Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/UnCcsT72IxAT_A7pPL3SizxwgN4.roa
File: UnCcsT72IxAT_A7pPL3SizxwgN4.roa (raw, json)
Hash identifier: c7dhvZVWkHenODhaz4yGW2E9vwoS+Yy4F3XRITR7veQ=
Subject key identifier: 52:70:9C:B1:3E:F6:23:10:13:FC:0E:E9:3C:BD:D2:8B:3C:70:80:DE
Certificate issuer: /CN=7b75d372039b1ab2d416ad83bf6914058411c2a2
Certificate serial: 019428270C3DE06818E4002650D15C2989B2
Authority key identifier: 7B:75:D3:72:03:9B:1A:B2:D4:16:AD:83:BF:69:14:05:84:11:C2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e3XTcgObGrLUFq2Dv2kUBYQRwqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/UnCcsT72IxAT_A7pPL3SizxwgN4.roa
Signing time: Thu 02 Jan 2025 17:53:55 +0000
ROA not before: Thu 02 Jan 2025 17:53:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49099
IP address blocks: 45.156.200.0/22 maxlen: 22
45.156.200.0/23 maxlen: 23
45.156.200.0/24 maxlen: 24
45.156.201.0/24 maxlen: 24
45.156.202.0/23 maxlen: 23
45.156.202.0/24 maxlen: 24
45.156.203.0/24 maxlen: 24
109.94.166.0/23 maxlen: 23
109.94.166.0/24 maxlen: 24
109.94.167.0/24 maxlen: 24
193.34.244.0/23 maxlen: 23
193.34.244.0/24 maxlen: 24
193.34.245.0/24 maxlen: 24
193.34.246.0/24 maxlen: 24
193.34.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:0c:3d:e0:68:18:e4:00:26:50:d1:5c:29:89:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b75d372039b1ab2d416ad83bf6914058411c2a2
Validity
Not Before: Jan 2 17:53:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52709cb13ef6231013fc0ee93cbdd28b3c7080de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:da:7f:5f:4f:ad:a5:f0:d7:69:d0:6f:f9:de:
26:88:a0:75:67:26:57:57:75:2d:30:34:10:92:da:
96:3b:83:f6:57:0d:bd:74:7a:23:20:32:90:61:13:
34:40:02:2d:eb:90:44:63:5c:9d:28:99:d7:49:4e:
03:16:c8:39:c7:84:29:f5:a5:75:31:b7:a4:88:a5:
64:08:34:37:34:5a:10:4b:42:90:f2:3f:bb:2b:3e:
3f:b1:2d:88:2c:d4:1e:3b:db:bc:76:f8:83:4b:36:
f4:3a:a8:26:25:e4:55:0d:0a:ec:5a:48:68:97:e4:
bc:c0:b6:0d:0f:f3:cf:75:02:8c:47:db:6e:f4:f0:
db:b2:7e:dc:89:3f:55:6e:fc:73:b4:96:4c:31:b3:
84:2b:6d:2a:2b:6b:d6:e9:33:a7:df:e5:03:09:f7:
9b:58:c4:33:0b:b1:e7:95:31:c8:50:7d:6f:54:1c:
18:37:ef:e5:6d:10:dc:c5:63:db:d9:df:22:1f:a7:
a1:72:d3:e0:7d:71:ad:36:d2:f9:1c:f6:fb:6f:a7:
f9:2a:04:84:c7:9e:97:5f:17:39:88:73:08:2b:33:
f7:22:d9:af:c2:f6:8f:d7:c7:00:87:71:08:0f:6e:
66:da:91:63:63:89:dd:ec:76:d9:37:a2:91:95:28:
19:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:70:9C:B1:3E:F6:23:10:13:FC:0E:E9:3C:BD:D2:8B:3C:70:80:DE
X509v3 Authority Key Identifier:
keyid:7B:75:D3:72:03:9B:1A:B2:D4:16:AD:83:BF:69:14:05:84:11:C2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3XTcgObGrLUFq2Dv2kUBYQRwqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/UnCcsT72IxAT_A7pPL3SizxwgN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/e3XTcgObGrLUFq2Dv2kUBYQRwqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.200.0/22
109.94.166.0/23
193.34.244.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:bb:fb:36:74:84:44:7c:29:52:36:85:05:25:4a:71:10:f2:
3f:7b:01:a2:0b:94:78:2e:02:a9:cd:39:a9:28:17:c2:a0:3f:
84:b2:9f:39:ef:35:71:60:55:0f:f8:7e:96:16:a1:41:93:2c:
2a:65:7e:9d:27:5c:45:b5:2f:51:37:37:7d:54:cf:6a:5c:8c:
5d:82:c0:d4:c6:a8:94:ff:aa:dd:1d:a6:c6:24:54:30:49:13:
05:c1:c9:1a:45:b9:57:a2:2a:5d:6e:5c:48:05:52:f2:50:db:
04:41:64:5f:86:51:2c:54:0a:a9:1a:68:40:f6:3d:74:ea:48:
28:02:cd:67:c1:95:86:1e:21:fb:2f:f7:02:ee:ba:de:99:3f:
cb:5f:7c:4b:a1:48:e9:02:e1:d9:2a:c7:6b:1d:5c:44:57:f7:
27:f1:77:91:da:ad:26:15:ad:5e:6d:4b:6e:15:5f:a9:e1:e0:
e7:cf:49:30:fb:ba:09:29:d4:46:f3:4a:05:90:e0:de:93:81:
c1:77:9d:55:b2:b7:32:ac:da:41:63:cc:e6:a6:80:3b:88:63:
3a:9e:97:89:ce:eb:39:2a:ab:09:2b:86:bb:b6:12:af:62:bc:
10:89:67:e4:0c:dd:3f:de:c9:41:82:d8:43:ed:6c:de:22:6d:
0f:16:49:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJww94GgY5AAmUNFcKYmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNzVkMzcyMDM5YjFhYjJkNDE2YWQ4M2JmNjkxNDA1ODQx
MWMyYTIwHhcNMjUwMTAyMTc1MzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjcwOWNiMTNlZjYyMzEwMTNmYzBlZTkzY2JkZDI4YjNjNzA4MGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9p/X0+tpfDXadBv+d4miKB1ZyZX
V3UtMDQQktqWO4P2Vw29dHojIDKQYRM0QAIt65BEY1ydKJnXSU4DFsg5x4Qp9aV1
MbekiKVkCDQ3NFoQS0KQ8j+7Kz4/sS2ILNQeO9u8dviDSzb0OqgmJeRVDQrsWkho
l+S8wLYND/PPdQKMR9tu9PDbsn7ciT9VbvxztJZMMbOEK20qK2vW6TOn3+UDCfeb
WMQzC7HnlTHIUH1vVBwYN+/lbRDcxWPb2d8iH6ehctPgfXGtNtL5HPb7b6f5KgSE
x56XXxc5iHMIKzP3ItmvwvaP18cAh3EID25m2pFjY4nd7HbZN6KRlSgZAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFJwnLE+9iMQE/wO6Ty90os8cIDeMB8GA1UdIwQY
MBaAFHt103IDmxqy1Batg79pFAWEEcKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTNYVGNnT2JHckxVRnEyRHYya1VCWVFSd3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85NTZlN2QtNmI5My00MmZiLTk5M2Yt
NmIwMDM4ODc1YTE0LzEvVW5DY3NUNzJJeEFUX0E3cFBMM1Npenh3Z040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85NTZlN2QtNmI5My00MmZiLTk5M2YtNmIwMDM4ODc1YTE0
LzEvZTNYVGNnT2JHckxVRnEyRHYya1VCWVFSd3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZzIAwQB
bV6mAwQCwSL0MA0GCSqGSIb3DQEBCwUAA4IBAQC1u/s2dIREfClSNoUFJUpxEPI/
ewGiC5R4LgKpzTmpKBfCoD+Esp857zVxYFUP+H6WFqFBkywqZX6dJ1xFtS9RNzd9
VM9qXIxdgsDUxqiU/6rdHabGJFQwSRMFwckaRblXoipdblxIBVLyUNsEQWRfhlEs
VAqpGmhA9j106kgoAs1nwZWGHiH7L/cC7rremT/LX3xLoUjpAuHZKsdrHVxEV/cn
8XeR2q0mFa1ebUtuFV+p4eDnz0kw+7oJKdRG80oFkODek4HBd51VsrcyrNpBY8zm
poA7iGM6npeJzus5KqsJK4a7thKvYrwQiWfkDN0/3slBgthD7WzeIm0PFklL
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:14 2025 by rpki-client