Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/iDdiLh5kCcnVhEcS17XeyUklRpU.roa
File: iDdiLh5kCcnVhEcS17XeyUklRpU.roa (raw, json)
Hash identifier: vH9FgKr3O/PWH1F99+7VS2TIiEwAAU+Q3wu4ESVAvX4=
Subject key identifier: 88:37:62:2E:1E:64:09:C9:D5:84:47:12:D7:B5:DE:C9:49:25:46:95
Certificate issuer: /CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Certificate serial: 019423D804D63CECF96CCEA56957127D5403
Authority key identifier: C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/iDdiLh5kCcnVhEcS17XeyUklRpU.roa
Signing time: Wed 01 Jan 2025 21:49:07 +0000
ROA not before: Wed 01 Jan 2025 21:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200845
IP address blocks: 45.85.180.0/22 maxlen: 22
185.227.216.0/24 maxlen: 24
185.227.217.0/24 maxlen: 24
185.227.218.0/24 maxlen: 24
185.240.165.0/24 maxlen: 24
185.240.166.0/24 maxlen: 24
185.240.167.0/24 maxlen: 24
194.30.161.0/24 maxlen: 24
194.30.165.0/24 maxlen: 24
194.30.183.0/24 maxlen: 24
194.31.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d8:04:d6:3c:ec:f9:6c:ce:a5:69:57:12:7d:54:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Validity
Not Before: Jan 1 21:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8837622e1e6409c9d5844712d7b5dec949254695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:90:98:57:4e:54:09:22:1d:46:45:1c:99:db:
fb:fe:13:8d:db:77:a8:5f:92:fc:49:25:ae:62:1b:
c2:ba:8b:86:ef:20:4f:8a:ce:dd:e8:14:0b:b3:4d:
45:63:49:3d:47:7d:44:ed:85:40:b2:86:39:2e:d1:
8c:b6:9f:e7:a8:1c:5e:b4:b7:ff:a9:da:b6:b1:9b:
4a:21:19:2f:9f:f4:59:b9:52:99:19:51:5f:f4:3b:
a5:78:06:3e:aa:b7:b8:c5:7b:14:68:7d:c4:59:50:
3b:86:27:7b:ec:a5:9c:b1:11:ac:e4:5f:e2:4e:0a:
27:b8:98:6e:39:e4:f9:e7:e1:71:63:41:af:e1:96:
f7:8d:f0:b1:92:4d:e9:c2:fd:4c:df:c9:6d:2f:67:
6f:ff:63:40:a3:b6:1a:26:e2:66:c1:8e:70:39:87:
09:bc:bb:69:7b:a2:b4:de:94:8b:4d:76:0d:95:7e:
65:14:32:63:13:27:18:65:7e:7a:bd:fe:e9:2a:d5:
94:80:00:81:d8:1a:64:ff:da:d3:9e:ac:0f:11:fe:
c2:66:31:c2:33:81:27:8c:30:26:65:6d:04:5a:fe:
7f:7f:e1:a1:cf:5f:b7:a4:10:60:6d:8f:29:2b:8e:
ca:df:c0:c3:17:6d:07:ac:83:3e:af:2d:46:5d:cb:
0d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:37:62:2E:1E:64:09:C9:D5:84:47:12:D7:B5:DE:C9:49:25:46:95
X509v3 Authority Key Identifier:
keyid:C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/iDdiLh5kCcnVhEcS17XeyUklRpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.180.0/22
185.227.216.0-185.227.218.255
185.240.165.0-185.240.167.255
194.30.161.0/24
194.30.165.0/24
194.30.183.0/24
194.31.1.0/24
Signature Algorithm: sha256WithRSAEncryption
83:4c:0f:1d:4e:8a:21:17:3d:5b:a6:59:5a:b9:27:5c:af:19:
db:3d:33:00:d6:af:76:6e:81:f6:00:32:fc:8c:b8:cd:10:c4:
38:19:fa:b0:2d:f5:95:d3:66:4a:93:ff:25:f1:5d:bf:91:de:
9d:f2:8f:1b:8e:4c:0d:79:da:2c:9b:36:e8:4b:14:b3:80:7c:
6b:3c:82:2d:6f:21:1d:9d:65:8d:10:e9:29:b6:fc:da:4a:25:
a7:a3:e1:6a:2a:c2:55:9c:93:45:75:8d:46:f5:63:b3:d7:68:
83:41:92:67:9d:56:93:06:93:fb:b2:40:58:9f:77:82:2f:46:
d0:77:ce:91:b4:fc:7f:e1:6d:c7:5b:9a:a7:c7:cc:86:d3:47:
8e:b9:81:d7:5b:f1:32:b0:98:70:9b:aa:77:fe:21:88:5a:6e:
94:23:8e:e1:60:0c:b0:7e:16:d3:c5:7d:a4:f5:ec:92:b1:11:
99:b6:f3:92:69:b8:ee:64:df:a5:dc:90:20:ca:88:a5:95:2e:
83:b0:87:47:8a:1b:a3:62:9b:56:1d:4c:e3:c3:e4:34:be:54:
09:ee:b9:88:e8:4b:e0:3d:55:5c:68:73:0f:a3:3b:55:ea:a9:
b3:63:9a:71:ff:87:99:41:fa:5f:ac:05:17:90:8b:67:9c:8a:
8f:af:cb:4e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQj2ATWPOz5bM6laVcSfVQDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZTU0OWZkY2VlYjAyOTEyYzhhODc0MWM4MTY4MDZiYmUx
OWM0NDgwHhcNMjUwMTAxMjE0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODM3NjIyZTFlNjQwOWM5ZDU4NDQ3MTJkN2I1ZGVjOTQ5MjU0Njk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZCYV05UCSIdRkUcmdv7/hON23eo
X5L8SSWuYhvCuouG7yBPis7d6BQLs01FY0k9R31E7YVAsoY5LtGMtp/nqBxetLf/
qdq2sZtKIRkvn/RZuVKZGVFf9DuleAY+qre4xXsUaH3EWVA7hid77KWcsRGs5F/i
TgonuJhuOeT55+FxY0Gv4Zb3jfCxkk3pwv1M38ltL2dv/2NAo7YaJuJmwY5wOYcJ
vLtpe6K03pSLTXYNlX5lFDJjEycYZX56vf7pKtWUgACB2Bpk/9rTnqwPEf7CZjHC
M4EnjDAmZW0EWv5/f+Ghz1+3pBBgbY8pK47K38DDF20HrIM+ry1GXcsNGQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFIg3Yi4eZAnJ1YRHEte13slJJUaVMB8GA1UdIwQY
MBaAFMDlSf3O6wKRLIqHQcgWgGu+GcRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMt
YWQyZmRhNDc5ODhlLzEvaURkaUxoNWtDY25WaEVjUzE3WGV5VWtsUnBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMtYWQyZmRhNDc5ODhl
LzEvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQCLVW0MAwD
BAO549gDBAC549owDAMEALnwpQMEA7nwoAMEAMIeoQMEAMIepQMEAMIetwMEAMIf
ATANBgkqhkiG9w0BAQsFAAOCAQEAg0wPHU6KIRc9W6ZZWrknXK8Z2z0zANavdm6B
9gAy/Iy4zRDEOBn6sC31ldNmSpP/JfFdv5HenfKPG45MDXnaLJs26EsUs4B8azyC
LW8hHZ1ljRDpKbb82kolp6PhairCVZyTRXWNRvVjs9dog0GSZ51WkwaT+7JAWJ93
gi9G0HfOkbT8f+Ftx1uap8fMhtNHjrmB11vxMrCYcJuqd/4hiFpulCOO4WAMsH4W
08V9pPXskrERmbbzkmm47mTfpdyQIMqIpZUug7CHR4obo2KbVh1M48PkNL5UCe65
iOhL4D1VXGhzD6M7Veqps2Oacf+HmUH6X6wFF5CLZ5yKj6/LTg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:24 2025 by rpki-client