Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1-a8zXqKmuNRgVPV4192OV1bknwE.roa
File: 1-a8zXqKmuNRgVPV4192OV1bknwE.roa (raw, json)
Hash identifier: gqHxvIckMu2Lte9MvNCn2JfrjMNz47mdlspHr2lNqy0=
Subject key identifier: F9:AF:33:5E:A2:A6:B8:D4:60:54:F5:78:D7:DD:8E:57:56:E4:9F:01
Certificate issuer: /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial: 019423D7D4682252D43849BA4EA8110C10B0
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1-a8zXqKmuNRgVPV4192OV1bknwE.roa
Signing time: Wed 01 Jan 2025 21:48:54 +0000
ROA not before: Wed 01 Jan 2025 21:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59745
IP address blocks: 45.151.92.0/22 maxlen: 24
45.151.94.0/24 maxlen: 24
80.66.96.0/20 maxlen: 24
80.66.106.0/24 maxlen: 24
80.66.109.0/24 maxlen: 24
185.198.200.0/22 maxlen: 24
185.198.203.0/24 maxlen: 24
195.20.20.0/22 maxlen: 24
2a0a:8ec0::/29 maxlen: 48
2a0a:8ec0:3000::/36 maxlen: 36
2a0a:8ec0:8003::/48 maxlen: 48
2a0a:8ec1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:d4:68:22:52:d4:38:49:ba:4e:a8:11:0c:10:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Validity
Not Before: Jan 1 21:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9af335ea2a6b8d46054f578d7dd8e5756e49f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f6:12:ea:bc:89:4c:93:41:03:b3:02:fa:cc:
d7:d2:ad:4a:67:33:53:69:e5:94:4e:8a:c9:ac:0f:
8b:4b:19:5f:32:82:66:3c:cc:90:6b:fb:8c:14:19:
71:8f:b8:31:6c:be:dd:80:2b:ae:2d:f6:96:e3:e7:
5d:78:db:98:db:e5:15:0c:11:19:86:7a:3f:ea:70:
45:5b:83:96:5a:a5:9c:13:e4:6f:47:93:25:73:f3:
02:98:57:e9:c7:5e:8d:bb:3f:c3:04:dc:2e:07:08:
85:b6:b0:23:c4:f4:f2:6a:d6:36:93:b2:ef:c6:8a:
17:7c:c9:db:76:b1:13:6f:95:fd:e1:a8:d9:79:41:
01:97:c4:26:0d:4a:83:26:61:45:7b:2e:31:52:8c:
d0:07:c1:a1:c6:ae:a7:69:1f:42:78:7c:03:ce:25:
55:ac:69:03:62:8c:10:36:77:07:17:16:39:e8:03:
b7:12:da:4f:02:f6:74:59:9c:93:9c:db:53:d2:73:
8e:e9:99:0f:5c:bc:ba:fd:11:67:f5:e2:f3:ed:e4:
94:a8:dd:a0:e5:2d:39:aa:6c:ce:a9:48:48:48:1e:
81:4f:cd:bd:ef:90:01:f9:a6:22:de:99:c7:73:a0:
74:5d:21:d1:18:8e:f6:ac:2d:39:4d:e0:48:89:53:
27:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AF:33:5E:A2:A6:B8:D4:60:54:F5:78:D7:DD:8E:57:56:E4:9F:01
X509v3 Authority Key Identifier:
keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1-a8zXqKmuNRgVPV4192OV1bknwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.92.0/22
80.66.96.0/20
185.198.200.0/22
195.20.20.0/22
IPv6:
2a0a:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:d2:ca:83:fa:9b:ba:b6:d9:1d:d7:7a:f9:37:aa:1d:10:62:
f4:dc:c1:d0:07:74:fe:b4:ed:b6:67:06:c1:c8:31:92:11:20:
03:a8:68:d7:88:5b:5b:60:4b:f6:28:0f:c1:91:51:b1:77:35:
14:65:ec:06:61:35:ac:c7:ee:ca:25:f3:60:43:b6:c6:04:63:
30:46:32:44:2a:c9:f2:7d:5b:9c:91:e0:ec:f9:f6:97:17:e2:
47:ba:be:67:e0:c6:d6:a1:24:09:5a:32:ab:ee:bc:56:87:ec:
72:5a:c9:47:ff:69:e6:65:b7:ff:59:eb:f9:a8:ee:5e:3d:7a:
5a:93:91:6d:2a:13:7d:62:1a:cf:3e:c3:f5:48:92:e6:9e:8d:
8a:48:2e:91:6f:d5:05:cb:80:c8:2d:77:55:6d:09:f7:d6:c3:
ba:90:21:84:ee:2c:b6:37:a4:43:15:04:a3:b0:4d:17:6c:63:
4f:e0:f6:39:75:ed:15:21:a2:c3:ff:8b:c0:19:f1:d5:35:87:
df:f9:49:b8:33:22:94:59:f4:8e:f9:ce:eb:7a:b4:1e:95:50:
f7:f9:ac:94:4a:8d:fd:2a:19:7d:39:cf:e8:27:a9:6c:5b:fd:
ae:cb:22:2b:e6:a5:bb:cb:95:3f:a4:94:78:f2:69:72:92:00:
e0:b2:d4:0d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQj19RoIlLUOEm6TqgRDBCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzNiMTJjOGQ2MzUxOTBlYzkyODQzN2JiZDZjYjBlOGMz
OGY5YTkwHhcNMjUwMTAxMjE0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFmMzM1ZWEyYTZiOGQ0NjA1NGY1NzhkN2RkOGU1NzU2ZTQ5ZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fYS6ryJTJNBA7MC+szX0q1KZzNT
aeWUTorJrA+LSxlfMoJmPMyQa/uMFBlxj7gxbL7dgCuuLfaW4+ddeNuY2+UVDBEZ
hno/6nBFW4OWWqWcE+RvR5Mlc/MCmFfpx16Nuz/DBNwuBwiFtrAjxPTyatY2k7Lv
xooXfMnbdrETb5X94ajZeUEBl8QmDUqDJmFFey4xUozQB8Ghxq6naR9CeHwDziVV
rGkDYowQNncHFxY56AO3EtpPAvZ0WZyTnNtT0nOO6ZkPXLy6/RFn9eLz7eSUqN2g
5S05qmzOqUhISB6BT82975AB+aYi3pnHc6B0XSHRGI72rC05TeBIiVMnCwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPmvM16iprjUYFT1eNfdjldW5J8BMB8GA1UdIwQY
MBaAFNTDsSyNY1GQ7JKEN7vWyw6MOPmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTkt
MGY5ZDU3YTVkNGZhLzEvMS1hOHpYcUttdU5SZ1ZQVjQxOTJPVjFia253RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjMvMmZiNTkzLTQzZjUtNGRiNy05ODE5LTBmOWQ1N2E1ZDRm
YS8xLzFNT3hMSTFqVVpEc2tvUTN1OWJMRG93NC1hay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAi2XXAME
BFBCYAMEArnGyAMEAsMUFDANBAIAAjAHAwUDKgqOwDANBgkqhkiG9w0BAQsFAAOC
AQEADdLKg/qburbZHdd6+TeqHRBi9NzB0Ad0/rTttmcGwcgxkhEgA6ho14hbW2BL
9igPwZFRsXc1FGXsBmE1rMfuyiXzYEO2xgRjMEYyRCrJ8n1bnJHg7Pn2lxfiR7q+
Z+DG1qEkCVoyq+68VofsclrJR/9p5mW3/1nr+ajuXj16WpORbSoTfWIazz7D9UiS
5p6NikgukW/VBcuAyC13VW0J99bDupAhhO4stjekQxUEo7BNF2xjT+D2OXXtFSGi
w/+LwBnx1TWH3/lJuDMilFn0jvnO63q0HpVQ9/mslEqN/SoZfTnP6CepbFv9rssi
K+alu8uVP6SUePJpcpIA4LLUDQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:49:57 2025 by rpki-client