Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/46d595-9b69-48bd-bd01-c240c9afd149/1/2_qvFydm6_j1laFIKeFNCFmZKmg.roa
File: 2_qvFydm6_j1laFIKeFNCFmZKmg.roa (raw, json)
Hash identifier: UFFL/1IWXAUZXdzFMsji4vwUO27cKd+ryVB0QeRQLhU=
Subject key identifier: DB:FA:AF:17:27:66:EB:F8:F5:95:A1:48:29:E1:4D:08:59:99:2A:68
Certificate issuer: /CN=4a7209f8b7ed4fa9bfb278880c29f98d6a96b63c
Certificate serial: 07A35726
Authority key identifier: 4A:72:09:F8:B7:ED:4F:A9:BF:B2:78:88:0C:29:F9:8D:6A:96:B6:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SnIJ-LftT6m_sniIDCn5jWqWtjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/46d595-9b69-48bd-bd01-c240c9afd149/1/2_qvFydm6_j1laFIKeFNCFmZKmg.roa
Signing time: Sat 01 Jan 2022 15:06:52 +0000
ROA not before: Sat 01 Jan 2022 15:06:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200303
IP address blocks: 45.132.125.0/24 maxlen: 24
45.132.124.0/24 maxlen: 24
45.132.124.0/23 maxlen: 23
45.132.127.0/24 maxlen: 24
45.132.126.0/23 maxlen: 23
45.132.126.0/24 maxlen: 24
45.95.55.0/24 maxlen: 24
45.95.54.0/24 maxlen: 24
45.95.53.0/24 maxlen: 24
45.95.52.0/24 maxlen: 24
45.95.52.0/22 maxlen: 22
45.142.112.0/23 maxlen: 23
45.142.112.0/22 maxlen: 24
45.142.112.0/24 maxlen: 24
45.142.114.0/24 maxlen: 24
45.142.113.0/24 maxlen: 24
45.142.115.0/24 maxlen: 24
185.245.60.0/22 maxlen: 24
185.244.164.0/24 maxlen: 24
185.244.164.0/23 maxlen: 23
185.244.166.0/24 maxlen: 24
185.244.165.0/24 maxlen: 24
185.244.167.0/24 maxlen: 24
185.244.166.0/23 maxlen: 23
2a0d:3586::/32 maxlen: 32
2a0d:3580:12ee::/48 maxlen: 48
2a0d:3585::/32 maxlen: 32
2a0d:3580:12ec::/48 maxlen: 48
2a0d:3580:12dd::/48 maxlen: 48
2a0d:3580:12eb::/48 maxlen: 48
2a0d:3580:12df::/48 maxlen: 48
2a0d:3580:12da::/48 maxlen: 48
2a0d:3580:12de::/48 maxlen: 48
2a0d:3580:12dc::/48 maxlen: 48
2a0e:d8c0::/29 maxlen: 29
2a0d:3580:5a2d::/48 maxlen: 48
2a0d:3580:12ed::/48 maxlen: 48
2a0d:3580::/32 maxlen: 32
2a0d:3580:12db::/48 maxlen: 48
2a0d:3584:1111::/48 maxlen: 48
2a0d:3580:12ef::/48 maxlen: 48
2a0d:3580:12ea::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128145190 (0x7a35726)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7209f8b7ed4fa9bfb278880c29f98d6a96b63c
Validity
Not Before: Jan 1 15:06:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dbfaaf172766ebf8f595a14829e14d0859992a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:aa:ab:42:a5:ee:e7:ea:2d:be:54:17:cd:66:
c6:91:cf:54:65:9a:c3:ce:a0:5d:48:d8:ff:d9:d4:
3f:e1:43:ff:12:b3:12:5e:35:8b:eb:82:f4:e7:cc:
97:7e:67:91:02:0a:a1:87:b9:c1:52:b0:85:bb:37:
96:9d:4c:b6:2e:a5:48:23:29:84:0d:c0:8b:c5:bb:
65:71:89:33:c8:c8:48:4d:f9:1b:1a:46:27:6c:75:
7e:98:8d:6a:13:e4:9e:fd:15:f3:e0:a4:f5:a4:63:
6a:9c:27:55:e1:66:b9:d5:98:c3:ab:52:0a:5c:bf:
64:7b:21:d7:da:4e:fd:44:40:ac:8d:9e:c1:77:16:
33:68:d8:89:cd:18:3d:0d:a4:6d:f9:9a:53:3b:20:
dc:89:77:39:9e:f3:35:91:72:96:e1:07:76:20:29:
8f:e4:c5:f8:7e:98:2c:49:e6:59:d4:1a:2c:d3:b7:
e5:44:f4:0a:87:d1:91:e7:27:7b:67:d0:41:1c:76:
33:78:1d:d4:71:c6:ad:a7:3c:60:26:b5:48:8f:b9:
4a:9d:3e:f1:65:62:c2:f0:92:e7:60:61:49:d5:78:
78:06:54:8c:16:3d:c9:9b:9c:66:6d:d4:1c:fd:ea:
86:7a:47:e6:26:c4:53:a5:12:0b:cc:64:4e:f6:30:
fb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:FA:AF:17:27:66:EB:F8:F5:95:A1:48:29:E1:4D:08:59:99:2A:68
X509v3 Authority Key Identifier:
keyid:4A:72:09:F8:B7:ED:4F:A9:BF:B2:78:88:0C:29:F9:8D:6A:96:B6:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SnIJ-LftT6m_sniIDCn5jWqWtjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/46d595-9b69-48bd-bd01-c240c9afd149/1/2_qvFydm6_j1laFIKeFNCFmZKmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/46d595-9b69-48bd-bd01-c240c9afd149/1/SnIJ-LftT6m_sniIDCn5jWqWtjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.52.0/22
45.132.124.0/22
45.142.112.0/22
185.244.164.0/22
185.245.60.0/22
IPv6:
2a0d:3580::/32
2a0d:3584:1111::/48
2a0d:3585::-2a0d:3586:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:d8c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:91:76:77:9c:4f:57:90:18:a7:fb:33:67:62:00:9f:f0:96:
5d:43:04:28:79:56:b7:84:16:08:83:cd:cc:95:f9:e4:30:64:
fd:62:97:f1:42:4b:c3:d2:2c:36:c6:14:bc:14:4c:d3:81:c6:
10:39:8e:a3:7d:31:98:fa:56:04:50:5d:29:d0:b2:32:5a:16:
7d:39:fd:8a:52:0b:44:45:fe:f7:1d:89:a2:c5:6c:e4:9c:b4:
b6:e1:9f:4c:c6:d1:93:51:1c:5c:fa:ae:7c:19:5b:af:81:b3:
0b:a5:29:8a:9b:c3:64:62:82:d0:cb:cc:25:80:70:38:fc:92:
c9:17:c2:9d:98:59:78:a1:ff:5f:17:13:a4:65:87:19:ea:a2:
2d:50:26:df:26:14:36:d1:ef:07:bf:ad:3a:af:ad:8d:8d:25:
f4:62:66:9b:f6:b3:58:d1:9f:db:84:49:35:d0:bc:fd:3e:03:
37:0f:fc:57:27:73:fe:19:8e:6f:0c:17:d6:20:15:72:e5:68:
76:03:1e:02:d5:84:09:0c:e9:c6:06:c9:50:40:7d:8b:48:b3:
3d:48:c0:ea:11:50:a2:fe:e0:23:82:29:b8:3e:be:12:7c:29:
32:ef:a1:a2:7e:d8:2d:9d:e1:8e:33:5b:47:8b:2a:11:0f:c7:
be:5c:ca:07
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIEB6NXJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YTcyMDlmOGI3ZWQ0ZmE5YmZiMjc4ODgwYzI5Zjk4ZDZhOTZiNjNjMB4XDTIyMDEw
MTE1MDY1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGJmYWFmMTcyNzY2
ZWJmOGY1OTVhMTQ4MjllMTRkMDg1OTk5MmE2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKqq0Kl7ufqLb5UF81mxpHPVGWaw86gXUjY/9nUP+FD/xKz
El41i+uC9OfMl35nkQIKoYe5wVKwhbs3lp1Mti6lSCMphA3Ai8W7ZXGJM8jISE35
GxpGJ2x1fpiNahPknv0V8+Ck9aRjapwnVeFmudWYw6tSCly/ZHsh19pO/URArI2e
wXcWM2jYic0YPQ2kbfmaUzsg3Il3OZ7zNZFyluEHdiApj+TF+H6YLEnmWdQaLNO3
5UT0CofRkecne2fQQRx2M3gd1HHGrac8YCa1SI+5Sp0+8WViwvCS52BhSdV4eAZU
jBY9yZucZm3UHP3qhnpH5ibEU6USC8xkTvYw+90CAwEAAaOCAlAwggJMMB0GA1Ud
DgQWBBTb+q8XJ2br+PWVoUgp4U0IWZkqaDAfBgNVHSMEGDAWgBRKcgn4t+1Pqb+y
eIgMKfmNapa2PDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NuSUotTGZ0VDZtX3NuaUlEQ241aldxV3Rqdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvNDZkNTk1LTliNjktNDhiZC1iZDAxLWMyNDBjOWFmZDE0OS8x
LzJfcXZGeWRtNl9qMWxhRklLZUZOQ0ZtWkttZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
NDZkNTk1LTliNjktNDhiZC1iZDAxLWMyNDBjOWFmZDE0OS8xL1NuSUotTGZ0VDZt
X3NuaUlEQ241aldxV3Rqdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBm
BggrBgEFBQcBBwEB/wRXMFUwJAQCAAEwHgMEAi1fNAMEAi2EfAMEAi2OcAMEArn0
pAMEArn1PDAtBAIAAjAnAwUAKg01gAMHACoNNYQRETAOAwUAKg01hQMFACoNNYYD
BQMqDtjAMA0GCSqGSIb3DQEBCwUAA4IBAQApkXZ3nE9XkBin+zNnYgCf8JZdQwQo
eVa3hBYIg83MlfnkMGT9YpfxQkvD0iw2xhS8FEzTgcYQOY6jfTGY+lYEUF0p0LIy
WhZ9Of2KUgtERf73HYmixWzknLS24Z9MxtGTURxc+q58GVuvgbMLpSmKm8NkYoLQ
y8wlgHA4/JLJF8KdmFl4of9fFxOkZYcZ6qItUCbfJhQ20e8Hv606r62NjSX0Ymab
9rNY0Z/bhEk10Lz9PgM3D/xXJ3P+GY5vDBfWIBVy5Wh2Ax4C1YQJDOnGBslQQH2L
SLM9SMDqEVCi/uAjgim4Pr4SfCky76GiftgtneGOM1tHiyoRD8e+XMoH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:42 2024 by rpki-client on console-ams.rpki-client.org