Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/k34T0BOxtuolFGK7D9gfPSVqjyg.roa
File: k34T0BOxtuolFGK7D9gfPSVqjyg.roa (raw, json)
Hash identifier: zRGBGpZvNTWiV1L4FpZxoKUzkhe3V2xnMgLC1QF7Yns=
Subject key identifier: 93:7E:13:D0:13:B1:B6:EA:25:14:62:BB:0F:D8:1F:3D:25:6A:8F:28
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 019426D89EDCFE313371BC9C5290C316D453
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/k34T0BOxtuolFGK7D9gfPSVqjyg.roa
Signing time: Thu 02 Jan 2025 11:48:38 +0000
ROA not before: Thu 02 Jan 2025 11:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20766
IP address blocks: 45.94.17.0/24 maxlen: 24
45.94.18.0/23 maxlen: 23
80.67.160.0/19 maxlen: 19
80.67.182.0/24 maxlen: 24
185.57.124.0/22 maxlen: 22
193.23.30.0/24 maxlen: 24
2001:910::/32 maxlen: 32
2001:913:4000::/36 maxlen: 36
2a04:9ac2::/32 maxlen: 32
2a0f:6780::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:9e:dc:fe:31:33:71:bc:9c:52:90:c3:16:d4:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jan 2 11:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=937e13d013b1b6ea251462bb0fd81f3d256a8f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:19:a8:a8:8f:05:3f:09:df:3b:6a:11:2d:b6:
65:e3:0b:c5:69:42:d4:94:c8:27:04:df:51:fd:52:
fb:87:91:b0:39:03:c8:e1:92:14:66:f5:69:ed:3b:
c4:cf:75:47:9c:8e:f9:b5:c3:ab:81:af:e1:29:05:
55:83:b5:5e:fc:9b:c9:ae:14:3c:83:8f:61:68:37:
3b:94:35:9f:ab:23:46:cc:a4:59:a0:9c:3c:b6:8a:
80:ba:11:e8:4b:bb:fc:f4:52:d7:57:b7:a0:97:3c:
eb:15:32:4a:ad:b4:f5:a7:14:3a:57:3d:2d:d0:4d:
a6:35:c4:b6:72:38:dc:a1:97:2a:0e:27:d1:62:2f:
48:13:49:78:6c:27:6e:3a:e6:af:d7:f4:66:79:4e:
14:a1:12:93:c5:a0:6e:c1:26:31:5a:a2:84:cc:c6:
14:c7:f6:ef:8b:81:47:4a:68:9b:95:db:79:4f:08:
89:92:81:42:9a:f8:0e:1f:a1:45:59:2e:ef:c0:bf:
e2:b5:5c:49:3b:20:a6:37:9b:c1:75:73:25:ba:79:
0a:d2:af:a3:f5:33:20:d7:3c:0f:0b:0f:2a:22:3d:
cf:52:f6:91:ba:19:ea:67:d4:6c:53:cd:fa:1c:1d:
6d:8f:06:6c:13:d5:ef:03:ee:2f:80:95:5b:a5:c7:
fb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:7E:13:D0:13:B1:B6:EA:25:14:62:BB:0F:D8:1F:3D:25:6A:8F:28
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/k34T0BOxtuolFGK7D9gfPSVqjyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.17.0-45.94.19.255
80.67.160.0/19
185.57.124.0/22
193.23.30.0/24
IPv6:
2001:910::/32
2001:913:4000::/36
2a04:9ac2::/32
2a0f:6780::/29
Signature Algorithm: sha256WithRSAEncryption
81:74:50:5f:6e:dd:b5:c8:58:cc:18:ff:3f:64:ef:ed:1f:71:
c1:ba:22:ff:22:63:7e:fc:f8:14:a7:59:a5:9b:bf:8e:09:4e:
32:6b:ae:0b:46:4b:a7:09:0a:6a:49:e7:53:36:c6:4a:60:7c:
5d:bd:82:99:e4:64:53:1a:1d:44:68:95:18:53:82:62:b5:80:
c9:ee:2f:cc:8c:96:5c:28:60:d0:5b:36:aa:69:23:a3:9a:d0:
7c:ec:2a:69:85:c0:f5:4b:65:9b:83:5a:9c:1c:58:ed:95:ed:
91:19:84:46:72:df:ed:91:db:f3:9c:a8:d7:62:46:3e:9f:f1:
22:cb:e8:cb:83:84:bd:d2:e3:2d:57:07:3f:36:f0:87:24:a6:
80:d1:82:3e:a8:d4:37:1b:a2:9c:be:04:0c:3b:64:64:27:77:
9b:e7:c5:b8:ed:8d:d2:65:58:bc:d1:37:95:39:55:85:1a:bd:
7e:7a:14:8a:ca:c9:f9:a9:f0:05:92:82:f7:40:a2:d0:97:22:
b9:be:bb:0d:aa:b6:78:ab:26:84:f8:4e:ef:f7:01:97:8d:ee:
60:e2:96:dc:30:83:de:d1:14:7c:b3:c7:d6:53:1f:f3:76:56:
ed:b8:75:f3:ba:0a:1a:41:4c:a0:cd:ea:0b:04:f0:29:67:0b:
72:a0:ca:49
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZQm2J7c/jEzcbycUpDDFtRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjUwMTAyMTE0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzdlMTNkMDEzYjFiNmVhMjUxNDYyYmIwZmQ4MWYzZDI1NmE4ZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBmoqI8FPwnfO2oRLbZl4wvFaULU
lMgnBN9R/VL7h5GwOQPI4ZIUZvVp7TvEz3VHnI75tcOrga/hKQVVg7Ve/JvJrhQ8
g49haDc7lDWfqyNGzKRZoJw8toqAuhHoS7v89FLXV7eglzzrFTJKrbT1pxQ6Vz0t
0E2mNcS2cjjcoZcqDifRYi9IE0l4bCduOuav1/RmeU4UoRKTxaBuwSYxWqKEzMYU
x/bvi4FHSmibldt5TwiJkoFCmvgOH6FFWS7vwL/itVxJOyCmN5vBdXMlunkK0q+j
9TMg1zwPCw8qIj3PUvaRuhnqZ9RsU836HB1tjwZsE9XvA+4vgJVbpcf7AQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJN+E9ATsbbqJRRiuw/YHz0lao8oMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvazM0VDBCT3h0dW9sRkdLN0Q5Z2ZQU1ZxanlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAmBAIAATAgMAwDBAAtXhED
BAItXhADBAVQQ6ADBAK5OXwDBADBFx4wIwQCAAIwHQMFACABCRADBgQgAQkTQAMF
ACoEmsIDBQMqD2eAMA0GCSqGSIb3DQEBCwUAA4IBAQCBdFBfbt21yFjMGP8/ZO/t
H3HBuiL/ImN+/PgUp1mlm7+OCU4ya64LRkunCQpqSedTNsZKYHxdvYKZ5GRTGh1E
aJUYU4JitYDJ7i/MjJZcKGDQWzaqaSOjmtB87CpphcD1S2Wbg1qcHFjtle2RGYRG
ct/tkdvznKjXYkY+n/Eiy+jLg4S90uMtVwc/NvCHJKaA0YI+qNQ3G6KcvgQMO2Rk
J3eb58W47Y3SZVi80TeVOVWFGr1+ehSKysn5qfAFkoL3QKLQlyK5vrsNqrZ4qyaE
+E7v9wGXje5g4pbcMIPe0RR8s8fWUx/zdlbtuHXzugoaQUygzeoLBPApZwtyoMpJ
-----END CERTIFICATE-----
Generated at Sat Feb 22 15:27:53 2025 by rpki-client