Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/TxgWU0nvaqfYf5KLCtN7215KdmY.roa
File: TxgWU0nvaqfYf5KLCtN7215KdmY.roa (raw, json)
Hash identifier: vHdeUjHRwKKcXd4EFn4jfrTBP0o0226rGGUhHErptwk=
Subject key identifier: 4F:18:16:53:49:EF:6A:A7:D8:7F:92:8B:0A:D3:7B:DB:5E:4A:76:66
Certificate issuer: /CN=28178243a0866b091272d1e1eb451e71e413b99a
Certificate serial: 0194228E2CD43A9083A7DF0C0473E9372ED9
Authority key identifier: 28:17:82:43:A0:86:6B:09:12:72:D1:E1:EB:45:1E:71:E4:13:B9:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/TxgWU0nvaqfYf5KLCtN7215KdmY.roa
Signing time: Wed 01 Jan 2025 15:48:50 +0000
ROA not before: Wed 01 Jan 2025 15:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208152
IP address blocks: 45.85.220.0/22 maxlen: 22
185.61.248.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:2c:d4:3a:90:83:a7:df:0c:04:73:e9:37:2e:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28178243a0866b091272d1e1eb451e71e413b99a
Validity
Not Before: Jan 1 15:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f18165349ef6aa7d87f928b0ad37bdb5e4a7666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7c:65:ff:a1:18:d7:cc:ad:f6:d0:0f:4b:c4:
59:e7:7f:2b:bf:a6:82:f3:2c:83:cb:1c:29:6d:12:
da:25:69:56:3c:63:f5:e8:38:8c:01:cd:6a:e4:35:
85:cc:92:c9:cd:f6:c0:e6:77:5d:68:8d:ff:05:be:
20:3e:e4:94:ab:f3:e3:23:eb:51:28:da:ad:40:c1:
7e:e6:9c:f0:5d:b3:73:58:8b:28:59:a4:f9:f9:b2:
ea:ab:5f:d8:fd:54:cd:aa:65:ad:e9:bb:d7:0c:34:
62:42:3a:56:1e:68:21:f9:cb:c9:b9:9d:6b:b9:59:
79:aa:7b:3e:19:ac:90:61:36:99:20:97:4f:bf:b4:
0c:bd:10:5c:95:6d:f1:6d:d7:36:fe:8b:e3:fb:4b:
b3:0f:b5:f1:bd:48:e4:06:27:8e:d2:c4:b2:ac:64:
e2:4a:ad:2f:dd:a6:99:56:ae:31:a0:8f:e8:4d:cc:
54:60:d3:05:b3:5a:cb:85:05:33:77:54:e5:83:98:
e5:7e:39:f7:e4:7a:48:12:f4:76:a9:2a:8f:8c:2d:
39:48:d1:07:6e:66:d7:91:63:f8:d6:34:93:e5:db:
98:e8:f0:9b:b7:f7:60:41:e1:1b:2a:14:b5:82:f2:
d3:6d:ba:a2:ee:e1:32:32:24:de:c0:53:98:e3:10:
34:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:18:16:53:49:EF:6A:A7:D8:7F:92:8B:0A:D3:7B:DB:5E:4A:76:66
X509v3 Authority Key Identifier:
keyid:28:17:82:43:A0:86:6B:09:12:72:D1:E1:EB:45:1E:71:E4:13:B9:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/TxgWU0nvaqfYf5KLCtN7215KdmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/KBeCQ6CGawkSctHh60UeceQTuZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.220.0/22
185.61.248.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:06:4e:71:a0:71:c5:b9:fc:6b:31:87:67:70:89:3d:a9:98:
4b:e1:d1:af:86:48:c6:66:1a:c4:39:45:1e:0f:ba:48:48:a7:
de:74:48:a1:a8:86:06:45:31:00:5d:e8:16:bc:39:db:c4:46:
dd:82:05:ba:62:08:f9:fc:b3:f5:e5:0b:77:8c:a5:ec:3e:03:
2f:13:3f:60:e7:bd:d1:cc:47:34:b5:9e:37:dc:98:d2:ca:9b:
5f:36:30:79:e8:2e:ad:1f:a1:54:c7:1f:50:54:63:29:eb:21:
76:b6:71:58:e8:a3:09:8a:70:ff:87:80:83:bd:a8:73:a7:0c:
15:f6:dc:7d:2e:0e:82:da:28:96:7d:9a:e3:13:3e:d9:13:3d:
da:40:c6:14:f8:97:29:be:ec:49:bc:6e:44:ea:ff:d5:41:bb:
d8:6a:3f:ea:bd:c4:c8:87:cc:c3:41:80:99:01:d6:06:c8:13:
56:cb:af:c9:42:b6:b7:36:13:46:2f:32:e0:26:4d:c2:36:cf:
d2:78:0d:2e:91:f9:21:64:92:4e:bd:4b:f2:a0:1f:4e:d5:98:
d2:6c:5f:0f:dc:b2:10:99:5a:1c:0e:d4:aa:ab:7f:11:92:ec:
1d:28:1e:7f:25:c0:2a:df:f7:ef:fb:6b:3c:84:35:ec:75:40:
bd:d3:fb:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijizUOpCDp98MBHPpNy7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTc4MjQzYTA4NjZiMDkxMjcyZDFlMWViNDUxZTcxZTQx
M2I5OWEwHhcNMjUwMTAxMTU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjE4MTY1MzQ5ZWY2YWE3ZDg3ZjkyOGIwYWQzN2JkYjVlNGE3NjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnxl/6EY18yt9tAPS8RZ538rv6aC
8yyDyxwpbRLaJWlWPGP16DiMAc1q5DWFzJLJzfbA5nddaI3/Bb4gPuSUq/PjI+tR
KNqtQMF+5pzwXbNzWIsoWaT5+bLqq1/Y/VTNqmWt6bvXDDRiQjpWHmgh+cvJuZ1r
uVl5qns+GayQYTaZIJdPv7QMvRBclW3xbdc2/ovj+0uzD7XxvUjkBieO0sSyrGTi
Sq0v3aaZVq4xoI/oTcxUYNMFs1rLhQUzd1Tlg5jlfjn35HpIEvR2qSqPjC05SNEH
bmbXkWP41jST5duY6PCbt/dgQeEbKhS1gvLTbbqi7uEyMiTewFOY4xA0EQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE8YFlNJ72qn2H+SiwrTe9teSnZmMB8GA1UdIwQY
MBaAFCgXgkOghmsJEnLR4etFHnHkE7maMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JlQ1E2Q0dhd2tTY3RIaDYwVWVjZVFUdVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS83NDdkYjgtYWM1Ny00NmE4LWI2MzIt
NmNlM2MwM2ExMzRjLzEvVHhnV1UwbnZhcWZZZjVLTEN0TjcyMTVLZG1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS83NDdkYjgtYWM1Ny00NmE4LWI2MzItNmNlM2MwM2ExMzRj
LzEvS0JlQ1E2Q0dhd2tTY3RIaDYwVWVjZVFUdVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVXcAwQC
uT34MA0GCSqGSIb3DQEBCwUAA4IBAQDGBk5xoHHFufxrMYdncIk9qZhL4dGvhkjG
ZhrEOUUeD7pISKfedEihqIYGRTEAXegWvDnbxEbdggW6Ygj5/LP15Qt3jKXsPgMv
Ez9g573RzEc0tZ433JjSyptfNjB56C6tH6FUxx9QVGMp6yF2tnFY6KMJinD/h4CD
vahzpwwV9tx9Lg6C2iiWfZrjEz7ZEz3aQMYU+JcpvuxJvG5E6v/VQbvYaj/qvcTI
h8zDQYCZAdYGyBNWy6/JQra3NhNGLzLgJk3CNs/SeA0ukfkhZJJOvUvyoB9O1ZjS
bF8P3LIQmVocDtSqq38RkuwdKB5/JcAq3/fv+2s8hDXsdUC90/uk
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:12:04 2025 by rpki-client