Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/46d595-9b69-48bd-bd01-c240c9afd149/1/XUJZiUZFoieJ88gpuEVCqfYusl0.roa
File: XUJZiUZFoieJ88gpuEVCqfYusl0.roa (raw, json)
Hash identifier: fruS2TiMOgMArv2Pq6mxqGcKgVn3R+yFTnt7JxrGxkk=
Subject key identifier: 5D:42:59:89:46:45:A2:27:89:F3:C8:29:B8:45:42:A9:F6:2E:B2:5D
Certificate issuer: /CN=4a7209f8b7ed4fa9bfb278880c29f98d6a96b63c
Certificate serial: 01856F0B705C65EEADFF3AA70C1633F1BC19
Authority key identifier: 4A:72:09:F8:B7:ED:4F:A9:BF:B2:78:88:0C:29:F9:8D:6A:96:B6:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SnIJ-LftT6m_sniIDCn5jWqWtjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/46d595-9b69-48bd-bd01-c240c9afd149/1/XUJZiUZFoieJ88gpuEVCqfYusl0.roa
Signing time: Sun 01 Jan 2023 20:34:58 +0000
ROA not before: Sun 01 Jan 2023 20:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200303
IP address blocks: 45.132.125.0/24 maxlen: 24
45.132.124.0/24 maxlen: 24
45.132.124.0/23 maxlen: 23
45.132.127.0/24 maxlen: 24
45.132.126.0/23 maxlen: 23
45.132.126.0/24 maxlen: 24
45.95.55.0/24 maxlen: 24
45.95.54.0/24 maxlen: 24
45.95.53.0/24 maxlen: 24
45.95.52.0/24 maxlen: 24
45.95.52.0/22 maxlen: 22
45.142.112.0/23 maxlen: 23
45.142.112.0/22 maxlen: 24
45.142.112.0/24 maxlen: 24
45.142.115.0/24 maxlen: 24
45.142.114.0/24 maxlen: 24
45.142.113.0/24 maxlen: 24
185.245.60.0/22 maxlen: 24
185.244.164.0/24 maxlen: 24
185.244.164.0/23 maxlen: 23
185.244.166.0/24 maxlen: 24
185.244.165.0/24 maxlen: 24
185.244.167.0/24 maxlen: 24
185.244.166.0/23 maxlen: 23
2a0d:3586::/32 maxlen: 32
2a0d:3580:12ee::/48 maxlen: 48
2a0d:3585::/32 maxlen: 32
2a0d:3580:12ec::/48 maxlen: 48
2a0d:3580:12dd::/48 maxlen: 48
2a0d:3580:12eb::/48 maxlen: 48
2a0d:3580:12df::/48 maxlen: 48
2a0d:3580:12da::/48 maxlen: 48
2a0d:3580:12de::/48 maxlen: 48
2a0d:3580:12dc::/48 maxlen: 48
2a0e:d8c0::/29 maxlen: 29
2a0d:3580:5a2d::/48 maxlen: 48
2a0d:3580:12ed::/48 maxlen: 48
2a0d:3580::/32 maxlen: 32
2a0d:3580:12db::/48 maxlen: 48
2a0d:3584:1111::/48 maxlen: 48
2a0d:3580:12ef::/48 maxlen: 48
2a0d:3580:12ea::/48 maxlen: 48
2a0d:3585:2006::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:70:5c:65:ee:ad:ff:3a:a7:0c:16:33:f1:bc:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7209f8b7ed4fa9bfb278880c29f98d6a96b63c
Validity
Not Before: Jan 1 20:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d4259894645a22789f3c829b84542a9f62eb25d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:44:99:be:ab:3a:3c:cb:d1:21:3e:c5:be:af:
ab:00:8d:76:94:db:3d:ad:1c:85:f7:2d:b4:37:26:
31:0f:b2:13:17:d2:c7:b2:3c:f1:48:58:24:fe:30:
08:01:a3:86:fb:4d:03:c2:db:a1:7b:9e:52:c3:28:
88:00:52:a0:6e:df:24:40:e4:42:fd:24:ea:34:70:
82:0a:eb:ea:1c:b5:22:da:a1:55:4a:ee:3b:49:ab:
f4:d1:a6:e8:e3:51:29:6b:81:91:6b:a6:cd:3d:72:
c6:9a:4d:93:a9:44:4d:98:7d:b1:22:8e:91:1b:4f:
f4:b3:43:aa:58:fd:8a:10:ec:6d:58:3c:48:19:e6:
b5:11:6a:a0:dc:ec:50:da:31:c2:ca:f0:2a:2b:d4:
cf:f4:4d:44:a0:9c:51:2a:72:fa:fc:fe:db:19:b3:
2f:85:ba:92:9a:dc:24:90:ef:7a:33:b5:29:68:f3:
e2:69:fb:bb:22:14:77:27:2c:24:8e:9d:58:d5:08:
62:19:1d:e1:93:d0:53:2f:c2:50:db:c4:f5:98:7e:
5b:5a:63:f3:a7:be:ba:f9:88:f4:04:44:08:df:43:
82:a4:80:fd:40:07:97:cf:fc:bd:3e:5e:20:59:07:
75:2b:13:d5:d0:ed:0f:ca:da:87:22:4b:ac:ac:15:
53:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:42:59:89:46:45:A2:27:89:F3:C8:29:B8:45:42:A9:F6:2E:B2:5D
X509v3 Authority Key Identifier:
keyid:4A:72:09:F8:B7:ED:4F:A9:BF:B2:78:88:0C:29:F9:8D:6A:96:B6:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SnIJ-LftT6m_sniIDCn5jWqWtjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/46d595-9b69-48bd-bd01-c240c9afd149/1/XUJZiUZFoieJ88gpuEVCqfYusl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/46d595-9b69-48bd-bd01-c240c9afd149/1/SnIJ-LftT6m_sniIDCn5jWqWtjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.52.0/22
45.132.124.0/22
45.142.112.0/22
185.244.164.0/22
185.245.60.0/22
IPv6:
2a0d:3580::/32
2a0d:3584:1111::/48
2a0d:3585::-2a0d:3586:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:d8c0::/29
Signature Algorithm: sha256WithRSAEncryption
47:3e:63:c2:75:a3:9a:f3:c5:2e:ba:cd:48:da:e7:b8:1a:ef:
e4:f7:db:40:b9:8b:3d:8c:bc:06:56:37:77:ef:a7:db:89:74:
d2:d8:db:59:a1:9e:90:98:9e:05:3d:b6:f8:06:6f:93:2e:89:
a9:cb:c3:91:e7:7a:41:37:20:e4:7c:1d:20:a7:05:65:cb:33:
0c:eb:6e:28:05:ba:b7:0a:14:0e:c5:a5:58:5c:be:0a:c4:e8:
ae:9a:aa:b5:30:e2:02:94:55:b8:60:77:20:ba:d3:dc:6d:a6:
61:20:d2:d2:c6:7a:87:6d:8e:e7:0d:d3:ad:3a:f9:68:25:29:
42:a0:3b:50:24:18:e2:d2:9e:09:71:a9:f4:c8:93:a7:a2:5a:
aa:94:46:73:1f:8a:38:ae:93:ad:86:1e:20:f7:b3:47:0c:13:
10:bc:a8:a5:ee:88:6d:4d:dd:05:3d:e4:a7:48:35:7f:27:01:
b9:c4:5d:a0:3f:0a:62:fb:56:9d:54:ed:b1:79:05:7e:68:76:
cd:b1:eb:3a:21:20:f1:b0:a8:57:ac:53:c2:58:bf:a7:1c:e4:
41:64:15:e3:02:22:2f:e9:94:2f:03:6e:de:cf:07:98:b3:f7:
88:7b:d3:4b:0d:49:ca:53:6b:92:15:c1:00:c2:4d:13:c9:02:
86:0c:14:da
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYVvC3BcZe6t/zqnDBYz8bwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNzIwOWY4YjdlZDRmYTliZmIyNzg4ODBjMjlmOThkNmE5
NmI2M2MwHhcNMjMwMTAxMjAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQyNTk4OTQ2NDVhMjI3ODlmM2M4MjliODQ1NDJhOWY2MmViMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4USZvqs6PMvRIT7Fvq+rAI12lNs9
rRyF9y20NyYxD7ITF9LHsjzxSFgk/jAIAaOG+00Dwtuhe55SwyiIAFKgbt8kQORC
/STqNHCCCuvqHLUi2qFVSu47Sav00abo41Epa4GRa6bNPXLGmk2TqURNmH2xIo6R
G0/0s0OqWP2KEOxtWDxIGea1EWqg3OxQ2jHCyvAqK9TP9E1EoJxRKnL6/P7bGbMv
hbqSmtwkkO96M7UpaPPiafu7IhR3Jywkjp1Y1QhiGR3hk9BTL8JQ28T1mH5bWmPz
p766+Yj0BEQI30OCpID9QAeXz/y9Pl4gWQd1KxPV0O0PytqHIkusrBVT8wIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFF1CWYlGRaInifPIKbhFQqn2LrJdMB8GA1UdIwQY
MBaAFEpyCfi37U+pv7J4iAwp+Y1qlrY8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU25JSi1MZnRUNm1fc25pSURDbjVqV3FXdGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80NmQ1OTUtOWI2OS00OGJkLWJkMDEt
YzI0MGM5YWZkMTQ5LzEvWFVKWmlVWkZvaWVKODhncHVFVkNxZll1c2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80NmQ1OTUtOWI2OS00OGJkLWJkMDEtYzI0MGM5YWZkMTQ5
LzEvU25JSi1MZnRUNm1fc25pSURDbjVqV3FXdGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAkBAIAATAeAwQCLV80AwQC
LYR8AwQCLY5wAwQCufSkAwQCufU8MC0EAgACMCcDBQAqDTWAAwcAKg01hBERMA4D
BQAqDTWFAwUAKg01hgMFAyoO2MAwDQYJKoZIhvcNAQELBQADggEBAEc+Y8J1o5rz
xS66zUja57ga7+T320C5iz2MvAZWN3fvp9uJdNLY21mhnpCYngU9tvgGb5MuianL
w5HnekE3IOR8HSCnBWXLMwzrbigFurcKFA7FpVhcvgrE6K6aqrUw4gKUVbhgdyC6
09xtpmEg0tLGeodtjucN0606+WglKUKgO1AkGOLSnglxqfTIk6eiWqqURnMfijiu
k62GHiD3s0cMExC8qKXuiG1N3QU95KdINX8nAbnEXaA/CmL7Vp1U7bF5BX5ods2x
6zohIPGwqFesU8JYv6cc5EFkFeMCIi/plC8Dbt7PB5iz94h700sNScpTa5IVwQDC
TRPJAoYMFNo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:48 2024 by rpki-client on console-fra.rpki-client.org