Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/JwyhTY3gBjH_DHx6X1gPB4EC1Hw.roa
File: JwyhTY3gBjH_DHx6X1gPB4EC1Hw.roa (raw, json)
Hash identifier: Y38jvMStrd7/OGI8zyUcvfpz5v5z/NCYXMUYLkJSmbY=
Subject key identifier: 27:0C:A1:4D:8D:E0:06:31:FF:0C:7C:7A:5F:58:0F:07:81:02:D4:7C
Certificate issuer: /CN=1372e0c2b83dd5109013c7f1c0bb9716d3618dd2
Certificate serial: 019427B61F1980651A6BA78183E78A989780
Authority key identifier: 13:72:E0:C2:B8:3D:D5:10:90:13:C7:F1:C0:BB:97:16:D3:61:8D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/JwyhTY3gBjH_DHx6X1gPB4EC1Hw.roa
Signing time: Thu 02 Jan 2025 15:50:34 +0000
ROA not before: Thu 02 Jan 2025 15:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199967
IP address blocks: 2.56.151.0/24 maxlen: 24
5.252.197.0/24 maxlen: 24
45.146.120.0/24 maxlen: 24
45.146.121.0/24 maxlen: 24
92.118.44.0/24 maxlen: 24
92.118.45.0/24 maxlen: 24
92.118.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:1f:19:80:65:1a:6b:a7:81:83:e7:8a:98:97:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1372e0c2b83dd5109013c7f1c0bb9716d3618dd2
Validity
Not Before: Jan 2 15:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=270ca14d8de00631ff0c7c7a5f580f078102d47c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5d:0b:ef:2a:da:e0:34:12:37:24:ca:82:0a:
88:ce:d1:0d:e8:bf:ca:d3:f1:46:8d:ae:55:f6:73:
a3:8c:0f:5f:46:67:c1:b2:b3:38:5f:5e:f0:ac:83:
e9:93:de:2f:9e:76:3f:9a:d6:08:26:67:9c:89:37:
38:3b:f4:5b:ba:f0:b3:46:22:dd:cd:1b:87:79:fb:
cf:43:81:9f:fa:f4:b1:d6:8f:55:c8:34:6d:bf:49:
df:cd:13:87:2a:cf:76:e1:09:98:14:38:36:55:07:
54:2f:ac:55:f7:d4:e7:64:2e:d8:6d:3e:b0:c3:93:
53:9d:57:41:54:17:b9:42:4e:a1:5b:8e:9f:f8:de:
89:5e:ef:f5:0b:d3:df:41:2f:c8:18:ec:7f:fb:27:
5d:b4:ff:b2:ce:09:0e:bd:72:89:ac:6b:2d:0a:be:
ca:b4:fd:ba:0f:84:58:99:e3:97:af:e4:cd:a6:b4:
2a:19:86:3a:41:89:38:f3:c6:75:57:4b:6a:15:2e:
8b:a3:e0:38:c1:b7:54:4e:15:92:36:31:ca:97:6e:
ee:ad:36:f7:43:0e:b4:7f:0f:03:d5:9e:90:2c:c0:
73:68:d5:18:b0:e7:51:b0:bc:9f:76:12:b9:7a:15:
d1:2b:6f:30:e4:ac:33:16:a8:ec:9f:a4:a6:13:b0:
b1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:0C:A1:4D:8D:E0:06:31:FF:0C:7C:7A:5F:58:0F:07:81:02:D4:7C
X509v3 Authority Key Identifier:
keyid:13:72:E0:C2:B8:3D:D5:10:90:13:C7:F1:C0:BB:97:16:D3:61:8D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/JwyhTY3gBjH_DHx6X1gPB4EC1Hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.151.0/24
5.252.197.0/24
45.146.120.0/23
92.118.44.0/23
92.118.47.0/24
Signature Algorithm: sha256WithRSAEncryption
41:a8:ae:3b:c1:78:d8:71:6c:8b:7c:8e:44:ff:c8:d8:19:7e:
0a:82:a6:12:55:8d:0d:9e:6e:03:9a:90:a9:fd:38:ba:c3:9c:
52:99:50:db:4b:d5:d9:ac:f8:8b:e1:cd:ed:5f:47:cb:1f:93:
84:75:3f:f0:5b:a3:e8:80:2f:43:f6:0e:67:2d:f9:d1:f5:f0:
5e:13:ab:de:68:10:8d:df:67:3a:9e:19:16:50:6d:d6:f0:94:
dd:d5:63:15:63:36:76:8d:63:51:d9:08:4b:8c:dd:96:a9:03:
27:54:b8:ef:aa:d7:2a:26:f0:a0:b2:89:db:e2:25:c1:cf:26:
22:c9:ae:de:35:fd:5d:f9:38:89:e9:2b:f6:84:aa:8e:69:da:
28:4c:2c:2b:ae:ba:0b:c0:38:5e:bb:9a:9f:b9:ba:6b:e2:c6:
16:08:9b:8b:60:46:56:64:94:b2:fb:63:31:da:a7:29:3d:f1:
f7:4f:aa:1b:e2:e8:aa:28:bb:5e:f9:a3:06:07:60:69:d0:13:
29:40:95:53:02:de:5a:5c:72:73:ca:7a:c7:4c:a7:a8:b5:ec:
5b:ef:f2:d2:13:66:32:ce:d8:c5:ea:58:99:db:eb:69:1d:a1:
53:df:24:d3:82:ad:e5:b0:e7:cb:c8:ad:30:64:08:eb:74:b8:
72:44:67:8c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnth8ZgGUaa6eBg+eKmJeAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzJlMGMyYjgzZGQ1MTA5MDEzYzdmMWMwYmI5NzE2ZDM2
MThkZDIwHhcNMjUwMTAyMTU1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzBjYTE0ZDhkZTAwNjMxZmYwYzdjN2E1ZjU4MGYwNzgxMDJkNDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA010L7yra4DQSNyTKggqIztEN6L/K
0/FGja5V9nOjjA9fRmfBsrM4X17wrIPpk94vnnY/mtYIJmeciTc4O/RbuvCzRiLd
zRuHefvPQ4Gf+vSx1o9VyDRtv0nfzROHKs924QmYFDg2VQdUL6xV99TnZC7YbT6w
w5NTnVdBVBe5Qk6hW46f+N6JXu/1C9PfQS/IGOx/+yddtP+yzgkOvXKJrGstCr7K
tP26D4RYmeOXr+TNprQqGYY6QYk488Z1V0tqFS6Lo+A4wbdUThWSNjHKl27urTb3
Qw60fw8D1Z6QLMBzaNUYsOdRsLyfdhK5ehXRK28w5KwzFqjsn6SmE7CxVwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCcMoU2N4AYx/wx8el9YDweBAtR8MB8GA1UdIwQY
MBaAFBNy4MK4PdUQkBPH8cC7lxbTYY3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNMZ3dyZzkxUkNRRThmeHdMdVhGdE5oamRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yMjFmZDYtZTRmNi00M2UzLTk0NmQt
ZGQxZWM1N2Q3ZTc0LzEvSnd5aFRZM2dCakhfREh4NlgxZ1BCNEVDMUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yMjFmZDYtZTRmNi00M2UzLTk0NmQtZGQxZWM1N2Q3ZTc0
LzEvRTNMZ3dyZzkxUkNRRThmeHdMdVhGdE5oamRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjiXAwQA
BfzFAwQBLZJ4AwQBXHYsAwQAXHYvMA0GCSqGSIb3DQEBCwUAA4IBAQBBqK47wXjY
cWyLfI5E/8jYGX4KgqYSVY0Nnm4DmpCp/Ti6w5xSmVDbS9XZrPiL4c3tX0fLH5OE
dT/wW6PogC9D9g5nLfnR9fBeE6veaBCN32c6nhkWUG3W8JTd1WMVYzZ2jWNR2QhL
jN2WqQMnVLjvqtcqJvCgsonb4iXBzyYiya7eNf1d+TiJ6Sv2hKqOadooTCwrrroL
wDheu5qfubpr4sYWCJuLYEZWZJSy+2Mx2qcpPfH3T6ob4uiqKLte+aMGB2Bp0BMp
QJVTAt5aXHJzynrHTKeotexb7/LSE2YyztjF6liZ2+tpHaFT3yTTgq3lsOfLyK0w
ZAjrdLhyRGeM
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:34 2025 by rpki-client