Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/JWbxkXMT1AbpQisEDcJK6XiKzB0.roa
File: JWbxkXMT1AbpQisEDcJK6XiKzB0.roa (raw, json)
Hash identifier: j5i4M4w+YBqEaXEsOz14p6tq/xzrFVxmrAYSCZG3o+M=
Subject key identifier: 25:66:F1:91:73:13:D4:06:E9:42:2B:04:0D:C2:4A:E9:78:8A:CC:1D
Certificate issuer: /CN=485f76274c805d25b115a3adba1d2ea154deead7
Certificate serial: 019497B3700FC6EC4BA93C438F98CD143EBA
Authority key identifier: 48:5F:76:27:4C:80:5D:25:B1:15:A3:AD:BA:1D:2E:A1:54:DE:EA:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SF92J0yAXSWxFaOtuh0uoVTe6tc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/JWbxkXMT1AbpQisEDcJK6XiKzB0.roa
Signing time: Fri 24 Jan 2025 09:45:06 +0000
ROA not before: Fri 24 Jan 2025 09:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206728
IP address blocks: 45.141.84.0/24 maxlen: 24
45.141.85.0/24 maxlen: 24
45.141.86.0/24 maxlen: 24
45.141.87.0/24 maxlen: 24
91.220.163.0/24 maxlen: 24
194.26.25.0/24 maxlen: 24
194.26.29.0/24 maxlen: 24
194.26.69.0/24 maxlen: 24
2a0b:7ec0::/29 maxlen: 48
2a0b:7ec0:1320::/48 maxlen: 48
2a0b:7ec0:1321::/48 maxlen: 48
2a0b:7ec0:7701::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:97:b3:70:0f:c6:ec:4b:a9:3c:43:8f:98:cd:14:3e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=485f76274c805d25b115a3adba1d2ea154deead7
Validity
Not Before: Jan 24 09:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2566f1917313d406e9422b040dc24ae9788acc1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:72:ec:b2:57:34:f8:06:37:17:50:ea:b8:da:
cb:d3:6a:43:96:c7:75:3b:f0:6d:df:21:9d:9a:a7:
55:b6:ff:bd:b5:f9:7b:72:f6:00:b6:22:fd:4d:ee:
3a:59:bb:1d:fb:67:41:c7:1a:2b:d0:aa:6a:3a:c4:
08:f7:a9:c6:2c:19:05:54:60:a2:2c:3d:05:eb:72:
00:60:d8:5b:52:13:2e:96:47:38:5d:71:97:f2:2f:
0f:b4:3a:8e:bb:70:99:18:71:61:f3:16:2d:f1:10:
e3:c8:df:08:71:f6:87:cf:a8:ba:67:f4:27:03:fa:
f8:f9:84:a9:e7:ae:02:69:42:ff:51:45:6c:37:e1:
9e:bd:36:df:52:f4:98:4b:d9:1e:a8:f7:d2:3c:84:
84:be:02:35:fd:38:47:9e:cb:3a:fd:c0:01:7c:2c:
8b:b2:8a:e4:2e:6e:dd:40:9b:1f:cb:d8:e3:5f:c1:
d9:55:9d:f6:ff:b0:e3:09:be:68:2f:3a:35:c7:80:
de:7c:96:d8:d8:20:12:d6:39:d6:14:f3:71:34:53:
11:36:b3:66:c3:f3:24:10:c1:33:c1:65:7c:b6:ac:
d9:f7:cb:88:fd:e0:da:cd:9b:fd:1d:d3:25:48:7c:
dd:78:f0:3f:8c:37:ab:cd:03:83:84:83:a6:94:b4:
fc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:66:F1:91:73:13:D4:06:E9:42:2B:04:0D:C2:4A:E9:78:8A:CC:1D
X509v3 Authority Key Identifier:
keyid:48:5F:76:27:4C:80:5D:25:B1:15:A3:AD:BA:1D:2E:A1:54:DE:EA:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SF92J0yAXSWxFaOtuh0uoVTe6tc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/JWbxkXMT1AbpQisEDcJK6XiKzB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/SF92J0yAXSWxFaOtuh0uoVTe6tc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.84.0/22
91.220.163.0/24
194.26.25.0/24
194.26.29.0/24
194.26.69.0/24
IPv6:
2a0b:7ec0::/29
Signature Algorithm: sha256WithRSAEncryption
5f:f6:ee:bc:a9:b1:fb:3e:d0:09:30:54:af:f3:5a:76:5f:3f:
2d:cf:6f:38:00:7f:25:df:69:be:52:d4:a6:82:cd:db:ac:dc:
65:a8:9a:3b:68:c4:3e:a6:a1:42:69:51:c1:87:30:f0:4d:9e:
99:67:77:e9:79:36:3d:25:d1:9e:ea:13:8b:f2:68:c3:e7:37:
2f:ee:24:d9:72:f2:e8:e1:d9:a8:b6:b1:a0:c7:b8:ed:bc:b4:
12:4f:f4:74:b2:34:ff:af:e2:de:c7:78:b1:c6:d6:51:72:9e:
57:14:e9:24:68:34:f7:fe:32:4b:ca:d6:a7:d2:4b:39:5c:89:
67:e8:b1:68:39:f5:0b:63:f5:23:00:c8:0a:3c:e9:99:6e:0e:
21:e3:57:99:49:2c:f0:6a:cd:d8:0d:e6:0e:d2:e2:be:b1:e0:
3b:bf:ce:92:de:78:05:35:00:02:3f:9e:df:b4:2f:0b:4e:1e:
82:37:8a:ee:87:b0:50:b3:d8:7a:3f:51:a6:6b:4d:8e:67:b5:
1f:57:3f:72:d3:15:af:8c:dc:33:71:ee:d4:58:6f:93:ea:54:
3f:f0:27:41:f2:f9:ec:05:cf:99:c9:f7:88:69:eb:f6:bc:66:
b4:cd:82:d8:60:94:32:36:cc:c1:9b:1b:c7:a1:5d:c3:8b:48:
d6:7b:eb:b9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZSXs3APxuxLqTxDj5jNFD66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NWY3NjI3NGM4MDVkMjViMTE1YTNhZGJhMWQyZWExNTRk
ZWVhZDcwHhcNMjUwMTI0MDk0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTY2ZjE5MTczMTNkNDA2ZTk0MjJiMDQwZGMyNGFlOTc4OGFjYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXLsslc0+AY3F1DquNrL02pDlsd1
O/Bt3yGdmqdVtv+9tfl7cvYAtiL9Te46Wbsd+2dBxxor0KpqOsQI96nGLBkFVGCi
LD0F63IAYNhbUhMulkc4XXGX8i8PtDqOu3CZGHFh8xYt8RDjyN8IcfaHz6i6Z/Qn
A/r4+YSp564CaUL/UUVsN+GevTbfUvSYS9keqPfSPISEvgI1/ThHnss6/cABfCyL
sorkLm7dQJsfy9jjX8HZVZ32/7DjCb5oLzo1x4DefJbY2CAS1jnWFPNxNFMRNrNm
w/MkEMEzwWV8tqzZ98uI/eDazZv9HdMlSHzdePA/jDerzQODhIOmlLT8awIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCVm8ZFzE9QG6UIrBA3CSul4iswdMB8GA1UdIwQY
MBaAFEhfdidMgF0lsRWjrbodLqFU3urXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0Y5MkoweUFYU1d4RmFPdHVoMHVvVlRlNnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ODViNTMtNmYxMS00MWRiLWJlYWQt
NDNlYWY3NTY3Y2FhLzEvSldieGtYTVQxQWJwUWlzRURjSks2WGlLekIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ODViNTMtNmYxMS00MWRiLWJlYWQtNDNlYWY3NTY3Y2Fh
LzEvU0Y5MkoweUFYU1d4RmFPdHVoMHVvVlRlNnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLY1UAwQA
W9yjAwQAwhoZAwQAwhodAwQAwhpFMA0EAgACMAcDBQMqC37AMA0GCSqGSIb3DQEB
CwUAA4IBAQBf9u68qbH7PtAJMFSv81p2Xz8tz284AH8l32m+UtSmgs3brNxlqJo7
aMQ+pqFCaVHBhzDwTZ6ZZ3fpeTY9JdGe6hOL8mjD5zcv7iTZcvLo4dmotrGgx7jt
vLQST/R0sjT/r+Lex3ixxtZRcp5XFOkkaDT3/jJLytan0ks5XIln6LFoOfULY/Uj
AMgKPOmZbg4h41eZSSzwas3YDeYO0uK+seA7v86S3ngFNQACP57ftC8LTh6CN4ru
h7BQs9h6P1Gma02OZ7UfVz9y0xWvjNwzce7UWG+T6lQ/8CdB8vnsBc+ZyfeIaev2
vGa0zYLYYJQyNszBmxvHoV3Di0jWe+u5
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:44:27 2025 by rpki-client