Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/dMyCW0_TBkO1nYNBL_n11IKNaBI.roa
File: dMyCW0_TBkO1nYNBL_n11IKNaBI.roa (raw, json)
Hash identifier: WTKaBFp1QPSs1ROafjR4WJfZR1PRtcVHfjnPURoJWEQ=
Subject key identifier: 74:CC:82:5B:4F:D3:06:43:B5:9D:83:41:2F:F9:F5:D4:82:8D:68:12
Certificate issuer: /CN=b5f19eb0dd48e1b24924908bb5b6848cc1678546
Certificate serial: 019426D96661756CCD3191E60D2164B4E516
Authority key identifier: B5:F1:9E:B0:DD:48:E1:B2:49:24:90:8B:B5:B6:84:8C:C1:67:85:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tfGesN1I4bJJJJCLtbaEjMFnhUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/dMyCW0_TBkO1nYNBL_n11IKNaBI.roa
Signing time: Thu 02 Jan 2025 11:49:29 +0000
ROA not before: Thu 02 Jan 2025 11:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34919
IP address blocks: 45.136.240.0/22 maxlen: 24
2a0e:9dc0::/29 maxlen: 48
2a0e:9dc0:1::/48 maxlen: 48
2a0e:9dc0:2::/48 maxlen: 48
2a0e:9dc0:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:66:61:75:6c:cd:31:91:e6:0d:21:64:b4:e5:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5f19eb0dd48e1b24924908bb5b6848cc1678546
Validity
Not Before: Jan 2 11:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74cc825b4fd30643b59d83412ff9f5d4828d6812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6e:55:17:df:f4:bd:7b:b4:37:04:9a:f6:72:
5d:b9:ee:bc:96:13:42:0e:2b:50:3a:3f:6b:9e:90:
66:f5:fd:9f:17:3c:1a:f2:2a:3a:1a:ec:23:6e:4f:
3b:9b:b4:50:33:ab:b0:96:c5:fc:b1:b6:f8:7a:ed:
f5:d8:dd:31:10:96:79:b8:be:c8:17:ba:aa:12:41:
90:60:16:12:c9:22:5d:bb:cf:80:aa:6f:18:4f:e3:
d2:96:82:54:a6:6e:f0:2b:1a:dc:e0:da:34:6d:e9:
e7:0e:74:ae:16:85:92:78:8d:01:28:73:9a:c4:e6:
4a:13:ae:ab:e0:67:eb:d7:4a:2e:ae:a2:9f:b1:69:
07:e6:b5:28:1d:ce:1b:82:52:a0:d2:ed:2b:da:5e:
3e:3e:9d:6e:72:42:d0:e3:f4:11:75:ad:f4:79:fa:
af:bb:f6:3f:88:86:b9:65:9a:9f:2c:2a:89:6f:a7:
0b:3b:21:6f:22:47:de:91:4c:c0:99:52:e0:ee:01:
39:f0:1b:eb:20:5e:2c:3f:56:5f:52:3d:2f:83:55:
bb:d9:fe:15:a1:48:43:9c:c2:46:d1:76:c5:e3:58:
94:ec:0c:3d:7f:85:c6:10:2f:6d:50:6d:15:44:df:
64:2d:a0:76:7c:8e:43:45:e1:c4:33:b9:f4:f2:60:
ca:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:CC:82:5B:4F:D3:06:43:B5:9D:83:41:2F:F9:F5:D4:82:8D:68:12
X509v3 Authority Key Identifier:
keyid:B5:F1:9E:B0:DD:48:E1:B2:49:24:90:8B:B5:B6:84:8C:C1:67:85:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tfGesN1I4bJJJJCLtbaEjMFnhUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/dMyCW0_TBkO1nYNBL_n11IKNaBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/tfGesN1I4bJJJJCLtbaEjMFnhUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.240.0/22
IPv6:
2a0e:9dc0::/29
Signature Algorithm: sha256WithRSAEncryption
8c:85:34:e7:69:9d:73:7f:13:88:f5:14:fd:b3:16:01:bd:ad:
6f:f0:a0:1c:98:23:19:08:34:ef:97:d4:fc:57:a4:f6:64:39:
85:fe:e0:31:78:73:53:58:63:8e:36:22:e1:52:21:fd:3c:2d:
85:ad:d9:3a:61:34:d6:06:fc:28:5c:d0:00:75:71:31:23:0f:
69:d9:1a:04:3f:65:39:3d:c0:e3:3c:34:4f:dc:3c:5b:95:16:
d5:05:1d:c0:54:8a:9b:d0:9e:b4:d9:53:38:a5:dd:eb:93:c0:
ff:b3:38:25:c7:5b:e4:78:00:3e:5e:ae:4d:9b:ec:e9:3a:37:
25:2c:cb:53:e2:46:ec:f5:fc:7f:d9:49:9f:cf:a6:85:1a:51:
57:b1:37:06:c3:b6:e8:1c:28:f4:51:f3:bf:e2:44:55:68:e1:
ef:04:76:90:7b:7c:cb:e1:ec:f0:cb:8e:0d:17:69:f0:fb:84:
e0:2a:cc:31:1b:e7:5f:9b:b6:19:0d:e9:df:f0:8e:80:77:c1:
60:f5:a4:1a:cf:29:3b:62:25:70:ac:3a:af:54:77:07:a4:d2:
88:b7:4f:a9:e4:90:74:af:ea:65:3a:30:06:0d:c8:46:fc:75:
34:01:55:3f:a5:e0:3f:21:a5:54:c9:cd:af:e6:89:27:cb:7e:
9d:89:25:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2WZhdWzNMZHmDSFktOUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ZjE5ZWIwZGQ0OGUxYjI0OTI0OTA4YmI1YjY4NDhjYzE2
Nzg1NDYwHhcNMjUwMTAyMTE0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGNjODI1YjRmZDMwNjQzYjU5ZDgzNDEyZmY5ZjVkNDgyOGQ2ODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm5VF9/0vXu0NwSa9nJdue68lhNC
DitQOj9rnpBm9f2fFzwa8io6Guwjbk87m7RQM6uwlsX8sbb4eu312N0xEJZ5uL7I
F7qqEkGQYBYSySJdu8+Aqm8YT+PSloJUpm7wKxrc4No0bennDnSuFoWSeI0BKHOa
xOZKE66r4Gfr10ourqKfsWkH5rUoHc4bglKg0u0r2l4+Pp1uckLQ4/QRda30efqv
u/Y/iIa5ZZqfLCqJb6cLOyFvIkfekUzAmVLg7gE58BvrIF4sP1ZfUj0vg1W72f4V
oUhDnMJG0XbF41iU7Aw9f4XGEC9tUG0VRN9kLaB2fI5DReHEM7n08mDKnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHTMgltP0wZDtZ2DQS/59dSCjWgSMB8GA1UdIwQY
MBaAFLXxnrDdSOGySSSQi7W2hIzBZ4VGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGZHZXNOMUk0YkpKSkpDTHRiYUVqTUZuaFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jZTAwMWItYTRkOC00ZjBlLTgzMWQt
MzVjNjZkN2M1MjYwLzEvZE15Q1cwX1RCa08xbllOQkxfbjExSUtOYUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jZTAwMWItYTRkOC00ZjBlLTgzMWQtMzVjNjZkN2M1MjYw
LzEvdGZHZXNOMUk0YkpKSkpDTHRiYUVqTUZuaFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYjwMA0E
AgACMAcDBQMqDp3AMA0GCSqGSIb3DQEBCwUAA4IBAQCMhTTnaZ1zfxOI9RT9sxYB
va1v8KAcmCMZCDTvl9T8V6T2ZDmF/uAxeHNTWGOONiLhUiH9PC2Frdk6YTTWBvwo
XNAAdXExIw9p2RoEP2U5PcDjPDRP3DxblRbVBR3AVIqb0J602VM4pd3rk8D/szgl
x1vkeAA+Xq5Nm+zpOjclLMtT4kbs9fx/2Umfz6aFGlFXsTcGw7boHCj0UfO/4kRV
aOHvBHaQe3zL4ezwy44NF2nw+4TgKswxG+dfm7YZDenf8I6Ad8Fg9aQazyk7YiVw
rDqvVHcHpNKIt0+p5JB0r+plOjAGDchG/HU0AVU/peA/IaVUyc2v5okny36diSUB
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:24:30 2025 by rpki-client