Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/cVY_8rS3kZPDu1e0r3R63BtqpCQ.roa
File: cVY_8rS3kZPDu1e0r3R63BtqpCQ.roa (raw, json)
Hash identifier: kfP4tSXYf9NAzPYnY28UC1ftu4NWH1iXr6TiCyzu6Bo=
Subject key identifier: 71:56:3F:F2:B4:B7:91:93:C3:BB:57:B4:AF:74:7A:DC:1B:6A:A4:24
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 019424448CD1AE0F84E968A668586E41558A
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/cVY_8rS3kZPDu1e0r3R63BtqpCQ.roa
Signing time: Wed 01 Jan 2025 23:47:39 +0000
ROA not before: Wed 01 Jan 2025 23:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 145.219.18.0/23 maxlen: 23
145.219.20.0/23 maxlen: 23
145.219.22.0/24 maxlen: 24
145.219.23.0/24 maxlen: 24
145.219.24.0/22 maxlen: 22
145.219.28.0/22 maxlen: 22
2a04:b0c0:10::/48 maxlen: 48
2a04:b0c0:11::/48 maxlen: 48
2a04:b0c0:12::/48 maxlen: 48
2a04:b0c0:13::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:8c:d1:ae:0f:84:e9:68:a6:68:58:6e:41:55:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Jan 1 23:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71563ff2b4b79193c3bb57b4af747adc1b6aa424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:dc:ed:6a:c9:1f:60:d6:b4:42:62:c3:5d:35:
ec:71:71:7d:44:d8:05:34:31:cb:24:43:77:a3:df:
e1:51:93:d0:32:6e:1e:fd:2c:7e:c7:63:93:85:9a:
77:6b:7f:7a:63:98:28:87:90:15:8f:09:2a:da:99:
90:7e:ef:7d:dc:03:86:48:5f:7a:7f:f7:50:43:40:
7d:da:a9:43:4a:6c:77:97:ba:87:92:f6:66:cb:e8:
bc:c2:67:b7:a4:1d:83:cf:7c:f9:6e:66:a0:ff:2a:
4b:a3:bb:e1:fb:c6:42:f2:76:10:45:b4:82:cf:87:
ae:72:87:c4:4b:cf:0f:f0:6c:d4:76:a4:aa:f4:4e:
1c:90:04:da:41:35:5c:7c:39:d9:16:af:1e:67:4d:
05:83:36:46:82:dc:c1:f8:db:e7:b6:27:f6:56:1f:
ef:21:6d:bb:be:6b:ec:fd:25:a5:a4:70:8d:75:9e:
4e:59:81:04:5d:92:82:f3:23:6a:f0:d8:2b:e0:b8:
70:1c:30:5f:db:e3:2f:07:d8:8b:68:12:a0:d9:a7:
bc:40:6e:35:ed:75:e2:12:de:b6:f4:58:68:fc:00:
72:b5:41:59:24:b1:d2:8c:33:70:8c:2f:81:16:34:
ce:f3:ce:ed:2c:d0:95:b6:46:d7:c9:03:e4:1b:14:
51:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:56:3F:F2:B4:B7:91:93:C3:BB:57:B4:AF:74:7A:DC:1B:6A:A4:24
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/cVY_8rS3kZPDu1e0r3R63BtqpCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.18.0-145.219.31.255
IPv6:
2a04:b0c0:10::/46
Signature Algorithm: sha256WithRSAEncryption
44:61:8e:01:77:76:f2:f6:48:be:f6:ee:56:ed:1f:7f:77:a5:
26:2e:e1:90:9f:95:06:f9:9a:cc:e1:2e:95:5c:bf:04:80:5d:
ef:dc:d7:79:6a:b2:3b:8f:12:f1:8f:ba:c2:2f:52:c7:be:38:
2f:d0:f6:33:57:ac:26:50:55:eb:fe:51:09:28:d7:d8:b3:1a:
d6:e9:fb:31:87:cb:9b:12:6d:26:0d:20:13:1e:4a:3d:ec:79:
a3:37:95:75:f7:2a:9f:e3:05:9e:38:25:68:7c:f4:53:47:ef:
2a:8b:53:59:45:09:93:8a:e9:2f:74:23:47:c8:5c:78:ab:f2:
e8:80:44:c9:25:9d:5e:43:30:4d:24:87:c0:8f:95:33:21:fd:
2d:e8:c4:d0:08:25:22:da:3d:4e:32:16:1b:14:67:e6:d8:d3:
7f:a8:f0:1b:98:37:ec:df:08:27:eb:a0:8d:93:4d:92:78:bc:
76:32:21:12:f6:6c:f7:72:6a:8c:6d:02:ab:51:84:eb:7c:c2:
21:64:1b:9b:0b:c5:bb:f2:d4:35:1a:8d:5b:34:25:6b:27:89:
c7:62:4c:2b:64:d7:62:52:48:21:b5:f1:73:31:bc:12:5c:ac:
d3:9c:c3:d9:e7:51:29:de:cd:6c:70:0e:6a:b2:ae:b4:8a:5f:
0c:ef:06:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQkRIzRrg+E6WimaFhuQVWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjUwMTAxMjM0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTU2M2ZmMmI0Yjc5MTkzYzNiYjU3YjRhZjc0N2FkYzFiNmFhNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdztaskfYNa0QmLDXTXscXF9RNgF
NDHLJEN3o9/hUZPQMm4e/Sx+x2OThZp3a396Y5goh5AVjwkq2pmQfu993AOGSF96
f/dQQ0B92qlDSmx3l7qHkvZmy+i8wme3pB2Dz3z5bmag/ypLo7vh+8ZC8nYQRbSC
z4eucofES88P8GzUdqSq9E4ckATaQTVcfDnZFq8eZ00FgzZGgtzB+Nvntif2Vh/v
IW27vmvs/SWlpHCNdZ5OWYEEXZKC8yNq8Ngr4LhwHDBf2+MvB9iLaBKg2ae8QG41
7XXiEt629Fho/ABytUFZJLHSjDNwjC+BFjTO887tLNCVtkbXyQPkGxRRVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHFWP/K0t5GTw7tXtK90etwbaqQkMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvY1ZZXzhyUzNrWlBEdTFlMHIzUjYzQnRxcENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAGR2xID
BAWR2wAwDwQCAAIwCQMHAioEsMAAEDANBgkqhkiG9w0BAQsFAAOCAQEARGGOAXd2
8vZIvvbuVu0ff3elJi7hkJ+VBvmazOEulVy/BIBd79zXeWqyO48S8Y+6wi9Sx744
L9D2M1esJlBV6/5RCSjX2LMa1un7MYfLmxJtJg0gEx5KPex5ozeVdfcqn+MFnjgl
aHz0U0fvKotTWUUJk4rpL3QjR8hceKvy6IBEySWdXkMwTSSHwI+VMyH9LejE0Agl
Ito9TjIWGxRn5tjTf6jwG5g37N8IJ+ugjZNNkni8djIhEvZs93JqjG0Cq1GE63zC
IWQbmwvFu/LUNRqNWzQlayeJx2JMK2TXYlJIIbXxczG8Elys05zD2edRKd7NbHAO
arKutIpfDO8G8A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:46:54 2025 by rpki-client