Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/AVwNgKf-udENCs_QD49rtStkhAo.roa
File: AVwNgKf-udENCs_QD49rtStkhAo.roa (raw, json)
Hash identifier: IyW1g2aIz9QNwn19ME3zldSrbgj69oAeFwIrr/B2pXs=
Subject key identifier: 01:5C:0D:80:A7:FE:B9:D1:0D:0A:CF:D0:0F:8F:6B:B5:2B:64:84:0A
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018F4F2503D2A05187E524AC777B4FEAD527
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/AVwNgKf-udENCs_QD49rtStkhAo.roa
Signing time: Mon 06 May 2024 18:22:56 +0000
ROA not before: Mon 06 May 2024 18:22:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.86.158.0/24 maxlen: 24
85.117.240.0/24 maxlen: 24
192.144.33.0/24 maxlen: 24
2a09:ff00:8000::/37 maxlen: 48
2a09:ff00:8800::/37 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4f:25:03:d2:a0:51:87:e5:24:ac:77:7b:4f:ea:d5:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: May 6 18:22:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=015c0d80a7feb9d10d0acfd00f8f6bb52b64840a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6c:04:43:88:ef:b5:de:ac:f4:87:8e:fe:ba:
18:3e:71:98:21:83:df:2e:57:bd:76:a4:42:ad:87:
93:d8:87:3f:72:27:5b:0d:ec:02:88:c9:8b:4a:65:
4e:fe:93:a6:cc:67:f6:d6:6f:23:5b:f0:f0:89:40:
3d:e5:36:4a:b7:0d:5a:97:d6:53:09:91:35:93:14:
2f:f8:d5:8d:2c:41:d6:f0:96:33:1c:e9:48:07:67:
d1:a7:83:63:43:95:ca:a9:76:e1:fc:f7:fb:d4:23:
76:9a:ae:1c:b2:34:24:27:10:87:7b:7e:bc:c4:ad:
4e:ea:89:20:4d:93:4d:84:c8:46:86:af:53:33:0f:
57:ca:45:d7:00:37:53:4f:e7:49:bf:6a:13:68:cb:
4d:53:bc:33:8b:ee:64:9b:c9:91:58:19:bb:77:96:
ed:23:33:82:e4:2e:1a:a7:5d:74:7f:09:fe:bc:44:
c4:96:af:1a:85:1f:ea:d4:b2:35:cd:b1:c8:29:28:
51:5d:c4:cd:59:5d:76:9e:07:f8:ff:8d:ad:d6:cf:
93:5a:9a:18:4c:5f:47:35:85:88:aa:9d:22:a3:91:
bf:89:ea:33:47:e7:eb:80:a6:1f:1e:21:50:94:41:
74:f1:88:d8:37:be:e9:fb:3b:d6:0f:17:19:5b:cc:
a9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5C:0D:80:A7:FE:B9:D1:0D:0A:CF:D0:0F:8F:6B:B5:2B:64:84:0A
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/AVwNgKf-udENCs_QD49rtStkhAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.158.0/24
85.117.240.0/24
192.144.33.0/24
IPv6:
2a09:ff00:8000::/36
Signature Algorithm: sha256WithRSAEncryption
12:69:e5:5f:55:03:91:39:3d:df:9c:34:98:80:e2:c2:70:78:
ab:8b:86:de:73:23:27:00:43:7f:6e:69:84:9f:65:55:13:24:
52:01:97:b9:17:70:18:15:7a:ff:14:70:06:ab:be:6e:4d:88:
c7:a6:9f:77:3d:ed:ce:38:28:b6:bf:85:af:6d:d4:b8:75:65:
e3:28:09:65:b9:34:01:ab:a5:3b:c1:a9:4f:e2:1f:18:08:ac:
91:58:b1:9c:16:0b:2b:28:0d:8a:93:61:57:54:c7:65:6f:0f:
0f:c7:15:b4:a2:c3:06:50:a8:99:56:c3:9b:89:55:5a:0a:63:
70:5e:98:3f:49:1c:1b:e3:7e:cb:09:04:84:c3:08:65:3c:23:
ea:a2:91:88:e7:9d:9f:89:a0:c6:33:f1:69:68:45:07:d2:06:
67:8c:9c:f2:ec:65:a5:2b:8c:68:aa:2b:96:95:5b:4c:bd:fc:
09:32:e9:9b:e9:c1:ae:68:fb:71:8a:97:34:ca:51:6a:fe:83:
96:a7:3b:db:ca:5e:ab:db:84:18:2d:f8:04:62:1d:4e:12:be:
38:ef:83:a5:57:e6:a4:67:e5:35:62:d2:bb:a6:ee:ef:da:ac:
f5:5e:a3:df:65:37:b1:47:44:c4:43:ed:2f:09:ac:24:83:f0:
b7:57:14:92
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY9PJQPSoFGH5SSsd3tP6tUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwNTA2MTgyMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTVjMGQ4MGE3ZmViOWQxMGQwYWNmZDAwZjhmNmJiNTJiNjQ4NDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGwEQ4jvtd6s9IeO/roYPnGYIYPf
Lle9dqRCrYeT2Ic/cidbDewCiMmLSmVO/pOmzGf21m8jW/DwiUA95TZKtw1al9ZT
CZE1kxQv+NWNLEHW8JYzHOlIB2fRp4NjQ5XKqXbh/Pf71CN2mq4csjQkJxCHe368
xK1O6okgTZNNhMhGhq9TMw9XykXXADdTT+dJv2oTaMtNU7wzi+5km8mRWBm7d5bt
IzOC5C4ap110fwn+vETElq8ahR/q1LI1zbHIKShRXcTNWV12ngf4/42t1s+TWpoY
TF9HNYWIqp0io5G/ieozR+frgKYfHiFQlEF08YjYN77p+zvWDxcZW8ypsQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFAFcDYCn/rnRDQrP0A+Pa7UrZIQKMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvQVZ3TmdLZi11ZEVOQ3NfUUQ0OXJ0U3RraEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQALVaeAwQA
VXXwAwQAwJAhMA4EAgACMAgDBgQqCf8AgDANBgkqhkiG9w0BAQsFAAOCAQEAEmnl
X1UDkTk935w0mIDiwnB4q4uG3nMjJwBDf25phJ9lVRMkUgGXuRdwGBV6/xRwBqu+
bk2Ix6afdz3tzjgotr+Fr23UuHVl4ygJZbk0AaulO8GpT+IfGAiskVixnBYLKygN
ipNhV1THZW8PD8cVtKLDBlComVbDm4lVWgpjcF6YP0kcG+N+ywkEhMMIZTwj6qKR
iOedn4mgxjPxaWhFB9IGZ4yc8uxlpSuMaKorlpVbTL38CTLpm+nBrmj7cYqXNMpR
av6Dlqc728peq9uEGC34BGIdThK+OO+DpVfmpGflNWLSu6bu79qs9V6j32U3sUdE
xEPtLwmsJIPwt1cUkg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:40:14 2025 by rpki-client