Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/blg5Rd1rkuK3PjUxK_g0h8ZwVlc.roa
File: blg5Rd1rkuK3PjUxK_g0h8ZwVlc.roa (raw, json)
Hash identifier: Us4iXv933WcjId+44ksnPIGf3ZljJ1C+tf+o5eOMSJc=
Subject key identifier: 6E:58:39:45:DD:6B:92:E2:B7:3E:35:31:2B:F8:34:87:C6:70:56:57
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194B1FBA6109B5C41351578AB4280EF9B63
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/blg5Rd1rkuK3PjUxK_g0h8ZwVlc.roa
Signing time: Wed 29 Jan 2025 12:14:06 +0000
ROA not before: Wed 29 Jan 2025 12:14:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.78.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:fb:a6:10:9b:5c:41:35:15:78:ab:42:80:ef:9b:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 29 12:14:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e583945dd6b92e2b73e35312bf83487c6705657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:95:88:b1:27:09:bc:ef:14:dd:dd:b1:8b:30:
16:22:df:99:69:f3:e8:11:b6:9c:85:3b:2c:d2:b9:
4c:da:65:02:58:1b:f1:38:86:18:00:2d:74:4a:e5:
06:75:40:40:82:9c:35:6d:ec:dc:0d:00:27:38:15:
98:e8:ce:d2:be:6c:d9:11:19:95:3a:6e:bb:c8:61:
07:bc:22:fb:3e:ca:65:63:4b:0f:3a:fa:b2:ed:2c:
cf:18:e4:51:68:5d:9d:ad:55:42:1d:05:a1:1a:76:
08:a5:9b:91:23:d4:be:e9:bf:39:20:b5:5f:a7:52:
dd:05:e4:68:b7:0d:45:a6:ed:2c:e9:5b:17:e4:7c:
45:8c:f6:4c:ed:17:d1:75:d5:9c:60:e0:86:ad:01:
4c:c7:a0:4c:82:d1:cf:06:2c:4c:be:20:dc:a9:71:
c8:0c:1e:c8:8d:23:03:7e:cf:02:62:98:d7:cc:11:
de:5c:cd:15:7d:c1:3b:ab:6d:49:59:cf:f4:da:e0:
92:86:12:84:eb:53:aa:e4:a3:61:63:52:ec:fa:f7:
ed:99:39:cb:4c:9f:06:b5:ad:64:71:24:fe:a0:be:
77:1b:d2:68:e2:52:8c:b2:fc:57:ce:87:ba:76:b0:
37:14:13:15:97:6f:4e:8b:81:c5:4d:41:d9:c0:2c:
16:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:58:39:45:DD:6B:92:E2:B7:3E:35:31:2B:F8:34:87:C6:70:56:57
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/blg5Rd1rkuK3PjUxK_g0h8ZwVlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.209.75.0/24
185.218.20.0/24
185.220.250.0/23
185.223.78.0/24
185.225.0.0/23
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
79:fd:3c:78:66:2e:65:d5:ac:6e:4b:02:b5:c6:be:4f:1d:b5:
17:f1:30:56:c8:fd:11:2e:10:ae:f5:4f:c4:09:f3:43:60:8e:
94:53:99:52:49:fc:1e:ef:aa:8e:ab:ab:37:e9:c3:1e:fe:96:
59:6a:28:cc:c9:b5:aa:24:8e:9a:ec:e8:73:27:21:e4:7a:aa:
08:30:86:ae:8b:e2:bc:ea:25:ec:56:a0:e3:a7:00:5d:a6:a2:
b9:39:6e:9c:9e:6b:0c:bd:00:25:41:da:90:3f:2f:c5:60:81:
dd:0c:84:3d:b3:2b:df:9d:f2:7a:3c:bb:d3:0d:50:b0:6e:5d:
71:ce:a6:dc:ef:a8:bc:95:60:81:59:28:c3:4f:a7:04:b6:f6:
70:36:75:4f:bf:e6:9b:83:fe:25:88:3e:c4:0f:2c:82:a8:d8:
b3:70:bd:fb:7a:b1:8e:0d:8e:03:2d:4a:a4:9f:af:34:3b:52:
d5:fe:cb:6f:22:cc:fc:60:b1:25:4a:54:51:62:d1:70:a8:24:
ce:c9:bc:67:1f:6b:09:d0:dd:97:9b:4d:bd:d4:b5:d3:f1:8d:
9c:9c:43:54:38:65:3a:15:c7:9f:bf:fb:5b:cd:ce:73:4c:2a:
03:2c:50:46:e5:18:1c:89:e0:52:09:4b:a1:3c:0d:cc:a4:bd:
9b:9b:e1:6e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZSx+6YQm1xBNRV4q0KA75tjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTI5MTIxNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTU4Mzk0NWRkNmI5MmUyYjczZTM1MzEyYmY4MzQ4N2M2NzA1NjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZWIsScJvO8U3d2xizAWIt+ZafPo
EbachTss0rlM2mUCWBvxOIYYAC10SuUGdUBAgpw1bezcDQAnOBWY6M7SvmzZERmV
Om67yGEHvCL7PsplY0sPOvqy7SzPGORRaF2drVVCHQWhGnYIpZuRI9S+6b85ILVf
p1LdBeRotw1Fpu0s6VsX5HxFjPZM7RfRddWcYOCGrQFMx6BMgtHPBixMviDcqXHI
DB7IjSMDfs8CYpjXzBHeXM0VfcE7q21JWc/02uCShhKE61Oq5KNhY1Ls+vftmTnL
TJ8Gta1kcST+oL53G9Jo4lKMsvxXzoe6drA3FBMVl29Oi4HFTUHZwCwWNwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFG5YOUXda5Litz41MSv4NIfGcFZXMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYmxnNVJkMXJrdUszUGpVeEtfZzBoOFp3VmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQgVAwQA
uX5SAwQAudFLAwQAudoUAwQBudz6AwQAud9OAwQBueEAAwQBueOSAwQBwQhwAwQB
wTqSMA0GCSqGSIb3DQEBCwUAA4IBAQB5/Tx4Zi5l1axuSwK1xr5PHbUX8TBWyP0R
LhCu9U/ECfNDYI6UU5lSSfwe76qOq6s36cMe/pZZaijMybWqJI6a7OhzJyHkeqoI
MIaui+K86iXsVqDjpwBdpqK5OW6cnmsMvQAlQdqQPy/FYIHdDIQ9syvfnfJ6PLvT
DVCwbl1xzqbc76i8lWCBWSjDT6cEtvZwNnVPv+abg/4liD7EDyyCqNizcL37erGO
DY4DLUqkn680O1LV/stvIsz8YLElSlRRYtFwqCTOybxnH2sJ0N2Xm0291LXT8Y2c
nENUOGU6Fcefv/tbzc5zTCoDLFBG5RgcieBSCUuhPA3MpL2bm+Fu
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:19:47 2025 by rpki-client