Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/DQo4EErqs46yA4QIpyLHGlOprVU.roa
File: DQo4EErqs46yA4QIpyLHGlOprVU.roa (raw, json)
Hash identifier: jpEUtUNk7NIqvU0XQCmCZgYXNkApAZ2zVdQgWdhDGWc=
Subject key identifier: 0D:0A:38:10:4A:EA:B3:8E:B2:03:84:08:A7:22:C7:1A:53:A9:AD:55
Certificate issuer: /CN=e067a7b9de767eb97db64e516478494633bd54ea
Certificate serial: 019420D59ED3920B04D7E251D387F30D4D8C
Authority key identifier: E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/DQo4EErqs46yA4QIpyLHGlOprVU.roa
Signing time: Wed 01 Jan 2025 07:47:38 +0000
ROA not before: Wed 01 Jan 2025 07:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39878
IP address blocks: 45.67.168.0/22 maxlen: 22
91.135.160.0/20 maxlen: 20
185.33.8.0/22 maxlen: 22
185.64.48.0/22 maxlen: 22
185.87.237.0/24 maxlen: 24
185.87.238.0/23 maxlen: 23
185.196.240.0/22 maxlen: 22
2a04:40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:9e:d3:92:0b:04:d7:e2:51:d3:87:f3:0d:4d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e067a7b9de767eb97db64e516478494633bd54ea
Validity
Not Before: Jan 1 07:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d0a38104aeab38eb2038408a722c71a53a9ad55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3f:4e:27:79:eb:d0:66:c7:02:e0:ae:2e:65:
bf:ee:be:50:55:15:9b:4e:1f:6a:35:08:c0:ad:79:
4a:da:16:2a:df:6a:bd:89:9e:3b:2c:11:5c:dd:41:
6a:8d:30:7a:5a:d8:36:1f:19:39:86:49:31:43:e8:
bf:c8:09:26:c3:d7:8c:88:30:cd:8e:b2:2b:8f:cb:
36:63:c4:c4:68:60:7a:b2:da:03:94:d0:06:bd:45:
12:0c:6c:6f:20:68:f5:e4:f9:4f:d2:2e:35:5c:4f:
75:89:6a:24:1a:e7:33:23:6f:6c:34:26:d4:7a:fc:
19:b6:b3:a9:45:b2:fa:21:3b:c0:e3:01:38:9e:ac:
c7:80:f3:a4:59:c8:2e:a9:54:d7:b9:eb:79:86:8d:
ca:5d:d2:b9:54:95:a0:0d:7c:01:18:7b:24:fd:b3:
6a:97:97:77:4d:33:06:ed:65:12:a6:8d:3a:b7:a2:
ba:a4:f4:8a:eb:9c:4c:47:7f:83:10:43:d1:91:d3:
d8:f8:f9:b9:f0:c1:2e:51:58:36:26:63:13:48:e0:
a4:9f:21:b2:3c:58:6e:be:96:00:89:9b:c9:b9:6c:
98:38:03:bd:9e:98:b8:5f:4f:40:90:e8:4b:cd:30:
43:57:55:55:40:44:fd:09:ad:3e:d4:95:ee:de:f7:
1a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:0A:38:10:4A:EA:B3:8E:B2:03:84:08:A7:22:C7:1A:53:A9:AD:55
X509v3 Authority Key Identifier:
keyid:E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/DQo4EErqs46yA4QIpyLHGlOprVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.168.0/22
91.135.160.0/20
185.33.8.0/22
185.64.48.0/22
185.87.237.0-185.87.239.255
185.196.240.0/22
IPv6:
2a04:40::/29
Signature Algorithm: sha256WithRSAEncryption
9a:a1:cd:db:0b:90:20:23:ab:33:18:31:f6:23:e4:e1:2d:64:
25:ac:a4:28:43:1a:8c:90:a1:4c:4e:9f:b5:63:b3:e0:b4:0e:
c2:2f:54:80:5e:cd:56:d3:6b:f9:48:34:81:8f:ef:c0:72:68:
5f:92:95:12:12:03:01:ed:cc:3b:c5:69:66:fe:f3:e8:72:77:
13:6d:ab:35:b8:05:b9:f4:62:3d:dc:bf:14:d6:04:e0:14:85:
aa:fc:16:ed:03:5c:7c:31:67:c6:b7:72:97:7e:0c:d0:13:24:
c1:13:8c:2d:0e:70:1f:e1:6c:84:ba:d0:df:1a:c1:bc:27:ac:
89:0f:d5:fa:58:88:3b:3a:53:74:b5:b9:16:48:90:81:9d:13:
4a:86:18:e2:15:ab:c5:3c:34:bb:c8:3b:ff:4b:a0:cb:d4:d0:
dc:b6:cc:50:ef:0d:a7:ec:bd:9c:54:11:60:9f:65:1f:d0:34:
f2:43:46:d0:63:62:2d:b9:2d:71:7b:7b:f3:77:df:c8:2d:83:
99:ff:38:66:4a:65:4b:ad:53:a6:27:07:d9:dc:3d:ed:70:dc:
2b:0c:6d:22:cf:e9:d5:76:34:15:0e:2a:f4:74:68:7e:18:3e:
33:2b:72:63:4a:04:dd:48:71:84:3a:de:cc:dc:7c:5a:0a:5f:
cb:5a:92:28
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQg1Z7TkgsE1+JR04fzDU2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNjdhN2I5ZGU3NjdlYjk3ZGI2NGU1MTY0Nzg0OTQ2MzNi
ZDU0ZWEwHhcNMjUwMTAxMDc0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDBhMzgxMDRhZWFiMzhlYjIwMzg0MDhhNzIyYzcxYTUzYTlhZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD9OJ3nr0GbHAuCuLmW/7r5QVRWb
Th9qNQjArXlK2hYq32q9iZ47LBFc3UFqjTB6Wtg2Hxk5hkkxQ+i/yAkmw9eMiDDN
jrIrj8s2Y8TEaGB6stoDlNAGvUUSDGxvIGj15PlP0i41XE91iWokGuczI29sNCbU
evwZtrOpRbL6ITvA4wE4nqzHgPOkWcguqVTXuet5ho3KXdK5VJWgDXwBGHsk/bNq
l5d3TTMG7WUSpo06t6K6pPSK65xMR3+DEEPRkdPY+Pm58MEuUVg2JmMTSOCknyGy
PFhuvpYAiZvJuWyYOAO9npi4X09AkOhLzTBDV1VVQET9Ca0+1JXu3vca2wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFA0KOBBK6rOOsgOECKcixxpTqa1VMB8GA1UdIwQY
MBaAFOBnp7nedn65fbZOUWR4SUYzvVTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYt
NzY4ZjNkNmVlMTllLzEvRFFvNEVFcnFzNDZ5QTRRSXB5TEhHbE9wclZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYtNzY4ZjNkNmVlMTll
LzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCLUOoAwQE
W4egAwQCuSEIAwQCuUAwMAwDBAC5V+0DBAS5V+ADBAK5xPAwDQQCAAIwBwMFAyoE
AEAwDQYJKoZIhvcNAQELBQADggEBAJqhzdsLkCAjqzMYMfYj5OEtZCWspChDGoyQ
oUxOn7Vjs+C0DsIvVIBezVbTa/lINIGP78ByaF+SlRISAwHtzDvFaWb+8+hydxNt
qzW4Bbn0Yj3cvxTWBOAUhar8Fu0DXHwxZ8a3cpd+DNATJMETjC0OcB/hbIS60N8a
wbwnrIkP1fpYiDs6U3S1uRZIkIGdE0qGGOIVq8U8NLvIO/9LoMvU0Ny2zFDvDafs
vZxUEWCfZR/QNPJDRtBjYi25LXF7e/N338gtg5n/OGZKZUutU6YnB9ncPe1w3CsM
bSLP6dV2NBUOKvR0aH4YPjMrcmNKBN1IcYQ63szcfFoKX8takig=
-----END CERTIFICATE-----
Generated at Tue May 13 12:38:40 2025 by rpki-client