Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/0YW6ttYVKOeqcJ5zyrGvaeUR2pw.roa
File: 0YW6ttYVKOeqcJ5zyrGvaeUR2pw.roa (raw, json)
Hash identifier: NFpGYrDr9CdBDfnq5tg4cuAB0v9WLl3xgZZRL1xqhAY=
Subject key identifier: D1:85:BA:B6:D6:15:28:E7:AA:70:9E:73:CA:B1:AF:69:E5:11:DA:9C
Certificate issuer: /CN=bd6fa37a2483cf579fa86250119ac0133475aad8
Certificate serial: 019423D743FCEDF275AB6BE97AAD543B78AB
Authority key identifier: BD:6F:A3:7A:24:83:CF:57:9F:A8:62:50:11:9A:C0:13:34:75:AA:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/0YW6ttYVKOeqcJ5zyrGvaeUR2pw.roa
Signing time: Wed 01 Jan 2025 21:48:17 +0000
ROA not before: Wed 01 Jan 2025 21:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6134
IP address blocks: 45.86.140.0/22 maxlen: 24
45.133.228.0/22 maxlen: 24
45.138.80.0/22 maxlen: 24
45.147.24.0/24 maxlen: 24
45.147.25.0/24 maxlen: 24
45.147.26.0/24 maxlen: 24
45.147.27.0/24 maxlen: 24
45.158.228.0/24 maxlen: 24
45.158.229.0/24 maxlen: 24
45.158.230.0/24 maxlen: 24
45.158.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:43:fc:ed:f2:75:ab:6b:e9:7a:ad:54:3b:78:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd6fa37a2483cf579fa86250119ac0133475aad8
Validity
Not Before: Jan 1 21:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d185bab6d61528e7aa709e73cab1af69e511da9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d1:ca:d9:94:11:73:b2:a8:2c:73:ad:b4:13:
1e:39:cc:2c:b8:8d:d1:ea:1a:28:b8:be:d9:e8:d5:
e9:83:46:99:e2:b7:ce:64:c0:23:92:8b:f8:75:35:
73:d8:6c:58:fc:28:3d:45:15:be:27:91:26:ea:3b:
ee:8b:e9:04:c5:c9:5a:8a:3d:b7:8f:4f:e4:11:ac:
00:31:db:d2:58:6e:8b:92:f7:f3:98:26:3f:4c:83:
4e:1e:c5:28:f4:ad:6a:c2:8d:aa:88:50:14:00:4d:
52:e4:e3:64:8d:17:ba:96:24:a4:88:69:51:bb:c6:
7b:ce:91:ac:56:fe:b0:d2:2f:fd:3d:c5:59:4d:84:
ed:35:e6:37:3c:53:f3:3d:c3:42:c0:98:b7:3a:57:
c9:af:e9:3c:90:cd:3d:e8:53:9b:8e:3a:4a:fd:eb:
33:73:6a:e8:cb:52:7f:89:da:22:9e:ee:bf:37:73:
4d:c3:0f:6f:c9:8a:63:19:c3:0a:20:e0:81:78:a1:
0e:99:e9:bc:89:b9:62:e8:9a:14:34:52:a7:0d:7a:
26:18:56:9a:29:aa:c6:22:6a:b2:df:0f:10:d5:b4:
68:3c:3e:3c:c1:42:94:9c:5f:88:0e:0d:3d:53:50:
7c:f2:de:8e:49:49:49:37:8f:db:cd:36:43:e2:28:
11:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:85:BA:B6:D6:15:28:E7:AA:70:9E:73:CA:B1:AF:69:E5:11:DA:9C
X509v3 Authority Key Identifier:
keyid:BD:6F:A3:7A:24:83:CF:57:9F:A8:62:50:11:9A:C0:13:34:75:AA:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/0YW6ttYVKOeqcJ5zyrGvaeUR2pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/vW-jeiSDz1efqGJQEZrAEzR1qtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.140.0/22
45.133.228.0/22
45.138.80.0/22
45.147.24.0/22
45.158.228.0/22
Signature Algorithm: sha256WithRSAEncryption
46:3b:8c:9b:cc:3a:60:04:bd:68:1c:ce:f7:c7:1e:01:c6:4b:
69:61:dc:3b:08:22:84:0f:6c:0a:98:84:30:bb:f7:a2:47:39:
07:07:99:76:d0:23:65:05:df:c3:98:8f:00:41:4a:98:7e:72:
14:96:88:76:26:bc:b5:5c:77:bb:85:ad:ec:c6:34:c4:26:ee:
27:8b:26:09:77:62:ee:c3:8b:be:45:95:9e:8e:4d:d0:e9:1b:
c8:10:b0:12:26:27:79:c0:8f:cf:9e:a6:4c:23:12:d4:4e:e9:
f8:aa:43:00:d4:a2:88:e1:4e:1c:a5:0e:29:25:34:c6:3c:2c:
09:06:8a:39:6c:a4:a8:bc:8f:68:63:1c:c0:e8:59:af:d8:66:
f7:90:73:08:b3:3d:0b:c2:a0:d0:8a:0e:3c:a6:f7:67:31:37:
c4:b4:cf:ea:38:7e:ce:40:f7:cc:84:e0:26:c7:47:60:89:50:
87:56:d8:1a:68:89:1f:73:ae:5a:43:7f:7c:b8:65:87:52:54:
60:5c:30:94:92:eb:d5:18:79:d8:88:5e:1f:3f:43:29:80:54:
8c:fc:c3:cf:d3:3e:ed:0c:ac:fa:8e:c4:a3:87:81:a7:36:f1:
c4:4f:33:41:3a:be:00:6a:f3:eb:6f:8a:36:e4:78:9b:cf:7e:
15:00:51:93
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQj10P87fJ1q2vpeq1UO3irMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNmZhMzdhMjQ4M2NmNTc5ZmE4NjI1MDExOWFjMDEzMzQ3
NWFhZDgwHhcNMjUwMTAxMjE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTg1YmFiNmQ2MTUyOGU3YWE3MDllNzNjYWIxYWY2OWU1MTFkYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNHK2ZQRc7KoLHOttBMeOcwsuI3R
6hoouL7Z6NXpg0aZ4rfOZMAjkov4dTVz2GxY/Cg9RRW+J5Em6jvui+kExclaij23
j0/kEawAMdvSWG6LkvfzmCY/TINOHsUo9K1qwo2qiFAUAE1S5ONkjRe6liSkiGlR
u8Z7zpGsVv6w0i/9PcVZTYTtNeY3PFPzPcNCwJi3OlfJr+k8kM096FObjjpK/esz
c2roy1J/idoinu6/N3NNww9vyYpjGcMKIOCBeKEOmem8ibli6JoUNFKnDXomGFaa
KarGImqy3w8Q1bRoPD48wUKUnF+IDg09U1B88t6OSUlJN4/bzTZD4igR7wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNGFurbWFSjnqnCec8qxr2nlEdqcMB8GA1UdIwQY
MBaAFL1vo3okg89Xn6hiUBGawBM0darYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlctamVpU0R6MWVmcUdKUUVackFFelIxcXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9lM2FkYTItYzlkZi00NGUyLThiMGYt
OGZmMTYxMWU4YmI0LzEvMFlXNnR0WVZLT2VxY0o1enlyR3ZhZVVSMnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9lM2FkYTItYzlkZi00NGUyLThiMGYtOGZmMTYxMWU4YmI0
LzEvdlctamVpU0R6MWVmcUdKUUVackFFelIxcXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLVaMAwQC
LYXkAwQCLYpQAwQCLZMYAwQCLZ7kMA0GCSqGSIb3DQEBCwUAA4IBAQBGO4ybzDpg
BL1oHM73xx4BxktpYdw7CCKED2wKmIQwu/eiRzkHB5l20CNlBd/DmI8AQUqYfnIU
loh2Jry1XHe7ha3sxjTEJu4niyYJd2Luw4u+RZWejk3Q6RvIELASJid5wI/PnqZM
IxLUTun4qkMA1KKI4U4cpQ4pJTTGPCwJBoo5bKSovI9oYxzA6Fmv2Gb3kHMIsz0L
wqDQig48pvdnMTfEtM/qOH7OQPfMhOAmx0dgiVCHVtgaaIkfc65aQ398uGWHUlRg
XDCUkuvVGHnYiF4fP0MpgFSM/MPP0z7tDKz6jsSjh4GnNvHETzNBOr4AavPrb4o2
5Hibz34VAFGT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:32 2025 by rpki-client