Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/4lHY4uWeqHmvoaNymD_moDG2Lyw.roa
File: 4lHY4uWeqHmvoaNymD_moDG2Lyw.roa (raw, json)
Hash identifier: JlxlEX1JbWtrSymgf6LUCml6ssBX/gAxppMm1dFFwtA=
Subject key identifier: E2:51:D8:E2:E5:9E:A8:79:AF:A1:A3:72:98:3F:E6:A0:31:B6:2F:2C
Certificate issuer: /CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
Certificate serial: 0194A70BF5DAD2745D6373CECE54BE347440
Authority key identifier: 29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/4lHY4uWeqHmvoaNymD_moDG2Lyw.roa
Signing time: Mon 27 Jan 2025 09:16:06 +0000
ROA not before: Mon 27 Jan 2025 09:16:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 45.144.54.0/23 maxlen: 23
193.29.224.0/24 maxlen: 24
193.29.225.0/24 maxlen: 24
194.33.34.0/24 maxlen: 24
194.33.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:0b:f5:da:d2:74:5d:63:73:ce:ce:54:be:34:74:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
Validity
Not Before: Jan 27 09:16:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e251d8e2e59ea879afa1a372983fe6a031b62f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ed:58:c9:83:57:13:1c:2c:54:c3:02:9e:5c:
e8:71:38:24:4c:36:ac:a2:66:66:e6:4d:43:8f:57:
78:cb:04:f4:b7:bc:21:e9:e0:2a:ed:9e:3e:4e:c2:
67:0d:08:d2:c2:2e:26:76:0a:59:41:a9:29:79:cf:
92:cf:13:b2:90:b7:66:49:5b:79:52:c2:73:f7:ef:
54:d0:15:db:2c:27:2f:38:06:14:b5:d3:32:79:e4:
95:27:42:3a:9c:a2:5a:b0:08:af:bb:53:b1:0b:83:
71:3e:df:a0:08:65:d0:5f:06:c4:f8:b6:f8:36:02:
28:f6:b9:27:6f:c6:22:87:26:82:e9:3c:64:8d:d0:
e9:e7:29:06:10:b7:03:ab:c6:ec:d7:bd:91:1c:56:
c7:f9:b2:d3:c5:c2:5b:c9:ae:a2:65:aa:1d:d6:34:
9b:19:aa:f0:52:aa:e3:92:9f:21:8c:77:3f:5d:2c:
1e:56:30:97:e7:e5:9e:5e:c4:a6:5c:cd:17:2f:e2:
3d:70:94:17:b9:d7:40:9d:f1:0d:5d:b9:97:13:b3:
59:c7:71:21:df:ab:09:a2:95:66:53:83:5b:6b:d0:
2e:80:e4:a0:c0:0b:ad:fb:4b:38:ba:a3:31:f0:aa:
5e:1b:52:aa:23:75:27:81:a0:64:8a:ec:79:80:2f:
fc:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:51:D8:E2:E5:9E:A8:79:AF:A1:A3:72:98:3F:E6:A0:31:B6:2F:2C
X509v3 Authority Key Identifier:
keyid:29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/4lHY4uWeqHmvoaNymD_moDG2Lyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.54.0/23
193.29.224.0/23
194.33.34.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:b1:be:a3:17:82:23:3d:40:6e:68:9e:19:d6:f4:50:e8:e7:
ae:ba:27:07:d9:cd:c8:f4:7b:cc:1d:d2:e6:d2:d6:71:25:53:
12:4a:61:2b:c2:aa:17:47:81:15:dc:d8:95:ca:2f:29:9c:58:
72:25:f4:1a:f9:c2:2d:0e:f8:a6:bd:b4:33:2c:67:80:c7:a3:
77:a8:04:6f:64:27:9f:e8:ba:b0:34:d7:5a:e3:f4:97:f3:6b:
27:ac:3d:ce:c4:c4:09:91:a4:02:43:b6:09:3b:ee:e2:6c:94:
a8:52:0c:bb:bd:05:56:7b:4d:f8:f8:4e:1a:4d:50:2d:52:71:
c4:03:4c:af:6d:14:e3:4c:2f:a8:af:b8:b4:a0:cb:d0:2f:2e:
7c:b6:e4:6e:9d:22:ee:1c:f4:a3:0f:af:77:0f:f9:c5:2f:ef:
57:70:48:73:78:ad:c0:cb:37:04:f0:65:f6:47:4c:0a:8c:37:
31:4d:3d:fb:a8:b9:f1:96:25:b3:94:dc:ef:51:0c:99:5e:53:
e8:80:02:44:a1:9d:74:c8:3a:80:46:ab:fd:1c:55:9b:68:f0:
46:8a:e4:08:a5:b8:1c:78:2e:2e:47:13:df:f0:d4:b1:b3:3d:
4d:1b:f7:6a:02:25:f4:1f:5d:c3:cc:52:34:19:50:fc:2d:1f:
28:68:94:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZSnC/Xa0nRdY3POzlS+NHRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MGJjYzUwYTlhMzNiYTU2NTFlZmQxYWZlNDBiNmZkYjAy
NTU2ZjAwHhcNMjUwMTI3MDkxNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjUxZDhlMmU1OWVhODc5YWZhMWEzNzI5ODNmZTZhMDMxYjYyZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoO1YyYNXExwsVMMCnlzocTgkTDas
omZm5k1Dj1d4ywT0t7wh6eAq7Z4+TsJnDQjSwi4mdgpZQakpec+SzxOykLdmSVt5
UsJz9+9U0BXbLCcvOAYUtdMyeeSVJ0I6nKJasAivu1OxC4NxPt+gCGXQXwbE+Lb4
NgIo9rknb8YihyaC6TxkjdDp5ykGELcDq8bs172RHFbH+bLTxcJbya6iZaod1jSb
GarwUqrjkp8hjHc/XSweVjCX5+WeXsSmXM0XL+I9cJQXuddAnfENXbmXE7NZx3Eh
36sJopVmU4Nba9AugOSgwAut+0s4uqMx8KpeG1KqI3UngaBkiux5gC/83QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOJR2OLlnqh5r6Gjcpg/5qAxti8sMB8GA1UdIwQY
MBaAFCkLzFCpozulZR79Gv5Atv2wJVbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYt
NzY5ODI0OTNlYTFhLzEvNGxIWTR1V2VxSG12b2FOeW1EX21vREcyTHl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYtNzY5ODI0OTNlYTFh
LzEvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLZA2AwQB
wR3gAwQBwiEiMA0GCSqGSIb3DQEBCwUAA4IBAQB7sb6jF4IjPUBuaJ4Z1vRQ6Oeu
uicH2c3I9HvMHdLm0tZxJVMSSmErwqoXR4EV3NiVyi8pnFhyJfQa+cItDvimvbQz
LGeAx6N3qARvZCef6LqwNNda4/SX82snrD3OxMQJkaQCQ7YJO+7ibJSoUgy7vQVW
e034+E4aTVAtUnHEA0yvbRTjTC+or7i0oMvQLy58tuRunSLuHPSjD693D/nFL+9X
cEhzeK3AyzcE8GX2R0wKjDcxTT37qLnxliWzlNzvUQyZXlPogAJEoZ10yDqARqv9
HFWbaPBGiuQIpbgceC4uRxPf8NSxsz1NG/dqAiX0H13DzFI0GVD8LR8oaJTe
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:24:21 2025 by rpki-client