Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/1-eAJE_ZPw_LJuNlElXg0BRaL11g.roa
File: 1-eAJE_ZPw_LJuNlElXg0BRaL11g.roa (raw, json)
Hash identifier: YakZb3LMYAiCfML5t2kxegtBvI+8ocrvx+dTJt+Il2M=
Subject key identifier: F9:E0:09:13:F6:4F:C3:F2:C9:B8:D9:44:95:78:34:05:16:8B:D7:58
Certificate issuer: /CN=3074d651dfec4b0d371e02505b1f8693ed1d8e02
Certificate serial: 019422FC2F3D56EEF092A2527253E88F592A
Authority key identifier: 30:74:D6:51:DF:EC:4B:0D:37:1E:02:50:5B:1F:86:93:ED:1D:8E:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHTWUd_sSw03HgJQWx-Gk-0djgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/1-eAJE_ZPw_LJuNlElXg0BRaL11g.roa
Signing time: Wed 01 Jan 2025 17:48:59 +0000
ROA not before: Wed 01 Jan 2025 17:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204989
IP address blocks: 45.89.168.0/22 maxlen: 24
185.104.160.0/22 maxlen: 24
2a06:3200::/29 maxlen: 32
2a0f:a7c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2f:3d:56:ee:f0:92:a2:52:72:53:e8:8f:59:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3074d651dfec4b0d371e02505b1f8693ed1d8e02
Validity
Not Before: Jan 1 17:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9e00913f64fc3f2c9b8d94495783405168bd758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9a:a1:e6:d2:19:3c:35:5b:5f:af:57:26:8e:
27:a5:cf:b5:b0:70:9b:53:df:6d:00:30:7b:d5:f5:
55:f8:42:9d:2d:b5:47:cb:18:d4:42:79:70:32:cf:
b7:9a:36:ce:3e:79:99:38:79:f1:f9:ea:6a:03:ee:
3f:42:de:93:f7:1f:73:81:db:b1:64:12:5e:21:c9:
c8:8c:b5:f6:61:d6:9b:d9:a4:12:0a:5f:a8:d0:21:
c4:f9:10:da:cc:e3:a0:1f:41:39:9c:fa:00:e2:a4:
39:44:a9:31:44:17:f3:eb:1d:84:ed:85:5e:a0:51:
b3:77:1a:53:f2:19:a8:7a:03:1d:6d:86:90:c6:9b:
67:2c:07:b4:30:14:78:2f:f5:53:73:d7:5b:75:1f:
84:31:33:ef:09:85:3f:c6:db:ea:5c:d5:d7:5e:0d:
73:22:ef:44:5d:42:32:8b:91:6f:2c:c9:ce:0e:27:
6e:5b:88:1c:23:80:89:10:20:a8:44:50:a0:49:87:
f7:40:7b:da:92:85:7f:ea:ca:93:69:b8:cb:3e:d6:
cc:b4:52:56:35:81:fa:68:b4:06:7e:4d:31:8b:a0:
93:ed:1a:95:c6:e8:c9:f5:c4:7e:9f:61:ca:fb:9d:
21:3f:11:f9:ca:6e:06:5d:03:ee:05:99:23:8f:9f:
cb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:E0:09:13:F6:4F:C3:F2:C9:B8:D9:44:95:78:34:05:16:8B:D7:58
X509v3 Authority Key Identifier:
keyid:30:74:D6:51:DF:EC:4B:0D:37:1E:02:50:5B:1F:86:93:ED:1D:8E:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHTWUd_sSw03HgJQWx-Gk-0djgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/1-eAJE_ZPw_LJuNlElXg0BRaL11g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/MHTWUd_sSw03HgJQWx-Gk-0djgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.168.0/22
185.104.160.0/22
IPv6:
2a06:3200::/29
2a0f:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:f9:57:25:21:ab:9f:34:eb:10:89:21:9e:7d:f4:82:f1:2c:
4c:36:9d:51:5f:8f:47:e9:b2:31:1b:0a:db:31:2e:8d:fa:5b:
f5:e1:4f:c8:28:0b:38:02:c9:90:ad:8c:e4:ff:ce:20:7e:62:
7e:03:09:21:54:23:b2:38:ea:09:f7:2e:e2:54:3b:5f:fd:71:
8a:0a:aa:62:98:0c:ae:c3:eb:31:60:b4:e5:70:6a:92:08:6f:
e6:37:12:b1:b3:63:a5:6c:18:f8:6f:5c:65:42:87:f5:d8:e9:
8b:bf:35:c0:0d:df:a3:3f:20:67:01:f3:7b:af:28:5c:54:6e:
49:d7:63:6b:95:6e:7d:de:1c:d5:54:32:96:59:57:a1:01:0d:
5d:8a:03:ce:3c:26:97:cb:57:fd:61:da:df:7e:0c:f4:0e:45:
e5:4f:f7:2e:94:30:2e:66:45:02:83:e0:75:22:84:78:46:c4:
c1:1f:63:81:2c:1c:f4:ed:17:54:36:b2:50:d9:96:52:4f:a6:
ac:87:c8:a7:8c:07:24:d1:3f:39:84:fe:23:ff:0c:2f:c9:a8:
a6:25:f9:4c:cb:ae:69:57:51:ae:29:d9:f6:0a:5e:21:20:94:
a2:0e:da:49:b1:bf:f8:58:8b:ae:ae:3d:a6:02:54:57:95:13:
fe:cc:91:52
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQi/C89Vu7wkqJSclPoj1kqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzRkNjUxZGZlYzRiMGQzNzFlMDI1MDViMWY4NjkzZWQx
ZDhlMDIwHhcNMjUwMTAxMTc0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWUwMDkxM2Y2NGZjM2YyYzliOGQ5NDQ5NTc4MzQwNTE2OGJkNzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpqh5tIZPDVbX69XJo4npc+1sHCb
U99tADB71fVV+EKdLbVHyxjUQnlwMs+3mjbOPnmZOHnx+epqA+4/Qt6T9x9zgdux
ZBJeIcnIjLX2Ydab2aQSCl+o0CHE+RDazOOgH0E5nPoA4qQ5RKkxRBfz6x2E7YVe
oFGzdxpT8hmoegMdbYaQxptnLAe0MBR4L/VTc9dbdR+EMTPvCYU/xtvqXNXXXg1z
Iu9EXUIyi5FvLMnODiduW4gcI4CJECCoRFCgSYf3QHvakoV/6sqTabjLPtbMtFJW
NYH6aLQGfk0xi6CT7RqVxujJ9cR+n2HK+50hPxH5ym4GXQPuBZkjj5/LPQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPngCRP2T8PyybjZRJV4NAUWi9dYMB8GA1UdIwQY
MBaAFDB01lHf7EsNNx4CUFsfhpPtHY4CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhUV1VkX3NTdzAzSGdKUVd4LUdrLTBkamdJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yMTI4M2YtZjdhYS00YTY3LTk1NzAt
OTJiYTJkNTA3N2MzLzEvMS1lQUpFX1pQd19MSnVObEVsWGcwQlJhTDExZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmYvMjEyODNmLWY3YWEtNGE2Ny05NTcwLTkyYmEyZDUwNzdj
My8xL01IVFdVZF9zU3cwM0hnSlFXeC1Hay0wZGpnSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA7BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEAi1ZqAME
ArlooDAUBAIAAjAOAwUDKgYyAAMFAyoPp8AwDQYJKoZIhvcNAQELBQADggEBAIv5
VyUhq5806xCJIZ599ILxLEw2nVFfj0fpsjEbCtsxLo36W/XhT8goCzgCyZCtjOT/
ziB+Yn4DCSFUI7I46gn3LuJUO1/9cYoKqmKYDK7D6zFgtOVwapIIb+Y3ErGzY6Vs
GPhvXGVCh/XY6Yu/NcAN36M/IGcB83uvKFxUbknXY2uVbn3eHNVUMpZZV6EBDV2K
A848JpfLV/1h2t9+DPQOReVP9y6UMC5mRQKD4HUihHhGxMEfY4EsHPTtF1Q2slDZ
llJPpqyHyKeMByTRPzmE/iP/DC/JqKYl+UzLrmlXUa4p2fYKXiEglKIO2kmxv/hY
i66uPaYCVFeVE/7MkVI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:11:06 2025 by rpki-client