Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/TZyvrxzEYCBrbxeJAeW5LKX3QEo.roa
File: TZyvrxzEYCBrbxeJAeW5LKX3QEo.roa (raw, json)
Hash identifier: UjoItSknueEaxMxCkt/FQjKo56HDLF0IS90b6Lu84Fs=
Subject key identifier: 4D:9C:AF:AF:1C:C4:60:20:6B:6F:17:89:01:E5:B9:2C:A5:F7:40:4A
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018F5835DFE59EACFBCC20A37C8AF1397BFA
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/TZyvrxzEYCBrbxeJAeW5LKX3QEo.roa
Signing time: Wed 08 May 2024 12:37:56 +0000
ROA not before: Wed 08 May 2024 12:37:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136787
IP address blocks: 45.143.68.0/24 maxlen: 24
45.143.69.0/24 maxlen: 24
45.143.70.0/24 maxlen: 24
45.143.71.0/24 maxlen: 24
83.150.240.0/24 maxlen: 24
83.150.241.0/24 maxlen: 24
83.150.242.0/24 maxlen: 24
83.150.243.0/24 maxlen: 24
87.239.254.0/24 maxlen: 24
95.181.216.0/24 maxlen: 24
95.181.217.0/24 maxlen: 24
95.181.218.0/24 maxlen: 24
95.181.219.0/24 maxlen: 24
171.22.252.0/24 maxlen: 24
185.46.240.0/24 maxlen: 24
185.46.241.0/24 maxlen: 24
185.46.242.0/24 maxlen: 24
185.46.243.0/24 maxlen: 24
185.75.208.0/24 maxlen: 24
185.75.209.0/24 maxlen: 24
185.75.210.0/24 maxlen: 24
185.75.211.0/24 maxlen: 24
185.201.190.0/24 maxlen: 24
185.253.68.0/24 maxlen: 24
185.253.69.0/24 maxlen: 24
185.253.70.0/24 maxlen: 24
185.253.71.0/24 maxlen: 24
193.108.242.0/24 maxlen: 24
193.108.243.0/24 maxlen: 24
193.201.248.0/24 maxlen: 24
193.201.249.0/24 maxlen: 24
193.201.250.0/24 maxlen: 24
193.201.251.0/24 maxlen: 24
194.36.96.0/24 maxlen: 24
194.36.97.0/24 maxlen: 24
194.36.98.0/24 maxlen: 24
194.36.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:58:35:df:e5:9e:ac:fb:cc:20:a3:7c:8a:f1:39:7b:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: May 8 12:37:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d9cafaf1cc460206b6f178901e5b92ca5f7404a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:53:3d:a6:eb:1e:ce:7a:65:05:b7:27:cb:b7:
ad:74:a8:73:5e:f6:e4:d0:55:b8:38:a4:b1:66:99:
d0:86:ea:e7:6e:15:5f:cf:30:d8:e0:74:61:db:3d:
14:d6:51:e8:11:5d:9c:fb:09:87:c8:ec:6b:f3:af:
d0:29:d8:f7:35:1b:4c:b7:ae:38:94:3f:ea:52:da:
bd:a6:d2:95:d9:9a:a0:cb:fb:37:78:ee:87:91:be:
a2:6b:60:53:6b:20:34:40:9f:48:60:9d:e9:3d:8f:
fa:26:30:ed:3f:c5:d3:40:a4:16:dd:25:1a:fd:01:
27:6f:3c:da:7a:79:3c:01:fc:f8:84:ed:00:d9:5c:
3c:4c:52:b5:91:19:d3:be:0a:44:4e:85:de:57:54:
31:1b:d0:8f:b5:74:c4:65:a4:53:71:50:a1:ec:7f:
fe:d4:89:0f:4a:54:c8:88:e3:fd:f5:57:96:c4:c1:
c3:a6:f8:17:66:e2:d7:01:22:17:ab:f6:12:fb:00:
e5:9a:d1:ed:3a:23:85:ee:6d:d1:9c:ff:d4:0f:0f:
28:71:e9:e7:ec:f6:54:b9:2f:d1:25:4e:10:66:52:
24:b8:9b:e6:1f:ae:99:d4:4f:95:69:ce:47:bb:67:
45:fc:39:17:d2:99:ff:64:ba:e9:87:d8:32:b8:ba:
6b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9C:AF:AF:1C:C4:60:20:6B:6F:17:89:01:E5:B9:2C:A5:F7:40:4A
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/TZyvrxzEYCBrbxeJAeW5LKX3QEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.68.0/22
83.150.240.0/22
87.239.254.0/24
95.181.216.0/22
171.22.252.0/24
185.46.240.0/22
185.75.208.0/22
185.201.190.0/24
185.253.68.0/22
193.108.242.0/23
193.201.248.0/22
194.36.96.0/22
Signature Algorithm: sha256WithRSAEncryption
98:ac:41:6e:a9:6a:7c:af:12:3b:7d:88:3e:f7:d2:ef:b7:88:
77:fb:b8:f2:43:41:2a:08:58:da:3c:2a:68:94:01:25:f0:17:
8a:65:0d:fb:09:70:28:55:f6:62:ea:f5:af:d8:ee:52:a0:29:
63:0b:4a:5b:05:2f:54:7f:4c:c8:fb:c7:01:f9:3a:c7:a4:bd:
cf:1a:54:50:8f:74:73:5e:26:1f:47:42:95:3c:19:18:31:e6:
31:42:8b:0e:0a:ec:cd:0a:5a:e3:ff:a7:76:f9:6f:d4:cc:00:
31:32:a2:b6:5c:6f:a8:61:c8:de:60:32:dc:af:bc:12:9a:78:
da:b2:3f:97:fc:10:6d:23:4f:81:f3:08:f1:d6:42:59:df:55:
a3:e2:0a:29:58:9e:7a:2c:88:3a:11:58:1c:74:09:1b:54:dc:
4a:0e:5b:20:82:0c:b5:4a:9f:d5:81:72:97:a9:32:67:89:0f:
fc:29:ca:96:aa:8e:47:cb:9f:0c:27:53:c5:6f:e9:34:c0:b9:
3c:c9:c6:82:17:45:26:e8:a5:11:83:4b:12:39:70:2d:5f:8f:
0b:3c:89:38:01:5e:dd:67:02:3a:1f:1a:3e:f1:91:f5:69:13:
af:e7:e3:61:5c:25:0a:71:96:f7:05:cf:15:89:b7:05:68:b8:
12:70:e2:33
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY9YNd/lnqz7zCCjfIrxOXv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwNTA4MTIzNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDljYWZhZjFjYzQ2MDIwNmI2ZjE3ODkwMWU1YjkyY2E1Zjc0MDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVM9puseznplBbcny7etdKhzXvbk
0FW4OKSxZpnQhurnbhVfzzDY4HRh2z0U1lHoEV2c+wmHyOxr86/QKdj3NRtMt644
lD/qUtq9ptKV2Zqgy/s3eO6Hkb6ia2BTayA0QJ9IYJ3pPY/6JjDtP8XTQKQW3SUa
/QEnbzzaenk8Afz4hO0A2Vw8TFK1kRnTvgpEToXeV1QxG9CPtXTEZaRTcVCh7H/+
1IkPSlTIiOP99VeWxMHDpvgXZuLXASIXq/YS+wDlmtHtOiOF7m3RnP/UDw8ocenn
7PZUuS/RJU4QZlIkuJvmH66Z1E+Vac5Hu2dF/DkX0pn/ZLrph9gyuLpr9QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFE2cr68cxGAga28XiQHluSyl90BKMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvVFp5dnJ4ekVZQ0JyYnhlSkFlVzVMS1gzUUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCLY9EAwQC
U5bwAwQAV+/+AwQCX7XYAwQAqxb8AwQCuS7wAwQCuUvQAwQAucm+AwQCuf1EAwQB
wWzyAwQCwcn4AwQCwiRgMA0GCSqGSIb3DQEBCwUAA4IBAQCYrEFuqWp8rxI7fYg+
99Lvt4h3+7jyQ0EqCFjaPCpolAEl8BeKZQ37CXAoVfZi6vWv2O5SoCljC0pbBS9U
f0zI+8cB+TrHpL3PGlRQj3RzXiYfR0KVPBkYMeYxQosOCuzNClrj/6d2+W/UzAAx
MqK2XG+oYcjeYDLcr7wSmnjasj+X/BBtI0+B8wjx1kJZ31Wj4gopWJ56LIg6EVgc
dAkbVNxKDlsgggy1Sp/VgXKXqTJniQ/8KcqWqo5Hy58MJ1PFb+k0wLk8ycaCF0Um
6KURg0sSOXAtX48LPIk4AV7dZwI6Hxo+8ZH1aROv5+NhXCUKcZb3Bc8VibcFaLgS
cOIz
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:57:58 2025 by rpki-client