Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/DuJTwfbmSjfqpm-aI9yxcTnq8_c.roa
File: DuJTwfbmSjfqpm-aI9yxcTnq8_c.roa (raw, json)
Hash identifier: U3HPyRKutTfgYtJ0zScLJqKVGsVhaJOY9Va3kS+DrEU=
Subject key identifier: 0E:E2:53:C1:F6:E6:4A:37:EA:A6:6F:9A:23:DC:B1:71:39:EA:F3:F7
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B23F47D654574C8BBCD0119316BBB1
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/DuJTwfbmSjfqpm-aI9yxcTnq8_c.roa
Signing time: Wed 01 Jan 2025 11:48:37 +0000
ROA not before: Wed 01 Jan 2025 11:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133619
IP address blocks: 2.56.116.0/24 maxlen: 24
45.12.148.0/24 maxlen: 24
45.15.124.0/24 maxlen: 24
45.82.244.0/24 maxlen: 24
92.118.228.0/24 maxlen: 24
139.28.232.0/24 maxlen: 24
185.106.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3f:47:d6:54:57:4c:8b:bc:d0:11:93:16:bb:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ee253c1f6e64a37eaa66f9a23dcb17139eaf3f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bf:b3:be:cc:26:68:65:a9:f4:fe:00:92:b9:
1f:13:40:d3:d6:b9:ef:f6:b9:13:72:3c:3e:6c:45:
26:cf:30:3d:a3:f8:a8:11:50:19:89:a5:69:c0:f3:
c0:02:80:ac:64:c7:86:2b:94:9d:0c:7a:1c:6a:3e:
54:33:42:8d:fc:f8:bd:a9:dd:85:50:24:e8:c6:bc:
50:ff:ba:92:ae:88:6e:86:7e:43:1e:fb:6b:91:dc:
e9:0e:6e:a9:09:58:64:69:e9:d7:69:76:e0:2a:b9:
c7:8d:21:9c:8d:5c:69:0e:6a:40:d6:14:da:9a:c8:
b1:e0:19:ae:23:d3:69:0f:58:08:39:ff:f6:bb:c3:
ad:95:5a:46:02:5c:0c:cf:1c:c6:9f:97:00:4c:88:
c9:8f:56:e0:f6:d6:65:d5:ed:fd:d4:f2:3f:67:b1:
f5:f1:5b:78:6a:1f:26:e0:f5:77:fe:f5:06:61:20:
a4:d4:d6:90:70:52:6d:bc:ab:44:bd:df:97:16:be:
a1:57:7c:75:97:2c:59:02:74:dd:30:7d:9b:3b:44:
f3:06:34:46:d3:e9:36:b9:6b:01:a6:7c:6d:95:c8:
ca:23:7c:ba:b6:82:8f:25:52:97:d8:73:ad:5a:1d:
01:69:eb:e2:aa:d1:77:e3:cc:95:e8:ec:52:69:0d:
38:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E2:53:C1:F6:E6:4A:37:EA:A6:6F:9A:23:DC:B1:71:39:EA:F3:F7
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/DuJTwfbmSjfqpm-aI9yxcTnq8_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.116.0/24
45.12.148.0/24
45.15.124.0/24
45.82.244.0/24
92.118.228.0/24
139.28.232.0/24
185.106.96.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:97:a3:8b:0b:ca:c8:36:b3:84:21:c0:a6:56:c8:fb:5c:27:
0e:1b:0a:e2:24:a0:2e:08:c1:82:a6:61:cc:f4:b7:8c:3a:e5:
1b:c2:e1:e8:c5:cb:45:3b:c1:97:e6:c6:e0:7f:f1:29:6e:76:
fd:56:56:0c:82:be:b1:47:34:19:91:8e:0d:1e:e8:b8:c4:e5:
c7:32:a6:4c:bf:2b:d5:a1:c2:06:0b:ec:45:32:ff:01:ef:60:
1e:cc:d9:ab:19:5a:66:ff:02:0b:3b:66:4c:d6:b7:45:9f:63:
e0:30:bd:36:36:66:13:d8:64:b4:34:49:df:04:87:45:52:d2:
dd:73:d6:02:a6:bd:7b:2b:b1:d3:46:c8:f1:0d:f2:fc:e4:db:
2b:fe:ed:82:6e:01:72:94:d4:4b:08:a0:b1:72:5d:1d:4a:88:
6c:51:d2:f6:00:28:7d:f3:cf:fa:85:32:e3:83:3c:80:73:f0:
e9:e3:87:3f:1e:60:72:7e:c9:83:34:d3:97:57:e2:22:52:0e:
e1:e1:3f:22:11:64:a9:e7:a5:24:42:dd:7e:f0:ac:45:9b:7f:
6a:ae:13:b8:4a:66:27:48:93:f0:1f:d2:25:6e:5d:a2:4b:45:
35:f7:98:ee:63:b7:d7:d0:55:c2:bf:fe:4b:b7:a1:a8:36:a0:
cf:51:62:a4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQhsj9H1lRXTIu80BGTFruxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWUyNTNjMWY2ZTY0YTM3ZWFhNjZmOWEyM2RjYjE3MTM5ZWFmM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7+zvswmaGWp9P4AkrkfE0DT1rnv
9rkTcjw+bEUmzzA9o/ioEVAZiaVpwPPAAoCsZMeGK5SdDHocaj5UM0KN/Pi9qd2F
UCToxrxQ/7qSrohuhn5DHvtrkdzpDm6pCVhkaenXaXbgKrnHjSGcjVxpDmpA1hTa
msix4BmuI9NpD1gIOf/2u8OtlVpGAlwMzxzGn5cATIjJj1bg9tZl1e391PI/Z7H1
8Vt4ah8m4PV3/vUGYSCk1NaQcFJtvKtEvd+XFr6hV3x1lyxZAnTdMH2bO0TzBjRG
0+k2uWsBpnxtlcjKI3y6toKPJVKX2HOtWh0BaeviqtF348yV6OxSaQ04MQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFA7iU8H25ko36qZvmiPcsXE56vP3MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvRHVKVHdmYm1TamZxcG0tYUk5eXhjVG5xOF9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAAjh0AwQA
LQyUAwQALQ98AwQALVL0AwQAXHbkAwQAixzoAwQAuWpgMA0GCSqGSIb3DQEBCwUA
A4IBAQCNl6OLC8rINrOEIcCmVsj7XCcOGwriJKAuCMGCpmHM9LeMOuUbwuHoxctF
O8GX5sbgf/Epbnb9VlYMgr6xRzQZkY4NHui4xOXHMqZMvyvVocIGC+xFMv8B72Ae
zNmrGVpm/wILO2ZM1rdFn2PgML02NmYT2GS0NEnfBIdFUtLdc9YCpr17K7HTRsjx
DfL85Nsr/u2CbgFylNRLCKCxcl0dSohsUdL2ACh988/6hTLjgzyAc/Dp44c/HmBy
fsmDNNOXV+IiUg7h4T8iEWSp56UkQt1+8KxFm39qrhO4SmYnSJPwH9Ilbl2iS0U1
95juY7fX0FXCv/5Lt6GoNqDPUWKk
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:06:39 2025 by rpki-client