Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/C-JYvDSVCc5Zd_4Sd7FiFR4ridU.roa
File: C-JYvDSVCc5Zd_4Sd7FiFR4ridU.roa (raw, json)
Hash identifier: Fud1edK7T1C6PqdOPqDnlVWq4JxXY+eiVXIDYHC1t50=
Subject key identifier: 0B:E2:58:BC:34:95:09:CE:59:77:FE:12:77:B1:62:15:1E:2B:89:D5
Certificate issuer: /CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
Certificate serial: 019428232CA03CE1C81B6757AC8350355E50
Authority key identifier: 5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/C-JYvDSVCc5Zd_4Sd7FiFR4ridU.roa
Signing time: Thu 02 Jan 2025 17:49:41 +0000
ROA not before: Thu 02 Jan 2025 17:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48362
IP address blocks: 45.152.52.0/22 maxlen: 24
86.111.44.0/22 maxlen: 24
91.195.116.0/23 maxlen: 24
94.199.168.0/21 maxlen: 21
185.31.212.0/22 maxlen: 22
185.252.36.0/22 maxlen: 22
2a02:1688::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:2c:a0:3c:e1:c8:1b:67:57:ac:83:50:35:5e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
Validity
Not Before: Jan 2 17:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0be258bc349509ce5977fe1277b162151e2b89d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:86:ea:c8:1a:55:51:a9:73:d6:bd:ed:dd:2d:
d1:2c:36:d2:a6:06:42:c2:80:c4:fc:5c:f3:a6:83:
d4:a3:f5:24:27:3f:e2:d1:42:31:88:0b:32:7f:5b:
97:99:77:7b:c2:1b:b1:29:a5:2d:f4:f2:07:b4:e5:
3a:72:12:db:dd:8b:61:87:a7:9a:02:59:a9:43:93:
54:76:a7:7e:98:af:5a:6a:1f:53:30:7e:36:68:eb:
b8:fc:ad:6b:d0:eb:09:18:14:02:5a:3c:81:fe:be:
77:71:36:6c:43:e2:96:03:0d:2d:b1:15:9b:8a:7a:
58:02:cd:43:83:5a:c5:af:01:ad:16:a0:ac:17:6e:
f8:6d:c8:80:00:6a:4b:2b:20:3b:7c:5e:f4:ed:5b:
4c:a6:a5:8f:04:d8:a1:5f:5e:f7:8d:15:65:6c:7e:
0f:90:55:b0:d0:79:70:48:4d:98:39:ab:a2:52:f3:
84:14:3a:a7:53:48:cc:38:51:b8:3a:cf:b7:ea:a1:
99:3b:2c:57:88:e3:12:ae:fb:cc:d1:2b:23:f1:37:
c3:c4:7b:a7:ef:fd:82:68:be:53:d7:77:72:73:03:
e4:05:83:65:e2:c0:3c:b6:77:d7:31:ef:b7:47:8d:
85:71:eb:7c:0e:e5:6b:9d:f2:cd:56:61:2b:9c:81:
02:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E2:58:BC:34:95:09:CE:59:77:FE:12:77:B1:62:15:1E:2B:89:D5
X509v3 Authority Key Identifier:
keyid:5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/C-JYvDSVCc5Zd_4Sd7FiFR4ridU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.52.0/22
86.111.44.0/22
91.195.116.0/23
94.199.168.0/21
185.31.212.0/22
185.252.36.0/22
IPv6:
2a02:1688::/32
Signature Algorithm: sha256WithRSAEncryption
1a:1f:1b:2d:26:ce:57:20:76:8b:e6:71:a2:66:ad:39:3d:44:
aa:83:b2:67:bc:06:8f:e4:6d:76:00:40:f2:9a:4c:e9:53:f3:
7d:c9:c3:bc:05:03:21:eb:39:75:11:4c:57:27:e7:72:0b:b7:
f3:d9:55:36:1c:12:39:eb:92:41:34:37:52:44:b1:8d:ec:ab:
d2:66:7d:30:73:c7:c1:43:21:7e:93:fb:07:7e:c9:53:d4:22:
f0:77:b4:87:4a:5f:7e:97:7a:e7:79:77:c4:a0:9f:e1:09:0e:
73:a8:a1:26:30:cd:de:06:47:51:15:f2:7a:bb:0e:95:02:b1:
2b:05:03:af:c0:8a:b3:ac:40:c4:11:2d:f8:88:74:9d:41:ac:
fb:cf:44:37:5c:36:74:a6:59:b5:0e:d3:f2:e7:87:81:cd:76:
74:a3:cb:38:fc:49:ff:0c:ee:91:8f:cd:7f:da:a1:7a:3a:a2:
be:5c:be:25:2f:95:d2:7e:ed:a9:a9:2a:c5:b1:e3:05:47:de:
e8:57:5c:4a:ec:a3:e5:3c:b7:bd:fd:06:8f:59:4b:90:8f:28:
47:63:ed:23:32:74:fc:c5:d2:58:66:f6:b8:c8:2f:d6:4c:bb:
f5:02:ae:62:c5:7f:22:a6:66:eb:0d:e7:c8:ae:1e:8e:07:5c:
c6:ef:bc:af
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQoIyygPOHIG2dXrINQNV5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODFkMWZmNDViMTU0N2MwMGE4NGI0NmVmOTllY2EyZGZi
ZDQ1YmMwHhcNMjUwMTAyMTc0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmUyNThiYzM0OTUwOWNlNTk3N2ZlMTI3N2IxNjIxNTFlMmI4OWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4bqyBpVUalz1r3t3S3RLDbSpgZC
woDE/FzzpoPUo/UkJz/i0UIxiAsyf1uXmXd7whuxKaUt9PIHtOU6chLb3Ythh6ea
AlmpQ5NUdqd+mK9aah9TMH42aOu4/K1r0OsJGBQCWjyB/r53cTZsQ+KWAw0tsRWb
inpYAs1Dg1rFrwGtFqCsF274bciAAGpLKyA7fF707VtMpqWPBNihX173jRVlbH4P
kFWw0HlwSE2YOauiUvOEFDqnU0jMOFG4Os+36qGZOyxXiOMSrvvM0Ssj8TfDxHun
7/2CaL5T13dycwPkBYNl4sA8tnfXMe+3R42Fcet8DuVrnfLNVmErnIECkwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAviWLw0lQnOWXf+EnexYhUeK4nVMB8GA1UdIwQY
MBaAFF2B0f9FsVR8AKhLRu+Z7KLfvUW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUt
ZWU4MGEyZDI5NTJkLzEvQy1KWXZEU1ZDYzVaZF80U2Q3RmlGUjRyaWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUtZWU4MGEyZDI5NTJk
LzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZg0AwQC
Vm8sAwQBW8N0AwQDXseoAwQCuR/UAwQCufwkMA0EAgACMAcDBQAqAhaIMA0GCSqG
SIb3DQEBCwUAA4IBAQAaHxstJs5XIHaL5nGiZq05PUSqg7JnvAaP5G12AEDymkzp
U/N9ycO8BQMh6zl1EUxXJ+dyC7fz2VU2HBI565JBNDdSRLGN7KvSZn0wc8fBQyF+
k/sHfslT1CLwd7SHSl9+l3rneXfEoJ/hCQ5zqKEmMM3eBkdRFfJ6uw6VArErBQOv
wIqzrEDEES34iHSdQaz7z0Q3XDZ0plm1DtPy54eBzXZ0o8s4/En/DO6Rj81/2qF6
OqK+XL4lL5XSfu2pqSrFseMFR97oV1xK7KPlPLe9/QaPWUuQjyhHY+0jMnT8xdJY
Zva4yC/WTLv1Aq5ixX8ipmbrDefIrh6OB1zG77yv
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:55 2025 by rpki-client