Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/064794-2c36-43d6-b800-739d62669f91/1/gX7yqrsOZn21TglKYSwC7nvDyYU.roa
File: gX7yqrsOZn21TglKYSwC7nvDyYU.roa (raw, json)
Hash identifier: OPLFwfaXc7vtj9ls4Hz8OLeHPQAJ08mEvbmGmH8DGlg=
Subject key identifier: 81:7E:F2:AA:BB:0E:66:7D:B5:4E:09:4A:61:2C:02:EE:7B:C3:C9:85
Certificate issuer: /CN=db1da321843f9fad138e6115d85bee8a920b8e1d
Certificate serial: 0194258E27B18DF9E4799B3C9912C52005BB
Authority key identifier: DB:1D:A3:21:84:3F:9F:AD:13:8E:61:15:D8:5B:EE:8A:92:0B:8E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2x2jIYQ_n60TjmEV2FvuipILjh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/064794-2c36-43d6-b800-739d62669f91/1/gX7yqrsOZn21TglKYSwC7nvDyYU.roa
Signing time: Thu 02 Jan 2025 05:47:40 +0000
ROA not before: Thu 02 Jan 2025 05:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24603
IP address blocks: 45.152.100.0/22 maxlen: 24
185.105.80.0/22 maxlen: 24
193.108.179.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:27:b1:8d:f9:e4:79:9b:3c:99:12:c5:20:05:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db1da321843f9fad138e6115d85bee8a920b8e1d
Validity
Not Before: Jan 2 05:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=817ef2aabb0e667db54e094a612c02ee7bc3c985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:34:03:5c:80:ed:c5:9e:29:29:53:46:9e:85:
f0:88:d3:01:9b:74:4d:68:1f:84:64:90:7c:86:10:
2a:7d:e5:00:21:47:3e:72:7d:38:ba:7e:84:85:72:
95:13:46:e9:37:d3:1f:be:fa:d8:fd:07:b2:c6:4d:
58:99:3e:8d:92:20:83:ac:36:f4:41:a7:df:68:6d:
5d:16:7f:58:2e:a9:9c:81:eb:d1:0f:3d:6a:c3:70:
88:ac:85:75:4a:cf:e0:c6:d4:0a:a7:1b:0b:77:93:
60:17:76:c0:9b:7a:3d:0f:1b:b3:8a:5e:0b:d2:8f:
53:8a:b2:ec:57:8a:f8:7a:87:6b:08:81:93:45:26:
94:d4:53:53:1d:e7:93:69:cd:ed:fd:f9:2e:37:a2:
33:4a:a7:3b:ec:cd:38:8a:82:33:18:fa:7f:38:6f:
c8:c6:36:72:25:f9:9d:20:ed:bb:b9:aa:25:29:53:
0a:d4:81:89:79:23:ad:59:e8:12:ea:80:b3:3b:aa:
a5:3e:37:75:46:a5:a0:cd:ef:0a:01:3f:db:8f:3c:
a0:27:17:ca:25:2b:46:c6:d7:e2:b6:9e:ea:3c:3b:
86:64:0d:fe:a6:09:43:dd:cc:a4:34:79:df:73:1f:
3c:0a:72:de:7f:32:95:97:f3:f1:a7:fb:c9:e4:ae:
68:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:7E:F2:AA:BB:0E:66:7D:B5:4E:09:4A:61:2C:02:EE:7B:C3:C9:85
X509v3 Authority Key Identifier:
keyid:DB:1D:A3:21:84:3F:9F:AD:13:8E:61:15:D8:5B:EE:8A:92:0B:8E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2x2jIYQ_n60TjmEV2FvuipILjh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/064794-2c36-43d6-b800-739d62669f91/1/gX7yqrsOZn21TglKYSwC7nvDyYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/064794-2c36-43d6-b800-739d62669f91/1/2x2jIYQ_n60TjmEV2FvuipILjh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.100.0/22
185.105.80.0/22
193.108.179.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:e5:e3:30:85:4e:1c:b5:b7:34:6e:90:d5:3b:a7:ed:f3:12:
9d:46:ee:46:b7:1b:5a:d5:5c:a2:da:0a:a2:7b:b4:67:e0:10:
d3:5a:0a:9a:10:42:77:5d:7b:9f:94:8d:93:a5:67:d1:0a:f7:
ce:4f:1c:12:92:c3:96:e5:f2:ec:3e:4a:63:77:f0:b8:e0:35:
ef:38:ca:3c:10:4a:93:57:35:de:ce:0f:6e:24:53:8f:d5:ec:
52:5d:ee:cc:57:d9:e0:de:4c:1d:7b:81:56:5b:b6:0f:b2:0c:
c3:b6:17:09:1c:91:e4:d3:3b:53:fd:12:cc:f1:43:be:9f:ec:
8b:bb:1c:7a:57:d5:71:b9:b3:b5:ae:0a:bd:48:12:ab:6b:52:
be:c0:f7:be:4a:38:06:40:75:db:45:ea:78:d4:b4:9f:7b:f8:
06:b8:71:43:08:09:2c:80:40:66:f5:8f:a0:5f:fc:08:0f:57:
39:fa:09:e9:fe:96:e5:cf:e7:ad:ac:be:51:d9:ff:e4:2c:5e:
68:00:60:a8:7e:80:0c:21:69:a6:34:46:43:97:4a:7b:1f:b8:
86:3e:7b:d8:f5:43:a7:77:9c:4c:7d:ca:82:0a:4a:fe:4a:7b:
0f:2b:d3:5a:29:6a:a4:2b:b7:9b:90:24:ae:3a:ac:36:17:94:
99:bb:79:9b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQljiexjfnkeZs8mRLFIAW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWRhMzIxODQzZjlmYWQxMzhlNjExNWQ4NWJlZThhOTIw
YjhlMWQwHhcNMjUwMTAyMDU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTdlZjJhYWJiMGU2NjdkYjU0ZTA5NGE2MTJjMDJlZTdiYzNjOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTQDXIDtxZ4pKVNGnoXwiNMBm3RN
aB+EZJB8hhAqfeUAIUc+cn04un6EhXKVE0bpN9MfvvrY/Qeyxk1YmT6NkiCDrDb0
QaffaG1dFn9YLqmcgevRDz1qw3CIrIV1Ss/gxtQKpxsLd5NgF3bAm3o9Dxuzil4L
0o9TirLsV4r4eodrCIGTRSaU1FNTHeeTac3t/fkuN6IzSqc77M04ioIzGPp/OG/I
xjZyJfmdIO27uaolKVMK1IGJeSOtWegS6oCzO6qlPjd1RqWgze8KAT/bjzygJxfK
JStGxtfitp7qPDuGZA3+pglD3cykNHnfcx88CnLefzKVl/Pxp/vJ5K5oBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIF+8qq7DmZ9tU4JSmEsAu57w8mFMB8GA1UdIwQY
MBaAFNsdoyGEP5+tE45hFdhb7oqSC44dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMngyaklZUV9uNjBUam1FVjJGdnVpcElMamgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8wNjQ3OTQtMmMzNi00M2Q2LWI4MDAt
NzM5ZDYyNjY5ZjkxLzEvZ1g3eXFyc09abjIxVGdsS1lTd0M3bnZEeVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8wNjQ3OTQtMmMzNi00M2Q2LWI4MDAtNzM5ZDYyNjY5Zjkx
LzEvMngyaklZUV9uNjBUam1FVjJGdnVpcElMamgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZhkAwQC
uWlQAwQAwWyzMA0GCSqGSIb3DQEBCwUAA4IBAQAa5eMwhU4ctbc0bpDVO6ft8xKd
Ru5Gtxta1Vyi2gqie7Rn4BDTWgqaEEJ3XXuflI2TpWfRCvfOTxwSksOW5fLsPkpj
d/C44DXvOMo8EEqTVzXezg9uJFOP1exSXe7MV9ng3kwde4FWW7YPsgzDthcJHJHk
0ztT/RLM8UO+n+yLuxx6V9VxubO1rgq9SBKra1K+wPe+SjgGQHXbRep41LSfe/gG
uHFDCAksgEBm9Y+gX/wID1c5+gnp/pblz+etrL5R2f/kLF5oAGCofoAMIWmmNEZD
l0p7H7iGPnvY9UOnd5xMfcqCCkr+SnsPK9NaKWqkK7ebkCSuOqw2F5SZu3mb
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:04:15 2025 by rpki-client