Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/A3sQhOLu7ddcIdZbgM9ma7Q1ZpY.roa
File: A3sQhOLu7ddcIdZbgM9ma7Q1ZpY.roa (raw, json)
Hash identifier: P3e6JCyg1OMJf4ZAzrSG+PhNLGDHiD8tzK9ELbZ45kw=
Subject key identifier: 03:7B:10:84:E2:EE:ED:D7:5C:21:D6:5B:80:CF:66:6B:B4:35:66:96
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0195A8EF4DA95E328AEDA1A7EE33F9297F7F
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/A3sQhOLu7ddcIdZbgM9ma7Q1ZpY.roa
Signing time: Tue 18 Mar 2025 11:06:49 +0000
ROA not before: Tue 18 Mar 2025 11:06:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199959
IP address blocks: 45.43.147.0/24 maxlen: 24
45.43.152.0/24 maxlen: 24
64.137.54.0/24 maxlen: 24
64.137.111.0/24 maxlen: 24
104.222.191.0/24 maxlen: 24
104.233.56.0/24 maxlen: 24
104.233.58.0/24 maxlen: 24
104.238.24.0/24 maxlen: 24
104.238.28.0/24 maxlen: 24
104.239.47.0/24 maxlen: 24
104.239.66.0/24 maxlen: 24
104.239.74.0/24 maxlen: 24
104.239.79.0/24 maxlen: 24
104.239.83.0/24 maxlen: 24
104.239.89.0/24 maxlen: 24
104.239.100.0/24 maxlen: 24
104.239.102.0/24 maxlen: 24
104.239.109.0/24 maxlen: 24
104.239.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:ef:4d:a9:5e:32:8a:ed:a1:a7:ee:33:f9:29:7f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 18 11:06:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=037b1084e2eeedd75c21d65b80cf666bb4356696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d7:b0:6e:20:1d:1a:4b:2d:56:55:54:fd:79:
bc:cf:e3:59:49:cb:9b:af:f2:d5:d5:a6:19:71:44:
47:e6:2d:d8:87:5c:5f:b5:e6:42:30:2d:64:f6:13:
99:fc:f3:2a:c3:55:74:f5:67:d5:e4:a7:45:04:91:
bf:ba:60:ed:17:b8:24:2c:36:53:49:74:43:e3:f6:
0b:da:98:04:a9:9f:cc:3c:0f:ea:8a:57:43:b2:e1:
77:74:55:00:a6:b0:77:ad:26:af:cf:86:f0:e3:33:
a1:0b:32:98:61:31:a7:d7:72:9a:46:b7:e8:ce:e1:
cd:df:83:df:ce:3c:6b:08:24:61:b5:3d:02:e2:e6:
cc:08:c8:e1:e0:d7:39:5d:00:e4:bb:31:91:f9:a5:
12:bc:e5:f5:69:3c:6c:3a:d1:83:c4:9e:5c:49:a6:
b3:98:29:86:10:bf:da:e1:0f:cf:2e:92:16:b4:d3:
a7:da:85:47:eb:a9:c9:fa:53:b8:8c:e5:33:03:03:
de:da:73:bb:67:af:67:67:16:24:8f:9d:61:ad:2f:
23:15:f6:d9:4e:8d:af:f0:14:f6:a1:bf:f3:4e:fb:
a2:ec:5c:ff:6d:1e:ea:2c:98:b7:05:5e:5b:54:38:
ec:27:fb:4a:67:03:d0:22:19:4f:8e:31:bb:94:cd:
8a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7B:10:84:E2:EE:ED:D7:5C:21:D6:5B:80:CF:66:6B:B4:35:66:96
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/A3sQhOLu7ddcIdZbgM9ma7Q1ZpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.147.0/24
45.43.152.0/24
64.137.54.0/24
64.137.111.0/24
104.222.191.0/24
104.233.56.0/24
104.233.58.0/24
104.238.24.0/24
104.238.28.0/24
104.239.47.0/24
104.239.66.0/24
104.239.74.0/24
104.239.79.0/24
104.239.83.0/24
104.239.89.0/24
104.239.100.0/24
104.239.102.0/24
104.239.109.0/24
104.239.127.0/24
Signature Algorithm: sha256WithRSAEncryption
52:09:d6:f6:93:b5:cf:cb:b7:15:99:14:78:02:e7:5c:d1:e9:
6f:bf:5d:6b:63:45:ec:90:ca:a7:67:43:ec:a8:04:40:02:93:
79:ad:2a:8f:a6:3e:78:fa:d1:69:05:4b:ba:8e:10:1f:cb:b9:
27:40:79:03:15:c2:36:b8:cc:76:3c:ec:01:74:b7:f4:32:a4:
74:fa:ea:d5:cf:48:59:a7:24:b5:f5:11:df:4c:05:7d:ce:1b:
2f:59:a8:69:a4:3e:1b:13:76:8b:b2:df:9c:da:44:f0:1a:e4:
36:52:c3:f3:7b:bb:09:69:bf:c3:21:1f:b5:06:04:7f:1e:9b:
f0:70:4a:52:e5:83:6d:a5:2d:07:f0:70:34:08:54:9a:be:84:
b9:53:16:c4:2d:a6:25:c1:84:90:ff:c3:76:e6:19:78:ee:ef:
a7:2c:fd:04:95:b2:4c:a8:15:12:d8:b7:e6:60:1f:3f:65:c9:
bb:55:f8:06:52:4e:69:09:e9:f7:ed:25:0c:21:9a:9f:a4:73:
80:59:c1:a1:9c:25:b9:16:54:96:4c:b7:6c:2f:b3:7e:cf:35:
41:09:de:52:e4:38:2b:90:62:22:5a:18:06:6f:99:d7:9b:0f:
5f:5e:87:8d:e4:50:0f:c8:e8:91:1c:6c:c6:12:b5:1f:c7:89:
62:91:c2:79
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZWo702pXjKK7aGn7jP5KX9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMzE4MTEwNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzdiMTA4NGUyZWVlZGQ3NWMyMWQ2NWI4MGNmNjY2YmI0MzU2Njk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NewbiAdGkstVlVU/Xm8z+NZScub
r/LV1aYZcURH5i3Yh1xfteZCMC1k9hOZ/PMqw1V09WfV5KdFBJG/umDtF7gkLDZT
SXRD4/YL2pgEqZ/MPA/qildDsuF3dFUAprB3rSavz4bw4zOhCzKYYTGn13KaRrfo
zuHN34PfzjxrCCRhtT0C4ubMCMjh4Nc5XQDkuzGR+aUSvOX1aTxsOtGDxJ5cSaaz
mCmGEL/a4Q/PLpIWtNOn2oVH66nJ+lO4jOUzAwPe2nO7Z69nZxYkj51hrS8jFfbZ
To2v8BT2ob/zTvui7Fz/bR7qLJi3BV5bVDjsJ/tKZwPQIhlPjjG7lM2K4QIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFAN7EITi7u3XXCHWW4DPZmu0NWaWMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvQTNzUWhPTHU3ZGRjSWRaYmdNOW1hN1ExWnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAC0rkwME
AC0rmAMEAECJNgMEAECJbwMEAGjevwMEAGjpOAMEAGjpOgMEAGjuGAMEAGjuHAME
AGjvLwMEAGjvQgMEAGjvSgMEAGjvTwMEAGjvUwMEAGjvWQMEAGjvZAMEAGjvZgME
AGjvbQMEAGjvfzANBgkqhkiG9w0BAQsFAAOCAQEAUgnW9pO1z8u3FZkUeALnXNHp
b79da2NF7JDKp2dD7KgEQAKTea0qj6Y+ePrRaQVLuo4QH8u5J0B5AxXCNrjMdjzs
AXS39DKkdPrq1c9IWacktfUR30wFfc4bL1moaaQ+GxN2i7LfnNpE8BrkNlLD83u7
CWm/wyEftQYEfx6b8HBKUuWDbaUtB/BwNAhUmr6EuVMWxC2mJcGEkP/DduYZeO7v
pyz9BJWyTKgVEti35mAfP2XJu1X4BlJOaQnp9+0lDCGan6RzgFnBoZwluRZUlky3
bC+zfs81QQneUuQ4K5BiIloYBm+Z15sPX16HjeRQD8jokRxsxhK1H8eJYpHCeQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:07:01 2025 by rpki-client