Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/G-MfEPKVAO3gG6FWFm64IjE9etc.roa
File: G-MfEPKVAO3gG6FWFm64IjE9etc.roa (raw, json)
Hash identifier: 17DK6/B1VAGDpSySwax9kvYRuaqz8V+CPv08iSwisLc=
Subject key identifier: 1B:E3:1F:10:F2:95:00:ED:E0:1B:A1:56:16:6E:B8:22:31:3D:7A:D7
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 0194E0F7C0C5684E512CB8CB398ACD9AAE24
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/G-MfEPKVAO3gG6FWFm64IjE9etc.roa
Signing time: Fri 07 Feb 2025 15:12:00 +0000
ROA not before: Fri 07 Feb 2025 15:12:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53667
IP address blocks: 45.78.90.0/23 maxlen: 23
45.78.92.0/22 maxlen: 22
62.3.6.0/24 maxlen: 24
146.19.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e0:f7:c0:c5:68:4e:51:2c:b8:cb:39:8a:cd:9a:ae:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: Feb 7 15:12:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1be31f10f29500ede01ba156166eb822313d7ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f1:d1:27:b1:38:2d:e6:16:7f:c4:c2:43:2e:
44:77:8a:81:5a:02:c1:c4:8f:cb:1d:ae:7e:5c:62:
93:f7:38:1e:60:33:0f:17:64:9d:fa:44:0a:8a:9d:
0f:1a:3e:4a:11:ed:d5:5a:70:76:df:64:2c:07:2a:
65:8b:2a:26:b7:8b:c6:e0:55:26:6a:3b:b5:ab:c4:
dc:fd:38:2d:1f:5f:cb:e7:87:f9:da:5a:a9:ef:c2:
80:38:90:8d:77:8a:2f:e2:11:0d:81:09:38:79:95:
d3:3b:20:15:24:fa:a0:bb:01:a7:ee:f0:b1:a4:58:
43:67:93:b0:2b:d2:6e:a0:a5:e6:5a:f5:57:d8:a1:
56:58:00:e3:b5:03:71:eb:68:e9:ce:e9:27:4f:0c:
a8:99:94:7b:64:fc:cd:9b:d6:01:87:68:ec:6c:19:
43:2d:7c:b8:bf:d5:c0:f4:92:b3:fe:6d:27:8c:04:
c0:6c:1b:2f:d0:17:63:8c:c3:5d:13:42:96:be:10:
6c:bc:d8:16:90:08:31:ff:86:e1:f7:74:10:61:c2:
86:fb:98:aa:6b:7d:e4:d8:03:f5:59:43:cf:0c:5f:
7e:89:bd:03:8d:cf:6e:ba:75:b2:c4:30:ad:cb:d3:
83:4d:81:d9:74:0f:c5:eb:38:46:81:fc:95:77:9d:
3d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E3:1F:10:F2:95:00:ED:E0:1B:A1:56:16:6E:B8:22:31:3D:7A:D7
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/G-MfEPKVAO3gG6FWFm64IjE9etc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.78.90.0-45.78.95.255
62.3.6.0/24
146.19.100.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:73:51:a6:f7:7c:77:dc:eb:7e:83:fa:67:a8:ea:d4:bc:fe:
b7:65:d9:51:ad:4f:6f:61:56:99:d4:14:a1:d3:99:f7:2c:f7:
37:e7:98:73:0d:9e:02:cb:95:41:4a:34:b3:ae:2e:76:4b:7b:
9b:c5:0f:7a:d0:28:4c:cd:f6:d5:c5:3b:f5:41:3f:a7:94:15:
26:c7:79:e2:5c:e4:d6:d5:33:1a:3f:08:5a:3a:f1:07:cf:a9:
76:72:82:ec:96:ae:30:c8:b2:38:ca:11:1a:eb:37:a9:fe:b9:
4c:ce:cb:7c:85:66:28:32:cc:6d:8c:7a:2c:07:9b:3e:19:0b:
a7:97:ee:32:ca:5e:2c:f3:c8:75:94:2b:3e:e9:90:68:bb:15:
a8:dc:65:83:06:c1:56:52:3f:29:2c:4e:a7:77:17:d6:6d:db:
02:5b:42:37:6e:22:9c:d6:8b:07:09:7a:67:95:d0:79:b2:7e:
02:6b:01:40:d2:b3:3b:75:30:c8:c3:f3:32:c5:d4:35:b7:07:
42:f4:86:40:3e:26:4a:b5:83:4f:a1:4a:bb:01:05:e9:86:56:
2a:21:cc:7f:36:00:d7:7c:78:df:40:ed:c7:b6:6d:8b:dc:7e:
39:d7:5d:6f:11:d9:1f:c8:3f:52:a2:27:4b:78:e8:59:fb:82:
6b:63:a2:ae
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZTg98DFaE5RLLjLOYrNmq4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2
ZTBjMWEwHhcNMjUwMjA3MTUxMjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmUzMWYxMGYyOTUwMGVkZTAxYmExNTYxNjZlYjgyMjMxM2Q3YWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fHRJ7E4LeYWf8TCQy5Ed4qBWgLB
xI/LHa5+XGKT9zgeYDMPF2Sd+kQKip0PGj5KEe3VWnB232QsBypliyomt4vG4FUm
aju1q8Tc/TgtH1/L54f52lqp78KAOJCNd4ov4hENgQk4eZXTOyAVJPqguwGn7vCx
pFhDZ5OwK9JuoKXmWvVX2KFWWADjtQNx62jpzuknTwyomZR7ZPzNm9YBh2jsbBlD
LXy4v9XA9JKz/m0njATAbBsv0BdjjMNdE0KWvhBsvNgWkAgx/4bh93QQYcKG+5iq
a33k2AP1WUPPDF9+ib0Djc9uunWyxDCty9ODTYHZdA/F6zhGgfyVd509bwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBvjHxDylQDt4BuhVhZuuCIxPXrXMB8GA1UdIwQY
MBaAFLQEzA4DjrDml+xueuSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1Yjkt
ODZhMmYwNjdiNGU4LzEvRy1NZkVQS1ZBTzNnRzZGV0ZtNjRJakU5ZXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4
LzEvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAEtTloD
BAUtTkADBAA+AwYDBACSE2QwDQYJKoZIhvcNAQELBQADggEBAKJzUab3fHfc636D
+meo6tS8/rdl2VGtT29hVpnUFKHTmfcs9zfnmHMNngLLlUFKNLOuLnZLe5vFD3rQ
KEzN9tXFO/VBP6eUFSbHeeJc5NbVMxo/CFo68QfPqXZyguyWrjDIsjjKERrrN6n+
uUzOy3yFZigyzG2MeiwHmz4ZC6eX7jLKXizzyHWUKz7pkGi7FajcZYMGwVZSPyks
Tqd3F9Zt2wJbQjduIpzWiwcJemeV0HmyfgJrAUDSszt1MMjD8zLF1DW3B0L0hkA+
Jkq1g0+hSrsBBemGViohzH82ANd8eN9A7ce2bYvcfjnXXW8R2R/IP1KiJ0t46Fn7
gmtjoq4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:05:13 2025 by rpki-client