Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/y-HAJt-CbQPRgql9Ue-TAPUiTVU.roa
File: y-HAJt-CbQPRgql9Ue-TAPUiTVU.roa (raw, json)
Hash identifier: 3yB5yJhLwEvSYs/fk2t82WQfYsXETG/NOhlzHBnsvoE=
Subject key identifier: CB:E1:C0:26:DF:82:6D:03:D1:82:A9:7D:51:EF:93:00:F5:22:4D:55
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01941FFA18F747E91188102F6F6BDCBFC7DE
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/y-HAJt-CbQPRgql9Ue-TAPUiTVU.roa
Signing time: Wed 01 Jan 2025 03:47:51 +0000
ROA not before: Wed 01 Jan 2025 03:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:18:f7:47:e9:11:88:10:2f:6f:6b:dc:bf:c7:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 1 03:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbe1c026df826d03d182a97d51ef9300f5224d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bb:35:f0:93:49:9d:17:84:70:d9:12:5d:d3:
5c:0c:66:f0:9a:86:61:f7:41:73:d6:ea:4d:59:46:
8c:64:19:48:cb:e3:3a:a5:16:ed:20:03:31:40:e5:
d5:ef:a2:a4:a1:61:69:43:91:7a:16:21:4a:64:76:
c9:5a:99:f6:2c:e6:95:12:86:78:75:91:1c:18:15:
d0:15:26:5f:9b:6d:51:51:6c:aa:d1:13:84:89:d1:
2f:f2:ac:21:ec:63:d9:6a:06:95:55:87:2c:bc:7a:
f8:4c:c3:4e:96:92:48:6a:f7:f9:0d:37:93:1a:de:
41:66:13:45:49:f5:6d:4f:96:7b:dc:79:b9:1e:18:
c0:a1:34:70:cd:59:4c:b6:26:09:c2:62:19:f8:82:
71:ef:35:8b:de:db:74:b4:d2:56:9f:8d:e9:df:8e:
8e:8b:0b:67:6c:99:88:0a:36:2f:77:63:e5:4e:28:
15:3e:f2:1f:c6:82:10:f3:aa:14:ad:64:5b:5e:a8:
a1:7d:ad:4f:ef:6d:0b:68:9b:a8:f7:e6:4f:3b:72:
13:51:d7:37:de:6c:ee:39:1d:ab:ec:e2:98:c4:c1:
04:e9:45:8a:de:75:b7:d5:5d:d1:c5:3b:93:b6:0f:
30:25:e7:87:dd:a4:c5:2a:91:fa:91:3d:b2:63:30:
bc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:E1:C0:26:DF:82:6D:03:D1:82:A9:7D:51:EF:93:00:F5:22:4D:55
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/y-HAJt-CbQPRgql9Ue-TAPUiTVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
45.141.235.0/24
91.92.47.0/24
93.152.205.0-93.152.206.255
93.152.208.0-93.152.216.255
93.152.220.0/23
93.152.223.0/24
Signature Algorithm: sha256WithRSAEncryption
47:00:20:03:5a:ae:f3:43:25:0c:f3:ad:e4:76:37:bc:37:a5:
9e:0a:fc:2d:3a:7c:96:09:b1:84:21:c8:22:36:0d:9a:f3:db:
cd:de:73:4a:8e:26:4e:bd:69:6e:53:0b:82:47:76:38:c6:45:
7a:6b:2d:34:88:bd:f2:fc:e7:31:8e:40:c1:3e:e3:98:bd:81:
b3:2e:46:05:c3:68:b8:1f:e1:f6:65:7f:a7:f5:2c:7e:89:34:
8b:15:eb:c8:5a:4c:d6:96:7b:d4:be:73:c0:26:dc:62:82:36:
68:ad:50:f1:d7:12:b7:3e:54:db:15:87:cf:54:5c:93:4c:05:
85:a7:89:65:7c:4a:69:10:79:73:9e:ae:bc:84:98:7b:63:40:
a0:32:8c:65:19:80:0f:69:2f:aa:c6:4d:b9:f0:65:a2:55:29:
a9:59:96:d0:31:7b:0d:22:5f:da:a6:7b:d2:c8:77:70:1b:56:
2c:b2:6f:4f:a6:ed:fa:31:db:e8:fd:4f:e2:31:b8:83:93:a9:
20:d4:30:9f:49:48:a8:b6:5b:48:6f:9c:37:d9:3f:d8:c7:14:
16:7a:8f:6a:ff:f4:bb:c0:ed:b2:dd:16:72:a8:f2:66:05:a8:
6a:55:01:c2:b3:e0:0d:1a:85:87:e7:55:45:ab:67:49:7d:d8:
88:dc:98:d1
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQf+hj3R+kRiBAvb2vcv8feMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwMTAxMDM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmUxYzAyNmRmODI2ZDAzZDE4MmE5N2Q1MWVmOTMwMGY1MjI0ZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrs18JNJnReEcNkSXdNcDGbwmoZh
90Fz1upNWUaMZBlIy+M6pRbtIAMxQOXV76KkoWFpQ5F6FiFKZHbJWpn2LOaVEoZ4
dZEcGBXQFSZfm21RUWyq0ROEidEv8qwh7GPZagaVVYcsvHr4TMNOlpJIavf5DTeT
Gt5BZhNFSfVtT5Z73Hm5HhjAoTRwzVlMtiYJwmIZ+IJx7zWL3tt0tNJWn43p346O
iwtnbJmICjYvd2PlTigVPvIfxoIQ86oUrWRbXqihfa1P720LaJuo9+ZPO3ITUdc3
3mzuOR2r7OKYxMEE6UWK3nW31V3RxTuTtg8wJeeH3aTFKpH6kT2yYzC8fwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFMvhwCbfgm0D0YKpfVHvkwD1Ik1VMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEveS1IQUp0LUNiUVBSZ3FsOVVlLVRBUFVpVFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQALY3oAwQA
LY3rAwQAW1wvMAwDBABdmM0DBABdmM4wDAMEBF2Y0AMEAF2Y2AMEAV2Y3AMEAF2Y
3zANBgkqhkiG9w0BAQsFAAOCAQEARwAgA1qu80MlDPOt5HY3vDelngr8LTp8lgmx
hCHIIjYNmvPbzd5zSo4mTr1pblMLgkd2OMZFemstNIi98vznMY5AwT7jmL2Bsy5G
BcNouB/h9mV/p/Usfok0ixXryFpM1pZ71L5zwCbcYoI2aK1Q8dcStz5U2xWHz1Rc
k0wFhaeJZXxKaRB5c56uvISYe2NAoDKMZRmAD2kvqsZNufBlolUpqVmW0DF7DSJf
2qZ70sh3cBtWLLJvT6bt+jHb6P1P4jG4g5OpINQwn0lIqLZbSG+cN9k/2McUFnqP
av/0u8Dtst0WcqjyZgWoalUBwrPgDRqFh+dVRatnSX3YiNyY0Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:20:07 2025 by rpki-client