Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/c6f76b-7887-412a-bab4-ec2819c0ac4d/1/M5ygsUf6TUqUYI8FV2cjTiESBdE.roa
File: M5ygsUf6TUqUYI8FV2cjTiESBdE.roa (raw, json)
Hash identifier: inJMcRO+0HtRn269DlSaUq0NeeQUCkuMxbxILPu+WG8=
Subject key identifier: 33:9C:A0:B1:47:FA:4D:4A:94:60:8F:05:57:67:23:4E:21:12:05:D1
Certificate issuer: /CN=b1a0bd42058a0390f463cfeb7b17e21de0b75500
Certificate serial: 019422FC0CF7535B9049BC30B5EB099CF142
Authority key identifier: B1:A0:BD:42:05:8A:03:90:F4:63:CF:EB:7B:17:E2:1D:E0:B7:55:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saC9QgWKA5D0Y8_rexfiHeC3VQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/c6f76b-7887-412a-bab4-ec2819c0ac4d/1/M5ygsUf6TUqUYI8FV2cjTiESBdE.roa
Signing time: Wed 01 Jan 2025 17:48:51 +0000
ROA not before: Wed 01 Jan 2025 17:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41729
IP address blocks: 45.158.92.0/22 maxlen: 22
88.151.160.0/21 maxlen: 21
89.248.0.0/20 maxlen: 20
91.184.128.0/19 maxlen: 19
195.177.96.0/24 maxlen: 24
195.177.97.0/24 maxlen: 24
195.177.99.0/24 maxlen: 24
2a00:1a78::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:0c:f7:53:5b:90:49:bc:30:b5:eb:09:9c:f1:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a0bd42058a0390f463cfeb7b17e21de0b75500
Validity
Not Before: Jan 1 17:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=339ca0b147fa4d4a94608f055767234e211205d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:80:f6:35:10:f9:9f:06:40:e3:12:82:4d:7b:
a9:62:0d:9e:e1:bf:4b:86:6d:b9:2c:66:99:ec:9a:
15:a2:c0:30:b8:54:5f:f5:0f:90:75:d3:37:36:5f:
bd:6a:27:fa:f9:a8:04:68:e1:0c:33:14:c8:ef:b7:
0d:1b:9e:fa:9f:ae:ad:21:8e:1b:b7:5c:1f:c4:8a:
f9:f5:21:66:bc:ab:ad:46:36:d4:f0:99:7b:f1:b3:
57:0a:98:1c:19:05:9a:3d:94:a4:b2:a4:a4:e4:fc:
a1:e7:44:95:c2:a5:2a:fb:4e:3c:48:eb:61:01:97:
f5:34:a7:15:61:1c:5c:9a:ed:63:ba:27:fa:cc:18:
d1:4a:e1:a4:ec:30:c6:09:33:11:be:c5:bb:1d:76:
1b:95:4f:97:8a:ba:ca:75:10:6f:da:6c:92:01:9c:
87:9e:2a:75:77:2f:9b:e7:2b:01:4a:4f:6b:e5:f7:
63:01:c5:c1:c8:19:f9:1f:d3:07:92:94:8e:ad:b2:
9d:5d:28:ee:f0:e5:c8:69:56:71:1a:81:fd:13:7b:
a7:f2:43:93:6a:37:1c:c2:9d:3c:6b:c1:d5:cc:d7:
b9:13:d0:b5:2a:80:b1:b8:38:1b:5b:16:bb:72:34:
2f:a1:fb:e7:15:45:3d:7d:de:eb:ac:65:35:fe:79:
4d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9C:A0:B1:47:FA:4D:4A:94:60:8F:05:57:67:23:4E:21:12:05:D1
X509v3 Authority Key Identifier:
keyid:B1:A0:BD:42:05:8A:03:90:F4:63:CF:EB:7B:17:E2:1D:E0:B7:55:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saC9QgWKA5D0Y8_rexfiHeC3VQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c6f76b-7887-412a-bab4-ec2819c0ac4d/1/M5ygsUf6TUqUYI8FV2cjTiESBdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c6f76b-7887-412a-bab4-ec2819c0ac4d/1/saC9QgWKA5D0Y8_rexfiHeC3VQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.92.0/22
88.151.160.0/21
89.248.0.0/20
91.184.128.0/19
195.177.96.0/23
195.177.99.0/24
IPv6:
2a00:1a78::/32
Signature Algorithm: sha256WithRSAEncryption
12:17:43:b9:6a:ee:c6:0d:1b:73:2d:bd:02:e8:f2:7a:d1:88:
d5:9c:00:23:ad:4b:c7:e9:c1:34:1e:d4:4c:92:99:59:5d:cc:
5e:a9:ef:36:6d:a9:35:1e:e3:a7:51:d2:f0:6c:0f:89:ec:27:
db:cb:ca:d6:4e:2a:98:ed:df:6f:00:58:c4:59:70:6b:66:f1:
15:4e:68:a6:6e:8c:61:48:b4:61:6e:01:be:da:36:22:35:e9:
cc:93:36:b0:d0:06:83:7e:79:cb:63:0c:8c:f3:f5:93:61:f6:
c7:5c:24:00:80:ba:b7:5f:f7:93:aa:a0:77:d2:d2:c1:7a:9a:
f7:15:ff:14:93:6e:a0:cc:91:d3:1f:4c:44:26:da:be:71:e9:
24:4f:bf:ba:5b:66:cc:eb:4b:ed:27:62:70:23:79:0c:10:ce:
0f:11:e5:9a:71:d0:bb:13:ec:d5:8b:f8:92:4f:96:bd:60:6e:
ff:3e:03:86:d4:0f:59:53:ba:06:48:bb:09:f9:f7:79:37:0a:
4c:f5:42:e6:c5:ea:2f:c6:44:cb:30:1e:d4:79:2c:b8:b9:6e:
60:0c:51:9b:14:79:47:33:79:c5:63:7a:f8:b4:f9:c4:fc:20:
db:b0:39:e7:12:ea:2e:11:83:d4:ba:44:a9:dd:73:3b:e1:8c:
23:1f:f9:cc
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQi/Az3U1uQSbwwtesJnPFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTBiZDQyMDU4YTAzOTBmNDYzY2ZlYjdiMTdlMjFkZTBi
NzU1MDAwHhcNMjUwMTAxMTc0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzljYTBiMTQ3ZmE0ZDRhOTQ2MDhmMDU1NzY3MjM0ZTIxMTIwNWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqID2NRD5nwZA4xKCTXupYg2e4b9L
hm25LGaZ7JoVosAwuFRf9Q+QddM3Nl+9aif6+agEaOEMMxTI77cNG576n66tIY4b
t1wfxIr59SFmvKutRjbU8Jl78bNXCpgcGQWaPZSksqSk5Pyh50SVwqUq+048SOth
AZf1NKcVYRxcmu1juif6zBjRSuGk7DDGCTMRvsW7HXYblU+XirrKdRBv2mySAZyH
nip1dy+b5ysBSk9r5fdjAcXByBn5H9MHkpSOrbKdXSju8OXIaVZxGoH9E3un8kOT
ajccwp08a8HVzNe5E9C1KoCxuDgbWxa7cjQvofvnFUU9fd7rrGU1/nlN6wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDOcoLFH+k1KlGCPBVdnI04hEgXRMB8GA1UdIwQY
MBaAFLGgvUIFigOQ9GPP63sX4h3gt1UAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FDOVFnV0tBNUQwWThfcmV4ZmlIZUMzVlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9jNmY3NmItNzg4Ny00MTJhLWJhYjQt
ZWMyODE5YzBhYzRkLzEvTTV5Z3NVZjZUVXFVWUk4RlYyY2pUaUVTQmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9jNmY3NmItNzg4Ny00MTJhLWJhYjQtZWMyODE5YzBhYzRk
LzEvc2FDOVFnV0tBNUQwWThfcmV4ZmlIZUMzVlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZ5cAwQD
WJegAwQEWfgAAwQFW7iAAwQBw7FgAwQAw7FjMA0EAgACMAcDBQAqABp4MA0GCSqG
SIb3DQEBCwUAA4IBAQASF0O5au7GDRtzLb0C6PJ60YjVnAAjrUvH6cE0HtRMkplZ
Xcxeqe82bak1HuOnUdLwbA+J7Cfby8rWTiqY7d9vAFjEWXBrZvEVTmimboxhSLRh
bgG+2jYiNenMkzaw0AaDfnnLYwyM8/WTYfbHXCQAgLq3X/eTqqB30tLBepr3Ff8U
k26gzJHTH0xEJtq+cekkT7+6W2bM60vtJ2JwI3kMEM4PEeWacdC7E+zVi/iST5a9
YG7/PgOG1A9ZU7oGSLsJ+fd5NwpM9ULmxeovxkTLMB7UeSy4uW5gDFGbFHlHM3nF
Y3r4tPnE/CDbsDnnEuouEYPUukSp3XM74YwjH/nM
-----END CERTIFICATE-----
Generated at Fri Apr 25 19:03:09 2025 by rpki-client