Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a9d9da-f8a5-47ba-b66a-bd0b5774f637/1/dHwX8PQaURSRhzT9O267zp2eAAU.roa
File: dHwX8PQaURSRhzT9O267zp2eAAU.roa (raw, json)
Hash identifier: pQKJANjM+1Peo4ZdiwJW4yKvtPIT0ly/kwXsgNJ+gjU=
Subject key identifier: 74:7C:17:F0:F4:1A:51:14:91:87:34:FD:3B:6E:BB:CE:9D:9E:00:05
Certificate issuer: /CN=8d30810e2dc271a6a0f07b8e209e2dc223637839
Certificate serial: 019425FDB6AAABB497870CED0446578890A1
Authority key identifier: 8D:30:81:0E:2D:C2:71:A6:A0:F0:7B:8E:20:9E:2D:C2:23:63:78:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jTCBDi3Ccaag8HuOIJ4twiNjeDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a9d9da-f8a5-47ba-b66a-bd0b5774f637/1/dHwX8PQaURSRhzT9O267zp2eAAU.roa
Signing time: Thu 02 Jan 2025 07:49:31 +0000
ROA not before: Thu 02 Jan 2025 07:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203726
IP address blocks: 45.84.168.0/23 maxlen: 23
45.84.170.0/24 maxlen: 24
45.84.171.0/24 maxlen: 24
185.124.180.0/22 maxlen: 24
2a06:c880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b6:aa:ab:b4:97:87:0c:ed:04:46:57:88:90:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d30810e2dc271a6a0f07b8e209e2dc223637839
Validity
Not Before: Jan 2 07:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=747c17f0f41a5114918734fd3b6ebbce9d9e0005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f8:11:3a:44:b6:d3:e7:29:7b:60:6f:25:e7:
eb:7e:e0:72:d1:92:3f:64:a7:d7:df:09:c7:e3:70:
fe:11:9d:5f:f1:bb:93:ea:b6:a2:e4:fd:82:62:4a:
55:3d:36:e2:91:38:33:50:d6:bf:39:84:e0:7c:04:
fe:85:f8:0f:68:c4:95:11:f3:4a:d6:ef:e8:4a:15:
57:47:1a:ea:91:09:32:20:73:2b:87:b7:25:78:b7:
f8:76:ee:d4:42:89:a4:f0:05:3b:d5:be:86:cd:4d:
91:1f:1c:1d:e2:b2:93:6a:ba:da:d4:2b:3e:76:12:
15:62:fa:8d:75:ba:f3:03:5e:10:43:97:3a:4f:53:
6a:92:6a:db:e3:66:0b:3f:8f:a1:b2:d0:88:66:48:
f3:cb:5d:75:b7:6b:be:86:c7:e3:7a:e0:2c:1f:6d:
d3:c0:52:b0:15:0c:16:db:25:d0:a9:f4:98:39:03:
1f:db:86:3d:fb:38:c7:f4:e7:cc:64:1b:60:6a:dc:
2f:72:86:ef:2f:14:63:e4:fc:9b:31:73:bc:3d:df:
0b:94:34:b1:9c:95:f4:86:c0:90:26:c7:9d:d3:19:
2b:1d:fa:fc:09:c8:15:c2:51:11:f1:90:d3:f5:18:
fe:2a:aa:94:3c:0f:fb:04:e9:13:46:1e:ff:88:b2:
58:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7C:17:F0:F4:1A:51:14:91:87:34:FD:3B:6E:BB:CE:9D:9E:00:05
X509v3 Authority Key Identifier:
keyid:8D:30:81:0E:2D:C2:71:A6:A0:F0:7B:8E:20:9E:2D:C2:23:63:78:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jTCBDi3Ccaag8HuOIJ4twiNjeDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a9d9da-f8a5-47ba-b66a-bd0b5774f637/1/dHwX8PQaURSRhzT9O267zp2eAAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a9d9da-f8a5-47ba-b66a-bd0b5774f637/1/jTCBDi3Ccaag8HuOIJ4twiNjeDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.168.0/22
185.124.180.0/22
IPv6:
2a06:c880::/29
Signature Algorithm: sha256WithRSAEncryption
0d:77:81:37:e6:92:c2:1e:a2:77:65:1f:5a:36:eb:02:91:2d:
ea:88:8e:e2:09:71:c8:c1:19:e0:b9:f6:78:4a:f4:63:9f:16:
63:32:63:bc:44:09:48:88:7c:00:ca:06:05:8b:31:e1:6c:0d:
a5:48:0a:92:e5:a2:fc:9f:50:67:73:71:c3:61:2d:83:24:7b:
48:17:1c:54:b5:8d:11:62:82:73:a3:ba:f7:bb:8b:34:08:42:
ee:dc:84:52:0f:9e:05:e2:3c:b1:05:a7:d6:36:be:de:ce:6e:
ba:00:55:f8:4f:fc:11:2e:b9:94:ae:ab:ab:f7:6c:e3:d3:3b:
34:6a:e7:03:0e:f3:7f:a5:87:42:26:27:73:d0:2c:5c:cb:b7:
b6:79:aa:71:af:39:d5:a4:60:f9:99:5d:9c:59:45:a5:ff:da:
9f:28:ad:3d:4d:c8:92:2c:09:85:5a:0a:7a:87:86:4f:d5:45:
54:73:7a:ce:ed:f1:7b:c7:3f:8c:09:26:d6:a7:3f:bf:82:e4:
59:cf:f6:42:1e:20:ae:44:96:72:03:b1:dd:32:56:b5:3a:46:
24:8b:c0:73:d9:3f:9a:2b:e2:11:5d:80:5b:38:db:1b:bc:00:
1e:72:18:2c:75:fe:07:4f:be:ad:ec:e1:e7:27:af:e9:63:ba:
da:1f:d2:cc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/baqq7SXhwztBEZXiJChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMzA4MTBlMmRjMjcxYTZhMGYwN2I4ZTIwOWUyZGMyMjM2
Mzc4MzkwHhcNMjUwMTAyMDc0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDdjMTdmMGY0MWE1MTE0OTE4NzM0ZmQzYjZlYmJjZTlkOWUwMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfgROkS20+cpe2BvJefrfuBy0ZI/
ZKfX3wnH43D+EZ1f8buT6rai5P2CYkpVPTbikTgzUNa/OYTgfAT+hfgPaMSVEfNK
1u/oShVXRxrqkQkyIHMrh7cleLf4du7UQomk8AU71b6GzU2RHxwd4rKTarra1Cs+
dhIVYvqNdbrzA14QQ5c6T1Nqkmrb42YLP4+hstCIZkjzy111t2u+hsfjeuAsH23T
wFKwFQwW2yXQqfSYOQMf24Y9+zjH9OfMZBtgatwvcobvLxRj5PybMXO8Pd8LlDSx
nJX0hsCQJsed0xkrHfr8CcgVwlER8ZDT9Rj+KqqUPA/7BOkTRh7/iLJYvwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHR8F/D0GlEUkYc0/Ttuu86dngAFMB8GA1UdIwQY
MBaAFI0wgQ4twnGmoPB7jiCeLcIjY3g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalRDQkRpM0NjYWFnOEh1T0lKNHR3aU5qZURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hOWQ5ZGEtZjhhNS00N2JhLWI2NmEt
YmQwYjU3NzRmNjM3LzEvZEh3WDhQUWFVUlNSaHpUOU8yNjd6cDJlQUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hOWQ5ZGEtZjhhNS00N2JhLWI2NmEtYmQwYjU3NzRmNjM3
LzEvalRDQkRpM0NjYWFnOEh1T0lKNHR3aU5qZURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVSoAwQC
uXy0MA0EAgACMAcDBQMqBsiAMA0GCSqGSIb3DQEBCwUAA4IBAQANd4E35pLCHqJ3
ZR9aNusCkS3qiI7iCXHIwRngufZ4SvRjnxZjMmO8RAlIiHwAygYFizHhbA2lSAqS
5aL8n1Bnc3HDYS2DJHtIFxxUtY0RYoJzo7r3u4s0CELu3IRSD54F4jyxBafWNr7e
zm66AFX4T/wRLrmUrqur92zj0zs0aucDDvN/pYdCJidz0Cxcy7e2eapxrznVpGD5
mV2cWUWl/9qfKK09TciSLAmFWgp6h4ZP1UVUc3rO7fF7xz+MCSbWpz+/guRZz/ZC
HiCuRJZyA7HdMla1OkYki8Bz2T+aK+IRXYBbONsbvAAechgsdf4HT76t7OHnJ6/p
Y7raH9LM
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:10:12 2025 by rpki-client