Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/AICfOo0ZyZNZ014R1sAkllQfkTc.roa
File: AICfOo0ZyZNZ014R1sAkllQfkTc.roa (raw, json)
Hash identifier: mejaJlqYbBHndX34Yz3mem6QdV/eYDsvvJUhcYtO2Ms=
Subject key identifier: 00:80:9F:3A:8D:19:C9:93:59:D3:5E:11:D6:C0:24:96:54:1F:91:37
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 0190A18B87E30754D5E5DB89CE4E95149E1F
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/AICfOo0ZyZNZ014R1sAkllQfkTc.roa
Signing time: Thu 11 Jul 2024 11:26:34 +0000
ROA not before: Thu 11 Jul 2024 11:26:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29075
IP address blocks: 45.10.224.0/23 maxlen: 23
45.10.226.0/24 maxlen: 24
45.94.124.0/22 maxlen: 22
45.94.128.0/22 maxlen: 22
85.118.32.0/19 maxlen: 19
91.109.176.0/20 maxlen: 20
128.204.224.0/20 maxlen: 20
141.255.144.0/20 maxlen: 20
178.20.48.0/21 maxlen: 21
185.118.0.0/22 maxlen: 22
185.123.24.0/22 maxlen: 22
185.177.180.0/22 maxlen: 22
188.121.224.0/19 maxlen: 19
212.85.144.0/20 maxlen: 20
2a00:1b88::/32 maxlen: 32
2a02:2178::/29 maxlen: 29
2a02:2178::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a1:8b:87:e3:07:54:d5:e5:db:89:ce:4e:95:14:9e:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jul 11 11:26:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00809f3a8d19c99359d35e11d6c02496541f9137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b8:ff:02:67:9c:99:cd:c7:8d:39:90:c8:85:
72:5b:5c:ae:65:63:83:55:30:e1:70:f6:c2:e6:0a:
f8:a9:9f:5f:c7:61:62:f9:fb:54:1f:c3:fb:db:15:
86:e8:a4:96:fb:6d:9f:12:9a:ad:1b:1f:99:86:2c:
e9:3b:d4:4f:50:5a:8a:77:a0:9c:a8:ff:f0:f3:f1:
cc:1b:91:e3:f7:ca:0c:0a:fb:b1:78:49:bf:83:1f:
da:00:78:88:de:ab:06:f6:ec:4b:40:fd:6f:51:f3:
aa:bc:54:c5:43:5b:c2:2f:9f:a4:a5:df:5d:3e:40:
d0:64:94:ae:b3:b3:c2:7b:20:52:b6:1c:2e:12:55:
82:22:ea:02:58:d1:ec:27:46:3d:d1:12:25:8a:74:
75:db:21:1f:b7:53:3f:31:f0:9a:25:7e:28:00:ca:
98:a0:65:ea:9c:31:30:69:d0:8c:b0:d2:12:91:46:
8f:35:f0:ea:7c:75:a3:f4:19:05:45:76:2b:14:92:
95:0e:ac:2f:c4:6a:40:8d:4a:e7:69:21:1b:47:af:
86:0e:00:56:de:50:b3:f1:1c:96:ee:c1:c1:7a:ba:
71:f4:f6:7c:8c:6b:47:e3:b8:35:ef:35:b1:cd:61:
8e:ff:80:32:7e:6a:0c:d1:db:a4:95:18:d6:ca:c6:
b5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:80:9F:3A:8D:19:C9:93:59:D3:5E:11:D6:C0:24:96:54:1F:91:37
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/AICfOo0ZyZNZ014R1sAkllQfkTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.224.0-45.10.226.255
45.94.124.0-45.94.131.255
85.118.32.0/19
91.109.176.0/20
128.204.224.0/20
141.255.144.0/20
178.20.48.0/21
185.118.0.0/22
185.123.24.0/22
185.177.180.0/22
188.121.224.0/19
212.85.144.0/20
IPv6:
2a00:1b88::/32
2a02:2178::/29
Signature Algorithm: sha256WithRSAEncryption
b0:4f:84:59:eb:bb:eb:5f:96:b1:d7:12:86:2a:15:17:2f:f1:
4a:eb:77:ef:4a:fc:9b:1a:49:0e:82:f8:be:f9:15:0a:9e:c6:
4b:4d:d4:1e:f4:75:04:67:c7:e7:31:55:81:a0:a3:17:ef:bc:
05:98:02:3f:08:a4:55:7b:90:ee:06:73:42:d0:e5:b4:05:c4:
d5:10:9f:fa:47:d1:80:1d:2d:b1:6c:5e:30:38:f8:2a:8b:c2:
02:1d:15:d0:cc:5e:44:2c:29:98:9f:7c:94:6f:4f:c2:f3:38:
6c:c2:e4:99:14:cc:27:13:ff:2c:31:5b:00:49:02:36:d0:18:
0c:50:05:c6:c4:bb:ba:ac:9c:ac:89:a8:b5:55:df:4d:ca:36:
ce:3f:3d:30:e2:c9:bf:96:70:dd:b5:e2:ba:7b:1c:4d:92:15:
d7:c3:4f:0f:6b:ed:56:71:bb:04:26:f9:af:d0:ec:29:c4:65:
3b:fd:4d:cb:de:96:55:f4:fb:8c:c7:76:29:48:d9:1a:16:69:
a1:e8:5e:71:58:cf:74:92:9d:4e:37:00:01:8a:9c:7d:6d:7a:
8e:6f:d0:a6:5f:ff:92:54:e3:bb:3c:0b:4a:77:69:da:5c:06:
e6:b3:18:e0:b8:04:62:a4:84:c9:cd:83:12:50:4f:fc:ba:1b:
df:29:6a:4c
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZChi4fjB1TV5duJzk6VFJ4fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjQwNzExMTEyNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDgwOWYzYThkMTljOTkzNTlkMzVlMTFkNmMwMjQ5NjU0MWY5MTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLj/Amecmc3HjTmQyIVyW1yuZWOD
VTDhcPbC5gr4qZ9fx2Fi+ftUH8P72xWG6KSW+22fEpqtGx+ZhizpO9RPUFqKd6Cc
qP/w8/HMG5Hj98oMCvuxeEm/gx/aAHiI3qsG9uxLQP1vUfOqvFTFQ1vCL5+kpd9d
PkDQZJSus7PCeyBSthwuElWCIuoCWNHsJ0Y90RIlinR12yEft1M/MfCaJX4oAMqY
oGXqnDEwadCMsNISkUaPNfDqfHWj9BkFRXYrFJKVDqwvxGpAjUrnaSEbR6+GDgBW
3lCz8RyW7sHBerpx9PZ8jGtH47g17zWxzWGO/4AyfmoM0duklRjWysa1qQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFACAnzqNGcmTWdNeEdbAJJZUH5E3MB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvQUlDZk9vMFp5Wk5aMDE0UjFzQWtsbFFma1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXgQCAAEwWDAMAwQFLQrg
AwQALQriMAwDBAItXnwDBAItXoADBAVVdiADBARbbbADBASAzOADBASN/5ADBAOy
FDADBAK5dgADBAK5exgDBAK5sbQDBAW8eeADBATUVZAwFAQCAAIwDgMFACoAG4gD
BQMqAiF4MA0GCSqGSIb3DQEBCwUAA4IBAQCwT4RZ67vrX5ax1xKGKhUXL/FK63fv
SvybGkkOgvi++RUKnsZLTdQe9HUEZ8fnMVWBoKMX77wFmAI/CKRVe5DuBnNC0OW0
BcTVEJ/6R9GAHS2xbF4wOPgqi8ICHRXQzF5ELCmYn3yUb0/C8zhswuSZFMwnE/8s
MVsASQI20BgMUAXGxLu6rJysiai1Vd9NyjbOPz0w4sm/lnDdteK6exxNkhXXw08P
a+1WcbsEJvmv0OwpxGU7/U3L3pZV9PuMx3YpSNkaFmmh6F5xWM90kp1ONwABipx9
bXqOb9CmX/+SVOO7PAtKd2naXAbmsxjguARipITJzYMSUE/8uhvfKWpM
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:52:55 2025 by rpki-client