Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/leUb75eQIxyb-VxN49MBjH1YF7k.roa
File: leUb75eQIxyb-VxN49MBjH1YF7k.roa (raw, json)
Hash identifier: kyA2+f/9l+pKqkl9Or57N7CwCtWEqE5/Far2bCfSZ4I=
Subject key identifier: 95:E5:1B:EF:97:90:23:1C:9B:F9:5C:4D:E3:D3:01:8C:7D:58:17:B9
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 019425FC10A96D5F8C8430F321A93B78389D
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/leUb75eQIxyb-VxN49MBjH1YF7k.roa
Signing time: Thu 02 Jan 2025 07:47:43 +0000
ROA not before: Thu 02 Jan 2025 07:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.11.232.0/24 maxlen: 24
45.11.234.0/23 maxlen: 23
45.91.188.0/22 maxlen: 22
45.147.61.0/24 maxlen: 24
45.147.62.0/24 maxlen: 24
45.153.236.0/24 maxlen: 24
45.153.238.0/24 maxlen: 24
77.83.46.0/23 maxlen: 23
77.83.68.0/24 maxlen: 24
77.83.69.0/24 maxlen: 24
77.83.70.0/24 maxlen: 24
77.83.71.0/24 maxlen: 24
84.252.84.0/23 maxlen: 23
84.252.86.0/24 maxlen: 24
84.252.87.0/24 maxlen: 24
95.214.100.0/22 maxlen: 22
171.22.188.0/24 maxlen: 24
171.22.189.0/24 maxlen: 24
171.22.190.0/24 maxlen: 24
185.15.176.0/22 maxlen: 22
185.164.66.0/23 maxlen: 23
193.36.124.0/22 maxlen: 22
194.110.88.0/22 maxlen: 22
212.81.41.0/24 maxlen: 24
212.81.42.0/24 maxlen: 24
212.81.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:10:a9:6d:5f:8c:84:30:f3:21:a9:3b:78:38:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Jan 2 07:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95e51bef9790231c9bf95c4de3d3018c7d5817b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:88:2e:4a:cf:1e:2a:74:a0:bd:53:a9:f7:2d:
72:83:7f:0a:75:52:06:0b:3b:9c:55:93:73:fe:aa:
36:3b:78:a0:0f:1e:f4:08:35:ba:6c:44:6c:2a:19:
83:c0:a8:d4:06:43:1c:af:e2:de:d4:a3:65:69:2f:
91:83:ca:53:96:94:72:60:13:6d:c5:eb:c7:5f:36:
16:3d:65:4e:19:93:6b:ab:9c:bd:70:26:6e:24:f0:
fb:bd:fe:72:64:66:44:69:0b:48:87:3a:23:c0:f3:
91:b3:92:94:4c:fa:4c:47:32:69:cd:71:8c:b8:ab:
ee:be:d6:1d:de:46:1e:a9:90:e1:ff:e4:83:8d:0c:
59:d0:a7:3f:02:80:79:92:7f:2f:dc:a6:1f:9c:a9:
f3:17:a6:1b:e3:95:d2:86:52:fc:d3:ad:0d:d6:fc:
fb:94:ba:dd:66:30:ac:fd:ef:a5:dc:bd:24:f4:3f:
a8:49:0b:ba:44:ef:d1:79:3f:be:05:86:5b:7c:4b:
b6:14:a1:04:da:ef:e2:28:07:a4:13:54:ad:40:84:
04:34:fd:ea:19:23:9a:cc:8b:c3:e3:cc:ce:1d:26:
4b:6a:58:49:a0:e5:27:84:7b:56:4b:10:27:6c:0b:
3c:5f:a7:de:70:fb:e6:1c:0b:ef:a8:f6:d9:1e:08:
73:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E5:1B:EF:97:90:23:1C:9B:F9:5C:4D:E3:D3:01:8C:7D:58:17:B9
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/leUb75eQIxyb-VxN49MBjH1YF7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.232.0/24
45.11.234.0/23
45.91.188.0/22
45.147.61.0-45.147.62.255
45.153.236.0/24
45.153.238.0/24
77.83.46.0/23
77.83.68.0/22
84.252.84.0/22
95.214.100.0/22
171.22.188.0-171.22.190.255
185.15.176.0/22
185.164.66.0/23
193.36.124.0/22
194.110.88.0/22
212.81.41.0-212.81.43.255
Signature Algorithm: sha256WithRSAEncryption
9b:bc:e7:26:eb:99:12:a9:10:e5:aa:d1:95:f3:08:e2:94:6f:
fb:dd:81:91:06:35:f8:7b:37:bd:22:c1:96:40:8c:0e:68:31:
74:d3:86:b3:3e:fe:da:dc:6c:94:aa:c4:f8:dd:2b:8b:56:c7:
ab:93:27:7a:15:43:62:a5:02:7d:ba:16:95:c3:13:bb:9a:f0:
2b:3c:35:4d:e2:2d:da:7e:c1:fd:d2:cc:1b:f5:0e:09:20:30:
cf:41:36:71:7c:2e:8c:e8:63:6a:f4:88:ac:31:64:32:fa:fa:
3b:d8:d3:da:8c:8d:a4:a8:69:79:52:c6:a0:cd:86:2f:de:65:
8f:ab:4e:41:34:5d:6c:8c:e9:51:e1:33:af:12:65:7a:86:8a:
c0:b0:21:77:c4:39:4e:de:f6:f6:c1:c0:4d:41:ce:b6:a9:47:
91:43:99:3b:d1:05:b4:b2:97:d7:91:1c:51:ab:7e:4c:a7:2f:
39:e1:be:0e:18:14:15:1e:ad:3f:9f:77:77:e7:ca:50:7c:24:
c3:dd:8f:93:8a:22:94:45:79:a9:6a:06:67:32:a7:62:e2:5b:
12:62:4f:b9:be:25:9c:c6:32:fb:7e:5b:f7:37:f3:8e:9a:f6:
b0:d2:c4:c2:55:bb:f0:7c:e8:96:91:0c:3a:69:6a:eb:14:ab:
58:b3:ab:e3
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZQl/BCpbV+MhDDzIak7eDidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjUwMTAyMDc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWU1MWJlZjk3OTAyMzFjOWJmOTVjNGRlM2QzMDE4YzdkNTgxN2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIguSs8eKnSgvVOp9y1yg38KdVIG
CzucVZNz/qo2O3igDx70CDW6bERsKhmDwKjUBkMcr+Le1KNlaS+Rg8pTlpRyYBNt
xevHXzYWPWVOGZNrq5y9cCZuJPD7vf5yZGZEaQtIhzojwPORs5KUTPpMRzJpzXGM
uKvuvtYd3kYeqZDh/+SDjQxZ0Kc/AoB5kn8v3KYfnKnzF6Yb45XShlL8060N1vz7
lLrdZjCs/e+l3L0k9D+oSQu6RO/ReT++BYZbfEu2FKEE2u/iKAekE1StQIQENP3q
GSOazIvD48zOHSZLalhJoOUnhHtWSxAnbAs8X6fecPvmHAvvqPbZHghz+wIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFJXlG++XkCMcm/lcTePTAYx9WBe5MB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvbGVVYjc1ZVFJeHliLVZ4TjQ5TUJqSDFZRjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQALQvo
AwQBLQvqAwQCLVu8MAwDBAAtkz0DBAAtkz4DBAAtmewDBAAtme4DBAFNUy4DBAJN
U0QDBAJU/FQDBAJf1mQwDAMEAqsWvAMEAKsWvgMEArkPsAMEAbmkQgMEAsEkfAME
AsJuWDAMAwQA1FEpAwQC1FEoMA0GCSqGSIb3DQEBCwUAA4IBAQCbvOcm65kSqRDl
qtGV8wjilG/73YGRBjX4eze9IsGWQIwOaDF004azPv7a3GyUqsT43SuLVserkyd6
FUNipQJ9uhaVwxO7mvArPDVN4i3afsH90swb9Q4JIDDPQTZxfC6M6GNq9IisMWQy
+vo72NPajI2kqGl5UsagzYYv3mWPq05BNF1sjOlR4TOvEmV6horAsCF3xDlO3vb2
wcBNQc62qUeRQ5k70QW0spfXkRxRq35Mpy854b4OGBQVHq0/n3d358pQfCTD3Y+T
iiKURXmpagZnMqdi4lsSYk+5viWcxjL7flv3N/OOmvaw0sTCVbvwfOiWkQw6aWrr
FKtYs6vj
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:18:06 2025 by rpki-client