Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/1wT4DjmNo3ka2uP_VUF6TcvCO90.roa
File: 1wT4DjmNo3ka2uP_VUF6TcvCO90.roa (raw, json)
Hash identifier: zEJycXtsaclqO22fOZqJWIx8AsVveGnj/U88R0uTj0k=
Subject key identifier: D7:04:F8:0E:39:8D:A3:79:1A:DA:E3:FF:55:41:7A:4D:CB:C2:3B:DD
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0194E118B58A4F43C1BF4F5C5DC5D0B3282C
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/1wT4DjmNo3ka2uP_VUF6TcvCO90.roa
Signing time: Fri 07 Feb 2025 15:48:00 +0000
ROA not before: Fri 07 Feb 2025 15:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 45.138.12.0/24 maxlen: 24
45.138.13.0/24 maxlen: 24
45.138.14.0/24 maxlen: 24
45.138.15.0/24 maxlen: 24
91.132.160.0/24 maxlen: 24
91.132.161.0/24 maxlen: 24
91.132.162.0/24 maxlen: 24
91.132.163.0/24 maxlen: 24
152.89.28.0/24 maxlen: 24
152.89.29.0/24 maxlen: 24
152.89.30.0/24 maxlen: 24
152.89.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e1:18:b5:8a:4f:43:c1:bf:4f:5c:5d:c5:d0:b3:28:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Feb 7 15:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d704f80e398da3791adae3ff55417a4dcbc23bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:73:cf:17:ac:43:f9:66:fb:66:6f:5d:23:9c:
0b:28:3e:7a:e0:97:e0:9a:f3:bc:f7:d9:12:2c:fa:
bb:f9:b8:e4:27:6c:2b:27:d0:31:75:b6:7d:ef:d3:
dc:8a:bc:da:08:da:4e:40:2c:1a:57:b1:c3:7f:3a:
e7:8e:2f:19:04:79:89:1f:b0:a7:ee:fe:58:67:de:
a8:5a:70:a9:5c:89:00:69:63:ad:59:82:f4:fc:7a:
7d:8f:76:5b:fc:58:de:04:2d:f1:24:82:7b:b4:a4:
a7:66:6c:a2:43:0b:88:93:f0:ff:97:07:4e:b0:67:
c8:34:0f:34:ad:d0:bd:67:6c:5e:c0:a2:48:c8:5e:
6b:be:8a:f9:23:0f:49:d6:9f:9c:cc:71:d3:40:3c:
c1:c4:6a:28:bf:c4:02:67:ab:db:c6:5c:68:42:e7:
78:d3:e8:91:c8:91:63:1f:09:75:64:4e:e4:b5:4e:
f4:53:02:d3:cc:f2:6b:76:42:49:5a:53:f6:bb:a1:
1e:16:fc:42:12:e5:85:3d:16:67:c8:66:1f:19:01:
03:40:b4:f6:b9:3e:4c:09:aa:9f:a3:90:9b:d4:95:
b9:01:f3:82:43:e4:e9:4c:cf:7c:53:fb:b9:81:cd:
09:a0:64:22:11:ee:32:ae:fa:d8:0f:cf:bd:cd:31:
04:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:04:F8:0E:39:8D:A3:79:1A:DA:E3:FF:55:41:7A:4D:CB:C2:3B:DD
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/1wT4DjmNo3ka2uP_VUF6TcvCO90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/22
91.132.160.0/22
152.89.28.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:77:98:07:d0:75:73:9f:5d:79:72:2a:b5:08:a9:32:e5:0f:
88:4b:ef:f4:e1:58:8e:95:c7:4f:a2:53:8b:17:de:f3:a7:c3:
5e:48:06:96:7a:e7:2b:21:b9:58:d0:90:0e:ba:1a:3f:2d:37:
61:88:0e:b7:2a:49:f7:3d:b8:14:24:ae:a3:cb:f2:24:92:69:
ee:87:40:4d:2c:22:60:f5:37:87:17:cb:6f:1d:c4:a5:92:da:
e4:01:6d:bc:5a:92:74:3e:8f:d1:f6:cd:c8:38:8e:d7:41:18:
67:2a:87:7c:61:fb:77:e6:67:ad:55:d4:b3:a9:a4:ed:a9:d9:
e8:a4:9f:90:ea:e6:f7:7f:10:82:84:93:a6:fa:db:78:22:17:
a6:54:3f:06:cb:06:73:8c:d3:0a:63:cb:c1:f9:18:f5:8c:4f:
c5:a2:2b:77:eb:ed:10:23:8f:2b:84:d3:e1:0c:e7:28:4e:0c:
cd:27:d0:ed:cc:4b:21:16:08:05:8e:d0:43:1b:4b:85:47:71:
23:19:e4:0f:b7:db:b1:d8:e2:bd:16:10:8b:e0:cd:5b:cd:86:
da:27:92:82:86:f7:1d:df:f5:26:c4:de:f8:2c:83:63:0c:e2:
ba:e6:c0:49:fc:70:02:0c:51:59:92:d5:80:78:b4:b5:1a:98:
f3:b8:5a:a1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZThGLWKT0PBv09cXcXQsygsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwMjA3MTU0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzA0ZjgwZTM5OGRhMzc5MWFkYWUzZmY1NTQxN2E0ZGNiYzIzYmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnPPF6xD+Wb7Zm9dI5wLKD564Jfg
mvO899kSLPq7+bjkJ2wrJ9AxdbZ979PcirzaCNpOQCwaV7HDfzrnji8ZBHmJH7Cn
7v5YZ96oWnCpXIkAaWOtWYL0/Hp9j3Zb/FjeBC3xJIJ7tKSnZmyiQwuIk/D/lwdO
sGfINA80rdC9Z2xewKJIyF5rvor5Iw9J1p+czHHTQDzBxGoov8QCZ6vbxlxoQud4
0+iRyJFjHwl1ZE7ktU70UwLTzPJrdkJJWlP2u6EeFvxCEuWFPRZnyGYfGQEDQLT2
uT5MCaqfo5Cb1JW5AfOCQ+TpTM98U/u5gc0JoGQiEe4yrvrYD8+9zTEEcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNcE+A45jaN5Gtrj/1VBek3LwjvdMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvMXdUNERqbU5vM2thMnVQX1ZVRjZUY3ZDTzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYoMAwQC
W4SgAwQCmFkcMA0GCSqGSIb3DQEBCwUAA4IBAQArd5gH0HVzn115ciq1CKky5Q+I
S+/04ViOlcdPolOLF97zp8NeSAaWeucrIblY0JAOuho/LTdhiA63Kkn3PbgUJK6j
y/Ikkmnuh0BNLCJg9TeHF8tvHcSlktrkAW28WpJ0Po/R9s3IOI7XQRhnKod8Yft3
5metVdSzqaTtqdnopJ+Q6ub3fxCChJOm+tt4IhemVD8GywZzjNMKY8vB+Rj1jE/F
oit36+0QI48rhNPhDOcoTgzNJ9DtzEshFggFjtBDG0uFR3EjGeQPt9ux2OK9FhCL
4M1bzYbaJ5KChvcd3/UmxN74LINjDOK65sBJ/HACDFFZktWAeLS1GpjzuFqh
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:15 2025 by rpki-client