Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/cl0W_dg6-SS2WR9dVPceKMDs_Vs.roa
File: cl0W_dg6-SS2WR9dVPceKMDs_Vs.roa (raw, json)
Hash identifier: /pB+oHyiaUXmAAdbfPeCmqHZJhPFFFtRAcQpmJHE+pY=
Subject key identifier: 72:5D:16:FD:D8:3A:F9:24:B6:59:1F:5D:54:F7:1E:28:C0:EC:FD:5B
Certificate issuer: /CN=9255218b69e551143c51fa1d919512e1a44c5c9d
Certificate serial: 0194221FEF63071F115E97156E1053657E2A
Authority key identifier: 92:55:21:8B:69:E5:51:14:3C:51:FA:1D:91:95:12:E1:A4:4C:5C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klUhi2nlURQ8UfodkZUS4aRMXJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/cl0W_dg6-SS2WR9dVPceKMDs_Vs.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47196
IP address blocks: 45.143.136.0/22 maxlen: 22
45.143.136.0/24 maxlen: 24
45.143.137.0/24 maxlen: 24
45.143.138.0/24 maxlen: 24
45.143.139.0/24 maxlen: 24
46.173.209.0/24 maxlen: 24
46.173.210.0/24 maxlen: 24
46.173.211.0/24 maxlen: 24
46.173.212.0/23 maxlen: 23
46.173.212.0/24 maxlen: 24
46.173.213.0/24 maxlen: 24
46.173.214.0/23 maxlen: 23
46.173.214.0/24 maxlen: 24
46.173.215.0/24 maxlen: 24
46.173.216.0/23 maxlen: 23
46.173.216.0/24 maxlen: 24
46.173.217.0/24 maxlen: 24
46.173.218.0/23 maxlen: 23
46.173.218.0/24 maxlen: 24
46.173.219.0/24 maxlen: 24
46.173.223.0/24 maxlen: 24
91.203.192.0/24 maxlen: 24
91.203.193.0/24 maxlen: 24
91.203.194.0/24 maxlen: 24
91.203.195.0/24 maxlen: 24
195.128.120.0/22 maxlen: 22
195.128.120.0/24 maxlen: 24
195.128.121.0/24 maxlen: 24
195.128.122.0/24 maxlen: 24
195.128.123.0/24 maxlen: 24
195.128.124.0/22 maxlen: 22
195.128.124.0/24 maxlen: 24
195.128.125.0/24 maxlen: 24
195.128.126.0/24 maxlen: 24
195.128.127.0/24 maxlen: 24
2a0f:6f80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ef:63:07:1f:11:5e:97:15:6e:10:53:65:7e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9255218b69e551143c51fa1d919512e1a44c5c9d
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=725d16fdd83af924b6591f5d54f71e28c0ecfd5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:67:7c:bd:4d:ae:ea:ea:5d:06:aa:15:7a:b2:
f3:0f:39:c9:77:40:21:fe:9b:35:e2:df:65:35:73:
d4:48:fc:c5:0b:94:9c:99:c9:2a:cb:2e:96:22:c3:
67:d2:32:18:43:d5:35:72:e7:51:bb:16:32:93:2f:
74:63:be:66:05:ec:b0:4b:d9:a5:31:cf:50:47:f4:
02:0a:de:12:7f:bc:f5:1c:48:56:13:da:ab:2a:78:
e9:41:fb:88:56:5b:ea:a5:a4:91:b4:c6:67:fe:0d:
90:9a:33:37:2f:f4:6a:43:e6:6d:e1:c2:67:71:d2:
fd:d3:5c:65:04:d8:42:2d:fc:cb:a7:06:0b:a2:4c:
ed:01:9e:a8:2d:b9:44:80:75:75:9f:99:a7:c3:ec:
65:2d:9b:28:f3:50:c7:67:a3:26:f0:b6:b7:f3:8b:
c9:dc:76:49:3b:fb:0d:0d:16:95:4d:05:aa:77:70:
c4:4b:1d:2d:92:c1:a9:37:8a:3b:12:75:3d:8a:35:
55:39:35:c5:9c:0d:08:48:88:a6:ec:66:00:1a:5a:
9b:1f:92:84:b6:0b:7c:81:71:b0:3a:05:8a:e0:04:
2f:02:c3:33:66:d8:ee:c3:27:0b:18:59:c7:6b:68:
5f:50:04:5e:ca:26:12:78:a8:75:53:a5:88:2d:29:
b6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:5D:16:FD:D8:3A:F9:24:B6:59:1F:5D:54:F7:1E:28:C0:EC:FD:5B
X509v3 Authority Key Identifier:
keyid:92:55:21:8B:69:E5:51:14:3C:51:FA:1D:91:95:12:E1:A4:4C:5C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klUhi2nlURQ8UfodkZUS4aRMXJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/cl0W_dg6-SS2WR9dVPceKMDs_Vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/klUhi2nlURQ8UfodkZUS4aRMXJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.136.0/22
46.173.209.0-46.173.219.255
46.173.223.0/24
91.203.192.0/22
195.128.120.0/21
IPv6:
2a0f:6f80::/29
Signature Algorithm: sha256WithRSAEncryption
73:1a:80:d6:a1:a6:3f:29:da:54:45:49:1b:de:61:a2:e3:21:
99:8d:f8:b3:fd:7e:f2:66:cb:1a:b3:85:bc:b6:9a:c4:69:42:
12:22:19:48:01:01:cb:9d:00:b3:8c:50:89:41:c0:5b:2c:bc:
12:ca:9c:1f:6c:8b:11:eb:06:e6:38:87:50:09:9f:f3:29:7c:
3b:f2:a6:25:6a:f8:78:4e:c4:62:1b:45:00:d9:86:76:c5:5c:
cb:86:bf:a4:3c:5b:f4:04:94:9a:34:68:f4:eb:ee:56:07:0e:
f6:2d:f4:fc:79:c1:e5:68:4e:b7:4b:99:d5:20:08:78:44:b0:
ab:20:b1:99:c7:e0:a8:e3:da:c9:ee:e4:4c:07:06:67:eb:5a:
60:83:98:0d:3c:d5:e0:24:72:2c:63:b2:4b:19:cc:4d:19:38:
c3:e0:bc:52:f3:e1:a1:09:7d:58:39:57:61:ea:c9:75:85:8c:
f5:36:68:3c:20:ab:e5:31:1c:32:83:59:f5:82:0f:dd:2e:c9:
1d:d7:20:85:d6:36:14:bd:41:3e:c8:80:29:51:68:59:0b:6e:
d7:a5:72:70:ae:22:d5:c9:fa:ac:ad:a9:04:a3:af:ac:84:ca:
be:1f:e5:8e:fc:b3:c0:07:f7:9c:1c:6c:a4:bb:2b:3d:6f:02:
7a:f7:05:f5
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQiH+9jBx8RXpcVbhBTZX4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTUyMThiNjllNTUxMTQzYzUxZmExZDkxOTUxMmUxYTQ0
YzVjOWQwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjVkMTZmZGQ4M2FmOTI0YjY1OTFmNWQ1NGY3MWUyOGMwZWNmZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmd8vU2u6updBqoVerLzDznJd0Ah
/ps14t9lNXPUSPzFC5Scmckqyy6WIsNn0jIYQ9U1cudRuxYyky90Y75mBeywS9ml
Mc9QR/QCCt4Sf7z1HEhWE9qrKnjpQfuIVlvqpaSRtMZn/g2QmjM3L/RqQ+Zt4cJn
cdL901xlBNhCLfzLpwYLokztAZ6oLblEgHV1n5mnw+xlLZso81DHZ6Mm8La384vJ
3HZJO/sNDRaVTQWqd3DESx0tksGpN4o7EnU9ijVVOTXFnA0ISIim7GYAGlqbH5KE
tgt8gXGwOgWK4AQvAsMzZtjuwycLGFnHa2hfUAReyiYSeKh1U6WILSm2VQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFHJdFv3YOvkktlkfXVT3HijA7P1bMB8GA1UdIwQY
MBaAFJJVIYtp5VEUPFH6HZGVEuGkTFydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xVaGkybmxVUlE4VWZvZGtaVVM0YVJNWEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80ODI4OTYtODI2YS00YmVkLWIxNGYt
YWZmYmEyZGYzZDYyLzEvY2wwV19kZzYtU1MyV1I5ZFZQY2VLTURzX1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80ODI4OTYtODI2YS00YmVkLWIxNGYtYWZmYmEyZGYzZDYy
LzEva2xVaGkybmxVUlE4VWZvZGtaVVM0YVJNWEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCLY+IMAwD
BAAurdEDBAIurdgDBAAurd8DBAJby8ADBAPDgHgwDQQCAAIwBwMFAyoPb4AwDQYJ
KoZIhvcNAQELBQADggEBAHMagNahpj8p2lRFSRveYaLjIZmN+LP9fvJmyxqzhby2
msRpQhIiGUgBAcudALOMUIlBwFssvBLKnB9sixHrBuY4h1AJn/MpfDvypiVq+HhO
xGIbRQDZhnbFXMuGv6Q8W/QElJo0aPTr7lYHDvYt9Px5weVoTrdLmdUgCHhEsKsg
sZnH4Kjj2snu5EwHBmfrWmCDmA081eAkcixjsksZzE0ZOMPgvFLz4aEJfVg5V2Hq
yXWFjPU2aDwgq+UxHDKDWfWCD90uyR3XIIXWNhS9QT7IgClRaFkLbtelcnCuItXJ
+qytqQSjr6yEyr4f5Y78s8AH95wcbKS7Kz1vAnr3BfU=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:27 2025 by rpki-client