Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/6cf2e6-b083-4afd-8cc7-20a1173589df/1/03gez71xJiHoBIIWRBnSXerMBwQ.roa
File: 03gez71xJiHoBIIWRBnSXerMBwQ.roa (raw, json)
Hash identifier: lz2APQ695hWOf9a/Wp4wRADpKyikp+VUrl9O/kZ9who=
Subject key identifier: D3:78:1E:CF:BD:71:26:21:E8:04:82:16:44:19:D2:5D:EA:CC:07:04
Certificate issuer: /CN=9e38bc2e142fbebe5bd5575eaaeefb9f7890dd6b
Certificate serial: 02ED02A9
Authority key identifier: 9E:38:BC:2E:14:2F:BE:BE:5B:D5:57:5E:AA:EE:FB:9F:78:90:DD:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nji8LhQvvr5b1Vdequ77n3iQ3Ws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/6cf2e6-b083-4afd-8cc7-20a1173589df/1/03gez71xJiHoBIIWRBnSXerMBwQ.roa
Signing time: Sat 01 Jan 2022 16:05:23 +0000
ROA not before: Sat 01 Jan 2022 16:05:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60548
IP address blocks: 45.157.232.0/22 maxlen: 24
194.48.217.0/24 maxlen: 24
185.254.96.0/22 maxlen: 24
2a0c:4ac0:1200::/40 maxlen: 40
2a0c:4ac0:1100::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49087145 (0x2ed02a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e38bc2e142fbebe5bd5575eaaeefb9f7890dd6b
Validity
Not Before: Jan 1 16:05:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3781ecfbd712621e80482164419d25deacc0704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:de:81:58:56:53:ed:ed:56:6d:19:6f:49:e1:
76:04:ca:fd:bf:87:b1:04:63:bc:bb:49:7a:69:90:
ec:13:07:fd:30:3c:7d:70:76:ab:f2:9a:94:c3:a6:
92:98:66:16:9a:33:38:e3:f0:4b:da:08:60:62:74:
a7:69:9a:90:a6:ca:9c:cc:ee:83:ee:e8:8b:16:24:
55:b9:bf:b9:7c:6b:5b:57:e4:34:4b:3d:07:a4:cd:
93:d5:55:c8:25:9b:69:e2:80:f1:c4:d4:1c:36:2f:
66:42:0e:b5:f2:f9:2c:6b:4c:de:1e:9f:c2:74:75:
94:bb:ef:45:cf:05:b6:ed:db:60:c6:a4:bc:c7:a5:
95:be:a5:57:d5:9e:79:2b:df:19:1c:92:bf:a1:9a:
36:1f:3f:d5:50:ad:ab:d9:c1:ed:8b:08:87:11:bd:
4f:7d:8f:41:38:9e:8c:cb:58:39:bb:7d:f8:e7:e1:
f4:48:5e:a5:1f:dd:ab:68:2c:2d:79:da:fc:50:11:
bd:9f:b4:4b:a3:95:33:4d:90:87:01:a2:b8:d2:8b:
f9:cc:98:d3:42:f9:85:f4:a4:8d:72:82:9d:97:14:
a6:a7:03:fa:be:75:7e:8c:e4:9f:b1:e0:88:93:ac:
7e:ed:95:14:72:d2:b9:10:d1:ab:3b:bf:d2:b4:df:
c9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:78:1E:CF:BD:71:26:21:E8:04:82:16:44:19:D2:5D:EA:CC:07:04
X509v3 Authority Key Identifier:
keyid:9E:38:BC:2E:14:2F:BE:BE:5B:D5:57:5E:AA:EE:FB:9F:78:90:DD:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nji8LhQvvr5b1Vdequ77n3iQ3Ws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/6cf2e6-b083-4afd-8cc7-20a1173589df/1/03gez71xJiHoBIIWRBnSXerMBwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/6cf2e6-b083-4afd-8cc7-20a1173589df/1/nji8LhQvvr5b1Vdequ77n3iQ3Ws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.232.0/22
185.254.96.0/22
194.48.217.0/24
IPv6:
2a0c:4ac0:1100::-2a0c:4ac0:12ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
77:3e:86:4a:4c:50:31:fc:0c:d2:37:00:1d:c1:25:af:49:5c:
56:e8:6b:93:88:d0:1b:cd:a5:8b:ce:4d:fb:70:2e:d8:01:27:
36:50:ae:8b:3a:23:8f:2b:01:09:cd:c2:30:64:4c:50:56:70:
52:4b:8f:f6:d5:ed:11:2d:fc:1d:ad:5e:21:bf:f0:f0:ff:c9:
03:e2:64:cd:62:93:2a:19:e5:20:7c:e9:25:3c:4f:ce:78:ba:
09:5b:be:4a:37:cc:17:08:8f:b7:19:a6:3b:5a:ac:aa:cf:b7:
86:82:0d:e7:25:da:cb:48:88:2c:f5:88:e8:89:75:12:de:8c:
66:40:8a:53:c5:ae:6e:c8:42:4c:c7:52:dd:63:8c:27:1f:c2:
1f:23:9e:fd:8f:5c:22:cf:78:0c:b0:f7:64:f3:1a:88:24:12:
b9:87:f4:18:8d:38:bb:cc:43:fa:c0:3e:0b:e3:0e:5c:29:64:
0d:45:00:09:0b:92:0c:cf:f6:4c:22:b0:8b:0c:d4:bb:49:c7:
f1:47:65:70:bb:ec:a6:e3:f5:13:9a:dc:46:be:3a:39:c9:84:
25:73:1f:0a:68:6c:55:15:71:b1:06:e0:23:a4:6f:fe:ad:5b:
a1:6f:9e:1d:4d:4e:01:8e:93:67:b6:93:1b:46:f0:85:cd:75:
b7:ff:e4:e0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEAu0CqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTM4YmMyZTE0MmZiZWJlNWJkNTU3NWVhYWVlZmI5Zjc4OTBkZDZiMB4XDTIyMDEw
MTE2MDUyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM3ODFlY2ZiZDcx
MjYyMWU4MDQ4MjE2NDQxOWQyNWRlYWNjMDcwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfegVhWU+3tVm0Zb0nhdgTK/b+HsQRjvLtJemmQ7BMH/TA8
fXB2q/KalMOmkphmFpozOOPwS9oIYGJ0p2makKbKnMzug+7oixYkVbm/uXxrW1fk
NEs9B6TNk9VVyCWbaeKA8cTUHDYvZkIOtfL5LGtM3h6fwnR1lLvvRc8Ftu3bYMak
vMellb6lV9WeeSvfGRySv6GaNh8/1VCtq9nB7YsIhxG9T32PQTiejMtYObt9+Ofh
9EhepR/dq2gsLXna/FARvZ+0S6OVM02QhwGiuNKL+cyY00L5hfSkjXKCnZcUpqcD
+r51fozkn7HgiJOsfu2VFHLSuRDRqzu/0rTfyY0CAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBTTeB7PvXEmIegEghZEGdJd6swHBDAfBgNVHSMEGDAWgBSeOLwuFC++vlvV
V16q7vufeJDdazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25qaThMaFF2dnI1YjFWZGVxdTc3bjNpUTNXcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvNmNmMmU2LWIwODMtNGFmZC04Y2M3LTIwYTExNzM1ODlkZi8x
LzAzZ2V6NzF4SmlIb0JJSVdSQm5TWGVyTUJ3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
NmNmMmU2LWIwODMtNGFmZC04Y2M3LTIwYTExNzM1ODlkZi8xL25qaThMaFF2dnI1
YjFWZGVxdTc3bjNpUTNXcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEAi2d6AMEArn+YAMEAMIw2TAYBAIA
AjASMBADBgAqDErAEQMGACoMSsASMA0GCSqGSIb3DQEBCwUAA4IBAQB3PoZKTFAx
/AzSNwAdwSWvSVxW6GuTiNAbzaWLzk37cC7YASc2UK6LOiOPKwEJzcIwZExQVnBS
S4/21e0RLfwdrV4hv/Dw/8kD4mTNYpMqGeUgfOklPE/OeLoJW75KN8wXCI+3GaY7
Wqyqz7eGgg3nJdrLSIgs9YjoiXUS3oxmQIpTxa5uyEJMx1LdY4wnH8IfI579j1wi
z3gMsPdk8xqIJBK5h/QYjTi7zEP6wD4L4w5cKWQNRQAJC5IMz/ZMIrCLDNS7Scfx
R2Vwu+ym4/UTmtxGvjo5yYQlcx8KaGxVFXGxBuAjpG/+rVuhb54dTU4BjpNntpMb
RvCFzXW3/+Tg
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:35 2025 by rpki-client