Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/OiM9JuUPwUTx93F-WTm9SJAc1-E.roa
File: OiM9JuUPwUTx93F-WTm9SJAc1-E.roa (raw, json)
Hash identifier: U1Ux7NpyE3Jd/TFpdNZuyjTyOl5BfpF5UVtjtoD5dLc=
Subject key identifier: 3A:23:3D:26:E5:0F:C1:44:F1:F7:71:7E:59:39:BD:48:90:1C:D7:E1
Certificate issuer: /CN=9b986fc646fda0cf145e10d93fe1b10eb0dee625
Certificate serial: 01941F8C9A9E3A0979B9C9D8E293EB629F49
Authority key identifier: 9B:98:6F:C6:46:FD:A0:CF:14:5E:10:D9:3F:E1:B1:0E:B0:DE:E6:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m5hvxkb9oM8UXhDZP-GxDrDe5iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/OiM9JuUPwUTx93F-WTm9SJAc1-E.roa
Signing time: Wed 01 Jan 2025 01:48:15 +0000
ROA not before: Wed 01 Jan 2025 01:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39761
IP address blocks: 45.11.132.0/22 maxlen: 22
45.14.156.0/22 maxlen: 22
45.83.212.0/22 maxlen: 22
45.87.12.0/22 maxlen: 22
81.90.240.0/20 maxlen: 24
84.246.160.0/21 maxlen: 24
2a00:1268::/32 maxlen: 32
2a0e:6d00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:9a:9e:3a:09:79:b9:c9:d8:e2:93:eb:62:9f:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b986fc646fda0cf145e10d93fe1b10eb0dee625
Validity
Not Before: Jan 1 01:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a233d26e50fc144f1f7717e5939bd48901cd7e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:80:74:8b:bb:eb:f4:50:05:a6:14:6c:7b:7d:
cf:06:63:59:ad:2e:fc:55:ec:a6:2e:3c:01:05:d1:
91:2a:60:0b:32:19:5c:5e:df:28:e6:d3:43:dd:74:
a5:c4:40:3f:1c:80:d7:ca:23:ec:0f:03:96:6a:e2:
05:be:0a:cf:e0:8f:81:78:ec:90:b7:e2:14:cd:e7:
75:06:eb:1c:46:ad:c0:e3:59:26:68:86:e3:6b:45:
2f:b3:a8:ac:9d:a1:33:45:dc:58:9a:15:16:2c:9e:
63:06:2e:41:19:e6:c1:a4:86:a3:b7:15:1c:35:32:
96:6c:46:f9:e3:fe:59:e1:a7:44:9b:53:cb:e2:31:
2f:ff:f9:09:7d:b5:29:4c:7a:27:6e:48:52:3a:30:
bd:2f:05:d0:2a:89:45:b5:ae:15:25:9a:3e:6d:ac:
55:29:69:60:db:a0:93:f6:3d:cf:7b:b4:3b:57:9b:
d2:3b:56:d8:1c:5a:12:b9:60:61:e9:01:ee:fe:ff:
07:83:9d:4c:24:da:50:48:2d:68:74:a2:a1:c9:d8:
83:67:4d:00:2d:b0:18:8d:71:e0:7b:b7:b4:4b:82:
14:e4:f8:8c:1c:ed:0e:25:13:eb:a9:41:88:79:a7:
fc:1a:74:e8:e9:28:50:fc:13:a9:67:03:80:d0:7c:
17:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:23:3D:26:E5:0F:C1:44:F1:F7:71:7E:59:39:BD:48:90:1C:D7:E1
X509v3 Authority Key Identifier:
keyid:9B:98:6F:C6:46:FD:A0:CF:14:5E:10:D9:3F:E1:B1:0E:B0:DE:E6:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5hvxkb9oM8UXhDZP-GxDrDe5iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/OiM9JuUPwUTx93F-WTm9SJAc1-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/m5hvxkb9oM8UXhDZP-GxDrDe5iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.132.0/22
45.14.156.0/22
45.83.212.0/22
45.87.12.0/22
81.90.240.0/20
84.246.160.0/21
IPv6:
2a00:1268::/32
2a0e:6d00::/29
Signature Algorithm: sha256WithRSAEncryption
2f:92:66:e7:d3:85:9c:e8:68:6b:e6:a3:82:81:33:af:1c:85:
08:2e:44:b5:d1:a1:8f:f5:47:d8:33:5e:cb:2c:ee:2a:92:93:
9e:95:5b:07:06:13:30:c5:e8:76:86:1b:13:5f:51:7d:e7:86:
4d:37:64:47:28:c2:b8:f4:bf:67:63:27:d0:aa:37:6c:e5:b8:
e2:52:2c:0c:19:c8:2f:01:d0:17:2f:58:87:bb:77:5e:61:60:
cb:15:c5:7f:99:7f:f2:f4:04:18:05:93:5c:9a:92:a9:53:e7:
71:29:04:36:50:13:0a:f0:39:92:34:a2:f4:50:13:eb:a3:f8:
dd:fc:e5:0c:2f:29:36:1f:05:c3:43:8d:2b:61:aa:5a:a4:8d:
6a:17:0b:f2:c2:fd:b3:96:cd:eb:48:83:15:bd:bc:6c:e1:95:
23:82:47:3b:19:b6:13:6c:91:72:78:7f:c1:99:06:a2:e7:04:
c0:c9:b5:28:9c:b5:51:db:1a:a2:72:fc:ca:76:84:f4:a9:84:
49:21:e8:64:3f:45:de:a1:d4:ae:32:0e:7e:9c:e7:14:ab:b3:
a9:fa:f3:e1:35:b2:22:37:23:f5:1c:02:c2:2f:9a:1c:83:7f:
f2:54:8a:bd:89:4a:63:d3:42:72:31:09:a3:bc:66:ef:a5:64:
ba:37:de:93
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQfjJqeOgl5ucnY4pPrYp9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliOTg2ZmM2NDZmZGEwY2YxNDVlMTBkOTNmZTFiMTBlYjBk
ZWU2MjUwHhcNMjUwMTAxMDE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTIzM2QyNmU1MGZjMTQ0ZjFmNzcxN2U1OTM5YmQ0ODkwMWNkN2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4B0i7vr9FAFphRse33PBmNZrS78
VeymLjwBBdGRKmALMhlcXt8o5tND3XSlxEA/HIDXyiPsDwOWauIFvgrP4I+BeOyQ
t+IUzed1BuscRq3A41kmaIbja0Uvs6isnaEzRdxYmhUWLJ5jBi5BGebBpIajtxUc
NTKWbEb54/5Z4adEm1PL4jEv//kJfbUpTHonbkhSOjC9LwXQKolFta4VJZo+baxV
KWlg26CT9j3Pe7Q7V5vSO1bYHFoSuWBh6QHu/v8Hg51MJNpQSC1odKKhydiDZ00A
LbAYjXHge7e0S4IU5PiMHO0OJRPrqUGIeaf8GnTo6ShQ/BOpZwOA0HwXHQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFDojPSblD8FE8fdxflk5vUiQHNfhMB8GA1UdIwQY
MBaAFJuYb8ZG/aDPFF4Q2T/hsQ6w3uYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTVodnhrYjlvTThVWGhEWlAtR3hEckRlNWlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8zNGJiNzctYzg0Ny00MTExLTk2ZjMt
YmRkNWNjNDQwMzk2LzEvT2lNOUp1VVB3VVR4OTNGLVdUbTlTSkFjMS1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8zNGJiNzctYzg0Ny00MTExLTk2ZjMtYmRkNWNjNDQwMzk2
LzEvbTVodnhrYjlvTThVWGhEWlAtR3hEckRlNWlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLQuEAwQC
LQ6cAwQCLVPUAwQCLVcMAwQEUVrwAwQDVPagMBQEAgACMA4DBQAqABJoAwUDKg5t
ADANBgkqhkiG9w0BAQsFAAOCAQEAL5Jm59OFnOhoa+ajgoEzrxyFCC5EtdGhj/VH
2DNeyyzuKpKTnpVbBwYTMMXodoYbE19RfeeGTTdkRyjCuPS/Z2Mn0Ko3bOW44lIs
DBnILwHQFy9Yh7t3XmFgyxXFf5l/8vQEGAWTXJqSqVPncSkENlATCvA5kjSi9FAT
66P43fzlDC8pNh8Fw0ONK2GqWqSNahcL8sL9s5bN60iDFb28bOGVI4JHOxm2E2yR
cnh/wZkGoucEwMm1KJy1UdsaonL8ynaE9KmESSHoZD9F3qHUrjIOfpznFKuzqfrz
4TWyIjcj9RwCwi+aHIN/8lSKvYlKY9NCcjEJo7xm76Vkujfekw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:17:47 2025 by rpki-client