Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/ImRadYww2A6Dq-tSYC17eeyNy-g.roa
File: ImRadYww2A6Dq-tSYC17eeyNy-g.roa (raw, json)
Hash identifier: N+zi0bvehSZ414gXmh5UuaJfZjfWCNT2T2LvtSDCQO0=
Subject key identifier: 22:64:5A:75:8C:30:D8:0E:83:AB:EB:52:60:2D:7B:79:EC:8D:CB:E8
Certificate issuer: /CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Certificate serial: 0194266C2449447EF0D216391E814760F348
Authority key identifier: 45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/ImRadYww2A6Dq-tSYC17eeyNy-g.roa
Signing time: Thu 02 Jan 2025 09:50:08 +0000
ROA not before: Thu 02 Jan 2025 09:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 45.157.138.0/24 maxlen: 24
178.211.154.0/24 maxlen: 24
185.225.188.0/24 maxlen: 24
193.56.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:24:49:44:7e:f0:d2:16:39:1e:81:47:60:f3:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Validity
Not Before: Jan 2 09:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22645a758c30d80e83abeb52602d7b79ec8dcbe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4a:c5:a8:10:9f:3d:3c:8f:b0:3b:62:16:02:
39:db:ce:70:80:ca:d4:06:b7:0b:30:5c:42:5f:2e:
9a:f7:02:d9:2a:13:1d:a6:7c:af:98:18:f4:cf:14:
e7:69:4f:e5:c6:4a:cd:19:49:09:e6:85:35:dd:9a:
52:85:b4:be:2f:39:59:14:3a:c8:70:ae:50:6c:32:
f0:02:ba:55:19:70:fa:c7:83:8f:86:ff:62:04:74:
e9:76:28:b8:69:f1:75:90:f3:e4:81:2f:96:6b:44:
84:4d:b7:20:33:60:32:2f:5e:f6:aa:4a:2d:e8:dd:
dd:65:dc:86:63:a6:dd:e5:32:5f:01:13:98:af:74:
f9:12:79:a6:bb:b9:86:d4:2b:85:30:22:e1:f9:21:
b8:a9:b4:d9:2c:b5:c0:a8:b7:7a:cd:52:9b:8b:f1:
17:c4:fe:79:cd:67:d7:ce:9d:f9:bc:97:80:bb:e7:
54:77:0b:0d:20:72:5d:51:f5:52:54:f5:b0:e3:7e:
8a:54:06:d3:fd:70:36:d0:9c:95:7d:ff:13:cb:74:
1f:b4:67:29:ec:81:f1:e3:7e:02:96:c2:4c:20:29:
c5:4f:ce:60:0d:cd:a0:a1:fd:fa:52:7c:76:74:64:
5a:03:ef:98:03:0d:d9:d6:7d:90:e9:3f:cc:21:c3:
99:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:64:5A:75:8C:30:D8:0E:83:AB:EB:52:60:2D:7B:79:EC:8D:CB:E8
X509v3 Authority Key Identifier:
keyid:45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/ImRadYww2A6Dq-tSYC17eeyNy-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/RbvSGTZCUwoBf08cvlYuIXCz370.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.138.0/24
178.211.154.0/24
185.225.188.0/24
193.56.112.0/24
Signature Algorithm: sha256WithRSAEncryption
53:4a:0a:70:12:83:56:28:5b:3d:e6:1f:e0:67:d8:48:42:43:
21:85:25:2a:6f:e7:21:31:71:9b:b0:3e:b6:5d:5e:94:64:a2:
cd:2b:3d:57:2f:6a:b7:84:e4:55:28:ee:0c:43:fa:03:0c:41:
9b:2e:46:30:2f:85:32:6e:74:a9:db:0f:68:fe:30:d2:0d:cf:
05:e9:a5:43:72:ad:bf:84:d7:b3:6e:f3:31:74:29:7a:07:17:
71:f5:99:34:a2:07:66:ac:d4:08:e3:81:29:5e:6b:c9:3f:da:
75:a7:f8:d3:d9:8e:9e:a2:09:54:00:5c:a5:8d:ca:6b:60:2b:
3e:b5:d7:7c:1d:f9:40:95:bd:bb:e4:5a:b9:74:c6:53:9e:fe:
d8:41:1a:6b:88:a1:ba:66:09:df:94:3b:62:14:9a:68:e6:2c:
9b:38:8a:05:3f:d4:c9:f9:fe:bc:66:b1:75:27:dc:27:2d:5b:
58:8a:53:aa:c9:3c:a7:67:d0:0d:9a:0e:2a:90:06:20:dc:51:
28:bc:ba:4d:be:74:8f:cf:96:fb:f8:13:7a:ef:88:dc:06:80:
9f:d3:ad:ff:ab:b2:ab:b1:0d:c9:ae:f5:d0:99:85:90:a6:58:
d7:0f:1d:7b:0d:2a:19:e2:2a:ee:2b:c5:fe:14:5c:fa:cc:ac:
db:63:96:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQmbCRJRH7w0hY5HoFHYPNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YmJkMjE5MzY0MjUzMGEwMTdmNGYxY2JlNTYyZTIxNzBi
M2RmYmQwHhcNMjUwMTAyMDk1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjY0NWE3NThjMzBkODBlODNhYmViNTI2MDJkN2I3OWVjOGRjYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UrFqBCfPTyPsDtiFgI5285wgMrU
BrcLMFxCXy6a9wLZKhMdpnyvmBj0zxTnaU/lxkrNGUkJ5oU13ZpShbS+LzlZFDrI
cK5QbDLwArpVGXD6x4OPhv9iBHTpdii4afF1kPPkgS+Wa0SETbcgM2AyL172qkot
6N3dZdyGY6bd5TJfAROYr3T5Enmmu7mG1CuFMCLh+SG4qbTZLLXAqLd6zVKbi/EX
xP55zWfXzp35vJeAu+dUdwsNIHJdUfVSVPWw436KVAbT/XA20JyVff8Ty3QftGcp
7IHx434ClsJMICnFT85gDc2gof36Unx2dGRaA++YAw3Z1n2Q6T/MIcOZtQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCJkWnWMMNgOg6vrUmAte3nsjcvoMB8GA1UdIwQY
MBaAFEW70hk2QlMKAX9PHL5WLiFws9+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTIt
Yzc3OTA1ZmJiYTdiLzEvSW1SYWRZd3cyQTZEcS10U1lDMTdlZXlOeS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTItYzc3OTA1ZmJiYTdi
LzEvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZ2KAwQA
stOaAwQAueG8AwQAwThwMA0GCSqGSIb3DQEBCwUAA4IBAQBTSgpwEoNWKFs95h/g
Z9hIQkMhhSUqb+chMXGbsD62XV6UZKLNKz1XL2q3hORVKO4MQ/oDDEGbLkYwL4Uy
bnSp2w9o/jDSDc8F6aVDcq2/hNezbvMxdCl6Bxdx9Zk0ogdmrNQI44EpXmvJP9p1
p/jT2Y6eoglUAFyljcprYCs+tdd8HflAlb275Fq5dMZTnv7YQRpriKG6ZgnflDti
FJpo5iybOIoFP9TJ+f68ZrF1J9wnLVtYilOqyTynZ9ANmg4qkAYg3FEovLpNvnSP
z5b7+BN674jcBoCf063/q7KrsQ3JrvXQmYWQpljXDx17DSoZ4iruK8X+FFz6zKzb
Y5aq
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:09:46 2025 by rpki-client