Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/7c3a18-0ec9-4157-bf5a-5207f664df21/1/g3b-X86nv3p6U9DOq4hCU_Dnmdo.roa
File: g3b-X86nv3p6U9DOq4hCU_Dnmdo.roa (raw, json)
Hash identifier: 2YoEPjb/mUp/HqQp7Qak5HkOS9XgXc9API514lfVQEc=
Subject key identifier: 83:76:FE:5F:CE:A7:BF:7A:7A:53:D0:CE:AB:88:42:53:F0:E7:99:DA
Certificate issuer: /CN=16d31b2d899d6eb2bcb7a4d78cc3100dce30c90c
Certificate serial: 019421B18378A43FDB6FC9502DE0DC0C0EBF
Authority key identifier: 16:D3:1B:2D:89:9D:6E:B2:BC:B7:A4:D7:8C:C3:10:0D:CE:30:C9:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FtMbLYmdbrK8t6TXjMMQDc4wyQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/7c3a18-0ec9-4157-bf5a-5207f664df21/1/g3b-X86nv3p6U9DOq4hCU_Dnmdo.roa
Signing time: Wed 01 Jan 2025 11:47:49 +0000
ROA not before: Wed 01 Jan 2025 11:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61970
IP address blocks: 45.93.88.0/23 maxlen: 24
45.93.90.0/24 maxlen: 24
45.93.91.0/24 maxlen: 24
185.48.144.0/24 maxlen: 24
185.48.145.0/24 maxlen: 24
185.48.146.0/24 maxlen: 24
185.48.147.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:83:78:a4:3f:db:6f:c9:50:2d:e0:dc:0c:0e:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16d31b2d899d6eb2bcb7a4d78cc3100dce30c90c
Validity
Not Before: Jan 1 11:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8376fe5fcea7bf7a7a53d0ceab884253f0e799da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:db:20:58:67:34:c6:be:d2:1d:5c:d1:fa:0c:
3b:cb:b8:8e:c6:96:a9:5d:b5:d1:90:b9:41:69:ee:
2f:2d:2e:4b:f8:84:28:43:cf:4a:17:b2:18:2b:eb:
d0:2c:55:22:d7:6f:3c:e1:60:57:fa:27:50:4f:66:
f8:bc:52:88:71:79:19:fa:b1:09:b6:2e:65:fe:6f:
66:ed:97:80:d6:62:29:ed:22:f4:2f:db:57:62:e5:
2a:af:21:fe:58:a4:e0:82:df:78:49:6c:ca:d4:8c:
b0:45:dc:ec:4f:bd:a1:51:a5:af:5d:20:6b:d1:37:
fe:91:9d:e2:de:c0:ea:f7:fa:0f:49:21:93:24:34:
e1:05:2a:23:6e:e4:3e:fd:bd:0d:fd:c1:02:f8:93:
de:fb:2b:d5:b2:5b:16:0b:50:92:b7:21:8e:06:bd:
43:aa:8b:bd:de:71:69:74:cb:ce:c3:a2:bc:10:75:
59:8d:dc:5a:2d:6c:66:00:9b:9e:8a:3c:cc:48:48:
56:20:ff:dd:c9:55:2d:a4:bc:6d:9f:5b:61:7c:3d:
ee:29:8e:8b:62:fd:be:8e:7d:96:ab:c2:55:35:e8:
05:72:19:fd:64:9f:5c:9d:f8:42:68:b0:0f:b2:15:
69:52:f9:24:a1:68:20:dd:14:a7:2e:20:71:19:7e:
36:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:76:FE:5F:CE:A7:BF:7A:7A:53:D0:CE:AB:88:42:53:F0:E7:99:DA
X509v3 Authority Key Identifier:
keyid:16:D3:1B:2D:89:9D:6E:B2:BC:B7:A4:D7:8C:C3:10:0D:CE:30:C9:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FtMbLYmdbrK8t6TXjMMQDc4wyQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/7c3a18-0ec9-4157-bf5a-5207f664df21/1/g3b-X86nv3p6U9DOq4hCU_Dnmdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/7c3a18-0ec9-4157-bf5a-5207f664df21/1/FtMbLYmdbrK8t6TXjMMQDc4wyQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.88.0/22
185.48.144.0/22
Signature Algorithm: sha256WithRSAEncryption
30:4b:9f:89:e1:7c:61:87:35:b7:54:97:c1:5d:5e:2c:9e:e2:
ae:60:6d:9b:37:3c:d5:a2:72:bb:df:41:07:66:90:5d:19:37:
53:e8:92:18:23:79:55:13:fd:5c:81:f5:a9:e9:74:79:88:72:
ed:78:c3:89:9d:28:ee:ce:a9:20:ed:f1:4b:ae:bd:63:10:a7:
28:3b:86:3d:3a:e6:65:f8:fd:b2:22:c1:0d:08:0b:f1:12:5d:
37:3c:5c:85:b5:d3:19:ea:88:8b:d6:7d:89:1a:08:46:a1:67:
9a:58:be:8a:34:f7:7c:f5:02:14:d7:a6:9e:02:0d:81:73:af:
4b:9c:be:1c:78:41:70:ce:2c:4a:90:12:8f:3d:33:fd:7e:1e:
ff:78:34:29:5a:65:a5:7c:f1:11:84:5c:fe:e3:79:d2:98:3f:
b6:05:86:65:9a:d0:83:d2:53:7e:26:64:af:1c:a8:a9:08:1b:
fa:49:88:d1:e4:da:8a:54:8c:e8:6e:52:8d:71:ab:3b:6b:38:
9f:17:40:1a:08:da:24:93:ec:36:b9:6f:e1:2a:d4:88:3b:14:
0a:3f:bb:8d:fb:87:fc:88:37:30:ec:d9:ea:ce:ea:cb:e3:9e:
51:f4:03:e2:59:82:b4:0f:c9:74:68:be:01:45:31:48:42:1e:
f5:f0:8a:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsYN4pD/bb8lQLeDcDA6/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZDMxYjJkODk5ZDZlYjJiY2I3YTRkNzhjYzMxMDBkY2Uz
MGM5MGMwHhcNMjUwMTAxMTE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzc2ZmU1ZmNlYTdiZjdhN2E1M2QwY2VhYjg4NDI1M2YwZTc5OWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9sgWGc0xr7SHVzR+gw7y7iOxpap
XbXRkLlBae4vLS5L+IQoQ89KF7IYK+vQLFUi12884WBX+idQT2b4vFKIcXkZ+rEJ
ti5l/m9m7ZeA1mIp7SL0L9tXYuUqryH+WKTggt94SWzK1IywRdzsT72hUaWvXSBr
0Tf+kZ3i3sDq9/oPSSGTJDThBSojbuQ+/b0N/cEC+JPe+yvVslsWC1CStyGOBr1D
qou93nFpdMvOw6K8EHVZjdxaLWxmAJueijzMSEhWIP/dyVUtpLxtn1thfD3uKY6L
Yv2+jn2Wq8JVNegFchn9ZJ9cnfhCaLAPshVpUvkkoWgg3RSnLiBxGX42kQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIN2/l/Op796elPQzquIQlPw55naMB8GA1UdIwQY
MBaAFBbTGy2JnW6yvLek14zDEA3OMMkMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnRNYkxZbWRicks4dDZUWGpNTVFEYzR3eVF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83YzNhMTgtMGVjOS00MTU3LWJmNWEt
NTIwN2Y2NjRkZjIxLzEvZzNiLVg4Nm52M3A2VTlET3E0aENVX0RubWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83YzNhMTgtMGVjOS00MTU3LWJmNWEtNTIwN2Y2NjRkZjIx
LzEvRnRNYkxZbWRicks4dDZUWGpNTVFEYzR3eVF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLV1YAwQC
uTCQMA0GCSqGSIb3DQEBCwUAA4IBAQAwS5+J4XxhhzW3VJfBXV4snuKuYG2bNzzV
onK730EHZpBdGTdT6JIYI3lVE/1cgfWp6XR5iHLteMOJnSjuzqkg7fFLrr1jEKco
O4Y9OuZl+P2yIsENCAvxEl03PFyFtdMZ6oiL1n2JGghGoWeaWL6KNPd89QIU16ae
Ag2Bc69LnL4ceEFwzixKkBKPPTP9fh7/eDQpWmWlfPERhFz+43nSmD+2BYZlmtCD
0lN+JmSvHKipCBv6SYjR5NqKVIzoblKNcas7azifF0AaCNokk+w2uW/hKtSIOxQK
P7uN+4f8iDcw7NnqzurL455R9APiWYK0D8l0aL4BRTFIQh718IpJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:26:30 2025 by rpki-client