Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ea9wTUHz7vxoT6PEqKg6Kzdxm4A.roa
File: ea9wTUHz7vxoT6PEqKg6Kzdxm4A.roa (raw, json)
Hash identifier: /3igywr06UoFx7FRd/KvznpRPN9W23z5H6EMA4g5lN0=
Subject key identifier: 79:AF:70:4D:41:F3:EE:FC:68:4F:A3:C4:A8:A8:3A:2B:37:71:9B:80
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0194B138A495ADFEC3F4C849291E0C5418EB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ea9wTUHz7vxoT6PEqKg6Kzdxm4A.roa
Signing time: Wed 29 Jan 2025 08:41:06 +0000
ROA not before: Wed 29 Jan 2025 08:41:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20911
IP address blocks: 45.90.90.0/23 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.118.0/24 maxlen: 24
87.120.119.0/24 maxlen: 24
87.120.122.0/24 maxlen: 24
87.120.123.0/24 maxlen: 24
87.120.124.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.26.0/23 maxlen: 24
95.214.27.0/24 maxlen: 24
193.42.34.0/23 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:38:a4:95:ad:fe:c3:f4:c8:49:29:1e:0c:54:18:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 29 08:41:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79af704d41f3eefc684fa3c4a8a83a2b37719b80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0d:ab:8d:07:58:e5:9a:77:44:39:ea:ec:3a:
ca:9b:2e:52:2e:38:c3:3f:15:53:05:49:19:8a:af:
36:75:e3:a7:27:da:d6:f6:5b:8f:32:ae:47:ae:7f:
a1:99:92:e4:3a:69:db:c3:db:c3:ba:8b:15:d0:9d:
ad:fa:a5:ea:90:f9:4d:dd:1e:c5:ec:ce:27:67:74:
ac:15:5d:b7:4d:aa:8e:b2:0f:39:d6:36:97:be:d2:
db:b7:06:3f:eb:3b:b9:43:75:10:3e:37:4e:fa:f1:
3a:69:f7:fa:f4:1a:82:e1:dc:2c:e2:01:8a:1b:86:
83:f1:b5:9f:20:40:8c:f9:c2:98:3d:9b:1c:34:ee:
2d:46:6e:1a:aa:db:44:32:de:1a:c9:40:5b:83:74:
fd:46:f7:17:75:7b:52:39:02:b8:7a:5b:7d:e0:39:
7d:9e:f9:bb:2e:7d:b3:d0:3e:e6:40:20:14:73:97:
e5:71:a2:a0:f8:3d:2b:20:74:d0:20:fb:5f:8e:9b:
90:62:72:b4:06:81:54:a1:2c:ff:ef:3e:89:68:02:
9c:4e:73:bd:97:95:10:36:57:e3:c0:04:da:d3:f7:
a9:48:1a:69:08:47:37:8d:b9:17:db:aa:95:45:e7:
6f:65:29:ab:e5:33:8b:f1:c6:66:84:60:87:49:a0:
35:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:AF:70:4D:41:F3:EE:FC:68:4F:A3:C4:A8:A8:3A:2B:37:71:9B:80
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ea9wTUHz7vxoT6PEqKg6Kzdxm4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.90.0/23
84.21.174.0/23
87.120.118.0/23
87.120.122.0-87.120.124.255
92.249.50.0/24
93.123.26.0/23
95.214.27.0/24
193.42.34.0/23
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
44:12:6a:d2:c7:32:c9:2c:4a:5d:95:70:e0:73:aa:bf:f5:50:
b1:8a:10:79:f4:8a:bc:e8:c5:12:5e:69:ec:be:96:38:1f:ea:
03:18:65:09:74:c6:ee:4e:df:35:31:e0:fc:3f:c3:04:56:b4:
11:fc:3f:79:11:a8:36:7f:fe:cb:10:69:f9:86:38:9f:9d:46:
40:0f:f7:16:e4:13:01:06:b4:45:6e:9a:33:30:5d:17:8a:3c:
a6:b0:a9:23:63:27:c3:ca:69:f2:14:4d:91:6f:d8:8a:75:5c:
a2:81:60:c0:5b:3b:a2:82:81:73:c7:8f:49:2a:0e:95:6f:16:
e6:df:46:09:cb:5b:5f:38:eb:53:8e:3f:95:bd:91:95:41:70:
f0:a8:58:90:49:73:fd:b7:14:50:ad:f8:e7:4a:ad:fd:ba:73:
5b:65:26:a9:d3:1a:48:19:66:13:f0:4e:7c:cc:fe:f3:71:cb:
ac:01:b2:78:ad:48:6d:13:a4:3f:83:75:ab:e5:9b:2c:9b:86:
ef:33:7f:95:13:07:51:e1:1d:b6:49:a2:26:67:21:cb:88:50:
4a:f5:2a:d0:ac:9e:1e:60:a1:be:5f:d4:f5:3c:e6:74:36:c8:
87:6f:97:07:59:f6:d0:44:cd:53:a4:f7:f9:bb:83:94:3e:0b:
a1:ad:a8:36
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZSxOKSVrf7D9MhJKR4MVBjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTI5MDg0MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWFmNzA0ZDQxZjNlZWZjNjg0ZmEzYzRhOGE4M2EyYjM3NzE5YjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ2rjQdY5Zp3RDnq7DrKmy5SLjjD
PxVTBUkZiq82deOnJ9rW9luPMq5Hrn+hmZLkOmnbw9vDuosV0J2t+qXqkPlN3R7F
7M4nZ3SsFV23TaqOsg851jaXvtLbtwY/6zu5Q3UQPjdO+vE6aff69BqC4dws4gGK
G4aD8bWfIECM+cKYPZscNO4tRm4aqttEMt4ayUBbg3T9RvcXdXtSOQK4elt94Dl9
nvm7Ln2z0D7mQCAUc5flcaKg+D0rIHTQIPtfjpuQYnK0BoFUoSz/7z6JaAKcTnO9
l5UQNlfjwATa0/epSBppCEc3jbkX26qVRedvZSmr5TOL8cZmhGCHSaA1fwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFHmvcE1B8+78aE+jxKioOis3cZuAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZWE5d1RVSHo3dnhvVDZQRXFLZzZLemR4bTRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBLVpaAwQB
VBWuAwQBV3h2MAwDBAFXeHoDBABXeHwDBABc+TIDBAFdexoDBABf1hsDBAHBKiID
BADCN7oDBADCqa8wDQYJKoZIhvcNAQELBQADggEBAEQSatLHMsksSl2VcOBzqr/1
ULGKEHn0irzoxRJeaey+ljgf6gMYZQl0xu5O3zUx4Pw/wwRWtBH8P3kRqDZ//ssQ
afmGOJ+dRkAP9xbkEwEGtEVumjMwXReKPKawqSNjJ8PKafIUTZFv2Ip1XKKBYMBb
O6KCgXPHj0kqDpVvFubfRgnLW18461OOP5W9kZVBcPCoWJBJc/23FFCt+OdKrf26
c1tlJqnTGkgZZhPwTnzM/vNxy6wBsnitSG0TpD+Ddavlmyybhu8zf5UTB1HhHbZJ
oiZnIcuIUEr1KtCsnh5gob5f1PU85nQ2yIdvlwdZ9tBEzVOk9/m7g5Q+C6GtqDY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:54:31 2025 by rpki-client