Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/9hfPluC-egS-5IX8VwFirI4OD0I.roa
File: 9hfPluC-egS-5IX8VwFirI4OD0I.roa (raw, json)
Hash identifier: GN4bJAaFWMh7ZezYL+4tRZTREE22PyqJ05WfpU2fHH4=
Subject key identifier: F6:17:CF:96:E0:BE:7A:04:BE:E4:85:FC:57:01:62:AC:8E:0E:0F:42
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194688061E4BFB6160792E6CCA9CA899B9C
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/9hfPluC-egS-5IX8VwFirI4OD0I.roa
Signing time: Wed 15 Jan 2025 05:47:11 +0000
ROA not before: Wed 15 Jan 2025 05:47:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.21.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:68:80:61:e4:bf:b6:16:07:92:e6:cc:a9:ca:89:9b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 15 05:47:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f617cf96e0be7a04bee485fc570162ac8e0e0f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:32:fe:02:b2:56:16:93:bf:8d:42:0f:b4:db:
54:32:2d:97:ff:6e:f6:50:d7:3b:0b:29:0a:e8:65:
67:dc:b7:9c:db:12:65:f2:b5:5a:c6:8b:7f:30:45:
b0:c3:df:bb:44:aa:f6:8a:c3:a9:e5:6e:11:c7:af:
2d:57:08:14:7a:bd:e4:27:d0:ed:97:34:69:13:44:
6f:f7:55:c4:55:aa:33:22:ed:aa:2c:ab:62:a8:ec:
9b:28:f9:e4:41:fb:94:46:cc:ba:be:c0:6a:ef:1f:
15:eb:f5:d5:93:24:81:d1:fa:b8:9f:c5:e0:a2:37:
a0:33:e8:36:87:bd:f2:eb:88:37:4e:34:e4:37:c5:
ce:f7:ad:33:68:fe:1f:22:9d:68:f2:d1:8e:be:c3:
98:4a:ab:e4:cd:32:b8:4c:48:d8:c3:e3:b8:66:5b:
6b:01:ea:3f:af:32:2a:ac:b0:aa:10:38:24:b3:31:
63:25:34:c4:8f:21:8e:b0:e1:b5:f7:52:75:4f:1e:
18:05:32:c0:05:42:8b:18:3e:91:92:04:93:2b:a7:
2e:e5:ef:81:4e:08:8b:9f:21:4a:63:18:93:3e:fe:
3f:d6:ac:ad:d0:43:d4:e5:ab:c9:29:0d:c6:b0:21:
61:d2:ce:dc:62:90:7e:84:6b:59:50:ae:ee:08:0b:
7b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:17:CF:96:E0:BE:7A:04:BE:E4:85:FC:57:01:62:AC:8E:0E:0F:42
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/9hfPluC-egS-5IX8VwFirI4OD0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
185.117.20.0-185.117.22.255
185.211.48.0-185.211.50.255
Signature Algorithm: sha256WithRSAEncryption
28:10:8a:56:6f:bc:ef:16:55:0c:c5:86:c3:4b:e7:cb:6e:7e:
bd:0a:23:cf:4d:d0:82:bf:7a:90:ff:f2:6d:ed:94:ec:74:9d:
42:0d:cb:6a:92:36:2d:85:c4:cd:49:f2:2d:dd:d0:2b:e6:9e:
a1:e3:75:7c:d6:94:21:31:58:00:7c:d3:2e:75:3e:c0:c2:2f:
da:6f:68:8d:a4:ad:fb:86:9a:4a:f1:2f:2f:56:18:24:33:5e:
95:d8:c7:43:24:74:3b:ae:57:5e:24:d5:06:a4:22:4f:a2:d0:
a2:24:ee:57:ab:75:87:8f:ab:bd:27:cf:ff:fd:54:50:6b:fa:
a3:c0:26:3d:4e:36:ef:9b:69:f0:77:36:67:52:e4:9c:b0:cf:
56:cb:08:61:d4:60:fe:e6:21:08:66:dc:2d:7c:f4:e4:dc:3b:
64:15:c1:7f:03:fe:40:cd:78:e8:59:89:80:49:bd:ff:b9:3a:
c7:98:3f:87:f4:3d:3b:99:ad:0a:65:82:10:da:3e:1c:9a:96:
cf:36:e8:2b:a1:bc:ba:c9:82:81:1f:fe:50:b2:f2:2f:91:ad:
0a:b4:52:28:b2:78:f6:ec:6b:fd:6f:c0:72:1f:39:3f:f2:61:
87:6f:0d:b1:21:a9:70:db:57:92:12:b2:e7:1b:1d:45:b1:97:
e2:92:1e:7d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZRogGHkv7YWB5LmzKnKiZucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTE1MDU0NzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjE3Y2Y5NmUwYmU3YTA0YmVlNDg1ZmM1NzAxNjJhYzhlMGUwZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDL+ArJWFpO/jUIPtNtUMi2X/272
UNc7CykK6GVn3Lec2xJl8rVaxot/MEWww9+7RKr2isOp5W4Rx68tVwgUer3kJ9Dt
lzRpE0Rv91XEVaozIu2qLKtiqOybKPnkQfuURsy6vsBq7x8V6/XVkySB0fq4n8Xg
ojegM+g2h73y64g3TjTkN8XO960zaP4fIp1o8tGOvsOYSqvkzTK4TEjYw+O4Zltr
Aeo/rzIqrLCqEDgkszFjJTTEjyGOsOG191J1Tx4YBTLABUKLGD6RkgSTK6cu5e+B
TgiLnyFKYxiTPv4/1qyt0EPU5avJKQ3GsCFh0s7cYpB+hGtZUK7uCAt72wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPYXz5bgvnoEvuSF/FcBYqyODg9CMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvOWhmUGx1Qy1lZ1MtNUlYOFZ3RmlySTRPRDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCLYgAMAwD
BAK5dRQDBAC5dRYwDAMEBLnTMAMEALnTMjANBgkqhkiG9w0BAQsFAAOCAQEAKBCK
Vm+87xZVDMWGw0vny25+vQojz03Qgr96kP/ybe2U7HSdQg3LapI2LYXEzUnyLd3Q
K+aeoeN1fNaUITFYAHzTLnU+wMIv2m9ojaSt+4aaSvEvL1YYJDNeldjHQyR0O65X
XiTVBqQiT6LQoiTuV6t1h4+rvSfP//1UUGv6o8AmPU4275tp8Hc2Z1LknLDPVssI
YdRg/uYhCGbcLXz05Nw7ZBXBfwP+QM146FmJgEm9/7k6x5g/h/Q9O5mtCmWCENo+
HJqWzzboK6G8usmCgR/+ULLyL5GtCrRSKLJ49uxr/W/Ach85P/Jhh28NsSGpcNtX
khKy5xsdRbGX4pIefQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:36:57 2025 by rpki-client