Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/32DmFG6eckwT_cmIA6P2GvExV8o.roa
File: 32DmFG6eckwT_cmIA6P2GvExV8o.roa (raw, json)
Hash identifier: QAbNn1NoMo9kTBTTYBudg/heTTEApB1Axs6m2LEO3wM=
Subject key identifier: DF:60:E6:14:6E:9E:72:4C:13:FD:C9:88:03:A3:F6:1A:F1:31:57:CA
Certificate issuer: /CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Certificate serial: 01954B051793BB3C300D6AEFA5FB508E70BA
Authority key identifier: 27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/32DmFG6eckwT_cmIA6P2GvExV8o.roa
Signing time: Fri 28 Feb 2025 05:26:19 +0000
ROA not before: Fri 28 Feb 2025 05:26:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44066
IP address blocks: 45.10.25.0/24 maxlen: 24
185.250.249.0/24 maxlen: 24
194.26.183.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4b:05:17:93:bb:3c:30:0d:6a:ef:a5:fb:50:8e:70:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Validity
Not Before: Feb 28 05:26:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df60e6146e9e724c13fdc98803a3f61af13157ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d3:52:38:dc:96:7d:af:2d:00:4e:00:38:2d:
56:8b:46:8e:c9:67:e9:e2:42:f7:18:8b:e3:1f:22:
63:2e:e2:c4:8f:f4:5b:cf:5d:fa:a7:29:cc:06:fa:
eb:20:39:00:4a:d1:1c:2e:4e:89:aa:55:7e:d0:c2:
5a:a3:49:c4:49:97:66:06:e0:85:f1:24:7d:f4:a3:
a6:42:be:25:9a:3e:97:41:fd:4f:5d:6d:d2:d5:2a:
6e:0a:e1:db:a3:e7:f2:4a:79:d8:32:27:e9:08:d8:
cc:94:75:b9:e3:74:1c:0d:3a:99:ec:f9:a0:1d:d6:
df:37:13:0b:6f:7f:74:9b:08:fc:28:a1:de:b9:63:
d8:e7:2a:e0:4c:f0:46:6b:17:bb:ca:59:f3:64:80:
12:27:74:6a:1b:e2:e5:33:1d:1b:d3:ac:2f:01:41:
e5:c5:33:af:a4:fd:fe:47:30:20:d4:01:20:3d:a8:
2c:b8:2d:81:d0:58:e0:29:d3:86:2f:55:29:4a:3d:
d0:3e:86:f0:e3:a4:ab:9b:f7:06:2b:73:cd:7b:f2:
f8:ac:17:91:1e:1d:5a:8e:40:f3:2a:23:dc:56:d9:
f7:21:bd:f7:e5:0b:a3:43:b4:cb:28:6a:d3:c5:3a:
54:7e:1b:e1:15:0b:60:55:d6:9d:6a:2b:f1:45:b1:
91:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:60:E6:14:6E:9E:72:4C:13:FD:C9:88:03:A3:F6:1A:F1:31:57:CA
X509v3 Authority Key Identifier:
keyid:27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/32DmFG6eckwT_cmIA6P2GvExV8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.25.0/24
185.250.249.0/24
194.26.183.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:69:f7:52:ab:e8:30:ca:8b:b7:56:d2:2b:70:53:f4:f4:2a:
16:e6:8f:db:90:07:75:5f:4b:8b:1f:3e:e6:a1:2d:31:1e:aa:
82:ae:8e:39:c2:22:6b:1a:c0:cb:38:7a:40:92:a9:72:23:0b:
ee:6a:91:ce:7a:2f:4c:19:70:31:f5:30:22:2c:ac:57:98:12:
97:bd:4f:be:d3:e3:ab:e0:e7:d6:48:61:a5:d2:af:87:f8:0d:
5c:8c:9c:db:b6:09:b0:3e:71:86:2a:91:dd:58:69:27:e4:ba:
29:b7:09:e0:b8:80:1c:13:b5:9b:7c:89:fb:a6:6f:1f:25:99:
30:bb:a2:47:22:d9:48:41:8a:68:11:53:ca:ce:05:6a:a3:6d:
bb:4a:92:8f:14:05:ec:7a:d1:6b:09:79:3e:13:8c:d4:83:0e:
0f:cc:b1:68:d5:15:e2:84:2a:66:55:be:e9:ac:93:fd:c2:a9:
16:40:07:39:a5:10:e7:34:bf:00:03:1f:f4:a1:b0:d7:24:79:
92:6c:19:76:8d:b8:56:bb:5c:e4:e1:d4:81:ed:b8:82:e1:3b:
24:4f:26:6c:61:6f:d9:0e:8d:c8:09:64:19:8e:63:fb:ef:7b:
ce:d1:b3:f4:21:86:54:08:f9:cf:d2:93:29:b3:95:b1:90:de:
ce:b6:ac:4e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVLBReTuzwwDWrvpftQjnC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzAwN2U1MDgyYjhlOGQ4Mjg5MDE4NzE4Y2ZkNTI3YTc4
OTNlNWUwHhcNMjUwMjI4MDUyNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjYwZTYxNDZlOWU3MjRjMTNmZGM5ODgwM2EzZjYxYWYxMzE1N2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNNSONyWfa8tAE4AOC1Wi0aOyWfp
4kL3GIvjHyJjLuLEj/Rbz136pynMBvrrIDkAStEcLk6JqlV+0MJao0nESZdmBuCF
8SR99KOmQr4lmj6XQf1PXW3S1SpuCuHbo+fySnnYMifpCNjMlHW543QcDTqZ7Pmg
HdbfNxMLb390mwj8KKHeuWPY5yrgTPBGaxe7ylnzZIASJ3RqG+LlMx0b06wvAUHl
xTOvpP3+RzAg1AEgPagsuC2B0FjgKdOGL1UpSj3QPobw46Srm/cGK3PNe/L4rBeR
Hh1ajkDzKiPcVtn3Ib335QujQ7TLKGrTxTpUfhvhFQtgVdadaivxRbGROwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN9g5hRunnJME/3JiAOj9hrxMVfKMB8GA1UdIwQY
MBaAFCfAB+UIK46NgokBhxjP1SeniT5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhBSDVRZ3JqbzJDaVFHSEdNX1ZKNmVKUGw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8wNmZlMTQtZDE0Ni00ZTY2LWE4NDEt
MmM2NGMyOTEzNTNlLzEvMzJEbUZHNmVja3dUX2NtSUE2UDJHdkV4VjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8wNmZlMTQtZDE0Ni00ZTY2LWE4NDEtMmM2NGMyOTEzNTNl
LzEvSjhBSDVRZ3JqbzJDaVFHSEdNX1ZKNmVKUGw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQoZAwQA
ufr5AwQAwhq3MA0GCSqGSIb3DQEBCwUAA4IBAQA6afdSq+gwyou3VtIrcFP09CoW
5o/bkAd1X0uLHz7moS0xHqqCro45wiJrGsDLOHpAkqlyIwvuapHOei9MGXAx9TAi
LKxXmBKXvU++0+Or4OfWSGGl0q+H+A1cjJzbtgmwPnGGKpHdWGkn5LoptwnguIAc
E7WbfIn7pm8fJZkwu6JHItlIQYpoEVPKzgVqo227SpKPFAXsetFrCXk+E4zUgw4P
zLFo1RXihCpmVb7prJP9wqkWQAc5pRDnNL8AAx/0obDXJHmSbBl2jbhWu1zk4dSB
7biC4TskTyZsYW/ZDo3ICWQZjmP773vO0bP0IYZUCPnP0pMps5WxkN7OtqxO
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:23:56 2025 by rpki-client