Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/rtVpNZa3L_NWvprN4f-UPAZwfTo.roa
File: rtVpNZa3L_NWvprN4f-UPAZwfTo.roa (raw, json)
Hash identifier: 2HzqWuMhkSfDBFXNVGHFl9K4DvsafbSLLfoHlblLKUE=
Subject key identifier: AE:D5:69:35:96:B7:2F:F3:56:BE:9A:CD:E1:FF:94:3C:06:70:7D:3A
Certificate issuer: /CN=52e400eba3790a245cdab4b4e67bb4d60bbe7b40
Certificate serial: 019426D9C9EF9D0F1168AA1808864B46F63A
Authority key identifier: 52:E4:00:EB:A3:79:0A:24:5C:DA:B4:B4:E6:7B:B4:D6:0B:BE:7B:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UuQA66N5CiRc2rS05nu01gu-e0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/rtVpNZa3L_NWvprN4f-UPAZwfTo.roa
Signing time: Thu 02 Jan 2025 11:49:54 +0000
ROA not before: Thu 02 Jan 2025 11:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209023
IP address blocks: 45.9.36.0/22 maxlen: 22
45.9.36.0/24 maxlen: 24
45.9.37.0/24 maxlen: 24
45.9.38.0/24 maxlen: 24
45.9.39.0/24 maxlen: 24
188.213.219.0/24 maxlen: 24
188.213.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:c9:ef:9d:0f:11:68:aa:18:08:86:4b:46:f6:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52e400eba3790a245cdab4b4e67bb4d60bbe7b40
Validity
Not Before: Jan 2 11:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aed5693596b72ff356be9acde1ff943c06707d3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:69:9d:d3:a6:a2:a5:ee:ba:4e:20:88:c5:61:
d1:20:2a:25:7b:45:80:49:ce:51:b2:82:23:db:22:
3b:26:0a:79:8a:e4:7b:69:27:e6:be:47:6e:69:34:
e7:ac:f1:b6:5a:38:4a:db:87:51:bf:d3:67:70:27:
7e:ce:b1:ce:50:71:b5:70:84:d3:11:57:7b:68:c6:
db:65:0e:61:dc:33:6f:1a:7a:e9:5e:72:5c:d3:21:
4e:9c:b8:86:be:a3:ed:2a:00:49:70:63:3a:ce:9c:
1b:ed:4e:17:c7:8e:2f:0b:2e:01:96:98:99:1c:e1:
7a:08:c9:5b:6b:83:68:11:32:ed:6f:6f:8e:f5:e2:
3b:b2:0a:ae:ee:31:05:59:a8:17:cd:52:08:cc:42:
48:16:ed:ab:af:d4:f9:a7:66:1d:e0:61:70:b8:74:
45:83:ef:29:1a:7c:f5:b7:b8:6e:ae:fd:cd:d5:ac:
c0:de:7f:94:78:58:e7:76:6b:2f:17:ab:dd:5b:e8:
b4:78:58:7a:8a:b9:cd:95:0d:55:2a:18:cb:66:5d:
83:90:b0:4c:d3:0e:d2:d7:f5:ac:23:13:88:bd:d8:
78:6d:20:70:c5:e5:9b:22:c6:b9:38:fc:85:4e:9b:
f7:76:ce:61:55:8d:36:b9:22:fc:a3:67:18:f0:c3:
83:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D5:69:35:96:B7:2F:F3:56:BE:9A:CD:E1:FF:94:3C:06:70:7D:3A
X509v3 Authority Key Identifier:
keyid:52:E4:00:EB:A3:79:0A:24:5C:DA:B4:B4:E6:7B:B4:D6:0B:BE:7B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UuQA66N5CiRc2rS05nu01gu-e0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/rtVpNZa3L_NWvprN4f-UPAZwfTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/UuQA66N5CiRc2rS05nu01gu-e0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.36.0/22
188.213.219.0/24
188.213.240.0/24
Signature Algorithm: sha256WithRSAEncryption
42:07:e6:42:35:84:df:d8:6e:3c:cb:a7:f7:dc:db:cf:52:1d:
39:01:96:53:7a:de:0d:1d:0d:95:7d:15:f5:26:b4:76:00:d2:
1e:af:a4:d4:4e:a8:a3:7d:a9:08:92:f3:43:ec:76:27:90:28:
29:ba:26:31:5a:3c:a5:1d:7d:9d:84:ae:1e:a7:c4:70:b4:16:
28:fd:ad:04:e3:40:4e:f6:69:87:48:b5:df:9d:5d:cc:bf:20:
0e:e3:51:be:be:05:e6:f7:ee:a1:4b:02:e4:9d:38:a9:81:4c:
81:bb:66:d9:92:7b:48:88:8c:b5:03:86:0e:f1:67:29:01:87:
f6:35:fd:97:fa:23:d1:62:3c:8b:8a:09:59:b3:63:be:d3:5c:
ba:f0:a3:84:e8:61:0b:e2:79:c9:ea:c0:30:1f:08:ca:ca:f1:
2c:3b:95:8c:4b:ba:80:6b:8f:a8:df:83:b6:21:bc:db:25:87:
31:c5:f7:4c:db:19:dc:98:8c:26:fc:ec:30:49:6b:fc:36:85:
a7:26:f7:38:88:df:79:cc:08:8c:75:ae:03:5e:0d:10:24:1c:
05:e3:31:e2:d0:14:fe:32:be:21:4c:63:25:61:3b:46:dc:1c:
55:ca:76:71:6f:81:60:38:fa:c7:6c:07:92:ff:96:da:1e:29:
2c:8e:68:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQm2cnvnQ8RaKoYCIZLRvY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZTQwMGViYTM3OTBhMjQ1Y2RhYjRiNGU2N2JiNGQ2MGJi
ZTdiNDAwHhcNMjUwMTAyMTE0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQ1NjkzNTk2YjcyZmYzNTZiZTlhY2RlMWZmOTQzYzA2NzA3ZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmmd06aipe66TiCIxWHRICole0WA
Sc5RsoIj2yI7Jgp5iuR7aSfmvkduaTTnrPG2WjhK24dRv9NncCd+zrHOUHG1cITT
EVd7aMbbZQ5h3DNvGnrpXnJc0yFOnLiGvqPtKgBJcGM6zpwb7U4Xx44vCy4BlpiZ
HOF6CMlba4NoETLtb2+O9eI7sgqu7jEFWagXzVIIzEJIFu2rr9T5p2Yd4GFwuHRF
g+8pGnz1t7hurv3N1azA3n+UeFjndmsvF6vdW+i0eFh6irnNlQ1VKhjLZl2DkLBM
0w7S1/WsIxOIvdh4bSBwxeWbIsa5OPyFTpv3ds5hVY02uSL8o2cY8MODmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK7VaTWWty/zVr6azeH/lDwGcH06MB8GA1UdIwQY
MBaAFFLkAOujeQokXNq0tOZ7tNYLvntAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXVRQTY2TjVDaVJjMnJTMDVudTAxZ3UtZTBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lM2QxOWYtMjhmYi00NWNiLWFmZTAt
Zjk3YWQzMDQ0ZTAyLzEvcnRWcE5aYTNMX05XdnByTjRmLVVQQVp3ZlRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lM2QxOWYtMjhmYi00NWNiLWFmZTAtZjk3YWQzMDQ0ZTAy
LzEvVXVRQTY2TjVDaVJjMnJTMDVudTAxZ3UtZTBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQkkAwQA
vNXbAwQAvNXwMA0GCSqGSIb3DQEBCwUAA4IBAQBCB+ZCNYTf2G48y6f33NvPUh05
AZZTet4NHQ2VfRX1JrR2ANIer6TUTqijfakIkvND7HYnkCgpuiYxWjylHX2dhK4e
p8RwtBYo/a0E40BO9mmHSLXfnV3MvyAO41G+vgXm9+6hSwLknTipgUyBu2bZkntI
iIy1A4YO8WcpAYf2Nf2X+iPRYjyLiglZs2O+01y68KOE6GEL4nnJ6sAwHwjKyvEs
O5WMS7qAa4+o34O2IbzbJYcxxfdM2xncmIwm/OwwSWv8NoWnJvc4iN95zAiMda4D
Xg0QJBwF4zHi0BT+Mr4hTGMlYTtG3BxVynZxb4FgOPrHbAeS/5baHiksjmhG
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:02:56 2025 by rpki-client