Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/2pwM0tOmg6jjI7c4JmUBPdsjK4w.roa
File: 2pwM0tOmg6jjI7c4JmUBPdsjK4w.roa (raw, json)
Hash identifier: n4jcmhguRGoNy/nl6n5jYqIcBwTsjpIZ8ta+5tsq2Qo=
Subject key identifier: DA:9C:0C:D2:D3:A6:83:A8:E3:23:B7:38:26:65:01:3D:DB:23:2B:8C
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B230BE46C2358D7600C14BBDD44884
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/2pwM0tOmg6jjI7c4JmUBPdsjK4w.roa
Signing time: Wed 01 Jan 2025 11:48:33 +0000
ROA not before: Wed 01 Jan 2025 11:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 5.253.45.0/24 maxlen: 24
45.8.194.0/24 maxlen: 24
45.9.6.0/24 maxlen: 24
45.66.152.0/24 maxlen: 24
45.66.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:30:be:46:c2:35:8d:76:00:c1:4b:bd:d4:48:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da9c0cd2d3a683a8e323b7382665013ddb232b8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c4:02:1b:15:00:0e:c3:da:c9:44:0a:6b:e5:
02:07:46:a9:10:74:54:2d:f6:5f:4f:5f:fa:78:3a:
14:15:99:c2:b8:cf:91:e1:5f:2e:a1:66:ce:ed:9e:
a3:4c:15:69:74:2d:17:b1:68:62:9f:ea:bc:a8:75:
3a:0a:8f:bc:39:32:ff:99:29:ad:80:5d:76:ce:de:
5d:c8:82:2a:6d:2d:d7:02:e6:d8:f4:15:02:78:50:
a0:a9:2a:d3:06:ca:e9:3e:f2:0e:32:a0:bf:b1:37:
0e:68:cc:0a:2e:ff:16:21:31:b8:38:9e:5f:e0:c1:
2f:ba:68:7f:0a:9e:d9:88:c0:ab:69:b4:45:96:bd:
6f:8a:6d:11:16:89:a5:b7:78:6c:fc:95:0a:f1:e0:
59:7f:03:fa:ad:f3:48:97:95:07:03:53:5d:bf:d8:
76:da:83:47:16:4f:ac:e8:9f:c5:0b:c4:b6:f3:fe:
ec:20:33:52:e1:05:21:1a:42:53:45:07:81:8e:8a:
14:ed:53:74:a0:bb:92:3d:84:13:72:79:74:22:b7:
fd:15:94:3c:bf:8c:a8:48:ae:61:99:61:4c:14:fd:
22:18:53:e7:64:a4:cc:e0:76:4b:b7:de:87:50:70:
6c:0d:ea:a2:1b:11:53:af:cc:99:c0:bd:9d:4f:52:
87:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9C:0C:D2:D3:A6:83:A8:E3:23:B7:38:26:65:01:3D:DB:23:2B:8C
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/2pwM0tOmg6jjI7c4JmUBPdsjK4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.45.0/24
45.8.194.0/24
45.9.6.0/24
45.66.152.0/24
45.66.154.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:3b:6a:f5:22:1c:d9:f4:5d:d3:25:3f:ef:55:3e:c9:4e:8d:
6a:26:03:b6:35:c3:e4:20:fc:1e:17:0f:81:39:ac:f3:83:34:
3a:f3:36:67:f1:81:7a:54:f6:19:77:e7:56:be:25:be:30:65:
ec:e5:51:be:1a:97:37:b1:23:c8:58:d8:a7:1c:44:93:4d:a0:
4b:73:2b:4a:09:36:e9:cb:dc:9d:a0:93:fd:26:fa:b9:b4:55:
7b:4c:cd:ce:81:2b:60:c1:03:a2:d7:4c:15:62:33:67:be:ea:
9d:30:35:a4:50:5e:8d:d1:d7:8d:3b:82:72:75:f0:79:e4:fe:
b6:70:a2:fb:94:dd:03:6a:be:c5:83:32:46:fc:8f:d8:af:37:
3f:30:21:fd:44:c2:f7:e6:7a:5d:54:f2:f7:de:58:ac:6a:96:
5d:db:47:7e:75:0e:b6:1b:25:31:b9:7f:23:57:23:5c:dc:15:
a8:4c:4a:eb:b6:0e:8f:f7:72:bc:2d:4e:2b:0b:4c:4e:d8:ed:
db:27:a8:bd:f8:07:01:02:3c:a7:b0:c1:6c:38:d9:4b:05:bc:
eb:54:f5:c4:72:3c:36:ca:c6:2c:08:37:04:03:9d:f9:5c:9b:
b9:8b:20:f3:ab:96:a7:94:66:42:22:cd:14:33:fc:86:de:a1:
ef:e7:74:a3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQhsjC+RsI1jXYAwUu91EiEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTljMGNkMmQzYTY4M2E4ZTMyM2I3MzgyNjY1MDEzZGRiMjMyYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMQCGxUADsPayUQKa+UCB0apEHRU
LfZfT1/6eDoUFZnCuM+R4V8uoWbO7Z6jTBVpdC0XsWhin+q8qHU6Co+8OTL/mSmt
gF12zt5dyIIqbS3XAubY9BUCeFCgqSrTBsrpPvIOMqC/sTcOaMwKLv8WITG4OJ5f
4MEvumh/Cp7ZiMCrabRFlr1vim0RFomlt3hs/JUK8eBZfwP6rfNIl5UHA1Ndv9h2
2oNHFk+s6J/FC8S28/7sIDNS4QUhGkJTRQeBjooU7VN0oLuSPYQTcnl0Irf9FZQ8
v4yoSK5hmWFMFP0iGFPnZKTM4HZLt96HUHBsDeqiGxFTr8yZwL2dT1KH7QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNqcDNLTpoOo4yO3OCZlAT3bIyuMMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvMnB3TTB0T21nNmpqSTdjNEptVUJQZHNqSzR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABf0tAwQA
LQjCAwQALQkGAwQALUKYAwQALUKaMA0GCSqGSIb3DQEBCwUAA4IBAQCbO2r1IhzZ
9F3TJT/vVT7JTo1qJgO2NcPkIPweFw+BOazzgzQ68zZn8YF6VPYZd+dWviW+MGXs
5VG+Gpc3sSPIWNinHESTTaBLcytKCTbpy9ydoJP9Jvq5tFV7TM3OgStgwQOi10wV
YjNnvuqdMDWkUF6N0deNO4JydfB55P62cKL7lN0Dar7FgzJG/I/Yrzc/MCH9RML3
5npdVPL33lisapZd20d+dQ62GyUxuX8jVyNc3BWoTErrtg6P93K8LU4rC0xO2O3b
J6i9+AcBAjynsMFsONlLBbzrVPXEcjw2ysYsCDcEA535XJu5iyDzq5anlGZCIs0U
M/yG3qHv53Sj
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:17:08 2025 by rpki-client