Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/a-ajX3DZBiQoP5dqwNt3tcM-mnE.roa
File: a-ajX3DZBiQoP5dqwNt3tcM-mnE.roa (raw, json)
Hash identifier: 7JlsOhjX00/hzsylzllm8EMooNDkrF4tIARFKyhgvaI=
Subject key identifier: 6B:E6:A3:5F:70:D9:06:24:28:3F:97:6A:C0:DB:77:B5:C3:3E:9A:71
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0194B373EDF989EE0E1ABFB0C4C04BC50C44
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/a-ajX3DZBiQoP5dqwNt3tcM-mnE.roa
Signing time: Wed 29 Jan 2025 19:05:06 +0000
ROA not before: Wed 29 Jan 2025 19:05:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 45.144.227.0/24 maxlen: 24
62.197.144.0/24 maxlen: 24
62.197.145.0/24 maxlen: 24
62.197.146.0/24 maxlen: 24
62.197.147.0/24 maxlen: 24
62.197.148.0/24 maxlen: 24
62.197.149.0/24 maxlen: 24
62.197.150.0/24 maxlen: 24
62.197.151.0/24 maxlen: 24
62.197.152.0/24 maxlen: 24
62.197.153.0/24 maxlen: 24
62.197.154.0/23 maxlen: 24
62.197.156.0/23 maxlen: 24
62.197.158.0/24 maxlen: 24
62.197.159.0/24 maxlen: 24
91.190.101.0/24 maxlen: 24
92.62.120.0/24 maxlen: 24
92.62.121.0/24 maxlen: 24
92.62.122.0/23 maxlen: 24
185.244.139.0/24 maxlen: 24
193.218.35.0/24 maxlen: 24
194.169.168.0/24 maxlen: 24
194.169.169.0/24 maxlen: 24
194.169.170.0/23 maxlen: 24
212.119.32.0/23 maxlen: 24
212.119.34.0/24 maxlen: 24
213.109.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b3:73:ed:f9:89:ee:0e:1a:bf:b0:c4:c0:4b:c5:0c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 29 19:05:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6be6a35f70d90624283f976ac0db77b5c33e9a71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:82:c9:e5:23:48:9a:87:a0:28:0e:81:d0:1c:
80:ed:cf:c3:94:db:48:79:33:a5:c0:23:8a:4f:3c:
60:ba:16:59:f2:d9:aa:ba:bf:fe:fc:a0:17:a7:01:
9b:34:92:4e:c4:75:19:e0:d4:19:d4:65:09:09:6c:
86:13:eb:d4:9b:69:fb:d0:c5:f7:57:99:53:67:20:
32:91:0d:02:e0:a5:a5:d1:2c:85:8e:02:7a:5d:2f:
6e:b9:d7:42:8c:4e:cd:42:9c:db:ab:16:03:0a:5b:
7d:6d:8b:db:0b:03:32:be:2e:29:ba:9e:1d:b7:54:
94:0e:bb:51:71:09:f3:c4:27:ca:dd:08:3b:5a:17:
e4:93:e2:fc:6f:75:c3:c1:85:5f:98:6b:f6:4e:32:
1c:4b:4a:30:f2:72:ab:00:9a:1e:26:e7:5b:9e:86:
c9:80:6c:a5:9e:8c:6f:fd:a8:96:c4:38:0d:b9:62:
6b:bf:46:08:89:0d:5a:56:ec:c2:fd:96:24:69:11:
d6:62:c8:5e:65:98:c2:a4:1c:6e:6a:db:62:42:3f:
75:0e:5b:75:2d:25:c6:ea:29:25:3f:44:9c:e0:61:
f5:3f:43:7b:54:13:8a:83:47:ae:4e:92:de:21:29:
4e:56:c3:1f:81:20:c6:71:3d:11:b2:4c:28:b4:e8:
f9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E6:A3:5F:70:D9:06:24:28:3F:97:6A:C0:DB:77:B5:C3:3E:9A:71
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/a-ajX3DZBiQoP5dqwNt3tcM-mnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.227.0/24
62.197.144.0/20
91.190.101.0/24
92.62.120.0/22
185.244.139.0/24
193.218.35.0/24
194.169.168.0/22
212.119.32.0-212.119.34.255
213.109.151.0/24
Signature Algorithm: sha256WithRSAEncryption
74:66:0c:3a:09:01:53:96:00:6a:e6:00:9a:0e:dc:4c:e5:6a:
d5:30:a5:4f:e9:00:e9:87:42:f3:de:66:49:b1:01:d5:85:59:
1d:83:95:e2:7b:4d:e8:a2:e6:03:d9:fd:ed:3c:82:0e:3f:75:
98:b3:5c:55:5a:fa:eb:67:ff:f0:d8:3b:aa:6c:54:de:b1:82:
ac:51:8b:3b:54:12:00:9e:d5:cd:a0:60:87:4e:de:1d:f5:96:
29:66:85:62:30:ce:2e:bd:d1:64:6f:f3:e8:69:79:68:8e:25:
3c:58:e4:4e:c1:6e:41:d2:38:81:9d:8b:41:d2:af:92:74:78:
09:03:e7:fa:2e:04:d0:17:84:87:dc:38:ff:a9:19:a0:61:45:
c2:d4:a7:de:9e:6d:52:24:e4:7d:36:92:bc:a4:f3:4d:4c:ce:
c8:46:3d:7c:33:d7:a4:45:18:0b:18:e2:9f:7e:b7:7c:47:08:
ca:21:d0:68:80:10:7b:2e:a9:e0:79:6c:a9:f4:24:1a:a4:1d:
32:25:ac:f7:3c:15:20:ce:6e:2e:e1:e0:72:8f:5f:91:81:52:
bd:fb:fc:4c:e5:0d:15:11:8d:db:f8:93:67:65:59:76:74:95:
4b:d1:05:3d:9a:51:9e:f3:1e:5a:59:28:79:e1:76:a0:0b:53:
76:df:9f:e5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZSzc+35ie4OGr+wxMBLxQxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTI5MTkwNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmU2YTM1ZjcwZDkwNjI0MjgzZjk3NmFjMGRiNzdiNWMzM2U5YTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzILJ5SNImoegKA6B0ByA7c/DlNtI
eTOlwCOKTzxguhZZ8tmqur/+/KAXpwGbNJJOxHUZ4NQZ1GUJCWyGE+vUm2n70MX3
V5lTZyAykQ0C4KWl0SyFjgJ6XS9uuddCjE7NQpzbqxYDClt9bYvbCwMyvi4pup4d
t1SUDrtRcQnzxCfK3Qg7Whfkk+L8b3XDwYVfmGv2TjIcS0ow8nKrAJoeJudbnobJ
gGylnoxv/aiWxDgNuWJrv0YIiQ1aVuzC/ZYkaRHWYsheZZjCpBxuattiQj91Dlt1
LSXG6iklP0Sc4GH1P0N7VBOKg0euTpLeISlOVsMfgSDGcT0RskwotOj5oQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFGvmo19w2QYkKD+XasDbd7XDPppxMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYS1halgzRFpCaVFvUDVkcXdOdDN0Y00tbW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALZDjAwQE
PsWQAwQAW75lAwQCXD54AwQAufSLAwQAwdojAwQCwqmoMAwDBAXUdyADBADUdyID
BADVbZcwDQYJKoZIhvcNAQELBQADggEBAHRmDDoJAVOWAGrmAJoO3EzlatUwpU/p
AOmHQvPeZkmxAdWFWR2DleJ7Teii5gPZ/e08gg4/dZizXFVa+utn//DYO6psVN6x
gqxRiztUEgCe1c2gYIdO3h31lilmhWIwzi690WRv8+hpeWiOJTxY5E7BbkHSOIGd
i0HSr5J0eAkD5/ouBNAXhIfcOP+pGaBhRcLUp96ebVIk5H02kryk801MzshGPXwz
16RFGAsY4p9+t3xHCMoh0GiAEHsuqeB5bKn0JBqkHTIlrPc8FSDObi7h4HKPX5GB
Ur37/EzlDRURjdv4k2dlWXZ0lUvRBT2aUZ7zHlpZKHnhdqALU3bfn+U=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:50:52 2025 by rpki-client