8d:c7:10:
7a:7c:8c:03:7e:db:ae:8e:d3:1b:83:fe:d2:34:ee:8e:5e:41:
00:54:27:95:4c:d3:5a:dd:72:2d:c9:3d:97:4a:67:a8:d2:91:
e1:8b:f7:ab:c5:c9:6b:ab:19:26:07:4e:a3:23:d4:50:a5:83:
e0:2d:52:90:68:9f:14:9f:b6:55:69:16:45:01:0f:46:ae:58:
5a:c7:54:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhscaPJBQNKcxOvW5nHkqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYjVjMjJiZjUzYjcwNWM3YTJiYjI3M2JhNzNlM2YwYzA1
OTViN2IwHhcNMjUwMTAxMTE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmNjYTc1ZDJlNDc4OGE3MTgwYzU0NTk3YzhjMWU4OGI3ZDQ4ODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgHtWyGsE7QLVRRz4sCRY0Yvajky
GV8j4vXHhMjiaOlst7rfMSHF0BvMISQqq6sK062PV+5rk78cSCTAT5FCd1rtHz0S
p0wGucZWrHvWWut3oGNmw1/Y0zrsMAlCuJI6EiT6XQtuPL6d58IkW0eih/3WhIXU
ds2yoh3o66i4SQKBsaQATVQXcGHPoAQXBMp4TxwRjJO7C+jBk1gYyGCA0HFOmGQW
Qxa5C7cO7HZsLOqDZHPHuxn6PofH2lPXFCh4p18/NpRPSN3ppcXPgTgOgFfNDkiu
kNWDsK3WHa8SKPm1QMFHUreBuL1Qz0ACI7rOUZLOI8mwrknaooL8kU0sqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP/Mp10uR4inGAxUWXyMHoi31IibMB8GA1UdIwQY
MBaAFBq1wiv1O3Bceiuyc7pz4/DAWVt7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3JYQ0tfVTdjRng2SzdKenVuUGo4TUJaVzNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83YzhiZjQtNmFiNi00MTk5LWIzYTct
YjRiMWY2Zjk4YTkwLzEvXzh5blhTNUhpS2NZREZSWmZJd2VpTGZVaUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83YzhiZjQtNmFiNi00MTk5LWIzYTctYjRiMWY2Zjk4YTkw
LzEvR3JYQ0tfVTdjRng2SzdKenVuUGo4TUJaVzNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYPEAwQC
uYBwMA0GCSqGSIb3DQEBCwUAA4IBAQCuyOYzV9aQXGNjR8izuhiIZkiLTrbMH3R+
7lVJwrDeD4qI6q6x3j/HFrXgarBma6/7qb+w3eZSd+HjYUcGrPkoYuVdyE2kYXj5
GymuuS06r7EJUlZybqkQLmX5PBfR8yO84insjrXVpzq0ikvL/waHZ1s57ZFghO+J
akyIS7XxiOw8rzhi3VRhsFSn82/YAsnIc4pXaEWBWm0IcgqEM9oyjVd36UhR/MY4
dd3wLXhKtCGNxxB6fIwDftuujtMbg/7SNO6OXkEAVCeVTNNa3XItyT2XSmeo0pHh
i/erxclrqxkmB06jI9RQpYPgLVKQaJ8Un7ZVaRZFAQ9Grlhax1Q0
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:45:31 2025 by rpki-client