Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/55e138-56da-4492-a1f2-db04f21390a0/1/yCFTDAjAsaJLNl8E_LJGSjy8D0Y.roa
File: yCFTDAjAsaJLNl8E_LJGSjy8D0Y.roa (raw, json)
Hash identifier: 8ak/iE1MogNbSCZ97ilFzI246ohpoM35OGkp4ZMBEY4=
Subject key identifier: C8:21:53:0C:08:C0:B1:A2:4B:36:5F:04:FC:B2:46:4A:3C:BC:0F:46
Certificate issuer: /CN=48171672d53fdf8b2537764f537e365a5927bdaf
Certificate serial: 0194221FE9F218699F32AA68150ED790D4D8
Authority key identifier: 48:17:16:72:D5:3F:DF:8B:25:37:76:4F:53:7E:36:5A:59:27:BD:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SBcWctU_34slN3ZPU342Wlknva8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/55e138-56da-4492-a1f2-db04f21390a0/1/yCFTDAjAsaJLNl8E_LJGSjy8D0Y.roa
Signing time: Wed 01 Jan 2025 13:48:24 +0000
ROA not before: Wed 01 Jan 2025 13:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21056
IP address blocks: 45.84.140.0/22 maxlen: 32
45.143.36.0/22 maxlen: 32
45.151.12.0/22 maxlen: 32
45.151.64.0/22 maxlen: 32
46.44.192.0/18 maxlen: 32
78.152.96.0/19 maxlen: 32
79.135.32.0/19 maxlen: 32
80.93.128.0/20 maxlen: 32
83.137.56.0/21 maxlen: 24
87.247.232.0/21 maxlen: 32
91.143.192.0/20 maxlen: 32
94.138.160.0/19 maxlen: 32
103.26.124.0/22 maxlen: 22
103.43.232.0/22 maxlen: 22
103.61.184.0/22 maxlen: 22
103.248.184.0/22 maxlen: 24
103.248.186.0/24 maxlen: 24
109.122.208.0/21 maxlen: 21
144.48.192.0/22 maxlen: 32
185.125.64.0/22 maxlen: 22
185.158.116.0/22 maxlen: 32
185.170.36.0/22 maxlen: 32
185.224.60.0/22 maxlen: 32
185.224.104.0/22 maxlen: 32
185.230.92.0/22 maxlen: 32
185.230.192.0/22 maxlen: 32
185.230.232.0/22 maxlen: 32
185.231.160.0/22 maxlen: 32
185.234.164.0/22 maxlen: 32
185.241.20.0/22 maxlen: 32
188.240.32.0/22 maxlen: 22
193.124.240.0/22 maxlen: 22
194.58.216.0/22 maxlen: 22
213.182.64.0/19 maxlen: 32
2a00:14f8::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e9:f2:18:69:9f:32:aa:68:15:0e:d7:90:d4:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48171672d53fdf8b2537764f537e365a5927bdaf
Validity
Not Before: Jan 1 13:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c821530c08c0b1a24b365f04fcb2464a3cbc0f46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ee:d7:13:1e:00:49:bd:38:a5:21:87:82:48:
1e:5c:33:cf:94:b8:54:bf:ca:c6:d4:54:c6:4c:e8:
04:c9:ea:98:4a:1c:4a:8a:10:91:8a:89:fa:28:5f:
a0:38:d3:2c:ad:4f:04:15:b7:43:9a:d3:31:6d:e7:
e0:12:15:fd:a5:79:93:05:cb:d0:91:0e:05:37:4a:
14:0d:3c:79:e1:87:72:68:36:4d:33:4a:d1:79:a2:
e5:53:26:55:a1:d8:3e:cf:a2:e1:75:8c:5c:eb:a8:
02:02:32:e1:56:26:f2:a0:c3:8e:b4:fe:ba:79:55:
64:17:be:b8:7f:3f:0d:d0:bc:23:3d:a2:e6:fb:14:
85:d4:9e:3d:b8:f9:bc:98:e0:47:96:8e:ef:32:45:
c4:b4:14:3b:5c:3e:74:ef:3d:74:87:5c:09:20:5f:
68:bd:32:49:94:00:00:72:6d:dd:7e:fa:bc:d3:45:
55:da:90:68:04:0a:ea:57:b0:6f:68:bd:93:4a:2d:
34:52:d5:05:f3:9d:9b:9e:3a:87:f7:1c:71:86:06:
ec:ad:08:cb:9b:01:c4:fd:3a:d4:13:1a:4c:ac:45:
71:96:52:34:72:d5:19:43:ee:2b:00:54:bd:3e:d3:
4b:8c:aa:fd:4f:d8:10:59:0f:95:dc:0b:0c:23:5f:
f0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:21:53:0C:08:C0:B1:A2:4B:36:5F:04:FC:B2:46:4A:3C:BC:0F:46
X509v3 Authority Key Identifier:
keyid:48:17:16:72:D5:3F:DF:8B:25:37:76:4F:53:7E:36:5A:59:27:BD:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SBcWctU_34slN3ZPU342Wlknva8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/55e138-56da-4492-a1f2-db04f21390a0/1/yCFTDAjAsaJLNl8E_LJGSjy8D0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/55e138-56da-4492-a1f2-db04f21390a0/1/SBcWctU_34slN3ZPU342Wlknva8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.140.0/22
45.143.36.0/22
45.151.12.0/22
45.151.64.0/22
46.44.192.0/18
78.152.96.0/19
79.135.32.0/19
80.93.128.0/20
83.137.56.0/21
87.247.232.0/21
91.143.192.0/20
94.138.160.0/19
103.26.124.0/22
103.43.232.0/22
103.61.184.0/22
103.248.184.0/22
109.122.208.0/21
144.48.192.0/22
185.125.64.0/22
185.158.116.0/22
185.170.36.0/22
185.224.60.0/22
185.224.104.0/22
185.230.92.0/22
185.230.192.0/22
185.230.232.0/22
185.231.160.0/22
185.234.164.0/22
185.241.20.0/22
188.240.32.0/22
193.124.240.0/22
194.58.216.0/22
213.182.64.0/19
IPv6:
2a00:14f8::/32
Signature Algorithm: sha256WithRSAEncryption
88:86:d9:4a:25:4d:45:0c:1b:3e:eb:77:49:04:7d:1d:25:9a:
57:54:b1:a2:d3:33:05:34:15:05:29:04:5e:9e:64:27:8a:b1:
55:25:b8:d2:ef:02:a7:32:32:8c:5f:05:e4:fd:99:9c:92:7a:
04:ce:c3:93:d0:4c:ee:34:44:f7:6d:39:c4:9b:5b:8e:2a:86:
db:ad:ce:36:fd:05:13:59:d9:2f:ac:5e:aa:e1:ef:70:3c:df:
f2:3d:6f:51:08:99:c1:1f:9c:5d:2d:90:4d:a6:e2:59:43:44:
ed:71:3c:65:91:b3:ad:ab:99:bf:fc:1c:bf:fb:58:cf:34:0f:
2b:cd:53:82:a5:80:23:ff:be:cc:a0:d4:c3:96:3e:e8:f7:48:
13:86:ce:ae:06:dd:de:e0:92:7e:82:91:5d:79:82:d7:f7:20:
7e:8e:f1:dd:19:1c:bb:d0:d2:e2:ac:75:e5:f0:66:34:a7:01:
e4:bf:15:eb:f7:15:d2:b4:94:82:dd:6b:45:af:aa:ac:16:06:
dc:b6:ee:a7:5a:2f:06:df:51:01:d1:6f:1f:f2:8f:ef:76:51:
83:43:db:61:f8:44:27:38:d1:af:84:62:4f:c1:fc:50:09:37:
e2:7c:7b:ca:d1:f3:87:a8:5b:c2:89:49:83:92:40:2f:56:18:
a7:c9:ee:ac
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgISAZQiH+nyGGmfMqpoFQ7XkNTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MTcxNjcyZDUzZmRmOGIyNTM3NzY0ZjUzN2UzNjVhNTky
N2JkYWYwHhcNMjUwMTAxMTM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODIxNTMwYzA4YzBiMWEyNGIzNjVmMDRmY2IyNDY0YTNjYmMwZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe7XEx4ASb04pSGHgkgeXDPPlLhU
v8rG1FTGTOgEyeqYShxKihCRion6KF+gONMsrU8EFbdDmtMxbefgEhX9pXmTBcvQ
kQ4FN0oUDTx54YdyaDZNM0rReaLlUyZVodg+z6LhdYxc66gCAjLhVibyoMOOtP66
eVVkF764fz8N0LwjPaLm+xSF1J49uPm8mOBHlo7vMkXEtBQ7XD507z10h1wJIF9o
vTJJlAAAcm3dfvq800VV2pBoBArqV7BvaL2TSi00UtUF852bnjqH9xxxhgbsrQjL
mwHE/TrUExpMrEVxllI0ctUZQ+4rAFS9PtNLjKr9T9gQWQ+V3AsMI1/wGwIDAQAB
o4IC3TCCAtkwHQYDVR0OBBYEFMghUwwIwLGiSzZfBPyyRko8vA9GMB8GA1UdIwQY
MBaAFEgXFnLVP9+LJTd2T1N+NlpZJ72vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0JjV2N0VV8zNHNsTjNaUFUzNDJXbGtudmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS81NWUxMzgtNTZkYS00NDkyLWExZjIt
ZGIwNGYyMTM5MGEwLzEveUNGVERBakFzYUpMTmw4RV9MSkdTank4RDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS81NWUxMzgtNTZkYS00NDkyLWExZjItZGIwNGYyMTM5MGEw
LzEvU0JjV2N0VV8zNHNsTjNaUFUzNDJXbGtudmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHyBggrBgEFBQcBBwEB/wSB4jCB3zCBzQQCAAEwgcYDBAIt
VIwDBAItjyQDBAItlwwDBAItl0ADBAYuLMADBAVOmGADBAVPhyADBARQXYADBANT
iTgDBANX9+gDBARbj8ADBAVeiqADBAJnGnwDBAJnK+gDBAJnPbgDBAJn+LgDBANt
etADBAKQMMADBAK5fUADBAK5nnQDBAK5qiQDBAK54DwDBAK54GgDBAK55lwDBAK5
5sADBAK55ugDBAK556ADBAK56qQDBAK58RQDBAK88CADBALBfPADBALCOtgDBAXV
tkAwDQQCAAIwBwMFACoAFPgwDQYJKoZIhvcNAQELBQADggEBAIiG2UolTUUMGz7r
d0kEfR0lmldUsaLTMwU0FQUpBF6eZCeKsVUluNLvAqcyMoxfBeT9mZySegTOw5PQ
TO40RPdtOcSbW44qhtutzjb9BRNZ2S+sXqrh73A83/I9b1EImcEfnF0tkE2m4llD
RO1xPGWRs62rmb/8HL/7WM80DyvNU4KlgCP/vsyg1MOWPuj3SBOGzq4G3d7gkn6C
kV15gtf3IH6O8d0ZHLvQ0uKsdeXwZjSnAeS/Fev3FdK0lILda0WvqqwWBty27qda
LwbfUQHRbx/yj+92UYND22H4RCc40a+EYk/B/FAJN+J8e8rR84eoW8KJSYOSQC9W
GKfJ7qw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:29:42 2025 by rpki-client