Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/cbLUFQPWDFBGgeTsBo59RiL6NGo.roa
File: cbLUFQPWDFBGgeTsBo59RiL6NGo.roa (raw, json)
Hash identifier: 3TCJxN5y669eIRDifXi9lQDad+lKQ5Y4Rq48mm7g5Zk=
Subject key identifier: 71:B2:D4:15:03:D6:0C:50:46:81:E4:EC:06:8E:7D:46:22:FA:34:6A
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0194266B03F4A960CD136EAD48A052D6BFA4
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/cbLUFQPWDFBGgeTsBo59RiL6NGo.roa
Signing time: Thu 02 Jan 2025 09:48:55 +0000
ROA not before: Thu 02 Jan 2025 09:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 45.86.158.0/24 maxlen: 24
85.117.240.0/24 maxlen: 24
2a09:ff00:8000::/37 maxlen: 48
2a09:ff00:8800::/37 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:03:f4:a9:60:cd:13:6e:ad:48:a0:52:d6:bf:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 2 09:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71b2d41503d60c504681e4ec068e7d4622fa346a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3d:dd:63:7f:47:b4:1c:51:fe:6e:f1:0d:d4:
24:69:fc:2b:53:0b:aa:21:62:e2:65:b2:38:da:92:
73:58:2c:08:7d:b6:74:d6:61:4e:46:b5:d9:9f:fa:
9b:58:bc:50:f7:f4:5f:3f:0c:50:24:69:ea:92:96:
2f:16:00:66:47:47:12:27:77:23:25:99:ea:c3:ef:
71:dc:2c:26:57:52:61:54:7a:c3:6f:2b:20:ad:b6:
8d:a3:89:39:f9:07:19:73:0b:0f:ec:a4:2b:4d:9e:
e9:8c:98:bd:b0:82:91:03:c2:94:0a:ff:93:96:64:
23:d3:78:6e:2c:0f:41:af:1e:07:ab:8a:dc:0e:f4:
6d:f5:bd:65:3f:90:55:df:39:74:06:a9:8d:35:ff:
b9:8a:40:15:81:31:1e:45:76:fa:d0:de:af:9b:5b:
9e:86:65:88:32:2a:80:47:89:f8:9c:2e:91:15:21:
06:64:78:0d:8d:94:e3:28:85:cb:3f:57:4e:12:50:
da:04:a1:5b:f9:9d:7c:2f:3c:45:7a:46:c2:c1:76:
0f:30:1b:6e:ab:5c:82:00:25:88:48:1d:75:b3:e8:
ab:36:e1:84:c6:1d:7f:e9:f1:fa:85:91:0c:b3:7a:
6d:3b:a2:93:f5:3a:dc:32:22:18:f9:d0:03:d0:86:
d3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B2:D4:15:03:D6:0C:50:46:81:E4:EC:06:8E:7D:46:22:FA:34:6A
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/cbLUFQPWDFBGgeTsBo59RiL6NGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.158.0/24
85.117.240.0/24
IPv6:
2a09:ff00:8000::/36
Signature Algorithm: sha256WithRSAEncryption
04:cb:80:c4:cc:de:27:f6:af:b2:d9:93:cb:08:fe:ce:84:cf:
c7:cb:5d:2f:ce:13:4d:1c:0c:33:aa:39:fe:c5:81:b6:65:4d:
db:0d:aa:90:5d:fb:4b:e3:1e:90:11:24:9e:23:94:ec:b2:7b:
5d:fe:1b:6f:d9:aa:7f:07:f0:4a:d3:dc:dc:af:a0:53:dc:56:
75:1b:03:42:26:4d:2d:9a:49:08:24:a9:c1:36:d5:5b:b4:b6:
8f:f1:8d:0c:4f:d0:22:91:fe:bc:9a:31:ca:61:d4:ae:71:ee:
c8:21:ab:55:f2:f2:d0:6b:56:58:64:fd:14:79:c7:09:16:1f:
5d:f9:9d:ae:09:f7:03:61:82:a8:ef:97:10:d8:9a:03:5b:93:
11:68:43:f1:f6:d9:97:c4:8d:0d:2f:1c:3f:ea:bf:0b:9c:cd:
f2:39:08:42:e3:04:53:7c:2d:35:74:97:bb:be:49:46:53:d6:
48:13:b4:aa:c4:0c:c0:c1:4d:0d:39:cc:bf:54:4e:b7:90:69:
16:09:6c:83:24:a7:65:d9:d6:a1:9f:17:20:54:40:ac:61:22:
d2:ad:c1:c2:66:1b:b3:a2:bf:bb:33:c6:b1:57:f8:19:a0:96:
2b:34:fc:a6:44:fd:3b:6d:c2:21:89:1b:0f:2f:e9:18:23:21:
ab:4f:ba:a4
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQmawP0qWDNE26tSKBS1r+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjUwMTAyMDk0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWIyZDQxNTAzZDYwYzUwNDY4MWU0ZWMwNjhlN2Q0NjIyZmEzNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArD3dY39HtBxR/m7xDdQkafwrUwuq
IWLiZbI42pJzWCwIfbZ01mFORrXZn/qbWLxQ9/RfPwxQJGnqkpYvFgBmR0cSJ3cj
JZnqw+9x3CwmV1JhVHrDbysgrbaNo4k5+QcZcwsP7KQrTZ7pjJi9sIKRA8KUCv+T
lmQj03huLA9Brx4Hq4rcDvRt9b1lP5BV3zl0BqmNNf+5ikAVgTEeRXb60N6vm1ue
hmWIMiqAR4n4nC6RFSEGZHgNjZTjKIXLP1dOElDaBKFb+Z18LzxFekbCwXYPMBtu
q1yCACWISB11s+irNuGExh1/6fH6hZEMs3ptO6KT9TrcMiIY+dAD0IbTsQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHGy1BUD1gxQRoHk7AaOfUYi+jRqMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvY2JMVUZRUFdERkJHZ2VUc0JvNTlSaUw2TkdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQALVaeAwQA
VXXwMA4EAgACMAgDBgQqCf8AgDANBgkqhkiG9w0BAQsFAAOCAQEABMuAxMzeJ/av
stmTywj+zoTPx8tdL84TTRwMM6o5/sWBtmVN2w2qkF37S+MekBEkniOU7LJ7Xf4b
b9mqfwfwStPc3K+gU9xWdRsDQiZNLZpJCCSpwTbVW7S2j/GNDE/QIpH+vJoxymHU
rnHuyCGrVfLy0GtWWGT9FHnHCRYfXfmdrgn3A2GCqO+XENiaA1uTEWhD8fbZl8SN
DS8cP+q/C5zN8jkIQuMEU3wtNXSXu75JRlPWSBO0qsQMwMFNDTnMv1ROt5BpFgls
gySnZdnWoZ8XIFRArGEi0q3BwmYbs6K/uzPGsVf4GaCWKzT8pkT9O23CIYkbDy/p
GCMhq0+6pA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:09:34 2025 by rpki-client