Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/M7L8Od19i3zBt1lIltsTIc1xDpY.roa
File: M7L8Od19i3zBt1lIltsTIc1xDpY.roa (raw, json)
Hash identifier: Kdrd9VSOIQRz2qDd3ciFqvoijJdSk3rHZS6hc9xgTio=
Subject key identifier: 33:B2:FC:39:DD:7D:8B:7C:C1:B7:59:48:96:DB:13:21:CD:71:0E:96
Certificate issuer: /CN=7a05ea59805f94be185282039bbae2fa8a9253f5
Certificate serial: 01942068604DF59388FC2FEB4E7601DEB784
Authority key identifier: 7A:05:EA:59:80:5F:94:BE:18:52:82:03:9B:BA:E2:FA:8A:92:53:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egXqWYBflL4YUoIDm7ri-oqSU_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/M7L8Od19i3zBt1lIltsTIc1xDpY.roa
Signing time: Wed 01 Jan 2025 05:48:18 +0000
ROA not before: Wed 01 Jan 2025 05:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50316
IP address blocks: 45.135.24.0/22 maxlen: 24
45.147.236.0/22 maxlen: 24
46.234.192.0/19 maxlen: 24
46.234.198.240/30 maxlen: 30
185.10.188.0/22 maxlen: 24
185.43.164.0/22 maxlen: 24
185.74.188.0/22 maxlen: 24
185.96.96.0/22 maxlen: 24
185.121.32.0/22 maxlen: 24
185.142.122.0/23 maxlen: 24
185.157.24.0/22 maxlen: 24
185.158.140.0/22 maxlen: 24
185.193.252.0/22 maxlen: 24
185.219.44.0/22 maxlen: 24
185.219.45.64/30 maxlen: 30
185.245.120.0/22 maxlen: 24
193.3.245.0/24 maxlen: 24
193.5.31.0/24 maxlen: 24
193.5.39.0/24 maxlen: 24
193.5.41.0/24 maxlen: 24
193.5.120.0/24 maxlen: 24
193.38.132.0/22 maxlen: 24
193.47.52.0/22 maxlen: 24
195.184.74.0/24 maxlen: 24
213.187.0.0/19 maxlen: 24
2a00:1f48::/29 maxlen: 56
2a01:6d60::/29 maxlen: 56
2a05:4a00::/29 maxlen: 56
2a06:9c80::/29 maxlen: 56
2a07:a2c0::/29 maxlen: 56
2a07:adc0::/29 maxlen: 56
2a0a:41c0::/29 maxlen: 56
2a0a:c180::/29 maxlen: 56
2a0b:e040::/29 maxlen: 56
2a0d:5780::/29 maxlen: 56
2a0d:e540::/29 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:60:4d:f5:93:88:fc:2f:eb:4e:76:01:de:b7:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a05ea59805f94be185282039bbae2fa8a9253f5
Validity
Not Before: Jan 1 05:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33b2fc39dd7d8b7cc1b7594896db1321cd710e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7e:59:8d:d2:62:1d:c6:38:5d:e3:07:47:62:
da:71:22:45:eb:7c:a1:5c:33:93:dc:07:32:f6:17:
fc:64:1d:e6:f6:81:28:db:ea:5a:84:29:ac:65:71:
80:5e:af:a1:28:10:56:6f:fa:39:f3:5b:1e:b3:37:
b0:18:7a:d3:ca:ff:3c:44:c2:0d:b8:4b:9b:9c:1f:
5b:4b:c9:fd:c1:fb:60:5a:6d:85:49:40:5a:7c:2d:
14:a4:bd:a9:49:26:21:dd:09:24:c2:ba:00:5b:c2:
d9:8b:a1:c8:a9:5a:59:e8:d4:0b:80:71:84:fd:08:
d1:03:c8:f6:3d:d9:83:e2:34:47:e8:b2:19:24:c2:
8f:bf:97:4b:7a:5a:90:6d:b3:5b:9f:e2:42:dd:9a:
db:dd:b4:8e:3e:5c:4b:5e:c9:7e:e3:71:ec:42:f7:
2f:9e:3d:1d:c9:e2:54:fe:33:3c:54:7d:14:77:3f:
a8:f2:e1:98:e3:61:11:f7:82:d3:72:db:7e:24:d5:
95:6f:4b:ec:f0:cb:f0:d4:af:2f:cf:a9:25:a0:4b:
50:e3:9e:7b:20:34:27:8c:87:36:bf:b8:8d:36:59:
df:49:db:25:65:a5:b6:15:3c:61:b4:b4:cc:aa:6b:
43:11:0c:f2:2c:0b:3c:b7:b0:71:a6:6c:67:db:ea:
41:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B2:FC:39:DD:7D:8B:7C:C1:B7:59:48:96:DB:13:21:CD:71:0E:96
X509v3 Authority Key Identifier:
keyid:7A:05:EA:59:80:5F:94:BE:18:52:82:03:9B:BA:E2:FA:8A:92:53:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egXqWYBflL4YUoIDm7ri-oqSU_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/M7L8Od19i3zBt1lIltsTIc1xDpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/egXqWYBflL4YUoIDm7ri-oqSU_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.24.0/22
45.147.236.0/22
46.234.192.0/19
185.10.188.0/22
185.43.164.0/22
185.74.188.0/22
185.96.96.0/22
185.121.32.0/22
185.142.122.0/23
185.157.24.0/22
185.158.140.0/22
185.193.252.0/22
185.219.44.0/22
185.245.120.0/22
193.3.245.0/24
193.5.31.0/24
193.5.39.0/24
193.5.41.0/24
193.5.120.0/24
193.38.132.0/22
193.47.52.0/22
195.184.74.0/24
213.187.0.0/19
IPv6:
2a00:1f48::/29
2a01:6d60::/29
2a05:4a00::/29
2a06:9c80::/29
2a07:a2c0::/29
2a07:adc0::/29
2a0a:41c0::/29
2a0a:c180::/29
2a0b:e040::/29
2a0d:5780::/29
2a0d:e540::/29
Signature Algorithm: sha256WithRSAEncryption
65:a4:09:3f:eb:ab:b8:d2:f5:c7:58:da:cd:c5:86:bf:8c:f8:
09:ae:27:5f:8e:30:27:ba:dd:c5:89:97:b1:9c:3f:43:af:bd:
ba:d1:76:c8:94:e5:d6:4e:e1:64:f0:80:f2:c5:26:20:b4:22:
49:8e:09:3a:0a:c7:ad:56:c0:ba:70:02:32:fd:cf:08:aa:b3:
43:e9:4e:47:28:ac:ac:b6:43:db:a4:07:b7:bd:94:b9:40:28:
d1:1d:cf:48:e2:82:08:81:93:de:7e:4d:61:46:7e:2f:cb:86:
92:05:4d:06:58:1d:35:68:eb:ac:09:95:c9:05:55:99:0c:74:
76:b2:63:9d:36:74:c2:e2:c3:49:fe:33:71:65:92:7c:84:dc:
b9:b7:10:bd:87:e4:5a:c8:60:6a:cb:ba:b1:96:10:4d:84:09:
be:92:5b:ae:49:4d:28:b3:e7:de:55:e7:7d:0b:38:f6:4c:ac:
20:c0:1c:16:be:32:e4:11:5a:24:6f:d7:d5:e3:07:3a:dd:fc:
0b:ec:26:21:9b:0a:de:10:d6:65:e6:c8:9b:db:5f:f7:91:cd:
93:a9:6f:ab:78:df:08:05:9a:9f:89:2d:dd:66:e5:c6:f6:e9:
59:29:ad:2e:08:b6:08:cf:ea:f4:d9:d6:cc:92:42:66:5e:0e:
88:79:9d:f5
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAZQgaGBN9ZOI/C/rTnYB3reEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMDVlYTU5ODA1Zjk0YmUxODUyODIwMzliYmFlMmZhOGE5
MjUzZjUwHhcNMjUwMTAxMDU0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2IyZmMzOWRkN2Q4YjdjYzFiNzU5NDg5NmRiMTMyMWNkNzEwZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH5ZjdJiHcY4XeMHR2LacSJF63yh
XDOT3Acy9hf8ZB3m9oEo2+pahCmsZXGAXq+hKBBWb/o581seszewGHrTyv88RMIN
uEubnB9bS8n9wftgWm2FSUBafC0UpL2pSSYh3QkkwroAW8LZi6HIqVpZ6NQLgHGE
/QjRA8j2PdmD4jRH6LIZJMKPv5dLelqQbbNbn+JC3Zrb3bSOPlxLXsl+43HsQvcv
nj0dyeJU/jM8VH0Udz+o8uGY42ER94LTctt+JNWVb0vs8Mvw1K8vz6kloEtQ4557
IDQnjIc2v7iNNlnfSdslZaW2FTxhtLTMqmtDEQzyLAs8t7Bxpmxn2+pBiwIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFDOy/DndfYt8wbdZSJbbEyHNcQ6WMB8GA1UdIwQY
MBaAFHoF6lmAX5S+GFKCA5u64vqKklP1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWdYcVdZQmZsTDRZVW9JRG03cmktb3FTVV9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9jZjI0YmQtYzE1Yi00ODRjLTk3MzIt
MDRiMzgxM2YzYjNkLzEvTTdMOE9kMTlpM3pCdDFsSWx0c1RJYzF4RHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9jZjI0YmQtYzE1Yi00ODRjLTk3MzItMDRiMzgxM2YzYjNk
LzEvZWdYcVdZQmZsTDRZVW9JRG03cmktb3FTVV9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TCBkQQCAAEwgYoDBAIt
hxgDBAItk+wDBAUu6sADBAK5CrwDBAK5K6QDBAK5SrwDBAK5YGADBAK5eSADBAG5
jnoDBAK5nRgDBAK5nowDBAK5wfwDBAK52ywDBAK59XgDBADBA/UDBADBBR8DBADB
BScDBADBBSkDBADBBXgDBALBJoQDBALBLzQDBADDuEoDBAXVuwAwUwQCAAIwTQMF
AyoAH0gDBQMqAW1gAwUDKgVKAAMFAyoGnIADBQMqB6LAAwUDKgetwAMFAyoKQcAD
BQMqCsGAAwUDKgvgQAMFAyoNV4ADBQMqDeVAMA0GCSqGSIb3DQEBCwUAA4IBAQBl
pAk/66u40vXHWNrNxYa/jPgJridfjjAnut3FiZexnD9Dr7260XbIlOXWTuFk8IDy
xSYgtCJJjgk6CsetVsC6cAIy/c8IqrND6U5HKKystkPbpAe3vZS5QCjRHc9I4oII
gZPefk1hRn4vy4aSBU0GWB01aOusCZXJBVWZDHR2smOdNnTC4sNJ/jNxZZJ8hNy5
txC9h+RayGBqy7qxlhBNhAm+kluuSU0os+feVed9Czj2TKwgwBwWvjLkEVokb9fV
4wc63fwL7CYhmwreENZl5sib21/3kc2TqW+reN8IBZqfiS3dZuXG9ulZKa0uCLYI
z+r02dbMkkJmXg6IeZ31
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:10:30 2025 by rpki-client