Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/4e2808-e8f4-42a7-a827-7abce600c218/1/00qMnebnoQ1q-0QpuHNtB2jC8kw.roa
File: 00qMnebnoQ1q-0QpuHNtB2jC8kw.roa (raw, json)
Hash identifier: eM8vkjcd9zZftIcrd2HQLTAzDHkkoGlg8veiHLYFAc4=
Subject key identifier: D3:4A:8C:9D:E6:E7:A1:0D:6A:FB:44:29:B8:73:6D:07:68:C2:F2:4C
Certificate issuer: /CN=7651762de3d3f19cedd438b03cf23986ce91727f
Certificate serial: 019423D7619DA0D241CC5B21DFF682B28791
Authority key identifier: 76:51:76:2D:E3:D3:F1:9C:ED:D4:38:B0:3C:F2:39:86:CE:91:72:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dlF2LePT8Zzt1DiwPPI5hs6Rcn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/4e2808-e8f4-42a7-a827-7abce600c218/1/00qMnebnoQ1q-0QpuHNtB2jC8kw.roa
Signing time: Wed 01 Jan 2025 21:48:25 +0000
ROA not before: Wed 01 Jan 2025 21:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34756
IP address blocks: 45.15.12.0/22 maxlen: 22
77.95.96.0/21 maxlen: 21
91.194.136.0/23 maxlen: 23
176.58.24.0/21 maxlen: 21
176.58.30.0/24 maxlen: 24
176.58.31.0/24 maxlen: 24
185.47.236.0/22 maxlen: 22
193.138.109.0/24 maxlen: 24
195.114.12.0/24 maxlen: 24
195.230.110.0/24 maxlen: 24
2a03:fc00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:61:9d:a0:d2:41:cc:5b:21:df:f6:82:b2:87:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7651762de3d3f19cedd438b03cf23986ce91727f
Validity
Not Before: Jan 1 21:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d34a8c9de6e7a10d6afb4429b8736d0768c2f24c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a5:a6:89:cf:61:39:70:65:b4:27:9d:51:5d:
40:30:df:41:0c:58:85:b1:30:3b:52:10:ba:78:7a:
97:ed:10:60:c4:45:92:ae:14:57:3f:b6:2a:ea:9f:
ca:02:fc:d8:9e:5e:67:1f:40:0f:9a:ea:f0:ce:4a:
85:7f:26:bc:c6:b2:c5:59:49:ec:e1:30:e5:04:a2:
a6:4a:e1:3b:8f:06:c4:f3:3a:a9:52:6e:6d:16:4d:
98:5c:a0:5b:6e:e0:93:00:66:db:44:f8:f3:75:97:
d1:c1:cd:c6:ee:4a:fe:07:fa:cf:81:d1:c9:ab:55:
82:bd:cb:72:4d:8a:a3:a5:c5:73:08:ef:75:7f:65:
70:fc:81:e2:8e:0b:b6:c4:7e:29:f0:ac:fa:f8:14:
ed:8c:1d:7c:8c:53:f5:f9:fa:7b:6d:4d:df:e6:04:
ce:21:79:0f:36:d6:e0:1a:8b:cf:db:d2:2f:97:e9:
ca:25:3b:d9:cd:44:73:dc:6e:66:21:0e:d8:c1:dc:
2f:78:d1:a5:32:96:59:c5:d3:60:5c:7c:a8:71:bc:
94:0e:b9:ed:40:eb:f3:10:5d:55:b6:27:85:b0:a3:
10:45:bc:13:ca:74:e0:bc:65:87:0a:00:dc:c4:5c:
66:21:c7:7f:f3:af:17:94:97:5b:f8:4c:e6:7b:8a:
23:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:4A:8C:9D:E6:E7:A1:0D:6A:FB:44:29:B8:73:6D:07:68:C2:F2:4C
X509v3 Authority Key Identifier:
keyid:76:51:76:2D:E3:D3:F1:9C:ED:D4:38:B0:3C:F2:39:86:CE:91:72:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dlF2LePT8Zzt1DiwPPI5hs6Rcn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e2808-e8f4-42a7-a827-7abce600c218/1/00qMnebnoQ1q-0QpuHNtB2jC8kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e2808-e8f4-42a7-a827-7abce600c218/1/dlF2LePT8Zzt1DiwPPI5hs6Rcn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.12.0/22
77.95.96.0/21
91.194.136.0/23
176.58.24.0/21
185.47.236.0/22
193.138.109.0/24
195.114.12.0/24
195.230.110.0/24
IPv6:
2a03:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
42:ba:df:8b:b6:87:57:de:cf:88:4d:8c:96:55:5e:f9:ab:a4:
41:8f:c4:88:76:0e:e8:d0:d1:ea:78:14:96:91:3d:b8:8e:38:
36:45:c5:f9:ea:5a:97:9d:7f:17:5d:02:1d:51:2f:9e:17:be:
bc:45:cb:a9:00:99:77:d8:32:19:d5:21:03:95:0e:92:15:31:
98:36:32:ec:aa:48:dc:f1:7d:d7:1d:8c:78:e2:7f:4d:c0:ae:
f8:3e:af:b6:1a:ba:cb:4d:70:11:fb:86:65:34:6a:b3:fc:e8:
95:0b:4a:1f:3a:61:2b:4a:50:cd:73:b1:7d:15:1d:ee:49:c6:
21:87:aa:d0:63:7c:3d:c0:27:0e:49:bf:d2:b0:26:b4:76:e4:
40:d6:11:e3:35:56:23:ae:e8:a2:d0:b4:d2:5f:ac:40:b2:06:
10:57:1e:cb:a3:e8:59:fa:b5:df:7e:a9:31:0c:d6:17:67:5b:
d8:09:ae:6b:b4:8f:3a:fe:3d:84:e3:58:cb:74:79:5d:66:8d:
85:9a:b4:06:22:e9:1e:dd:9f:3e:ef:b2:6e:bd:1c:0a:9d:c4:
41:18:bd:be:54:22:bd:12:71:15:64:1a:86:b8:b9:5c:5d:a2:
48:81:7e:92:06:81:ba:ab:6c:8d:b0:26:1f:38:8e:dd:a3:08:
2c:d6:71:5f
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQj12GdoNJBzFsh3/aCsoeRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NTE3NjJkZTNkM2YxOWNlZGQ0MzhiMDNjZjIzOTg2Y2U5
MTcyN2YwHhcNMjUwMTAxMjE0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzRhOGM5ZGU2ZTdhMTBkNmFmYjQ0MjliODczNmQwNzY4YzJmMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaWmic9hOXBltCedUV1AMN9BDFiF
sTA7UhC6eHqX7RBgxEWSrhRXP7Yq6p/KAvzYnl5nH0APmurwzkqFfya8xrLFWUns
4TDlBKKmSuE7jwbE8zqpUm5tFk2YXKBbbuCTAGbbRPjzdZfRwc3G7kr+B/rPgdHJ
q1WCvctyTYqjpcVzCO91f2Vw/IHijgu2xH4p8Kz6+BTtjB18jFP1+fp7bU3f5gTO
IXkPNtbgGovP29Ivl+nKJTvZzURz3G5mIQ7YwdwveNGlMpZZxdNgXHyocbyUDrnt
QOvzEF1VtieFsKMQRbwTynTgvGWHCgDcxFxmIcd/868XlJdb+Ezme4ojWwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNNKjJ3m56ENavtEKbhzbQdowvJMMB8GA1UdIwQY
MBaAFHZRdi3j0/Gc7dQ4sDzyOYbOkXJ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGxGMkxlUFQ4Wnp0MURpd1BQSTVoczZSY244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC80ZTI4MDgtZThmNC00MmE3LWE4Mjct
N2FiY2U2MDBjMjE4LzEvMDBxTW5lYm5vUTFxLTBRcHVITnRCMmpDOGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC80ZTI4MDgtZThmNC00MmE3LWE4MjctN2FiY2U2MDBjMjE4
LzEvZGxGMkxlUFQ4Wnp0MURpd1BQSTVoczZSY244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCLQ8MAwQD
TV9gAwQBW8KIAwQDsDoYAwQCuS/sAwQAwYptAwQAw3IMAwQAw+ZuMA0EAgACMAcD
BQMqA/wAMA0GCSqGSIb3DQEBCwUAA4IBAQBCut+LtodX3s+ITYyWVV75q6RBj8SI
dg7o0NHqeBSWkT24jjg2RcX56lqXnX8XXQIdUS+eF768RcupAJl32DIZ1SEDlQ6S
FTGYNjLsqkjc8X3XHYx44n9NwK74Pq+2GrrLTXAR+4ZlNGqz/OiVC0ofOmErSlDN
c7F9FR3uScYhh6rQY3w9wCcOSb/SsCa0duRA1hHjNVYjruii0LTSX6xAsgYQVx7L
o+hZ+rXffqkxDNYXZ1vYCa5rtI86/j2E41jLdHldZo2FmrQGIuke3Z8+77JuvRwK
ncRBGL2+VCK9EnEVZBqGuLlcXaJIgX6SBoG6q2yNsCYfOI7dowgs1nFf
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:21:39 2025 by rpki-client