Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/8d7e7c-db7a-465f-8032-255100f2016a/1/pQHoKKU9tEhfymHE48an5c4w0jM.roa
File: pQHoKKU9tEhfymHE48an5c4w0jM.roa (raw, json)
Hash identifier: WMCwLU/SnOjTFCG0+gNWheVLHpfLUULMS6PA6j7us1E=
Subject key identifier: A5:01:E8:28:A5:3D:B4:48:5F:CA:61:C4:E3:C6:A7:E5:CE:30:D2:33
Certificate issuer: /CN=073a6d3de5c125c1fe8b5fbe89584656e5861a2d
Certificate serial: 01853E4D0DDBEC6CEB1DA62D9F5FE28945E3
Authority key identifier: 07:3A:6D:3D:E5:C1:25:C1:FE:8B:5F:BE:89:58:46:56:E5:86:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BzptPeXBJcH-i1--iVhGVuWGGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/8d7e7c-db7a-465f-8032-255100f2016a/1/pQHoKKU9tEhfymHE48an5c4w0jM.roa
Signing time: Fri 23 Dec 2022 09:25:15 +0000
ROA not before: Fri 23 Dec 2022 09:25:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39405
IP address blocks: 185.246.25.0/24 maxlen: 24
185.116.128.0/22 maxlen: 24
185.117.16.0/22 maxlen: 24
193.84.73.0/24 maxlen: 24
185.244.72.0/22 maxlen: 24
45.153.92.0/22 maxlen: 22
185.224.35.0/24 maxlen: 24
185.224.34.0/24 maxlen: 24
185.224.33.0/24 maxlen: 24
185.224.32.0/24 maxlen: 24
185.246.24.0/24 maxlen: 24
185.253.92.0/22 maxlen: 24
141.0.200.0/21 maxlen: 24
185.249.184.0/22 maxlen: 24
185.227.0.0/22 maxlen: 24
185.246.96.0/22 maxlen: 24
93.93.40.0/21 maxlen: 24
45.145.112.0/22 maxlen: 22
185.247.86.0/23 maxlen: 24
2a01:6600::/32 maxlen: 32
2a0c:4400::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:4d:0d:db:ec:6c:eb:1d:a6:2d:9f:5f:e2:89:45:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073a6d3de5c125c1fe8b5fbe89584656e5861a2d
Validity
Not Before: Dec 23 09:25:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a501e828a53db4485fca61c4e3c6a7e5ce30d233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:52:c7:fb:44:80:db:4f:49:a0:cc:e6:31:f5:
da:6c:dc:a5:93:d8:a1:43:4e:00:4a:99:00:88:24:
21:56:4b:ff:d5:4a:77:bf:b2:57:31:7e:be:c6:58:
05:23:10:fd:aa:08:85:01:46:a0:34:8d:27:22:ac:
39:d6:bf:9e:87:20:f5:b8:09:f7:ad:6a:63:f7:18:
81:d4:83:11:5b:25:04:9b:f2:94:1a:79:01:2c:da:
bc:38:20:e3:77:ee:aa:1b:29:a6:46:24:11:36:55:
85:36:8a:6a:67:b8:16:57:3a:42:e4:90:37:32:f3:
6b:60:dd:14:d1:8a:0e:31:a4:d5:7d:cb:92:e2:65:
40:68:f1:6a:8a:c9:b4:42:fe:c0:2e:00:2e:d1:18:
7b:94:0a:23:be:1f:53:6b:dc:b4:a0:ac:af:5d:b3:
43:3c:79:af:d4:4c:6e:ee:ba:81:b6:ab:49:05:16:
50:67:e1:56:56:80:dd:e8:60:58:2e:88:62:35:f1:
36:6b:0d:91:7b:e4:26:99:84:c1:3e:f3:ea:18:21:
a2:58:9d:e9:5d:59:52:0f:2d:15:90:e9:97:e6:2d:
cc:54:05:97:28:fb:d7:f0:55:c6:71:3a:41:8c:38:
e3:b1:9d:e1:1a:d4:f8:50:08:5d:ca:73:f9:0a:1e:
20:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:01:E8:28:A5:3D:B4:48:5F:CA:61:C4:E3:C6:A7:E5:CE:30:D2:33
X509v3 Authority Key Identifier:
keyid:07:3A:6D:3D:E5:C1:25:C1:FE:8B:5F:BE:89:58:46:56:E5:86:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BzptPeXBJcH-i1--iVhGVuWGGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8d7e7c-db7a-465f-8032-255100f2016a/1/pQHoKKU9tEhfymHE48an5c4w0jM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8d7e7c-db7a-465f-8032-255100f2016a/1/BzptPeXBJcH-i1--iVhGVuWGGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.112.0/22
45.153.92.0/22
93.93.40.0/21
141.0.200.0/21
185.116.128.0/22
185.117.16.0/22
185.224.32.0/22
185.227.0.0/22
185.244.72.0/22
185.246.24.0/23
185.246.96.0/22
185.247.86.0/23
185.249.184.0/22
185.253.92.0/22
193.84.73.0/24
IPv6:
2a01:6600::/32
2a0c:4400::/32
Signature Algorithm: sha256WithRSAEncryption
1f:b8:29:d1:1c:18:f4:a1:76:62:2d:15:9d:f6:5e:61:5f:65:
d4:88:a7:7f:c3:40:7c:be:c9:b5:2b:f1:4c:d1:61:81:eb:35:
34:5e:20:f8:1e:9c:ba:76:ca:39:4a:38:ab:d0:ea:87:32:8e:
71:c6:b9:d9:c6:5c:13:9f:a1:11:75:fa:5c:6d:af:12:52:71:
f0:7a:51:e3:fa:db:36:8f:2b:57:b3:4b:f4:6e:f0:1f:ec:cb:
bd:51:c9:5e:0e:f1:d2:3c:ce:6e:3d:f9:01:54:7c:5f:11:f7:
a4:37:63:42:7d:e6:96:9f:99:26:4e:a5:f6:a2:2d:51:ca:d9:
3f:90:aa:e9:cf:67:f8:e2:07:f8:32:20:fd:56:81:4d:8e:f7:
cb:6f:06:db:c3:fb:45:e3:ec:4d:6a:bc:8f:21:44:df:5b:5a:
d1:25:5f:13:94:a1:3e:50:29:15:c1:e2:1b:a4:2b:56:ea:67:
5c:e4:4d:d8:3b:70:06:09:df:40:99:d4:56:6b:12:aa:36:65:
c9:d5:22:9f:f9:93:9f:d7:7e:3f:e6:c1:8c:73:f0:fe:f2:9e:
a9:da:d7:3a:cf:22:24:a6:c4:53:33:ce:7b:b5:47:d2:67:e6:
e2:0d:88:a1:e7:49:b5:3d:6f:92:4e:e4:b6:b6:c1:1c:b7:bc:
66:1d:09:9f
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYU+TQ3b7GzrHaYtn1/iiUXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2E2ZDNkZTVjMTI1YzFmZThiNWZiZTg5NTg0NjU2ZTU4
NjFhMmQwHhcNMjIxMjIzMDkyNTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTAxZTgyOGE1M2RiNDQ4NWZjYTYxYzRlM2M2YTdlNWNlMzBkMjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFLH+0SA209JoMzmMfXabNylk9ih
Q04ASpkAiCQhVkv/1Up3v7JXMX6+xlgFIxD9qgiFAUagNI0nIqw51r+ehyD1uAn3
rWpj9xiB1IMRWyUEm/KUGnkBLNq8OCDjd+6qGymmRiQRNlWFNopqZ7gWVzpC5JA3
MvNrYN0U0YoOMaTVfcuS4mVAaPFqism0Qv7ALgAu0Rh7lAojvh9Ta9y0oKyvXbND
PHmv1Exu7rqBtqtJBRZQZ+FWVoDd6GBYLohiNfE2aw2Re+QmmYTBPvPqGCGiWJ3p
XVlSDy0VkOmX5i3MVAWXKPvX8FXGcTpBjDjjsZ3hGtT4UAhdynP5Ch4gUQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFKUB6CilPbRIX8phxOPGp+XOMNIzMB8GA1UdIwQY
MBaAFAc6bT3lwSXB/otfvolYRlblhhotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnpwdFBlWEJKY0gtaTEtLWlWaEdWdVdHR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS84ZDdlN2MtZGI3YS00NjVmLTgwMzIt
MjU1MTAwZjIwMTZhLzEvcFFIb0tLVTl0RWhmeW1IRTQ4YW41YzR3MGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS84ZDdlN2MtZGI3YS00NjVmLTgwMzItMjU1MTAwZjIwMTZh
LzEvQnpwdFBlWEJKY0gtaTEtLWlWaEdWdVdHR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwYAQCAAEwWgMEAi2RcAME
Ai2ZXAMEA11dKAMEA40AyAMEArl0gAMEArl1EAMEArngIAMEArnjAAMEArn0SAME
Abn2GAMEArn2YAMEAbn3VgMEArn5uAMEArn9XAMEAMFUSTAUBAIAAjAOAwUAKgFm
AAMFACoMRAAwDQYJKoZIhvcNAQELBQADggEBAB+4KdEcGPShdmItFZ32XmFfZdSI
p3/DQHy+ybUr8UzRYYHrNTReIPgenLp2yjlKOKvQ6ocyjnHGudnGXBOfoRF1+lxt
rxJScfB6UeP62zaPK1ezS/Ru8B/sy71RyV4O8dI8zm49+QFUfF8R96Q3Y0J95paf
mSZOpfaiLVHK2T+QqunPZ/jiB/gyIP1WgU2O98tvBtvD+0Xj7E1qvI8hRN9bWtEl
XxOUoT5QKRXB4hukK1bqZ1zkTdg7cAYJ30CZ1FZrEqo2ZcnVIp/5k5/Xfj/mwYxz
8P7ynqna1zrPIiSmxFMzznu1R9Jn5uINiKHnSbU9b5JO5La2wRy3vGYdCZ8=
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:35:48 2025 by rpki-client