Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/zo9Y2aPXtg0v5rw18Mi_WOQc36Y.roa
File: zo9Y2aPXtg0v5rw18Mi_WOQc36Y.roa (raw, json)
Hash identifier: v9STSvD6P0pmUA0gxCp1HPZofea00hykboqUh1BCCCs=
Subject key identifier: CE:8F:58:D9:A3:D7:B6:0D:2F:E6:BC:35:F0:C8:BF:58:E4:1C:DF:A6
Certificate issuer: /CN=0d784bd96a44bc361d13344d54c8bc51ff67a802
Certificate serial: 019425217FC0556CA7E914CFE5E3C99E2697
Authority key identifier: 0D:78:4B:D9:6A:44:BC:36:1D:13:34:4D:54:C8:BC:51:FF:67:A8:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/zo9Y2aPXtg0v5rw18Mi_WOQc36Y.roa
Signing time: Thu 02 Jan 2025 03:48:59 +0000
ROA not before: Thu 02 Jan 2025 03:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198401
IP address blocks: 45.82.144.0/22 maxlen: 22
91.234.12.0/22 maxlen: 22
185.96.52.0/22 maxlen: 22
185.146.244.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7f:c0:55:6c:a7:e9:14:cf:e5:e3:c9:9e:26:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d784bd96a44bc361d13344d54c8bc51ff67a802
Validity
Not Before: Jan 2 03:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce8f58d9a3d7b60d2fe6bc35f0c8bf58e41cdfa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:63:46:1e:79:df:a4:ed:e7:0a:ec:2a:a5:0d:
01:82:ac:96:66:07:c9:bd:3d:36:0c:85:12:37:08:
51:0c:08:8c:22:21:97:f7:3a:ed:03:63:8d:30:96:
ca:a9:3c:bc:2e:41:b5:40:9c:dd:05:33:2f:99:f5:
64:64:a8:6e:51:2e:3c:72:fa:44:55:71:3f:21:26:
52:12:88:a7:df:8f:b7:b0:fe:a6:34:e4:db:0c:97:
4d:bb:b6:aa:6b:e3:63:c7:50:45:5d:05:e2:6c:b4:
d6:92:ba:a6:2e:96:32:a9:fe:27:11:32:73:c8:30:
10:f0:f1:61:3d:01:70:77:06:21:8f:99:45:81:68:
0e:2b:61:f6:fb:af:9c:21:25:ca:d9:25:c8:f2:87:
35:70:e3:50:62:51:66:11:51:67:69:bf:34:69:62:
ba:a6:b3:7a:b3:2d:1d:0e:76:77:ff:10:e7:bd:bb:
34:7b:95:7f:4d:04:26:c9:22:dc:0f:4d:e6:03:43:
a7:a1:6b:5d:a9:1d:ba:76:a0:8f:b4:dc:67:f1:0b:
03:8a:97:20:7f:15:74:a2:67:15:5f:af:03:e6:01:
de:d8:77:12:11:05:fb:ba:9c:c0:f8:0e:15:cb:fc:
0f:b8:01:82:b9:4f:fb:a8:78:b3:6f:e0:d3:18:ca:
0a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:8F:58:D9:A3:D7:B6:0D:2F:E6:BC:35:F0:C8:BF:58:E4:1C:DF:A6
X509v3 Authority Key Identifier:
keyid:0D:78:4B:D9:6A:44:BC:36:1D:13:34:4D:54:C8:BC:51:FF:67:A8:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/zo9Y2aPXtg0v5rw18Mi_WOQc36Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.144.0/22
91.234.12.0/22
185.96.52.0/22
185.146.244.0/22
Signature Algorithm: sha256WithRSAEncryption
70:9c:32:5d:1f:7e:2c:3e:eb:e1:da:74:04:21:8f:f3:08:35:
5d:e3:0e:0b:35:34:ff:90:c4:39:93:68:31:bd:cd:7a:02:2a:
16:9a:e1:aa:df:85:45:c8:65:e5:3d:28:bf:d2:10:c8:6d:cb:
a4:a0:9e:f1:41:4e:3a:d6:fe:0a:1e:7e:cb:cc:87:9c:1e:c3:
c3:86:0b:40:42:12:df:23:db:1d:68:58:0d:72:a5:15:bd:46:
a2:75:d5:62:c9:e9:04:da:c5:9b:29:07:dd:f1:b4:4d:77:88:
12:c4:5d:ed:c1:7a:48:e7:a2:0e:9d:a4:fc:30:26:ad:cc:e2:
29:5b:9b:24:d5:53:cf:74:da:c6:25:07:63:95:bb:56:f3:5d:
e0:6c:10:d7:f8:c2:f8:4e:7c:b3:7e:73:83:bc:3b:0b:06:e7:
b7:1c:f1:b5:80:0b:ce:4b:f1:cb:0e:19:ed:9f:f2:c4:20:5a:
70:df:53:29:6f:f2:cb:b3:6d:a0:96:50:44:90:96:22:fb:15:
b4:f9:cf:89:ee:03:c2:98:62:a2:19:1f:9c:c4:2d:5c:49:4e:
83:e5:e2:ed:47:43:a8:b9:e3:e7:d7:c8:2c:c3:4a:b5:87:08:
8a:15:dc:37:c3:75:fb:06:97:d3:f6:76:a3:f1:e8:4b:ac:3f:
ec:e1:4c:d6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQlIX/AVWyn6RTP5ePJniaXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzg0YmQ5NmE0NGJjMzYxZDEzMzQ0ZDU0YzhiYzUxZmY2
N2E4MDIwHhcNMjUwMTAyMDM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZThmNThkOWEzZDdiNjBkMmZlNmJjMzVmMGM4YmY1OGU0MWNkZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WNGHnnfpO3nCuwqpQ0BgqyWZgfJ
vT02DIUSNwhRDAiMIiGX9zrtA2ONMJbKqTy8LkG1QJzdBTMvmfVkZKhuUS48cvpE
VXE/ISZSEoin34+3sP6mNOTbDJdNu7aqa+Njx1BFXQXibLTWkrqmLpYyqf4nETJz
yDAQ8PFhPQFwdwYhj5lFgWgOK2H2+6+cISXK2SXI8oc1cONQYlFmEVFnab80aWK6
prN6sy0dDnZ3/xDnvbs0e5V/TQQmySLcD03mA0OnoWtdqR26dqCPtNxn8QsDipcg
fxV0omcVX68D5gHe2HcSEQX7upzA+A4Vy/wPuAGCuU/7qHizb+DTGMoK9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM6PWNmj17YNL+a8NfDIv1jkHN+mMB8GA1UdIwQY
MBaAFA14S9lqRLw2HRM0TVTIvFH/Z6gCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80MjVjMjQtYmZlMC00NzkwLWIyNTAt
ZDRjNjZmNGYzYjZlLzEvem85WTJhUFh0ZzB2NXJ3MThNaV9XT1FjMzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80MjVjMjQtYmZlMC00NzkwLWIyNTAtZDRjNjZmNGYzYjZl
LzEvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVKQAwQC
W+oMAwQCuWA0AwQCuZL0MA0GCSqGSIb3DQEBCwUAA4IBAQBwnDJdH34sPuvh2nQE
IY/zCDVd4w4LNTT/kMQ5k2gxvc16AioWmuGq34VFyGXlPSi/0hDIbcukoJ7xQU46
1v4KHn7LzIecHsPDhgtAQhLfI9sdaFgNcqUVvUaiddViyekE2sWbKQfd8bRNd4gS
xF3twXpI56IOnaT8MCatzOIpW5sk1VPPdNrGJQdjlbtW813gbBDX+ML4TnyzfnOD
vDsLBue3HPG1gAvOS/HLDhntn/LEIFpw31Mpb/LLs22gllBEkJYi+xW0+c+J7gPC
mGKiGR+cxC1cSU6D5eLtR0OouePn18gsw0q1hwiKFdw3w3X7BpfT9naj8ehLrD/s
4UzW
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:31:37 2025 by rpki-client