Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/e29a57-6b76-4a06-a116-f6f323fd96e0/1/iq3ssvUo5bXZcIWEHzsdc8Eqg0c.roa
File: iq3ssvUo5bXZcIWEHzsdc8Eqg0c.roa (raw, json)
Hash identifier: Ra9VLNdMH1vgwJCIHGEFTa1hXj9TZ6bEeh1Cxv0m8Xs=
Subject key identifier: 8A:AD:EC:B2:F5:28:E5:B5:D9:70:85:84:1F:3B:1D:73:C1:2A:83:47
Certificate issuer: /CN=d643aec22f819cf01f2c6363035d97f8e0e38233
Certificate serial: 019425FDC5CC9F3FAD1CE627DD2105C8708D
Authority key identifier: D6:43:AE:C2:2F:81:9C:F0:1F:2C:63:63:03:5D:97:F8:E0:E3:82:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1kOuwi-BnPAfLGNjA12X-ODjgjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/e29a57-6b76-4a06-a116-f6f323fd96e0/1/iq3ssvUo5bXZcIWEHzsdc8Eqg0c.roa
Signing time: Thu 02 Jan 2025 07:49:35 +0000
ROA not before: Thu 02 Jan 2025 07:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56851
IP address blocks: 45.94.156.0/22 maxlen: 24
176.105.232.0/24 maxlen: 24
185.91.72.0/24 maxlen: 24
185.91.73.0/24 maxlen: 24
185.91.74.0/24 maxlen: 24
185.91.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c5:cc:9f:3f:ad:1c:e6:27:dd:21:05:c8:70:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d643aec22f819cf01f2c6363035d97f8e0e38233
Validity
Not Before: Jan 2 07:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8aadecb2f528e5b5d97085841f3b1d73c12a8347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ed:42:1f:89:21:f3:e0:7c:c7:f6:b7:26:89:
bc:7e:a0:c2:5c:21:1f:60:47:db:e4:c5:8e:f4:67:
1b:cd:51:f1:12:6f:9c:9a:43:65:f1:33:22:9d:95:
0f:5e:d1:f0:77:2a:69:fd:5a:09:a9:02:74:a2:bd:
b8:d4:6a:fa:92:b8:bf:44:54:53:ce:90:ea:58:71:
f6:b0:1e:ed:67:52:56:de:23:42:96:67:2f:76:6f:
8a:ed:f3:ce:46:cd:bf:ea:90:0a:a3:ba:b2:66:aa:
b9:dd:59:96:71:a5:1e:91:02:ac:ee:0a:ba:f1:55:
e3:03:71:c2:18:87:54:9e:38:36:f1:d0:71:19:79:
f5:37:34:f8:71:1c:f8:1a:c1:a4:d9:7e:63:9c:69:
07:ae:76:85:1a:df:d6:87:0f:3b:b2:81:f1:9c:1b:
f2:2e:5c:af:a4:85:7d:37:eb:01:32:e9:dc:48:51:
2f:6c:5d:eb:bb:ed:e1:a9:ac:df:f1:83:ef:24:e9:
a6:7a:b7:a2:b3:bb:a2:62:86:c3:d0:06:00:77:86:
79:3b:51:55:1a:26:7a:5c:fd:a0:fd:6b:49:f4:84:
a6:f2:e0:a6:e8:e4:5e:c7:8c:52:94:f5:4f:8e:12:
3a:06:95:b9:c1:f8:be:77:80:e2:2a:8c:0d:a0:66:
3d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AD:EC:B2:F5:28:E5:B5:D9:70:85:84:1F:3B:1D:73:C1:2A:83:47
X509v3 Authority Key Identifier:
keyid:D6:43:AE:C2:2F:81:9C:F0:1F:2C:63:63:03:5D:97:F8:E0:E3:82:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1kOuwi-BnPAfLGNjA12X-ODjgjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e29a57-6b76-4a06-a116-f6f323fd96e0/1/iq3ssvUo5bXZcIWEHzsdc8Eqg0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e29a57-6b76-4a06-a116-f6f323fd96e0/1/1kOuwi-BnPAfLGNjA12X-ODjgjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.156.0/22
176.105.232.0/24
185.91.72.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:1c:5e:82:1f:98:9c:e6:43:f6:38:31:40:46:8a:ea:02:ac:
18:6c:31:66:0f:b8:bc:66:be:09:0d:d1:b1:5e:6a:9d:61:00:
5c:68:9d:2e:9e:07:15:a5:bb:85:e6:c3:b8:33:61:28:7c:e8:
ac:43:30:70:00:c3:9c:02:34:e2:37:a4:97:09:0e:4b:97:4d:
de:29:7e:86:43:6b:a9:bf:bb:9b:1c:b0:90:69:e4:68:78:3b:
97:67:e8:81:5d:aa:f8:8e:8e:ba:bc:63:b7:24:ac:51:85:bc:
59:cc:1a:dc:1a:99:12:55:58:93:80:7e:bd:d9:35:45:6a:dc:
1a:70:0d:08:58:5d:db:1b:bd:d9:8b:9c:a8:c5:de:d3:3f:df:
83:3f:5c:3d:e2:db:e2:24:7f:b2:15:95:8e:eb:8a:1a:24:f5:
c5:0e:20:35:83:41:50:d9:5d:d1:35:49:39:f0:60:70:3e:06:
21:ed:22:9c:9c:04:07:82:76:18:3d:f3:74:82:37:5f:76:d6:
2b:35:d5:61:fc:69:21:d2:f6:98:dd:82:68:ac:00:b8:40:97:
ad:17:9f:e8:32:9b:86:ba:ce:bc:38:a4:71:1c:ac:94:5f:af:
da:97:37:bd:db:e5:ee:e4:b7:ed:d8:3b:a9:c1:cb:27:a2:1d:
e9:c9:f9:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQl/cXMnz+tHOYn3SEFyHCNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NDNhZWMyMmY4MTljZjAxZjJjNjM2MzAzNWQ5N2Y4ZTBl
MzgyMzMwHhcNMjUwMTAyMDc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWFkZWNiMmY1MjhlNWI1ZDk3MDg1ODQxZjNiMWQ3M2MxMmE4MzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu1CH4kh8+B8x/a3Jom8fqDCXCEf
YEfb5MWO9GcbzVHxEm+cmkNl8TMinZUPXtHwdypp/VoJqQJ0or241Gr6kri/RFRT
zpDqWHH2sB7tZ1JW3iNClmcvdm+K7fPORs2/6pAKo7qyZqq53VmWcaUekQKs7gq6
8VXjA3HCGIdUnjg28dBxGXn1NzT4cRz4GsGk2X5jnGkHrnaFGt/Whw87soHxnBvy
LlyvpIV9N+sBMuncSFEvbF3ru+3hqazf8YPvJOmmereis7uiYobD0AYAd4Z5O1FV
GiZ6XP2g/WtJ9ISm8uCm6ORex4xSlPVPjhI6BpW5wfi+d4DiKowNoGY9pwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIqt7LL1KOW12XCFhB87HXPBKoNHMB8GA1UdIwQY
MBaAFNZDrsIvgZzwHyxjYwNdl/jg44IzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWtPdXdpLUJuUEFmTEdOakExMlgtT0RqZ2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9lMjlhNTctNmI3Ni00YTA2LWExMTYt
ZjZmMzIzZmQ5NmUwLzEvaXEzc3N2VW81YlhaY0lXRUh6c2RjOEVxZzBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9lMjlhNTctNmI3Ni00YTA2LWExMTYtZjZmMzIzZmQ5NmUw
LzEvMWtPdXdpLUJuUEFmTEdOakExMlgtT0RqZ2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLV6cAwQA
sGnoAwQCuVtIMA0GCSqGSIb3DQEBCwUAA4IBAQAOHF6CH5ic5kP2ODFARorqAqwY
bDFmD7i8Zr4JDdGxXmqdYQBcaJ0ungcVpbuF5sO4M2EofOisQzBwAMOcAjTiN6SX
CQ5Ll03eKX6GQ2upv7ubHLCQaeRoeDuXZ+iBXar4jo66vGO3JKxRhbxZzBrcGpkS
VViTgH692TVFatwacA0IWF3bG73Zi5yoxd7TP9+DP1w94tviJH+yFZWO64oaJPXF
DiA1g0FQ2V3RNUk58GBwPgYh7SKcnAQHgnYYPfN0gjdfdtYrNdVh/Gkh0vaY3YJo
rAC4QJetF5/oMpuGus68OKRxHKyUX6/alze92+Xu5Lft2Dupwcsnoh3pyfko
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:30 2025 by rpki-client