Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/H53oYlOHU9ebmihjdJgHEfOknww.roa
File: H53oYlOHU9ebmihjdJgHEfOknww.roa (raw, json)
Hash identifier: EJl3T7XYUNPe9KAKj0meY6HrpYNP1WZtTzuD1O8laTg=
Subject key identifier: 1F:9D:E8:62:53:87:53:D7:9B:9A:28:63:74:98:07:11:F3:A4:9F:0C
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD32E9D69247F99AF137F5DFB12B1B
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/H53oYlOHU9ebmihjdJgHEfOknww.roa
Signing time: Thu 02 Jan 2025 07:48:58 +0000
ROA not before: Thu 02 Jan 2025 07:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398465
IP address blocks: 45.43.172.0/22 maxlen: 22
64.137.29.0/24 maxlen: 24
64.137.39.0/24 maxlen: 24
64.137.44.0/24 maxlen: 24
64.137.45.0/24 maxlen: 24
64.137.46.0/24 maxlen: 24
64.137.72.0/24 maxlen: 24
64.137.85.0/24 maxlen: 24
64.137.114.0/24 maxlen: 24
64.137.116.0/24 maxlen: 24
64.137.125.0/24 maxlen: 24
84.246.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:32:e9:d6:92:47:f9:9a:f1:37:f5:df:b1:2b:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f9de862538753d79b9a286374980711f3a49f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cc:c0:9e:a3:1e:d3:04:53:f2:42:aa:16:3c:
c1:04:9c:91:0d:e5:84:bb:15:61:d6:a9:69:e4:ee:
63:33:33:4d:db:9d:c2:23:0b:8a:d9:15:d9:e9:6c:
a9:66:98:b7:81:01:eb:0b:12:5c:ef:57:d7:b8:fb:
46:4f:11:99:cd:2d:82:97:11:87:1a:5c:f7:ff:ef:
f2:13:60:5c:0e:50:05:4b:6b:ee:cf:d5:4a:7f:be:
6a:23:6e:a9:45:97:7f:c7:38:05:c5:1a:87:45:68:
d8:29:5d:6e:8e:54:e7:3d:15:ea:69:94:87:fa:a3:
93:3d:90:88:36:0f:5b:30:ec:75:95:a4:49:ff:bf:
83:22:da:58:14:20:0d:c2:97:64:4d:11:e6:52:e8:
36:ca:aa:ef:ee:94:19:81:1d:35:85:8e:cd:86:fd:
51:10:a0:b3:65:93:f9:3a:ee:53:01:8b:b3:ac:67:
e3:57:f9:fc:cc:2c:72:23:cb:fe:51:3d:c0:b6:c7:
9a:21:1a:d1:f3:f0:e7:81:6f:2e:75:af:da:24:73:
87:72:a9:3c:c0:e4:28:b3:7d:2c:e2:d2:6d:37:8c:
c8:15:e9:32:41:6b:f1:e1:49:30:06:7d:b7:6c:14:
d2:0e:f5:c3:5f:2b:8c:01:30:eb:a3:b3:43:f1:40:
0a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:9D:E8:62:53:87:53:D7:9B:9A:28:63:74:98:07:11:F3:A4:9F:0C
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/H53oYlOHU9ebmihjdJgHEfOknww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.172.0/22
64.137.29.0/24
64.137.39.0/24
64.137.44.0-64.137.46.255
64.137.72.0/24
64.137.85.0/24
64.137.114.0/24
64.137.116.0/24
64.137.125.0/24
84.246.108.0/24
Signature Algorithm: sha256WithRSAEncryption
75:c9:e1:da:9e:c6:d9:f5:9c:93:e8:52:24:4f:05:56:be:f9:
11:89:15:6c:e0:9a:6f:b2:c0:78:64:c3:eb:bc:3c:cf:85:74:
94:b4:a4:4d:4d:5a:64:1c:a5:6c:e8:62:72:4b:0c:68:4b:d7:
1e:54:c0:ca:a4:0e:54:b7:76:91:92:13:f8:a9:ca:e6:d7:4d:
34:96:ab:3b:9a:00:02:72:68:38:5d:29:88:b0:6c:f0:c9:e2:
0e:6a:8c:d1:90:38:52:b4:8c:26:b3:32:bc:16:4e:db:cb:ef:
48:a3:4b:76:6a:da:69:97:57:65:81:60:1e:34:b8:de:ab:37:
a6:be:2b:4b:5b:1e:e1:51:92:12:f9:50:42:30:32:10:96:93:
77:47:4f:e2:34:2d:0b:b5:76:9d:2a:cc:14:36:1b:29:13:ba:
9b:38:e5:41:58:05:78:c3:7b:ec:fa:94:f1:4f:2d:02:d3:be:
45:1e:35:8e:19:0a:de:c0:2e:4c:bd:d9:83:81:10:81:39:1a:
b5:0b:57:de:82:e7:b5:d9:59:72:f9:8b:b4:01:b4:56:d4:dc:
c5:ca:cc:18:1f:1b:e6:6b:a0:f0:37:14:f9:19:84:e6:6d:4e:
e9:e8:f4:0a:fb:59:66:42:1c:54:78:71:a0:63:99:89:c2:34:
f8:3a:8e:5f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQl/TLp1pJH+ZrxN/XfsSsbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjlkZTg2MjUzODc1M2Q3OWI5YTI4NjM3NDk4MDcxMWYzYTQ5ZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMzAnqMe0wRT8kKqFjzBBJyRDeWE
uxVh1qlp5O5jMzNN253CIwuK2RXZ6WypZpi3gQHrCxJc71fXuPtGTxGZzS2ClxGH
Glz3/+/yE2BcDlAFS2vuz9VKf75qI26pRZd/xzgFxRqHRWjYKV1ujlTnPRXqaZSH
+qOTPZCINg9bMOx1laRJ/7+DItpYFCANwpdkTRHmUug2yqrv7pQZgR01hY7Nhv1R
EKCzZZP5Ou5TAYuzrGfjV/n8zCxyI8v+UT3AtseaIRrR8/DngW8uda/aJHOHcqk8
wOQos30s4tJtN4zIFekyQWvx4UkwBn23bBTSDvXDXyuMATDro7ND8UAKhwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFB+d6GJTh1PXm5ooY3SYBxHzpJ8MMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSDUzb1lsT0hVOWVibWloamRKZ0hFZk9rbnd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCLSusAwQA
QIkdAwQAQIknMAwDBAJAiSwDBABAiS4DBABAiUgDBABAiVUDBABAiXIDBABAiXQD
BABAiX0DBABU9mwwDQYJKoZIhvcNAQELBQADggEBAHXJ4dqextn1nJPoUiRPBVa+
+RGJFWzgmm+ywHhkw+u8PM+FdJS0pE1NWmQcpWzoYnJLDGhL1x5UwMqkDlS3dpGS
E/ipyubXTTSWqzuaAAJyaDhdKYiwbPDJ4g5qjNGQOFK0jCazMrwWTtvL70ijS3Zq
2mmXV2WBYB40uN6rN6a+K0tbHuFRkhL5UEIwMhCWk3dHT+I0LQu1dp0qzBQ2GykT
ups45UFYBXjDe+z6lPFPLQLTvkUeNY4ZCt7ALky92YOBEIE5GrULV96C57XZWXL5
i7QBtFbU3MXKzBgfG+ZroPA3FPkZhOZtTuno9Ar7WWZCHFR4caBjmYnCNPg6jl8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:02 2025 by rpki-client