Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/IBcrQV3Tt8YSA-XQBHFBDTdB5eY.roa
File: IBcrQV3Tt8YSA-XQBHFBDTdB5eY.roa (raw, json)
Hash identifier: Xm8OwW8fqybxpg0qV+RfRWFgdtf/8+NPsHoKgHyUgjg=
Subject key identifier: 20:17:2B:41:5D:D3:B7:C6:12:03:E5:D0:04:71:41:0D:37:41:E5:E6
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0195C9239FB2F2307DB89354DB183FB9D4AC
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/IBcrQV3Tt8YSA-XQBHFBDTdB5eY.roa
Signing time: Mon 24 Mar 2025 17:11:49 +0000
ROA not before: Mon 24 Mar 2025 17:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207044
IP address blocks: 45.89.44.0/22 maxlen: 24
66.56.88.0/21 maxlen: 24
155.2.196.0/22 maxlen: 24
155.2.200.0/21 maxlen: 24
185.145.80.0/22 maxlen: 24
185.243.140.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:23:9f:b2:f2:30:7d:b8:93:54:db:18:3f:b9:d4:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 24 17:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20172b415dd3b7c61203e5d00471410d3741e5e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:eb:f3:54:1a:cb:2a:24:32:ba:4f:c1:98:de:
4f:aa:17:44:8b:f7:17:ca:50:a6:de:d9:0d:a7:c6:
f7:4c:ba:1a:7f:fa:91:c9:16:8f:22:a5:4b:2d:54:
5c:b2:13:58:b0:f4:04:79:49:26:1e:48:e4:30:b6:
8f:31:5b:ae:c8:49:1b:0f:72:6b:d5:78:0d:d9:fa:
c1:99:5b:c4:b1:b8:cc:9e:95:fa:82:77:7d:2f:7e:
7b:6b:2a:c2:bd:84:c5:d4:f5:01:ff:56:70:5a:a7:
31:77:31:b5:1c:61:a5:90:34:a6:67:82:0b:06:0f:
04:08:70:ff:59:28:88:e3:73:44:30:ec:38:de:93:
e7:03:28:9c:01:21:d7:70:b8:07:b7:2f:95:90:2c:
f7:e6:d6:05:09:2c:29:37:ac:73:78:58:28:ab:dc:
b1:c0:f6:1e:b3:4c:dc:44:c2:ef:3a:88:6f:61:52:
c7:8b:80:53:02:14:24:31:99:99:dc:68:5c:4a:7b:
1c:e8:75:b0:7a:8a:0d:2f:a1:7e:b0:cf:6f:14:73:
5b:83:28:ac:1b:e8:c0:5e:ea:6c:73:9f:7f:02:12:
4b:10:53:4c:c1:ee:fe:21:76:da:66:37:20:ac:95:
47:c9:79:7e:8f:df:8d:2b:b8:c4:06:9e:9a:73:57:
40:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:17:2B:41:5D:D3:B7:C6:12:03:E5:D0:04:71:41:0D:37:41:E5:E6
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/IBcrQV3Tt8YSA-XQBHFBDTdB5eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.44.0/22
66.56.88.0/21
155.2.196.0-155.2.207.255
185.145.80.0/22
185.243.140.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:05:4f:a7:02:cd:3e:70:c5:57:13:0d:1d:05:cc:76:03:f3:
48:fc:5f:53:75:4d:78:4b:1a:8f:3c:97:84:e1:04:80:18:33:
d0:c0:26:cd:47:82:96:11:7b:17:18:f2:4d:5f:76:b3:d1:f9:
44:78:c8:ba:5d:cd:82:aa:23:41:b0:13:5f:a1:f5:38:4b:be:
c6:d8:47:16:0c:20:58:e4:92:92:19:93:f1:d5:6e:ff:83:c4:
24:61:53:12:c9:9d:5e:1e:21:1b:d9:30:d1:3f:16:a8:17:ea:
99:cf:af:bf:c9:4a:8c:b9:f4:76:12:ce:de:5e:73:dd:b2:b5:
25:26:8d:3d:ad:bb:72:a0:dc:1a:88:e3:98:49:75:0d:7a:f7:
cd:40:1f:7c:a9:a2:dd:14:0a:35:8e:ab:26:1d:92:21:37:c7:
2f:e1:93:cc:7b:5e:aa:7b:bb:89:37:12:b5:ab:ba:76:c6:ce:
3e:0f:c0:58:9d:80:06:38:e8:c3:6c:14:5e:60:00:60:ff:7b:
3f:78:b3:dc:28:ef:3a:af:14:bb:0c:2b:4a:4f:b8:55:d0:6a:
db:54:75:7a:12:06:ce:04:96:90:ff:8d:bd:c6:d9:cd:58:59:
c2:dd:c7:ef:48:ac:bc:71:51:58:2a:39:d4:e9:95:b4:c8:56:
58:92:3d:a7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZXJI5+y8jB9uJNU2xg/udSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMzI0MTcxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDE3MmI0MTVkZDNiN2M2MTIwM2U1ZDAwNDcxNDEwZDM3NDFlNWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOvzVBrLKiQyuk/BmN5PqhdEi/cX
ylCm3tkNp8b3TLoaf/qRyRaPIqVLLVRcshNYsPQEeUkmHkjkMLaPMVuuyEkbD3Jr
1XgN2frBmVvEsbjMnpX6gnd9L357ayrCvYTF1PUB/1ZwWqcxdzG1HGGlkDSmZ4IL
Bg8ECHD/WSiI43NEMOw43pPnAyicASHXcLgHty+VkCz35tYFCSwpN6xzeFgoq9yx
wPYes0zcRMLvOohvYVLHi4BTAhQkMZmZ3GhcSnsc6HWweooNL6F+sM9vFHNbgyis
G+jAXupsc59/AhJLEFNMwe7+IXbaZjcgrJVHyXl+j9+NK7jEBp6ac1dAqwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCAXK0Fd07fGEgPl0ARxQQ03QeXmMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvSUJjclFWM1R0OFlTQS1YUUJIRkJEVGRCNWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCLVksAwQD
QjhYMAwDBAKbAsQDBASbAsADBAK5kVADBAK584wwDQYJKoZIhvcNAQELBQADggEB
AH8FT6cCzT5wxVcTDR0FzHYD80j8X1N1TXhLGo88l4ThBIAYM9DAJs1HgpYRexcY
8k1fdrPR+UR4yLpdzYKqI0GwE1+h9ThLvsbYRxYMIFjkkpIZk/HVbv+DxCRhUxLJ
nV4eIRvZMNE/FqgX6pnPr7/JSoy59HYSzt5ec92ytSUmjT2tu3Kg3BqI45hJdQ16
981AH3ypot0UCjWOqyYdkiE3xy/hk8x7Xqp7u4k3ErWrunbGzj4PwFidgAY46MNs
FF5gAGD/ez94s9wo7zqvFLsMK0pPuFXQattUdXoSBs4ElpD/jb3G2c1YWcLdx+9I
rLxxUVgqOdTplbTIVliSPac=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:23:13 2025 by rpki-client