Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/7BNQ2WRC9mqVcxGKa4gOpXhAtQM.roa
File: 7BNQ2WRC9mqVcxGKa4gOpXhAtQM.roa (raw, json)
Hash identifier: HEjXNQhd/XucaxVi3N/EqUYQF92/C6SM89pPfjxWOkY=
Subject key identifier: EC:13:50:D9:64:42:F6:6A:95:73:11:8A:6B:88:0E:A5:78:40:B5:03
Certificate issuer: /CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Certificate serial: 0195BF3C86BF35EE4FB86EC20FF3E8DE07D5
Authority key identifier: 8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/7BNQ2WRC9mqVcxGKa4gOpXhAtQM.roa
Signing time: Sat 22 Mar 2025 19:02:49 +0000
ROA not before: Sat 22 Mar 2025 19:02:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 139659
IP address blocks: 45.136.12.0/22 maxlen: 24
45.136.13.0/24 maxlen: 24
45.136.14.0/24 maxlen: 24
45.136.15.0/24 maxlen: 24
45.144.136.0/24 maxlen: 24
45.144.137.0/24 maxlen: 24
45.144.138.0/24 maxlen: 24
45.145.228.0/24 maxlen: 24
45.145.229.0/24 maxlen: 24
45.152.64.0/24 maxlen: 24
45.152.65.0/24 maxlen: 24
45.152.66.0/24 maxlen: 24
45.152.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bf:3c:86:bf:35:ee:4f:b8:6e:c2:0f:f3:e8:de:07:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Validity
Not Before: Mar 22 19:02:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec1350d96442f66a9573118a6b880ea57840b503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b3:4e:85:57:33:90:a7:f4:97:3a:62:b0:dc:
0a:4a:07:72:64:db:00:e5:85:00:e7:27:b8:92:71:
74:97:9e:3f:ab:31:c1:2e:6a:a7:80:98:15:b2:e9:
0a:e5:b4:4f:51:a5:c6:fc:6b:6e:9f:34:9a:c1:2f:
23:9c:39:9e:b2:16:98:e1:67:3f:97:97:7e:fd:8a:
b2:ac:59:c7:e7:8e:5c:92:48:66:c0:f5:f1:04:1a:
92:e8:fb:4c:aa:6d:16:0b:21:04:de:9b:40:e2:0c:
e3:87:1d:1d:38:92:0e:a9:88:ce:e7:f1:fa:4a:a8:
c4:45:8a:8f:d6:ad:66:4c:ba:67:34:84:f7:67:ea:
0e:24:68:df:9f:ec:5a:4a:e8:c5:97:3f:14:f3:1d:
c1:b2:36:55:2f:52:9c:24:f2:3f:e7:0e:09:2c:39:
27:f7:13:66:51:ce:70:e4:d1:2c:60:dc:74:63:29:
cb:e5:49:2d:04:6f:a7:6e:d6:af:a3:9e:49:3e:ae:
60:95:df:11:1b:d5:63:54:f3:0c:66:e4:71:3f:5e:
36:f4:cb:31:47:05:c3:99:24:bb:30:2c:7a:bc:64:
74:f2:e7:64:68:d8:b7:c7:e5:49:3d:a7:49:2e:4d:
42:76:60:3f:97:0b:16:95:ec:3d:1c:b0:e2:ec:0c:
4a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:13:50:D9:64:42:F6:6A:95:73:11:8A:6B:88:0E:A5:78:40:B5:03
X509v3 Authority Key Identifier:
keyid:8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/7BNQ2WRC9mqVcxGKa4gOpXhAtQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.12.0/22
45.144.136.0-45.144.138.255
45.145.228.0/23
45.152.64.0/22
Signature Algorithm: sha256WithRSAEncryption
46:21:92:af:c5:e3:7c:b6:bd:71:cf:53:2b:ca:12:64:4a:90:
f2:98:24:2d:df:e9:6e:90:ba:6a:18:4c:8b:cb:ec:f7:1c:54:
58:67:ce:18:02:e0:2b:5a:3e:6a:ed:24:f0:24:52:8c:95:d3:
97:d4:87:40:69:92:4b:58:99:9f:a9:52:6c:73:78:a1:75:f8:
36:06:8f:25:eb:a6:84:94:06:f1:4f:b6:be:8c:bb:fc:9e:df:
45:fc:2a:7a:37:30:a7:22:b4:a5:00:2c:a5:5e:53:23:f0:a6:
e7:37:fd:b9:11:11:fa:ee:da:c5:ab:97:87:7b:d2:3d:7e:a2:
cf:83:6e:17:24:0b:47:bb:45:78:28:ac:68:19:df:dd:08:29:
60:aa:c4:47:0a:22:fc:c5:dd:d0:24:f5:86:8b:bf:29:96:d6:
de:ca:25:19:6b:4f:c6:e6:53:cd:dd:34:c9:b8:f0:34:aa:0b:
48:d0:30:35:2e:52:2b:e5:7b:7f:07:db:b0:59:ea:69:8b:69:
ef:ad:73:1a:82:bf:a8:9f:a0:1b:58:10:60:ab:56:b4:ca:7b:
71:4b:b2:27:04:10:8a:97:e4:e7:a6:12:0a:87:40:82:1b:37:
cf:e7:b0:f8:1c:fe:ad:2a:14:36:8c:bb:d1:44:1f:1f:57:46:
ec:67:2b:c2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZW/PIa/Ne5PuG7CD/Po3gfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzcxODMzNDFhMmFiNmRmM2M1OWVjODI3ZWQ3MTIwMGI1
YTYyNDQwHhcNMjUwMzIyMTkwMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzEzNTBkOTY0NDJmNjZhOTU3MzExOGE2Yjg4MGVhNTc4NDBiNTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLNOhVczkKf0lzpisNwKSgdyZNsA
5YUA5ye4knF0l54/qzHBLmqngJgVsukK5bRPUaXG/GtunzSawS8jnDmeshaY4Wc/
l5d+/YqyrFnH545ckkhmwPXxBBqS6PtMqm0WCyEE3ptA4gzjhx0dOJIOqYjO5/H6
SqjERYqP1q1mTLpnNIT3Z+oOJGjfn+xaSujFlz8U8x3BsjZVL1KcJPI/5w4JLDkn
9xNmUc5w5NEsYNx0YynL5UktBG+nbtavo55JPq5gld8RG9VjVPMMZuRxP1429Msx
RwXDmSS7MCx6vGR08udkaNi3x+VJPadJLk1CdmA/lwsWlew9HLDi7AxKvwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOwTUNlkQvZqlXMRimuIDqV4QLUDMB8GA1UdIwQY
MBaAFIs3GDNBoqtt88WeyCftcSALWmJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUt
MDg1MmNiMzUzMjkzLzEvN0JOUTJXUkM5bXFWY3hHS2E0Z09wWGhBdFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUtMDg1MmNiMzUzMjkz
LzEvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCLYgMMAwD
BAMtkIgDBAAtkIoDBAEtkeQDBAItmEAwDQYJKoZIhvcNAQELBQADggEBAEYhkq/F
43y2vXHPUyvKEmRKkPKYJC3f6W6QumoYTIvL7PccVFhnzhgC4CtaPmrtJPAkUoyV
05fUh0BpkktYmZ+pUmxzeKF1+DYGjyXrpoSUBvFPtr6Mu/ye30X8Kno3MKcitKUA
LKVeUyPwpuc3/bkREfru2sWrl4d70j1+os+DbhckC0e7RXgorGgZ390IKWCqxEcK
IvzF3dAk9YaLvymW1t7KJRlrT8bmU83dNMm48DSqC0jQMDUuUivle38H27BZ6mmL
ae+tcxqCv6ifoBtYEGCrVrTKe3FLsicEEIqX5OemEgqHQIIbN8/nsPgc/q0qFDaM
u9FEHx9XRuxnK8I=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:07:58 2025 by rpki-client