Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/5b4185-b080-498e-8cc7-6a6af5b74d38/1/P2hEWY-aar-dzWHdyJ4OOTkwmBc.roa
File: P2hEWY-aar-dzWHdyJ4OOTkwmBc.roa (raw, json)
Hash identifier: +j7M+pZlJGOmKDr8VwAwOw7PlY+S6nVr/7YwvIROH/8=
Subject key identifier: 3F:68:44:59:8F:9A:6A:BF:9D:CD:61:DD:C8:9E:0E:39:39:30:98:17
Certificate issuer: /CN=d2323101b29596ff442d3749373b8e9983354670
Certificate serial: 01942444B267038E4AB304FD2C8C654A4B72
Authority key identifier: D2:32:31:01:B2:95:96:FF:44:2D:37:49:37:3B:8E:99:83:35:46:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jIxAbKVlv9ELTdJNzuOmYM1RnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/5b4185-b080-498e-8cc7-6a6af5b74d38/1/P2hEWY-aar-dzWHdyJ4OOTkwmBc.roa
Signing time: Wed 01 Jan 2025 23:47:49 +0000
ROA not before: Wed 01 Jan 2025 23:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44125
IP address blocks: 45.152.24.0/22 maxlen: 22
45.152.24.0/24 maxlen: 24
45.152.25.0/24 maxlen: 24
45.152.26.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:b2:67:03:8e:4a:b3:04:fd:2c:8c:65:4a:4b:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2323101b29596ff442d3749373b8e9983354670
Validity
Not Before: Jan 1 23:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f6844598f9a6abf9dcd61ddc89e0e3939309817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:34:87:cd:5a:57:6d:52:36:42:e5:d8:37:8d:
bc:17:c8:de:4d:cd:01:fe:06:0a:29:f4:a4:5a:28:
46:bd:0c:72:81:20:0e:53:44:fb:5d:39:18:d1:8e:
fe:25:a4:4f:35:c7:a9:03:cc:0b:d5:ae:b6:10:ef:
d1:91:37:2e:99:9b:95:51:d8:bc:c5:da:de:ef:e5:
28:e6:3a:82:cd:f2:eb:f7:82:85:9d:bf:a5:ca:7b:
cb:d4:ab:17:c0:8c:bb:9a:76:25:bc:8e:56:43:64:
77:fd:d0:8f:37:e7:26:e4:ae:b3:8e:ec:81:48:63:
05:c7:76:44:d5:b2:81:f7:e6:8d:64:da:b5:f5:8e:
37:cb:60:38:fe:d0:a7:d5:bc:c8:64:68:f0:df:85:
91:57:c5:55:2f:04:05:bc:29:b0:c4:a7:41:7a:c2:
c7:cb:83:5a:3b:0e:00:32:43:d4:7e:a1:82:23:82:
ba:c8:17:05:5c:20:b8:aa:89:d6:81:76:ec:3b:e9:
ee:a3:f5:61:ae:80:fd:1a:3c:a4:cc:97:4d:d1:52:
5c:3d:56:1d:58:c6:fe:b0:fd:a0:4c:ee:02:d6:f8:
aa:1a:ef:aa:f4:1a:18:50:81:29:38:db:7d:0f:14:
37:5c:c7:d3:c9:b1:1c:5e:5f:02:e3:da:72:c5:9b:
eb:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:68:44:59:8F:9A:6A:BF:9D:CD:61:DD:C8:9E:0E:39:39:30:98:17
X509v3 Authority Key Identifier:
keyid:D2:32:31:01:B2:95:96:FF:44:2D:37:49:37:3B:8E:99:83:35:46:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jIxAbKVlv9ELTdJNzuOmYM1RnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5b4185-b080-498e-8cc7-6a6af5b74d38/1/P2hEWY-aar-dzWHdyJ4OOTkwmBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5b4185-b080-498e-8cc7-6a6af5b74d38/1/0jIxAbKVlv9ELTdJNzuOmYM1RnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.24.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:6a:4b:b9:90:3e:02:39:08:78:aa:86:38:84:75:60:de:6a:
39:e8:60:13:02:38:5e:61:9e:8a:ae:f7:78:9c:59:8c:07:54:
f9:27:e4:03:25:de:c3:7e:86:fe:2e:97:da:5f:f4:42:c1:f0:
67:ff:ec:ee:64:db:41:82:34:91:a9:c7:df:7a:10:80:00:b9:
08:fa:f6:31:47:c7:c2:2a:62:c9:ef:ed:90:29:47:7b:52:d2:
e8:8a:e2:59:03:6b:15:80:19:04:0b:fc:7d:b1:c4:f6:4f:8b:
17:f4:46:b8:76:d8:37:7a:66:9c:1a:4b:c2:cc:47:79:b7:f9:
08:77:ee:5c:8c:58:46:55:8f:1a:ee:5f:e7:c2:e9:03:7a:34:
a7:ab:94:bc:92:d2:3c:2f:aa:bd:34:5d:3a:f3:e4:a2:e7:db:
fa:e2:9e:d0:ef:d6:2f:af:61:e1:ea:16:52:6a:27:a7:70:d4:
92:6a:0c:b7:9a:9f:d9:a0:1c:25:85:9a:39:90:03:d3:e1:33:
e8:17:54:07:67:14:27:37:fc:42:6d:ef:fc:a1:ba:08:78:77:
09:19:2c:19:1b:29:9f:db:ad:f6:91:fc:89:8e:19:75:78:44:
8a:49:73:7f:0a:bb:cd:aa:1f:78:5e:27:b3:a9:42:37:b7:a2:
05:4f:fb:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRLJnA45KswT9LIxlSktyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzIzMTAxYjI5NTk2ZmY0NDJkMzc0OTM3M2I4ZTk5ODMz
NTQ2NzAwHhcNMjUwMTAxMjM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjY4NDQ1OThmOWE2YWJmOWRjZDYxZGRjODllMGUzOTM5MzA5ODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjSHzVpXbVI2QuXYN428F8jeTc0B
/gYKKfSkWihGvQxygSAOU0T7XTkY0Y7+JaRPNcepA8wL1a62EO/RkTcumZuVUdi8
xdre7+Uo5jqCzfLr94KFnb+lynvL1KsXwIy7mnYlvI5WQ2R3/dCPN+cm5K6zjuyB
SGMFx3ZE1bKB9+aNZNq19Y43y2A4/tCn1bzIZGjw34WRV8VVLwQFvCmwxKdBesLH
y4NaOw4AMkPUfqGCI4K6yBcFXCC4qonWgXbsO+nuo/VhroD9GjykzJdN0VJcPVYd
WMb+sP2gTO4C1viqGu+q9BoYUIEpONt9DxQ3XMfTybEcXl8C49pyxZvrtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD9oRFmPmmq/nc1h3cieDjk5MJgXMB8GA1UdIwQY
MBaAFNIyMQGylZb/RC03STc7jpmDNUZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpJeEFiS1ZsdjlFTFRkSk56dU9tWU0xUm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS81YjQxODUtYjA4MC00OThlLThjYzct
NmE2YWY1Yjc0ZDM4LzEvUDJoRVdZLWFhci1keldIZHlKNE9PVGt3bUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS81YjQxODUtYjA4MC00OThlLThjYzctNmE2YWY1Yjc0ZDM4
LzEvMGpJeEFiS1ZsdjlFTFRkSk56dU9tWU0xUm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZgYMA0G
CSqGSIb3DQEBCwUAA4IBAQCqaku5kD4COQh4qoY4hHVg3mo56GATAjheYZ6Krvd4
nFmMB1T5J+QDJd7Dfob+LpfaX/RCwfBn/+zuZNtBgjSRqcffehCAALkI+vYxR8fC
KmLJ7+2QKUd7UtLoiuJZA2sVgBkEC/x9scT2T4sX9Ea4dtg3emacGkvCzEd5t/kI
d+5cjFhGVY8a7l/nwukDejSnq5S8ktI8L6q9NF068+Si59v64p7Q79Yvr2Hh6hZS
aiencNSSagy3mp/ZoBwlhZo5kAPT4TPoF1QHZxQnN/xCbe/8oboIeHcJGSwZGymf
2632kfyJjhl1eESKSXN/CrvNqh94XiezqUI3t6IFT/t4
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:29:02 2025 by rpki-client