Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/0f87e2-b805-4bf9-a366-0f2c334e5e05/1/TFa2ZOwxN7oGU3_kx6uIZniyCkM.roa
File: TFa2ZOwxN7oGU3_kx6uIZniyCkM.roa (raw, json)
Hash identifier: HhfxSeGnWIjZES5ZMXYca+rgo27hAD/QZjezzNFWuIQ=
Subject key identifier: 4C:56:B6:64:EC:31:37:BA:06:53:7F:E4:C7:AB:88:66:78:B2:0A:43
Certificate issuer: /CN=63b147f67e8795d959ed3530396d1256055b126e
Certificate serial: 0194236A1072F7F404272DCEC0BB4540C6AB
Authority key identifier: 63:B1:47:F6:7E:87:95:D9:59:ED:35:30:39:6D:12:56:05:5B:12:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y7FH9n6HldlZ7TUwOW0SVgVbEm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/0f87e2-b805-4bf9-a366-0f2c334e5e05/1/TFa2ZOwxN7oGU3_kx6uIZniyCkM.roa
Signing time: Wed 01 Jan 2025 19:49:01 +0000
ROA not before: Wed 01 Jan 2025 19:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206841
IP address blocks: 45.152.80.0/24 maxlen: 24
45.152.81.0/24 maxlen: 24
45.152.82.0/24 maxlen: 24
45.152.83.0/24 maxlen: 24
193.35.84.0/24 maxlen: 24
193.35.85.0/24 maxlen: 24
193.35.86.0/24 maxlen: 24
193.35.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:10:72:f7:f4:04:27:2d:ce:c0:bb:45:40:c6:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63b147f67e8795d959ed3530396d1256055b126e
Validity
Not Before: Jan 1 19:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c56b664ec3137ba06537fe4c7ab886678b20a43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9f:d2:c0:24:05:b2:22:9d:7e:10:11:c8:6f:
9a:2c:37:a2:7a:ce:13:57:09:82:98:aa:7e:8a:68:
51:e7:8e:68:bb:81:fc:2e:bd:d1:58:3e:57:f3:af:
23:be:61:44:73:e2:10:13:7e:6c:e0:ad:c1:61:29:
6b:1a:98:7b:cf:13:62:e5:64:8e:53:f6:b4:aa:2f:
23:af:e2:57:96:23:a1:6b:19:5d:a7:5b:fc:b0:5d:
0f:5e:c9:36:7d:31:43:8b:83:98:3d:df:c9:a6:63:
a7:12:6f:b4:c6:d5:a9:e3:43:70:ee:36:9c:6d:2b:
d4:d6:bc:3f:fb:3d:b8:c5:94:0f:21:3f:72:08:f3:
d8:2f:bc:3c:0e:e5:e3:be:ad:71:ea:8f:a4:4b:fc:
b5:d4:15:21:c6:70:1f:b1:f7:a0:d5:a3:76:32:8f:
dc:f1:0e:2a:df:95:08:8d:50:30:1f:2b:18:b9:2a:
ca:40:cc:f4:40:ce:0c:56:02:b8:ee:af:34:02:28:
71:83:b1:c0:0a:b0:66:ba:08:2b:20:c1:50:d5:73:
e8:8d:c6:af:61:d9:cc:e1:c9:9c:ed:11:b3:1e:23:
ff:54:55:b6:5a:2d:0b:ba:8d:b4:57:b1:f7:d3:b2:
f2:51:84:4d:a6:dc:08:a4:96:b9:88:2e:7e:c5:13:
3d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:56:B6:64:EC:31:37:BA:06:53:7F:E4:C7:AB:88:66:78:B2:0A:43
X509v3 Authority Key Identifier:
keyid:63:B1:47:F6:7E:87:95:D9:59:ED:35:30:39:6D:12:56:05:5B:12:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y7FH9n6HldlZ7TUwOW0SVgVbEm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0f87e2-b805-4bf9-a366-0f2c334e5e05/1/TFa2ZOwxN7oGU3_kx6uIZniyCkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0f87e2-b805-4bf9-a366-0f2c334e5e05/1/Y7FH9n6HldlZ7TUwOW0SVgVbEm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.80.0/22
193.35.84.0/22
Signature Algorithm: sha256WithRSAEncryption
72:38:bf:b0:f0:18:eb:ca:68:e0:65:5b:c9:dd:b8:5e:ea:0f:
e6:8a:5f:17:b5:58:49:95:7a:0a:02:76:c9:a0:14:d8:de:44:
c9:1d:da:d3:a6:ae:8e:3d:11:8a:c3:7e:c2:4c:dd:de:e3:bd:
fc:5a:bd:43:db:cf:a3:cd:84:97:98:a4:21:ac:b1:32:22:2b:
69:30:c9:0e:05:3b:4e:84:74:7c:72:89:97:af:dd:39:15:a6:
f2:af:e8:11:3f:04:bb:22:d9:79:d4:93:3f:7b:cf:1e:b6:18:
fe:0a:64:8b:fb:ac:4a:0f:61:46:2e:3a:8c:3e:0f:6e:f7:da:
81:97:db:b9:b6:f5:1e:d1:f7:10:b1:6a:81:6c:ea:7f:fd:f5:
f1:01:e4:8d:8c:44:af:1e:97:e7:ac:f2:25:15:f5:19:26:50:
9a:04:11:d4:a2:b8:54:5d:70:2b:e9:4b:53:fb:2b:1d:81:6b:
74:3a:b8:b1:7c:25:93:13:a5:8c:fd:5d:a9:e2:67:c4:7a:23:
b3:ba:52:bf:99:b1:2f:e5:97:ae:eb:19:43:1b:eb:5b:a5:78:
bd:a1:3b:36:df:1c:61:1f:b1:44:56:5d:a0:00:11:b3:56:40:
96:ce:3e:09:0c:5b:3f:cd:20:f1:20:a3:0e:b8:ab:3a:17:e5:
32:ba:5d:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjahBy9/QEJy3OwLtFQMarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYjE0N2Y2N2U4Nzk1ZDk1OWVkMzUzMDM5NmQxMjU2MDU1
YjEyNmUwHhcNMjUwMTAxMTk0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzU2YjY2NGVjMzEzN2JhMDY1MzdmZTRjN2FiODg2Njc4YjIwYTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ/SwCQFsiKdfhARyG+aLDeies4T
VwmCmKp+imhR545ou4H8Lr3RWD5X868jvmFEc+IQE35s4K3BYSlrGph7zxNi5WSO
U/a0qi8jr+JXliOhaxldp1v8sF0PXsk2fTFDi4OYPd/JpmOnEm+0xtWp40Nw7jac
bSvU1rw/+z24xZQPIT9yCPPYL7w8DuXjvq1x6o+kS/y11BUhxnAfsfeg1aN2Mo/c
8Q4q35UIjVAwHysYuSrKQMz0QM4MVgK47q80Aihxg7HACrBmuggrIMFQ1XPojcav
YdnM4cmc7RGzHiP/VFW2Wi0Luo20V7H307LyUYRNptwIpJa5iC5+xRM9XwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFExWtmTsMTe6BlN/5MeriGZ4sgpDMB8GA1UdIwQY
MBaAFGOxR/Z+h5XZWe01MDltElYFWxJuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTdGSDluNkhsZGxaN1RVd09XMFNWZ1ZiRW00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8wZjg3ZTItYjgwNS00YmY5LWEzNjYt
MGYyYzMzNGU1ZTA1LzEvVEZhMlpPd3hON29HVTNfa3g2dUlabml5Q2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8wZjg3ZTItYjgwNS00YmY5LWEzNjYtMGYyYzMzNGU1ZTA1
LzEvWTdGSDluNkhsZGxaN1RVd09XMFNWZ1ZiRW00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZhQAwQC
wSNUMA0GCSqGSIb3DQEBCwUAA4IBAQByOL+w8BjrymjgZVvJ3bhe6g/mil8XtVhJ
lXoKAnbJoBTY3kTJHdrTpq6OPRGKw37CTN3e4738Wr1D28+jzYSXmKQhrLEyIitp
MMkOBTtOhHR8comXr905Fabyr+gRPwS7Itl51JM/e88ethj+CmSL+6xKD2FGLjqM
Pg9u99qBl9u5tvUe0fcQsWqBbOp//fXxAeSNjESvHpfnrPIlFfUZJlCaBBHUorhU
XXAr6UtT+ysdgWt0OrixfCWTE6WM/V2p4mfEeiOzulK/mbEv5Zeu6xlDG+tbpXi9
oTs23xxhH7FEVl2gABGzVkCWzj4JDFs/zSDxIKMOuKs6F+Uyul2n
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:21 2025 by rpki-client