Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rDj0bw1CWN1FmozTSt0GiHV1ll0.roa
File: rDj0bw1CWN1FmozTSt0GiHV1ll0.roa (raw, json)
Hash identifier: wQjMhUKPC8isSjq2fQ86ISlu9oWeJvI3/KZoPKT0GhA=
Subject key identifier: AC:38:F4:6F:0D:42:58:DD:45:9A:8C:D3:4A:DD:06:88:75:75:96:5D
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01949C1E1D6D1B3EE3AB7FA435378FC02A39
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rDj0bw1CWN1FmozTSt0GiHV1ll0.roa
Signing time: Sat 25 Jan 2025 06:20:06 +0000
ROA not before: Sat 25 Jan 2025 06:20:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.21.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.144.100.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
185.227.240.0/24 maxlen: 32
185.227.241.0/24 maxlen: 32
185.227.242.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.208.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.100.0/24 maxlen: 32
194.36.101.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.65.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
195.85.71.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9c:1e:1d:6d:1b:3e:e3:ab:7f:a4:35:37:8f:c0:2a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 25 06:20:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac38f46f0d4258dd459a8cd34add06887575965d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f2:40:07:41:fc:72:f9:53:6a:0e:a8:9f:19:
d6:0d:a8:27:a2:86:b0:be:fa:cc:65:1a:87:e6:51:
d1:42:2f:5e:e0:4c:b1:92:5d:eb:1d:c2:f2:5e:5f:
bc:05:49:99:c9:72:c0:68:6d:c5:7f:fa:21:e6:24:
ec:f2:a6:84:de:21:41:b3:63:10:7a:51:c6:d9:59:
89:b2:3c:4c:c5:2c:a5:e1:8d:52:0f:0f:c6:37:04:
ab:4c:53:95:2e:dd:9a:c4:ef:9d:9a:93:b1:06:a1:
dd:0a:de:4b:7a:38:62:0c:2a:8a:d6:f2:59:9b:15:
2c:16:cd:16:35:f5:11:2d:9a:b6:14:bd:68:35:01:
42:de:32:57:fd:af:7b:76:68:30:94:f8:ef:54:22:
86:1d:4b:ee:de:ad:5b:01:a5:1b:36:b8:93:81:fb:
ff:49:45:dd:c9:c5:89:6b:26:64:c2:5b:50:33:70:
c4:59:20:d2:45:7d:eb:72:3e:4b:40:96:32:cc:9c:
e0:42:ea:ed:fc:10:70:b7:64:22:14:28:e7:62:28:
40:12:6a:e5:88:08:78:07:7f:71:da:7c:46:a3:e9:
a1:d5:b1:7b:e7:8f:9f:d4:09:13:9a:26:41:2f:25:
36:45:95:28:68:5b:fe:5c:59:b6:ad:81:e5:8b:a6:
fb:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:38:F4:6F:0D:42:58:DD:45:9A:8C:D3:4A:DD:06:88:75:75:96:5D
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rDj0bw1CWN1FmozTSt0GiHV1ll0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
128.0.119.0/24
185.117.20.0/22
185.144.100.0/24
185.211.48.0-185.211.50.255
185.227.240.0/22
193.201.208.0/22
194.36.100.0/22
194.124.64.0/22
195.85.68.0/22
Signature Algorithm: sha256WithRSAEncryption
90:94:47:b3:4b:56:3b:90:b3:1c:5e:54:c6:0d:d3:a6:1c:3c:
ac:28:c3:1e:79:4f:a3:5e:3e:04:71:ce:a2:7a:77:1b:12:f4:
fc:6f:c8:42:6e:9e:69:72:a7:bc:b0:36:96:c4:cc:91:a7:b2:
6e:29:6e:31:6d:d1:6f:4d:a2:a6:4c:f2:c6:be:6e:6a:5a:3f:
0c:e1:21:f4:f1:58:86:12:c4:e4:3d:16:bd:b6:6e:e7:d4:ce:
f1:ed:f1:66:eb:03:8e:40:f4:f6:c2:44:18:1a:18:01:40:91:
97:1e:97:20:6d:6e:90:be:f4:a1:67:1b:e9:a3:00:62:50:ba:
e0:8a:d1:10:8d:ae:85:de:66:b0:14:96:c3:76:0e:42:2c:8c:
6d:82:80:7d:c9:d9:c6:83:c4:75:bb:43:dd:0f:ca:c5:83:2d:
bb:0d:3f:b8:49:95:66:0a:db:65:bf:3c:62:9c:65:24:0d:3c:
b6:5d:25:11:29:bb:d0:2b:ba:68:3a:df:e2:13:10:b8:02:61:
e8:05:d0:29:0c:a9:d0:6a:30:61:2b:f3:17:90:b6:c9:d4:81:
9e:6c:5e:27:62:59:8f:6e:2e:34:08:91:b8:40:29:05:40:fc:
69:ba:1a:3f:b9:23:a8:55:9e:c2:43:fa:09:67:28:27:bc:38:
04:34:91:f4
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZScHh1tGz7jq3+kNTePwCo5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTI1MDYyMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzM4ZjQ2ZjBkNDI1OGRkNDU5YThjZDM0YWRkMDY4ODc1NzU5NjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vJAB0H8cvlTag6onxnWDagnooaw
vvrMZRqH5lHRQi9e4Eyxkl3rHcLyXl+8BUmZyXLAaG3Ff/oh5iTs8qaE3iFBs2MQ
elHG2VmJsjxMxSyl4Y1SDw/GNwSrTFOVLt2axO+dmpOxBqHdCt5LejhiDCqK1vJZ
mxUsFs0WNfURLZq2FL1oNQFC3jJX/a97dmgwlPjvVCKGHUvu3q1bAaUbNriTgfv/
SUXdycWJayZkwltQM3DEWSDSRX3rcj5LQJYyzJzgQurt/BBwt2QiFCjnYihAEmrl
iAh4B39x2nxGo+mh1bF754+f1AkTmiZBLyU2RZUoaFv+XFm2rYHli6b7tQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFKw49G8NQljdRZqM00rdBoh1dZZdMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvckRqMGJ3MUNXTjFGbW96VFN0MEdpSFYxbGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCLYgAAwQA
gAB3AwQCuXUUAwQAuZBkMAwDBAS50zADBAC50zIDBAK54/ADBALBydADBALCJGQD
BALCfEADBALDVUQwDQYJKoZIhvcNAQELBQADggEBAJCUR7NLVjuQsxxeVMYN06Yc
PKwowx55T6NePgRxzqJ6dxsS9PxvyEJunmlyp7ywNpbEzJGnsm4pbjFt0W9NoqZM
8sa+bmpaPwzhIfTxWIYSxOQ9Fr22bufUzvHt8WbrA45A9PbCRBgaGAFAkZcelyBt
bpC+9KFnG+mjAGJQuuCK0RCNroXeZrAUlsN2DkIsjG2CgH3J2caDxHW7Q90PysWD
LbsNP7hJlWYK22W/PGKcZSQNPLZdJREpu9Arumg63+ITELgCYegF0CkMqdBqMGEr
8xeQtsnUgZ5sXidiWY9uLjQIkbhAKQVA/Gm6Gj+5I6hVnsJD+glnKCe8OAQ0kfQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:24:26 2025 by rpki-client