Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/gdHjw5BAYBUGiQIKDf_rANYjbqo.roa
File: gdHjw5BAYBUGiQIKDf_rANYjbqo.roa (raw, json)
Hash identifier: rBCOEGXMkDk7MH6Epcgax70EgSCg7o0cp931QH6ZEmk=
Subject key identifier: 81:D1:E3:C3:90:40:60:15:06:89:02:0A:0D:FF:EB:00:D6:23:6E:AA
Certificate issuer: /CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Certificate serial: 0195CC971B4574A83FE1265D8292D4920D8C
Authority key identifier: 8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/gdHjw5BAYBUGiQIKDf_rANYjbqo.roa
Signing time: Tue 25 Mar 2025 09:16:49 +0000
ROA not before: Tue 25 Mar 2025 09:16:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35793
IP address blocks: 45.11.128.0/24 maxlen: 24
45.11.129.0/24 maxlen: 24
45.11.130.0/24 maxlen: 24
45.11.131.0/24 maxlen: 24
45.95.100.0/24 maxlen: 24
45.95.101.0/24 maxlen: 24
45.95.102.0/24 maxlen: 24
45.95.103.0/24 maxlen: 24
91.221.209.0/24 maxlen: 24
185.151.160.0/24 maxlen: 24
185.151.161.0/24 maxlen: 24
185.151.162.0/24 maxlen: 24
185.151.163.0/24 maxlen: 24
185.174.140.0/24 maxlen: 24
185.174.141.0/24 maxlen: 24
185.174.142.0/24 maxlen: 24
185.174.143.0/24 maxlen: 24
2a07:7940:12::/48 maxlen: 48
2a07:7940:14::/48 maxlen: 48
2a07:7940:16::/48 maxlen: 48
2a07:7940:18::/48 maxlen: 48
2a07:7940:41::/48 maxlen: 48
2a07:7940:45::/48 maxlen: 48
2a07:7940:46::/48 maxlen: 48
2a07:7940:47::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:97:1b:45:74:a8:3f:e1:26:5d:82:92:d4:92:0d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Validity
Not Before: Mar 25 09:16:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81d1e3c3904060150689020a0dffeb00d6236eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bc:3f:8f:61:bf:2d:1f:5b:3f:f3:53:71:13:
24:43:08:09:66:04:45:ba:6f:03:ca:ab:bb:67:1f:
24:ad:68:d3:97:2c:40:00:30:25:30:e0:21:f4:fc:
9b:c9:0b:10:60:77:38:da:d9:f8:34:eb:d7:a9:c2:
41:dc:dc:c8:18:1c:0c:8a:ae:fe:36:90:c6:6d:d7:
dd:3a:ae:b4:40:61:cb:07:3b:62:e6:22:f8:84:39:
ad:06:47:59:b8:5a:d9:15:1e:22:09:24:61:59:2a:
6d:2b:70:f7:90:3d:ed:1a:ee:b8:9a:ad:fe:59:ec:
74:d8:c7:af:6f:bc:06:db:be:c5:e4:95:17:e9:88:
32:f5:32:ab:c9:6e:22:0e:48:2d:53:c3:41:b6:5c:
07:5f:3c:f4:68:06:fc:c5:b7:5e:6b:e0:66:0d:5b:
07:a0:44:5c:e6:9e:c5:70:b4:79:8d:d3:2f:70:05:
c4:3d:72:e3:dd:ea:db:5f:38:0e:ef:a2:9c:ea:43:
42:6c:6f:e2:44:c1:17:86:66:a5:d2:f9:55:7f:6e:
b8:42:6d:29:80:b0:bf:06:11:1a:75:da:66:9d:b8:
1c:f2:10:fd:db:25:60:a8:69:37:ac:68:93:3e:bc:
0c:e9:89:8d:e8:cd:0b:75:fb:f5:02:de:5a:ce:57:
9d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D1:E3:C3:90:40:60:15:06:89:02:0A:0D:FF:EB:00:D6:23:6E:AA
X509v3 Authority Key Identifier:
keyid:8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/gdHjw5BAYBUGiQIKDf_rANYjbqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.128.0/22
45.95.100.0/22
91.221.209.0/24
185.151.160.0/22
185.174.140.0/22
IPv6:
2a07:7940:12::/48
2a07:7940:14::/48
2a07:7940:16::/48
2a07:7940:18::/48
2a07:7940:41::/48
2a07:7940:45::-2a07:7940:47:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b1:cf:42:91:35:8f:af:8a:82:ae:2f:97:fd:49:61:36:02:30:
2d:cc:db:e4:29:b9:50:db:37:5d:aa:e3:d2:6b:03:cf:d2:d3:
33:0a:c5:20:2e:cc:42:67:a5:fb:f7:68:18:cf:65:2b:8a:cc:
61:99:57:6f:b0:1c:b5:d7:dc:fb:3b:bc:a9:d0:46:11:89:e3:
ba:1c:10:49:84:19:3c:2f:2e:eb:1a:49:32:a2:a6:86:33:18:
80:8d:7a:c5:82:e7:b9:c8:5a:2b:8b:5d:4f:66:36:3d:2e:7b:
8c:61:a8:6e:42:52:fb:59:3f:80:47:fa:13:db:c7:8e:dc:19:
cb:24:bd:1e:41:f3:f2:e7:78:15:28:4a:04:98:5c:f1:7c:e6:
fc:ce:ec:27:93:70:df:0a:8c:94:0c:c8:de:7b:e2:55:e5:90:
3c:59:d3:a9:83:c5:03:52:4c:db:7d:39:8c:32:5e:71:82:fd:
b4:9e:02:b4:a0:a6:81:32:b3:f2:be:91:e1:84:04:c8:32:3f:
0e:de:72:ae:71:ef:2f:b8:5a:15:42:3b:01:6e:39:8b:78:c8:
1c:0f:a4:ac:f4:71:57:35:a7:8f:93:1f:c6:50:84:d2:a8:48:
d1:8c:d4:b0:7b:44:e6:39:ac:cd:ff:ea:19:e4:5d:f0:bd:4c:
e1:55:e5:f4
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZXMlxtFdKg/4SZdgpLUkg2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWI0YzBjZjIxYzFhM2Q2ZWE0MTA2OGNiZTkwOGJlMzg4
ZTQ1MGEwHhcNMjUwMzI1MDkxNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWQxZTNjMzkwNDA2MDE1MDY4OTAyMGEwZGZmZWIwMGQ2MjM2ZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbw/j2G/LR9bP/NTcRMkQwgJZgRF
um8Dyqu7Zx8krWjTlyxAADAlMOAh9PybyQsQYHc42tn4NOvXqcJB3NzIGBwMiq7+
NpDGbdfdOq60QGHLBzti5iL4hDmtBkdZuFrZFR4iCSRhWSptK3D3kD3tGu64mq3+
Wex02Mevb7wG277F5JUX6Ygy9TKryW4iDkgtU8NBtlwHXzz0aAb8xbdea+BmDVsH
oERc5p7FcLR5jdMvcAXEPXLj3erbXzgO76Kc6kNCbG/iRMEXhmal0vlVf264Qm0p
gLC/BhEaddpmnbgc8hD92yVgqGk3rGiTPrwM6YmN6M0Ldfv1At5azledqQIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFIHR48OQQGAVBokCCg3/6wDWI26qMB8GA1UdIwQY
MBaAFIqrTAzyHBo9bqQQaMvpCL44jkUKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMt
NTM3YjFiNDlkZmU3LzEvZ2RIanc1QkFZQlVHaVFJS0RmX3JBTllqYnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMtNTM3YjFiNDlkZmU3
LzEvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wJAQCAAEwHgMEAi0LgAME
Ai1fZAMEAFvd0QMEArmXoAMEArmujDBHBAIAAjBBAwcAKgd5QAASAwcAKgd5QAAU
AwcAKgd5QAAWAwcAKgd5QAAYAwcAKgd5QABBMBIDBwAqB3lAAEUDBwMqB3lAAEAw
DQYJKoZIhvcNAQELBQADggEBALHPQpE1j6+Kgq4vl/1JYTYCMC3M2+QpuVDbN12q
49JrA8/S0zMKxSAuzEJnpfv3aBjPZSuKzGGZV2+wHLXX3Ps7vKnQRhGJ47ocEEmE
GTwvLusaSTKipoYzGICNesWC57nIWiuLXU9mNj0ue4xhqG5CUvtZP4BH+hPbx47c
GcskvR5B8/LneBUoSgSYXPF85vzO7CeTcN8KjJQMyN574lXlkDxZ06mDxQNSTNt9
OYwyXnGC/bSeArSgpoEys/K+keGEBMgyPw7ecq5x7y+4WhVCOwFuOYt4yBwPpKz0
cVc1p4+TH8ZQhNKoSNGM1LB7ROY5rM3/6hnkXfC9TOFV5fQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:39:12 2025 by rpki-client