Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/1f3949-40cc-400a-b411-e4ea208a9a2d/1/4prfTAA9HBYIWFQscXuDZvPOJfU.roa
File: 4prfTAA9HBYIWFQscXuDZvPOJfU.roa (raw, json)
Hash identifier: zMicpYmGFLFzW1lGiXS7QLLBWvT2YuAYQEgxuNA/2gA=
Subject key identifier: E2:9A:DF:4C:00:3D:1C:16:08:58:54:2C:71:7B:83:66:F3:CE:25:F5
Certificate issuer: /CN=3cd5619db8d7717379956d4ea75b76db26d1c1c9
Certificate serial: 0194221F9CE6CE13E219DCEE5E742293EB9B
Authority key identifier: 3C:D5:61:9D:B8:D7:71:73:79:95:6D:4E:A7:5B:76:DB:26:D1:C1:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNVhnbjXcXN5lW1Op1t22ybRwck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/1f3949-40cc-400a-b411-e4ea208a9a2d/1/4prfTAA9HBYIWFQscXuDZvPOJfU.roa
Signing time: Wed 01 Jan 2025 13:48:04 +0000
ROA not before: Wed 01 Jan 2025 13:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208479
IP address blocks: 45.92.196.0/22 maxlen: 24
2a0e:72c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9c:e6:ce:13:e2:19:dc:ee:5e:74:22:93:eb:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cd5619db8d7717379956d4ea75b76db26d1c1c9
Validity
Not Before: Jan 1 13:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e29adf4c003d1c160858542c717b8366f3ce25f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:26:3f:a0:5c:d2:f5:44:75:6c:be:26:d2:ef:
e4:94:1f:30:8e:09:93:50:48:9e:2b:76:e9:7e:bc:
e8:ba:48:84:81:17:5e:06:64:33:1b:ce:8e:80:6d:
b8:f7:8c:6b:a5:7a:4f:62:ec:37:a1:48:42:de:af:
ad:e2:1b:8e:5a:f4:de:88:57:33:ec:45:f7:16:b6:
04:e7:ea:ff:64:46:04:65:e2:bd:3c:b9:c8:8e:6d:
4d:91:a7:e7:f0:b6:f5:18:51:38:d8:e0:2c:3a:0a:
3b:ae:2c:34:77:09:12:ae:36:46:33:8c:03:7b:ec:
21:4c:99:47:44:fb:00:c1:c6:0f:d4:e8:1d:95:a8:
f4:b3:9c:d0:ba:5e:1d:68:db:47:f8:fe:78:b8:a4:
1c:77:68:73:94:9a:10:8e:c1:52:a3:ed:2a:5d:cc:
e5:67:6a:33:f4:93:65:af:1d:6b:17:de:c3:75:8a:
a5:be:0f:fc:6e:6d:78:6a:bc:da:9b:90:59:c0:71:
36:ba:76:29:d0:31:17:22:ce:df:cd:04:fe:2d:af:
42:23:4a:d2:fa:8f:2b:48:fd:9e:90:aa:95:b2:18:
9f:b1:13:52:b5:f1:df:53:fb:fb:6a:b1:37:18:6e:
e3:c2:cc:71:0f:73:43:3a:83:82:de:37:dc:2b:43:
2d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:9A:DF:4C:00:3D:1C:16:08:58:54:2C:71:7B:83:66:F3:CE:25:F5
X509v3 Authority Key Identifier:
keyid:3C:D5:61:9D:B8:D7:71:73:79:95:6D:4E:A7:5B:76:DB:26:D1:C1:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNVhnbjXcXN5lW1Op1t22ybRwck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/1f3949-40cc-400a-b411-e4ea208a9a2d/1/4prfTAA9HBYIWFQscXuDZvPOJfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/1f3949-40cc-400a-b411-e4ea208a9a2d/1/PNVhnbjXcXN5lW1Op1t22ybRwck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.196.0/22
IPv6:
2a0e:72c0::/29
Signature Algorithm: sha256WithRSAEncryption
1e:b5:98:03:5f:1e:5d:12:ec:86:4e:8d:6f:e0:dd:33:b4:5a:
70:de:96:55:9c:5d:c1:eb:e6:23:39:24:fa:47:af:24:b4:ac:
65:9a:5e:e8:5d:4f:bb:3b:2f:ab:97:61:78:a2:5e:fd:12:49:
e0:ee:d9:b7:bf:5d:a5:79:87:76:0b:08:35:a2:66:68:e4:b6:
67:ec:6b:0b:d6:5d:81:84:8f:5d:ea:10:ed:d4:ab:0e:2b:bf:
87:71:60:fe:a9:97:1c:1c:51:97:a2:f7:e9:11:07:2c:de:6d:
c0:cf:c6:ff:82:17:64:35:f2:27:f5:85:34:2b:84:43:00:d5:
b6:75:ac:fd:49:67:c6:fd:f6:25:d4:14:6b:82:69:2f:2e:8e:
eb:c7:b5:ed:28:f4:78:d6:ec:6b:99:71:39:37:d6:8d:5c:b7:
af:d3:3f:01:2e:ca:76:e2:c0:12:b3:18:92:a8:a3:e9:43:75:
d7:84:e0:87:1d:55:5b:1e:d0:b3:8e:0c:5f:c8:0e:08:b0:c9:
aa:94:f5:13:65:53:f3:7d:35:d1:d6:7e:3e:93:5b:cc:27:db:
96:51:31:e9:37:5d:77:94:e2:d9:21:77:b5:8e:e9:b8:2b:b3:
86:1c:97:51:d0:f6:c4:8b:8a:68:bf:d3:9b:f0:56:55:40:01:
7a:24:33:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH5zmzhPiGdzuXnQik+ubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDU2MTlkYjhkNzcxNzM3OTk1NmQ0ZWE3NWI3NmRiMjZk
MWMxYzkwHhcNMjUwMTAxMTM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjlhZGY0YzAwM2QxYzE2MDg1ODU0MmM3MTdiODM2NmYzY2UyNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCY/oFzS9UR1bL4m0u/klB8wjgmT
UEieK3bpfrzoukiEgRdeBmQzG86OgG2494xrpXpPYuw3oUhC3q+t4huOWvTeiFcz
7EX3FrYE5+r/ZEYEZeK9PLnIjm1Nkafn8Lb1GFE42OAsOgo7riw0dwkSrjZGM4wD
e+whTJlHRPsAwcYP1Ogdlaj0s5zQul4daNtH+P54uKQcd2hzlJoQjsFSo+0qXczl
Z2oz9JNlrx1rF97DdYqlvg/8bm14arzam5BZwHE2unYp0DEXIs7fzQT+La9CI0rS
+o8rSP2ekKqVshifsRNStfHfU/v7arE3GG7jwsxxD3NDOoOC3jfcK0MtywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOKa30wAPRwWCFhULHF7g2bzziX1MB8GA1UdIwQY
MBaAFDzVYZ2413FzeZVtTqdbdtsm0cHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5WaG5ialhjWE41bFcxT3AxdDIyeWJSd2NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8xZjM5NDktNDBjYy00MDBhLWI0MTEt
ZTRlYTIwOGE5YTJkLzEvNHByZlRBQTlIQllJV0ZRc2NYdURadlBPSmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8xZjM5NDktNDBjYy00MDBhLWI0MTEtZTRlYTIwOGE5YTJk
LzEvUE5WaG5ialhjWE41bFcxT3AxdDIyeWJSd2NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVzEMA0E
AgACMAcDBQMqDnLAMA0GCSqGSIb3DQEBCwUAA4IBAQAetZgDXx5dEuyGTo1v4N0z
tFpw3pZVnF3B6+YjOST6R68ktKxlml7oXU+7Oy+rl2F4ol79Ekng7tm3v12leYd2
Cwg1omZo5LZn7GsL1l2BhI9d6hDt1KsOK7+HcWD+qZccHFGXovfpEQcs3m3Az8b/
ghdkNfIn9YU0K4RDANW2daz9SWfG/fYl1BRrgmkvLo7rx7XtKPR41uxrmXE5N9aN
XLev0z8BLsp24sASsxiSqKPpQ3XXhOCHHVVbHtCzjgxfyA4IsMmqlPUTZVPzfTXR
1n4+k1vMJ9uWUTHpN113lOLZIXe1jum4K7OGHJdR0PbEi4pov9Ob8FZVQAF6JDNP
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:11 2025 by rpki-client