Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/b69633-c031-4d25-9e0e-65640f1c179a/1/UfRDoAWDKGsXBQFJZfp7lG85sGU.roa
File: UfRDoAWDKGsXBQFJZfp7lG85sGU.roa (raw, json)
Hash identifier: 9M4lkZntB8nlVH2p7zUMp7EJK070pmxoOnJnaHWBY5g=
Subject key identifier: 51:F4:43:A0:05:83:28:6B:17:05:01:49:65:FA:7B:94:6F:39:B0:65
Certificate issuer: /CN=0d4b74d489c49278a3003994ac97fd407d7236e5
Certificate serial: 019425FC0DD7D1E2AF0B58CC8A0E75BF1B35
Authority key identifier: 0D:4B:74:D4:89:C4:92:78:A3:00:39:94:AC:97:FD:40:7D:72:36:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUt01InEknijADmUrJf9QH1yNuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/b69633-c031-4d25-9e0e-65640f1c179a/1/UfRDoAWDKGsXBQFJZfp7lG85sGU.roa
Signing time: Thu 02 Jan 2025 07:47:43 +0000
ROA not before: Thu 02 Jan 2025 07:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212751
IP address blocks: 45.66.144.0/24 maxlen: 24
45.66.145.0/24 maxlen: 24
45.66.146.0/24 maxlen: 24
45.66.147.0/24 maxlen: 24
2a10:7c40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:0d:d7:d1:e2:af:0b:58:cc:8a:0e:75:bf:1b:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d4b74d489c49278a3003994ac97fd407d7236e5
Validity
Not Before: Jan 2 07:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51f443a00583286b1705014965fa7b946f39b065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4b:ed:39:3f:70:a3:e3:0f:72:f2:d4:45:7b:
31:d6:72:2c:c5:5c:41:e6:69:e9:b6:44:2d:54:bf:
ff:92:22:fb:fe:92:7c:a8:20:58:f7:c7:20:39:6d:
d1:63:d5:5a:bd:23:f6:60:e1:cc:74:c7:bf:d9:ab:
9d:9c:95:c8:48:2d:a6:64:f9:f1:d6:5d:46:12:62:
c4:33:6d:b9:77:58:e5:72:54:31:25:55:aa:31:a1:
2a:7f:a1:8d:e1:7c:d5:10:4a:48:2c:7a:00:74:b7:
13:26:70:b9:30:98:c1:19:56:c0:f3:89:f7:99:89:
aa:61:80:f8:a0:20:bb:e9:91:c8:8f:59:d2:3b:ca:
72:ee:cd:a6:86:15:68:cc:a1:67:f6:f5:3a:92:6c:
ee:bd:bc:a3:b1:ca:c9:8b:ba:e3:98:5a:79:62:f9:
d5:ca:19:80:26:3a:49:c8:10:88:b1:74:c9:1d:3b:
6b:b0:07:59:f9:48:76:a3:ab:c6:2a:ab:86:86:af:
05:09:fc:56:48:c7:83:a5:01:06:59:ea:a0:7a:68:
08:74:83:a2:6f:e8:39:a1:9b:fd:bb:a1:29:31:cb:
47:85:fd:e1:d2:ff:07:0f:a5:12:ed:f5:87:6d:93:
c9:7a:7c:80:d1:b5:07:93:fa:59:36:48:a2:91:07:
6c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:F4:43:A0:05:83:28:6B:17:05:01:49:65:FA:7B:94:6F:39:B0:65
X509v3 Authority Key Identifier:
keyid:0D:4B:74:D4:89:C4:92:78:A3:00:39:94:AC:97:FD:40:7D:72:36:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUt01InEknijADmUrJf9QH1yNuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/b69633-c031-4d25-9e0e-65640f1c179a/1/UfRDoAWDKGsXBQFJZfp7lG85sGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/b69633-c031-4d25-9e0e-65640f1c179a/1/DUt01InEknijADmUrJf9QH1yNuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.144.0/22
IPv6:
2a10:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
66:66:fe:d9:67:cf:b9:75:2a:48:16:1c:74:d9:27:c1:83:e7:
ea:a6:43:89:c5:64:0a:8a:19:98:78:6f:46:88:12:fc:bf:c2:
96:e4:29:9a:4b:1c:62:b6:be:90:78:79:0a:07:7b:eb:f9:4d:
ad:ec:6c:6f:4f:30:db:8f:f3:b9:60:75:0e:1d:40:1c:4a:77:
2f:18:a2:da:6b:d3:57:08:49:cc:65:a9:ef:f8:d2:09:fb:9f:
39:44:51:0b:ef:2f:c4:84:77:8d:47:59:2f:fc:7f:da:a4:3b:
37:82:0d:32:52:22:d6:82:d4:ef:5f:90:4f:91:f9:1f:64:9f:
c6:c5:3d:d6:2e:6b:31:dc:9b:a4:d8:a6:11:c3:eb:54:a2:da:
83:b1:b5:65:63:62:4a:82:38:25:5e:73:fb:84:de:96:0f:00:
0f:1f:12:36:aa:f7:5d:fe:b9:f9:ab:f3:10:5d:92:d6:1c:82:
79:04:b2:02:84:91:36:1b:0f:94:f3:f5:96:99:ca:5a:ac:e5:
2a:59:bd:2f:8b:ec:f2:f6:b6:1d:b3:e1:43:25:4a:f1:5a:04:
de:d2:6a:d0:07:7b:8c:c3:fa:ef:00:f3:d6:8a:af:01:63:48:
76:55:8f:14:05:2f:8c:d0:80:b8:84:7b:8d:1a:c0:2b:51:bd:
66:a3:82:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/A3X0eKvC1jMig51vxs1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGI3NGQ0ODljNDkyNzhhMzAwMzk5NGFjOTdmZDQwN2Q3
MjM2ZTUwHhcNMjUwMTAyMDc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWY0NDNhMDA1ODMyODZiMTcwNTAxNDk2NWZhN2I5NDZmMzliMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUvtOT9wo+MPcvLURXsx1nIsxVxB
5mnptkQtVL//kiL7/pJ8qCBY98cgOW3RY9VavSP2YOHMdMe/2audnJXISC2mZPnx
1l1GEmLEM225d1jlclQxJVWqMaEqf6GN4XzVEEpILHoAdLcTJnC5MJjBGVbA84n3
mYmqYYD4oCC76ZHIj1nSO8py7s2mhhVozKFn9vU6kmzuvbyjscrJi7rjmFp5YvnV
yhmAJjpJyBCIsXTJHTtrsAdZ+Uh2o6vGKquGhq8FCfxWSMeDpQEGWeqgemgIdIOi
b+g5oZv9u6EpMctHhf3h0v8HD6US7fWHbZPJenyA0bUHk/pZNkiikQdsIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFH0Q6AFgyhrFwUBSWX6e5RvObBlMB8GA1UdIwQY
MBaAFA1LdNSJxJJ4owA5lKyX/UB9cjblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFV0MDFJbkVrbmlqQURtVXJKZjlRSDF5TnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iNjk2MzMtYzAzMS00ZDI1LTllMGUt
NjU2NDBmMWMxNzlhLzEvVWZSRG9BV0RLR3NYQlFGSlpmcDdsRzg1c0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iNjk2MzMtYzAzMS00ZDI1LTllMGUtNjU2NDBmMWMxNzlh
LzEvRFV0MDFJbkVrbmlqQURtVXJKZjlRSDF5TnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUKQMA0E
AgACMAcDBQMqEHxAMA0GCSqGSIb3DQEBCwUAA4IBAQBmZv7ZZ8+5dSpIFhx02SfB
g+fqpkOJxWQKihmYeG9GiBL8v8KW5CmaSxxitr6QeHkKB3vr+U2t7GxvTzDbj/O5
YHUOHUAcSncvGKLaa9NXCEnMZanv+NIJ+585RFEL7y/EhHeNR1kv/H/apDs3gg0y
UiLWgtTvX5BPkfkfZJ/GxT3WLmsx3Juk2KYRw+tUotqDsbVlY2JKgjglXnP7hN6W
DwAPHxI2qvdd/rn5q/MQXZLWHIJ5BLIChJE2Gw+U8/WWmcparOUqWb0vi+zy9rYd
s+FDJUrxWgTe0mrQB3uMw/rvAPPWiq8BY0h2VY8UBS+M0IC4hHuNGsArUb1mo4Lj
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:56:46 2025 by rpki-client