Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/A-83ltbO_Zu7XHu2mZxcn4j-NTw.roa
File: A-83ltbO_Zu7XHu2mZxcn4j-NTw.roa (raw, json)
Hash identifier: rEHLpLJSO7XMifKtekD/Y1RkhaQQiNzTkBuErIhyrz4=
Subject key identifier: 03:EF:37:96:D6:CE:FD:9B:BB:5C:7B:B6:99:9C:5C:9F:88:FE:35:3C
Certificate issuer: /CN=758e823cf274d3810ce05c1d1bf5eef95cb211dc
Certificate serial: 018CC2DB0370FB8D492C392A1A1B813824C6
Authority key identifier: 75:8E:82:3C:F2:74:D3:81:0C:E0:5C:1D:1B:F5:EE:F9:5C:B2:11:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dY6CPPJ004EM4FwdG_Xu-VyyEdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/A-83ltbO_Zu7XHu2mZxcn4j-NTw.roa
Signing time: Mon 01 Jan 2024 02:29:42 +0000
ROA not before: Mon 01 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39384
IP address blocks: 185.118.112.0/22 maxlen: 24
45.154.64.0/22 maxlen: 24
185.240.248.0/22 maxlen: 24
2a0d:3b80::/29 maxlen: 32
2a03:6420::/32 maxlen: 32
2a0f:c700::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:03:70:fb:8d:49:2c:39:2a:1a:1b:81:38:24:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=758e823cf274d3810ce05c1d1bf5eef95cb211dc
Validity
Not Before: Jan 1 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03ef3796d6cefd9bbb5c7bb6999c5c9f88fe353c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a3:92:bd:42:ca:a9:fd:cf:fe:06:58:79:07:
fc:90:42:ee:0d:5a:40:79:d5:19:42:81:51:2d:04:
80:aa:52:01:2b:80:26:44:b4:85:60:e5:05:7d:c1:
47:f9:6a:93:02:3d:04:db:eb:12:70:69:e5:80:47:
98:17:64:df:ed:37:ff:12:fe:23:84:ec:2b:1c:1e:
83:78:63:3a:ef:43:b2:c7:60:34:56:bd:67:ef:30:
21:43:4b:3f:27:e9:5b:1a:af:4c:d0:cc:f0:75:22:
2e:83:61:8a:45:b4:2c:d9:11:f9:19:87:2d:46:e6:
00:f0:cc:94:94:85:75:97:3e:40:05:84:58:d7:5b:
4f:e4:66:5e:1a:03:5c:b6:61:55:f1:30:b3:24:cc:
ac:7a:0b:8b:09:7b:53:72:8e:f4:c9:9a:12:60:9e:
30:03:b5:12:1f:81:19:62:92:64:bc:73:52:e8:88:
a8:b0:87:95:34:2f:7c:2c:08:43:cd:49:db:e9:2e:
5a:4b:7d:be:53:07:01:0a:07:72:4f:c9:07:68:f5:
62:e3:ea:ad:3e:13:40:64:ce:9e:63:ac:40:d7:56:
d4:90:3d:88:f1:22:da:5b:fa:c4:39:2c:44:2b:c3:
5f:da:84:cd:5c:4e:2e:d3:dd:2c:57:f8:40:b6:85:
fc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:EF:37:96:D6:CE:FD:9B:BB:5C:7B:B6:99:9C:5C:9F:88:FE:35:3C
X509v3 Authority Key Identifier:
keyid:75:8E:82:3C:F2:74:D3:81:0C:E0:5C:1D:1B:F5:EE:F9:5C:B2:11:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dY6CPPJ004EM4FwdG_Xu-VyyEdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/A-83ltbO_Zu7XHu2mZxcn4j-NTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/dY6CPPJ004EM4FwdG_Xu-VyyEdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.64.0/22
185.118.112.0/22
185.240.248.0/22
IPv6:
2a03:6420::/32
2a0d:3b80::/29
2a0f:c700::/29
Signature Algorithm: sha256WithRSAEncryption
88:42:f0:81:f5:be:25:5f:68:b8:72:1d:76:77:24:22:b3:f9:
59:1b:4b:6d:c3:2a:c4:2b:3c:b1:d8:e1:aa:08:8c:80:ce:ef:
e8:c3:d8:53:d9:90:ec:ad:90:4d:7b:54:3c:13:55:b8:11:16:
27:c2:34:65:ef:41:53:f5:04:c4:1a:3e:a9:b5:83:91:19:7b:
44:7d:23:8e:64:c9:8c:5f:a8:2d:51:91:6e:14:a6:76:2c:5e:
6c:d6:86:c8:40:46:40:0a:40:6b:e3:8e:06:ef:6b:d6:5f:55:
e1:92:ac:bb:37:e4:7b:20:3d:74:f9:8a:46:ab:da:cd:ed:69:
84:7b:6c:c4:4b:f5:54:a3:92:1e:c2:25:08:fb:11:b6:1d:d3:
62:0d:f3:ad:3d:9b:b2:ee:ed:d8:01:ee:15:3f:d4:57:0d:01:
db:ce:55:c8:37:78:20:57:e0:39:29:d2:84:1b:74:be:5d:77:
f4:52:a5:27:6d:78:0b:c1:52:39:f8:94:f5:8f:f6:a6:bd:54:
bd:e9:20:4a:d1:88:82:fc:89:2f:46:e3:b1:3a:1b:29:50:0b:
b7:21:e0:b9:f8:7b:32:d9:f2:28:cd:a2:ff:66:aa:69:0c:36:
4b:2b:a6:7a:2b:03:91:a5:af:a7:3a:c0:62:b5:9f:d5:ce:6b:
34:88:0d:e3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzC2wNw+41JLDkqGhuBOCTGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OGU4MjNjZjI3NGQzODEwY2UwNWMxZDFiZjVlZWY5NWNi
MjExZGMwHhcNMjQwMTAxMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2VmMzc5NmQ2Y2VmZDliYmI1YzdiYjY5OTljNWM5Zjg4ZmUzNTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKOSvULKqf3P/gZYeQf8kELuDVpA
edUZQoFRLQSAqlIBK4AmRLSFYOUFfcFH+WqTAj0E2+sScGnlgEeYF2Tf7Tf/Ev4j
hOwrHB6DeGM670Oyx2A0Vr1n7zAhQ0s/J+lbGq9M0MzwdSIug2GKRbQs2RH5GYct
RuYA8MyUlIV1lz5ABYRY11tP5GZeGgNctmFV8TCzJMyseguLCXtTco70yZoSYJ4w
A7USH4EZYpJkvHNS6IiosIeVNC98LAhDzUnb6S5aS32+UwcBCgdyT8kHaPVi4+qt
PhNAZM6eY6xA11bUkD2I8SLaW/rEOSxEK8Nf2oTNXE4u090sV/hAtoX8QwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFAPvN5bWzv2bu1x7tpmcXJ+I/jU8MB8GA1UdIwQY
MBaAFHWOgjzydNOBDOBcHRv17vlcshHcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFk2Q1BQSjAwNEVNNEZ3ZEdfWHUtVnl5RWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80M2Q2OWUtYjY4ZC00MTQ5LThiMjkt
MDNkYjhiMzZkMzE5LzEvQS04M2x0Yk9fWnU3WEh1Mm1aeGNuNGotTlR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80M2Q2OWUtYjY4ZC00MTQ5LThiMjktMDNkYjhiMzZkMzE5
LzEvZFk2Q1BQSjAwNEVNNEZ3ZEdfWHUtVnl5RWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCLZpAAwQC
uXZwAwQCufD4MBsEAgACMBUDBQAqA2QgAwUDKg07gAMFAyoPxwAwDQYJKoZIhvcN
AQELBQADggEBAIhC8IH1viVfaLhyHXZ3JCKz+VkbS23DKsQrPLHY4aoIjIDO7+jD
2FPZkOytkE17VDwTVbgRFifCNGXvQVP1BMQaPqm1g5EZe0R9I45kyYxfqC1RkW4U
pnYsXmzWhshARkAKQGvjjgbva9ZfVeGSrLs35HsgPXT5ikar2s3taYR7bMRL9VSj
kh7CJQj7EbYd02IN8609m7Lu7dgB7hU/1FcNAdvOVcg3eCBX4Dkp0oQbdL5dd/RS
pSdteAvBUjn4lPWP9qa9VL3pIErRiIL8iS9G47E6GylQC7ch4Ln4ezLZ8ijNov9m
qmkMNksrpnorA5Glr6c6wGK1n9XOazSIDeM=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:14 2025 by rpki-client