Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/3d7reb8lYm4-Mt3IdSksj96rjS0.roa
File: 3d7reb8lYm4-Mt3IdSksj96rjS0.roa (raw, json)
Hash identifier: ujeWLUx0L1Qk3wS6DhD6C5wSj0AZkx+13FHeAEmCTYI=
Subject key identifier: DD:DE:EB:79:BF:25:62:6E:3E:32:DD:C8:75:29:2C:8F:DE:AB:8D:2D
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D72702E5AE87A0AB5982B30D3C6030
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/3d7reb8lYm4-Mt3IdSksj96rjS0.roa
Signing time: Wed 01 Jan 2025 21:48:10 +0000
ROA not before: Wed 01 Jan 2025 21:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 45.8.211.0/24 maxlen: 24
45.142.120.0/24 maxlen: 24
185.174.138.0/24 maxlen: 24
185.221.160.0/24 maxlen: 24
194.53.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:27:02:e5:ae:87:a0:ab:59:82:b3:0d:3c:60:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dddeeb79bf25626e3e32ddc875292c8fdeab8d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cd:ab:d9:a2:93:a4:43:34:ca:e8:41:a1:8c:
4a:c7:7b:98:a8:85:92:1a:b1:04:41:31:dd:30:b0:
29:21:50:3a:87:b6:1f:c9:29:df:26:da:31:bb:7d:
88:40:35:b6:4a:2a:fb:0d:13:70:e4:f1:29:14:dd:
b8:ef:1a:66:0c:d0:27:96:31:d3:b4:6a:c0:b2:fa:
81:c9:e6:2d:31:46:84:5a:7b:f7:c3:45:7b:7e:93:
42:02:04:85:16:d5:69:d4:6d:ca:21:df:a9:1f:af:
c4:99:5e:a8:11:84:3b:0c:77:14:d7:f0:66:e2:35:
cc:ff:8e:6f:e9:80:92:8e:48:d3:96:ab:24:dd:9f:
fa:42:f1:b7:b2:62:09:60:93:e9:12:07:ed:13:ab:
b1:e8:49:07:75:ab:8c:de:b2:20:bc:3f:64:0b:cb:
f8:c6:28:11:97:60:6b:82:76:4b:02:ce:66:12:8e:
9a:73:69:c0:cb:e6:c3:a6:9f:5c:b5:14:c2:47:62:
fa:51:61:d4:23:25:70:cb:fb:e1:79:54:57:41:96:
a2:60:36:51:5f:03:62:cd:c8:49:a0:63:12:8a:99:
7d:0d:e7:04:85:ad:1a:15:12:19:67:48:e9:26:58:
0c:2f:d9:1b:07:c6:28:9c:1b:01:9c:b7:c1:7f:60:
80:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:DE:EB:79:BF:25:62:6E:3E:32:DD:C8:75:29:2C:8F:DE:AB:8D:2D
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/3d7reb8lYm4-Mt3IdSksj96rjS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.211.0/24
45.142.120.0/24
185.174.138.0/24
185.221.160.0/24
194.53.53.0/24
Signature Algorithm: sha256WithRSAEncryption
08:be:fa:2b:bd:db:ea:37:3b:a1:38:0f:ae:d0:23:2e:08:d6:
fd:90:3e:98:89:31:70:c5:6f:5f:9e:68:00:2e:be:4d:9e:12:
ad:ed:95:5b:00:ae:08:7a:24:5c:60:e1:ce:4c:85:a8:9c:97:
11:bf:5d:22:f9:ae:02:08:06:97:4c:b2:b6:9c:b7:cd:94:b3:
60:c1:6c:5d:b3:6c:e2:b3:36:76:3d:27:9a:2a:40:2e:84:40:
8b:a6:8d:93:70:40:f5:30:90:b2:47:8e:70:6f:2d:f7:a1:ba:
b7:e1:91:f8:41:00:6c:bd:a3:a9:54:44:dc:73:75:5b:3b:25:
db:53:80:f3:1f:5b:67:2a:fb:7f:b3:84:13:4f:a3:7a:e2:90:
47:21:95:e7:64:57:3e:d9:7b:7b:d4:28:62:28:98:44:8e:0e:
dd:76:b5:04:36:a0:cf:a4:5d:15:4c:81:c4:26:f3:b6:37:6d:
68:b0:c6:5a:83:80:d3:71:f0:14:4e:3a:85:d4:bc:d1:8c:e6:
f9:da:4a:ea:86:0a:16:d1:45:c9:8b:b1:07:16:f1:2f:3c:ac:
d8:80:27:ac:ec:1e:02:12:c3:c7:8d:32:17:29:d9:77:6f:f6:
b5:8c:4e:88:8e:55:74:22:5e:e0:83:dd:ff:ac:6e:a6:38:96:
67:af:9f:af
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQj1ycC5a6HoKtZgrMNPGAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGRlZWI3OWJmMjU2MjZlM2UzMmRkYzg3NTI5MmM4ZmRlYWI4ZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAns2r2aKTpEM0yuhBoYxKx3uYqIWS
GrEEQTHdMLApIVA6h7YfySnfJtoxu32IQDW2Sir7DRNw5PEpFN247xpmDNAnljHT
tGrAsvqByeYtMUaEWnv3w0V7fpNCAgSFFtVp1G3KId+pH6/EmV6oEYQ7DHcU1/Bm
4jXM/45v6YCSjkjTlqsk3Z/6QvG3smIJYJPpEgftE6ux6EkHdauM3rIgvD9kC8v4
xigRl2BrgnZLAs5mEo6ac2nAy+bDpp9ctRTCR2L6UWHUIyVwy/vheVRXQZaiYDZR
XwNizchJoGMSipl9DecEha0aFRIZZ0jpJlgML9kbB8YonBsBnLfBf2CA5wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN3e63m/JWJuPjLdyHUpLI/eq40tMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvM2Q3cmViOGxZbTQtTXQzSWRTa3NqOTZyalMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQjTAwQA
LY54AwQAua6KAwQAud2gAwQAwjU1MA0GCSqGSIb3DQEBCwUAA4IBAQAIvvorvdvq
NzuhOA+u0CMuCNb9kD6YiTFwxW9fnmgALr5NnhKt7ZVbAK4IeiRcYOHOTIWonJcR
v10i+a4CCAaXTLK2nLfNlLNgwWxds2ziszZ2PSeaKkAuhECLpo2TcED1MJCyR45w
by33obq34ZH4QQBsvaOpVETcc3VbOyXbU4DzH1tnKvt/s4QTT6N64pBHIZXnZFc+
2Xt71ChiKJhEjg7ddrUENqDPpF0VTIHEJvO2N21osMZag4DTcfAUTjqF1LzRjOb5
2krqhgoW0UXJi7EHFvEvPKzYgCes7B4CEsPHjTIXKdl3b/a1jE6IjlV0Il7gg93/
rG6mOJZnr5+v
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:04:57 2025 by rpki-client